1.492188] ext4_system_zone 1KB 7KB [ 581.499614] bio-1 1KB 7KB [ 581.504994] pid_namespace 3KB 11KB [ 581.510426] rpc_buffers 17KB 25KB [ 581.515787] rpc_tasks 2KB 7KB [ 581.521444] UNIX 1276KB 1342KB [ 581.527529] tcp_bind_bucket 3KB 4KB [ 581.532936] ip_fib_trie 27KB 35KB [ 581.538369] ip_fib_alias 128KB 169KB [ 581.543737] ip_dst_cache 13KB 16KB [ 581.556865] RAW 58KB 60KB [ 581.562274] UDP 45KB 60KB [ 581.586834] TCP 8KB 16KB [ 581.594669] hugetlbfs_inode_cache 3KB 15KB [ 581.618669] fscache_cookie_jar 1KB 11KB [ 581.624152] eventpoll_pwq 26KB 43KB [ 581.682725] eventpoll_epi 51KB 63KB [ 581.706505] inotify_inode_mark 15KB 59KB [ 581.735336] request_queue 199KB 199KB [ 581.765259] blkdev_requests 1KB 3KB [ 581.793572] blkdev_ioc 21KB 27KB [ 581.816420] bio-0 939KB 941KB [ 581.863518] biovec-max 1584KB 1600KB [ 581.887733] biovec-64 1002KB 1008KB [ 581.893308] biovec-16 76KB 82KB [ 581.944945] bio_integrity_payload 1KB 8KB [ 581.979782] khugepaged_mm_slot 5KB 34KB [ 582.002480] uid_cache 0KB 4KB [ 582.026659] dmaengine-unmap-2 0KB 3KB [ 582.056886] skbuff_fclone_cache 42KB 78KB [ 582.062464] skbuff_head_cache 8085KB 8085KB [ 582.112851] configfs_dir_cache 3KB 7KB [ 582.132473] file_lock_cache 56KB 202KB [ 582.183145] file_lock_ctx 9KB 11KB [ 582.209419] fsnotify_mark_connector 7KB 35KB [ 582.215537] net_namespace 70KB 70KB [ 582.266033] shmem_inode_cache 8074KB 8353KB [ 582.294263] task_delay_info 235KB 387KB [ 582.316316] taskstats 30KB 122KB [ 582.349685] proc_dir_entry 825KB 832KB [ 582.355104] pde_opener 14KB 34KB [ 582.406069] seq_file 290KB 511KB [ 582.434491] sigqueue 43KB 59KB [ 582.464403] kernfs_node_cache 19376KB 19388KB [ 582.496619] mnt_cache 208KB 212KB [ 582.523679] filp 7264KB 7965KB [ 582.546870] names_cache 127976KB 128014KB [ 582.552361] iint_cache 33KB 63KB [ 582.606848] key_jar 47KB 243KB [ 582.612389] uts_namespace 4KB 11KB [ 582.666006] nsproxy 2KB 7KB [ 582.692832] vm_area_struct 3236KB 4226KB [ 582.725337] mm_struct 494KB 845KB [ 582.753558] fs_cache 238KB 392KB [ 582.780877] files_cache 854KB 922KB [ 582.786266] signal_cache 1441KB 1717KB [ 582.836450] sighand_cache 629KB 645KB [ 582.863213] task_struct 6817KB 6817KB [ 582.883671] cred_jar 2089KB 2220KB [ 582.912363] anon_vma_chain 1036KB 1496KB [ 582.933825] anon_vma 142KB 292KB [ 582.962209] pid 136KB 236KB [ 582.985720] Acpi-Operand 156KB 198KB [ 583.005480] Acpi-ParseExt 9KB 11KB [ 583.034507] Acpi-Parse 41KB 47KB [ 583.064858] Acpi-State 52KB 63KB [ 583.095976] Acpi-Namespace 20KB 27KB [ 583.115615] numa_policy 0KB 3KB [ 583.150586] debug_objects_cache 1309KB 1832KB [ 583.156179] trace_event_file 297KB 298KB [ 583.206595] ftrace_event_field 398KB 401KB [ 583.236410] pool_workqueue 142KB 144KB [ 583.262440] page->ptl 485KB 1008KB [ 583.289728] kmalloc-2097152 2050KB 2050KB [ 583.295125] kmalloc-524288 2056KB 2056KB [ 583.333061] kmalloc-262144 1290KB 1290KB [ 583.366322] kmalloc-131072 650KB 650KB [ 583.394259] kmalloc-65536 2376KB 2442KB [ 583.413790] kmalloc-32768 1980KB 1980KB [ 583.432816] kmalloc-16384 1138KB 1138KB [ 583.476736] kmalloc-8192 4611KB 4611KB [ 583.482137] kmalloc-4096 24803KB 24807KB [ 583.526814] kmalloc-2048 14811KB 15408KB [ 583.532214] kmalloc-1024 12031KB 12324KB [ 583.579193] kmalloc-512 16021KB 16023KB [ 583.584772] kmalloc-256 4937KB 5463KB [ 583.646230] kmalloc-128 1110KB 1401KB [ 583.673064] kmalloc-96 3587KB 4080KB [ 583.713400] kmalloc-64 2591KB 3904KB [ 583.764800] kmalloc-32 1925KB 2543KB [ 583.784472] kmalloc-192 1952KB 2440KB [ 583.818961] kmem_cache 177KB 183KB [ 583.824474] Out of memory (oom_kill_allocating_task): Kill process 1495 (systemd-journal) score 0 or sacrifice child [ 583.910197] Killed process 1495 (systemd-journal) total-vm:46096kB, anon-rss:480kB, file-rss:0kB, shmem-rss:1752kB [ 583.971507] oom_reaper: reaped process 1495 (systemd-journal), now anon-rss:0kB, file-rss:0kB, shmem-rss:1752kB [ 583.990626] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 584.021951] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 584.047265] CPU: 0 PID: 8084 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 584.054743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 584.064106] Call Trace: [ 584.066709] dump_stack+0x1fc/0x2ef [ 584.070368] dump_header+0x15d/0xc3f [ 584.074093] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 584.079202] ? ___ratelimit+0x319/0x590 [ 584.083190] oom_kill_process.cold+0x10/0x692 [ 584.087697] ? check_preemption_disabled+0x41/0x280 [ 584.092721] ? has_intersects_mems_allowed+0x1d6/0x290 [ 584.098002] out_of_memory+0x1072/0x1390 [ 584.102068] ? oom_killer_disable+0x270/0x270 [ 584.106554] ? mutex_trylock+0x15f/0x1a0 [ 584.110606] __alloc_pages_nodemask+0x23a2/0x2890 [ 584.115459] ? find_get_entry+0x4cd/0x8a0 [ 584.119599] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 584.124460] alloc_pages_current+0x193/0x2a0 [ 584.128874] filemap_fault+0x146e/0x2180 [ 584.132930] ext4_filemap_fault+0x84/0xb0 [ 584.137063] __do_fault+0x10b/0x4b0 [ 584.140676] __handle_mm_fault+0x273b/0x41c0 [ 584.145076] ? vm_insert_page+0x9c0/0x9c0 [ 584.149209] ? __fget+0x356/0x510 [ 584.152659] ? check_preemption_disabled+0x41/0x280 [ 584.157685] handle_mm_fault+0x436/0xb10 [ 584.161739] __do_page_fault+0x68e/0xd60 [ 584.165928] ? trace_hardirqs_off_caller+0x6e/0x210 [ 584.170941] ? spurious_fault+0x840/0x840 [ 584.175085] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 584.179947] ? page_fault+0x8/0x30 [ 584.183479] page_fault+0x1e/0x30 [ 584.186938] RIP: 0033:0x43047c [ 584.190120] Code: Bad RIP value. [ 584.193470] RSP: 002b:000000c0002477f0 EFLAGS: 00010246 [ 584.198843] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000467800 [ 584.206098] RDX: 0000000000000080 RSI: 000000c000247840 RDI: 0000000000000004 [ 584.213367] RBP: 000000c000247e40 R08: 0000000000000000 R09: 0000008741ef5415 [ 584.220723] R10: 00000000000003e5 R11: 0000000000000246 R12: 000000c000247870 [ 584.227987] R13: 0000000000000004 R14: 000000c00023da00 R15: 0000000000000000 [ 584.249215] Mem-Info: [ 584.251683] active_anon:13886 inactive_anon:12860 isolated_anon:0 [ 584.251683] active_file:19 inactive_file:36 isolated_file:0 [ 584.251683] unevictable:0 dirty:0 writeback:0 unstable:0 [ 584.251683] slab_reclaimable:14759 slab_unreclaimable:118179 [ 584.251683] mapped:21668 shmem:13256 pagetables:520 bounce:0 [ 584.251683] free:25124 free_pcp:276 free_cma:0 [ 584.292406] Node 0 active_anon:54616kB inactive_anon:26976kB active_file:52kB inactive_file:500kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86604kB dirty:0kB writeback:0kB shmem:28412kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 584.329547] Node 1 active_anon:928kB inactive_anon:24464kB active_file:24kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:68kB dirty:0kB writeback:0kB shmem:24612kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 584.368428] Node 0 DMA free:10964kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:20kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 584.401472] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 584.409111] Node 0 DMA32 free:36252kB min:35996kB low:44992kB high:53988kB active_anon:54616kB inactive_anon:26976kB active_file:16kB inactive_file:544kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7584kB pagetables:2012kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB [ 584.451347] lowmem_reserve[]: 0 0 1 1 1 [ 584.489497] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 584.724455] lowmem_reserve[]: 0 0 0 0 0 [ 584.766047] Node 1 Normal free:53756kB min:53876kB low:67344kB high:80812kB active_anon:928kB inactive_anon:24464kB active_file:124kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:224kB pagetables:68kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 584.825885] lowmem_reserve[]: 0 0 0 0 0 [ 584.910233] Node 0 DMA: 1*4kB (M) 2*8kB (UM) 2*16kB (UM) 1*32kB (M) 2*64kB (UM) 2*128kB (UM) 1*256kB (M) 2*512kB (UM) 1*1024kB (M) 0*2048kB 2*4096kB (M) = 10964kB [ 585.053323] Node 0 DMA32: 2191*4kB (UME) 1023*8kB (UME) 232*16kB (ME) 49*32kB (UME) 17*64kB (M) 12*128kB (UM) 7*256kB (M) 3*512kB (M) 3*1024kB (UM) 2*2048kB (UM) 0*4096kB = 35348kB [ 585.159261] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 585.236819] Node 1 Normal: 143*4kB (UME) 112*8kB (UME) 114*16kB (UME) 83*32kB (UME) 50*64kB (UME) 20*128kB (ME) 10*256kB (UME) 2*512kB (M) 2*1024kB (UM) 0*2048kB 9*4096kB (UM) = 54204kB [ 585.369509] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 585.429017] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 585.495940] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 585.560530] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 585.640895] 13309 total pagecache pages [ 585.644915] 0 pages in swap cache [ 585.699329] Swap cache stats: add 0, delete 0, find 0/0 [ 585.704729] Free swap = 0kB [ 585.776506] Total swap = 0kB [ 585.803854] 2097051 pages RAM [ 585.832518] 0 pages HighMem/MovableOnly [ 585.875454] 369649 pages reserved [ 585.890556] 0 pages cma reserved [ 585.891646] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 585.894477] Unreclaimable slab info: [ 585.937409] Name Used Total [ 585.964948] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 585.989861] pid_2 38KB 208KB [ 585.995328] batadv_tt_change_cache 5KB 7KB [ 586.057407] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 586.064137] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 586.069603] batadv_tl_cache 6KB 12KB [ 586.075955] TIPC 24KB 30KB [ 586.140828] SCTPv6 28KB 37KB [ 586.169002] device bridge_slave_1 left promiscuous mode [ 586.174532] bridge0: port 2(bridge_slave_1) entered disabled state [ 586.195695] DCCPv6 25KB 30KB [ 586.231528] DCCP 23KB 35KB [ 586.261037] RXRPC 21KB 26KB [ 586.266456] rxrpc_call_jar 102KB 102KB [ 586.320392] bridge_fdb_cache 17KB 19KB [ 586.325810] fib6_nodes 180KB 240KB [ 586.410303] ip6_dst_cache 581KB 581KB [ 586.415713] RAWv6 101KB 108KB [ 586.477845] UDPv6 35KB 37KB [ 586.483248] TCPv6 27KB 30KB [ 586.536157] nf_conntrack 7KB 11KB [ 586.571211] t10_alua_lu_gp_cache 0KB 3KB [ 586.605413] sd_ext_cdb 0KB 7KB [ 586.640737] scsi_sense_cache 1056KB 1060KB [ 586.646223] virtio_scsi_cmd 16KB 16KB [ 586.704739] sgpool-128 8KB 8KB [ 586.745343] sgpool-64 4KB 12KB [ 586.773155] sgpool-32 2KB 15KB [ 586.812373] sgpool-16 1KB 7KB [ 586.836577] sgpool-8 0KB 7KB [ 586.842362] device bridge_slave_0 left promiscuous mode [ 586.848087] bridge0: port 1(bridge_slave_0) entered disabled state [ 586.860200] mqueue_inode_cache 15KB 37KB [ 586.896550] bio_post_read_ctx 14KB 15KB [ 586.902017] bio-2 14KB 15KB [ 587.000127] jfs_mp 7KB 7KB [ 587.005826] cifs_small_rq 15KB 16KB [ 587.072289] cifs_request 67KB 67KB [ 587.112520] cifs_mpx_ids 0KB 7KB [ 587.147391] nfs_commit_data 3KB 14KB [ 587.152808] nfs_write_data 34KB 44KB [ 587.204377] ext4_system_zone 1KB 7KB [ 587.243371] bio-1 1KB 7KB [ 587.271377] pid_namespace 3KB 11KB [ 587.295517] rpc_buffers 17KB 25KB [ 587.323450] rpc_tasks 2KB 7KB [ 587.350730] UNIX 1267KB 1323KB [ 587.356133] tcp_bind_bucket 3KB 4KB [ 587.415969] ip_fib_trie 27KB 35KB [ 587.457599] ip_fib_alias 128KB 169KB [ 587.463000] ip_dst_cache 13KB 16KB [ 587.517113] RAW 58KB 60KB [ 587.522553] UDP 45KB 60KB [ 587.576548] TCP 8KB 16KB [ 587.610243] hugetlbfs_inode_cache 3KB 15KB [ 587.616002] fscache_cookie_jar 1KB 11KB [ 587.672720] eventpoll_pwq 26KB 43KB [ 587.701337] eventpoll_epi 50KB 63KB [ 587.750567] inotify_inode_mark 15KB 59KB [ 587.756059] request_queue 199KB 199KB [ 587.834996] blkdev_requests 1KB 3KB [ 587.895464] blkdev_ioc 30KB 30KB [ 587.935637] bio-0 971KB 971KB [ 587.962660] biovec-max 1600KB 1600KB [ 588.004939] biovec-64 1020KB 1023KB [ 588.011907] device veth1_macvtap left promiscuous mode [ 588.019973] device veth0_macvtap left promiscuous mode [ 588.025311] device veth1_vlan left promiscuous mode [ 588.035775] biovec-16 84KB 86KB [ 588.081747] device veth0_vlan left promiscuous mode [ 588.086075] bio_integrity_payload 1KB 8KB [ 588.094344] khugepaged_mm_slot 5KB 34KB [ 588.181870] uid_cache 0KB 4KB [ 588.211326] dmaengine-unmap-2 0KB 3KB [ 588.236182] skbuff_fclone_cache 42KB 78KB [ 588.275967] skbuff_head_cache 8407KB 8407KB [ 588.332556] configfs_dir_cache 3KB 7KB [ 588.360785] file_lock_cache 56KB 202KB [ 588.387768] file_lock_ctx 9KB 11KB [ 588.393166] fsnotify_mark_connector 7KB 35KB [ 588.462192] net_namespace 70KB 70KB [ 588.503962] shmem_inode_cache 8074KB 8353KB [ 588.543448] task_delay_info 214KB 387KB [ 588.583127] taskstats 30KB 122KB [ 588.621028] proc_dir_entry 825KB 832KB [ 588.650422] pde_opener 14KB 34KB [ 588.655839] seq_file 290KB 511KB [ 588.712943] sigqueue 43KB 59KB [ 588.755329] kernfs_node_cache 19271KB 19337KB [ 588.782942] mnt_cache 208KB 212KB [ 588.811905] filp 7088KB 7965KB [ 588.849716] names_cache 125919KB 125957KB [ 588.855141] iint_cache 32KB 63KB [ 588.930129] key_jar 47KB 243KB [ 588.935535] uts_namespace 4KB 11KB [ 589.022769] nsproxy 2KB 7KB [ 589.050339] vm_area_struct 3180KB 4222KB [ 589.055776] mm_struct 485KB 845KB [ 589.106757] fs_cache 212KB 388KB [ 589.112264] files_cache 802KB 922KB [ 589.163404] signal_cache 1410KB 1717KB [ 589.195627] sighand_cache 603KB 645KB [ 589.226198] task_struct 6767KB 6817KB [ 589.286579] cred_jar 2059KB 2220KB [ 589.291963] anon_vma_chain 1023KB 1496KB [ 589.355904] anon_vma 134KB 292KB [ 589.392402] pid 129KB 236KB [ 589.429103] Acpi-Operand 156KB 198KB [ 589.434503] Acpi-ParseExt 9KB 11KB [ 589.501569] Acpi-Parse 41KB 47KB [ 589.534087] Acpi-State 52KB 63KB [ 589.564422] Acpi-Namespace 20KB 27KB [ 589.597747] numa_policy 0KB 3KB [ 589.603154] debug_objects_cache 1309KB 1832KB [ 589.656238] trace_event_file 297KB 298KB [ 589.677436] ftrace_event_field 398KB 401KB [ 589.682920] pool_workqueue 142KB 144KB [ 589.716697] page->ptl 474KB 1008KB [ 589.722127] kmalloc-2097152 2050KB 2050KB [ 589.779181] kmalloc-524288 2056KB 2056KB [ 589.795315] kmalloc-262144 1290KB 1290KB [ 589.819933] kmalloc-131072 650KB 650KB [ 589.825523] kmalloc-65536 2376KB 2442KB [ 589.878971] kmalloc-32768 1980KB 1980KB [ 589.884377] kmalloc-16384 1138KB 1138KB [ 589.936515] kmalloc-8192 4611KB 4611KB [ 589.942007] kmalloc-4096 24696KB 24735KB [ 590.013024] kmalloc-2048 14811KB 15408KB [ 590.054971] kmalloc-1024 12153KB 12324KB [ 590.091027] kmalloc-512 16575KB 16578KB [ 590.133285] kmalloc-256 4946KB 5463KB [ 590.166397] kmalloc-128 1105KB 1401KB [ 590.171895] kmalloc-96 3617KB 4080KB [ 590.239707] kmalloc-64 2591KB 3904KB [ 590.245108] kmalloc-32 1929KB 2543KB [ 590.320487] kmalloc-192 1952KB 2440KB [ 590.325891] kmem_cache 177KB 183KB [ 590.405264] Out of memory (oom_kill_allocating_task): Kill process 8084 (syz-fuzzer) score 0 or sacrifice child [ 590.474002] Killed process 1631 (syz-executor.1) total-vm:48512kB, anon-rss:444kB, file-rss:14340kB, shmem-rss:0kB [ 590.658288] oom_reaper: reaped process 1632 (syz-executor.1), now anon-rss:0kB, file-rss:13340kB, shmem-rss:0kB [ 590.992269] systemd invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 591.067736] systemd cpuset=/ mems_allowed=0-1 [ 591.072289] CPU: 0 PID: 1 Comm: systemd Not tainted 4.19.211-syzkaller #0 [ 591.079218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 591.088579] Call Trace: [ 591.091194] dump_stack+0x1fc/0x2ef [ 591.094839] dump_header+0x15d/0xc3f [ 591.098564] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 591.103673] ? ___ratelimit+0x319/0x590 [ 591.107659] oom_kill_process.cold+0x10/0x692 [ 591.112162] ? oom_badness.part.0+0x135/0x6e0 [ 591.116667] ? lock_downgrade+0x720/0x720 [ 591.120830] ? check_preemption_disabled+0x41/0x280 [ 591.125865] out_of_memory+0x34d/0x1390 [ 591.129858] ? oom_killer_disable+0x270/0x270 [ 591.134366] ? mutex_trylock+0x15f/0x1a0 [ 591.138437] __alloc_pages_nodemask+0x23a2/0x2890 [ 591.143295] ? find_get_entry+0x4cd/0x8a0 [ 591.147457] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 591.152329] alloc_pages_current+0x193/0x2a0 [ 591.156753] filemap_fault+0x146e/0x2180 [ 591.160836] ext4_filemap_fault+0x84/0xb0 [ 591.165007] __do_fault+0x10b/0x4b0 [ 591.168642] __handle_mm_fault+0x273b/0x41c0 [ 591.173061] ? vm_insert_page+0x9c0/0x9c0 [ 591.177215] ? lock_downgrade+0x720/0x720 [ 591.181368] ? lock_acquire+0x170/0x3c0 [ 591.185363] ? check_preemption_disabled+0x41/0x280 [ 591.190389] handle_mm_fault+0x436/0xb10 [ 591.194465] __do_page_fault+0x68e/0xd60 [ 591.198539] ? trace_hardirqs_off_caller+0x6e/0x210 [ 591.203564] ? spurious_fault+0x840/0x840 [ 591.207722] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 591.212587] ? page_fault+0x8/0x30 [ 591.216135] page_fault+0x1e/0x30 [ 591.219606] RIP: 0033:0x7fd194be78b0 [ 591.223326] Code: Bad RIP value. [ 591.226693] RSP: 002b:00007ffdeda37f38 EFLAGS: 00010202 [ 591.232061] RAX: 0000000000000000 RBX: 000055958e06df50 RCX: 000055958e06f430 [ 591.239684] RDX: 000055958e06df70 RSI: 0005f44f4f5b23ac RDI: 000055958e0d7210 [ 591.246958] RBP: 000055958e06df70 R08: 000055958e06f368 R09: 000055958e06f578 [ 591.254230] R10: 000055958e06f540 R11: 0000000000000010 R12: 0005f44f4f5b23ac [ 591.261502] R13: 0000000000000001 R14: 00007ffdeda37f6c R15: 00007ffdeda37f6c [ 591.864748] Mem-Info: [ 591.873185] active_anon:13750 inactive_anon:12859 isolated_anon:0 [ 591.873185] active_file:29 inactive_file:3 isolated_file:0 [ 591.873185] unevictable:0 dirty:0 writeback:0 unstable:0 [ 591.873185] slab_reclaimable:14745 slab_unreclaimable:117649 [ 591.873185] mapped:18041 shmem:13256 pagetables:510 bounce:0 [ 591.873185] free:25106 free_pcp:124 free_cma:0 [ 591.934938] Node 0 active_anon:54120kB inactive_anon:26976kB active_file:112kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:72164kB dirty:0kB writeback:0kB shmem:28412kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 591.980770] Node 1 active_anon:880kB inactive_anon:24460kB active_file:4kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:24612kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 592.039920] Node 0 DMA free:10968kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 592.079585] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 592.093002] Node 0 DMA32 free:35548kB min:35996kB low:44992kB high:53988kB active_anon:54120kB inactive_anon:26976kB active_file:112kB inactive_file:16kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7552kB pagetables:1924kB bounce:0kB free_pcp:448kB local_pcp:200kB free_cma:0kB [ 592.135165] lowmem_reserve[]: 0 0 1 1 1 [ 592.142859] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 592.182702] lowmem_reserve[]: 0 0 0 0 0 [ 592.194686] Node 1 Normal free:53648kB min:53876kB low:67344kB high:80812kB active_anon:880kB inactive_anon:24460kB active_file:4kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:288kB pagetables:116kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 592.236465] lowmem_reserve[]: 0 0 0 0 0 [ 592.240470] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 0*32kB 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10968kB [ 592.266805] Node 0 DMA32: 2187*4kB (UME) 1026*8kB (ME) 232*16kB (ME) 51*32kB (UME) 21*64kB (UM) 11*128kB (M) 9*256kB (UM) 4*512kB (UM) 2*1024kB (M) 2*2048kB (UM) 0*4096kB = 35548kB [ 592.300481] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 592.314120] Node 1 Normal: 124*4kB (UME) 104*8kB (UME) 106*16kB (ME) 76*32kB (UME) 49*64kB (ME) 22*128kB (UME) 9*256kB (UME) 4*512kB (UM) 1*1024kB (M) 0*2048kB 9*4096kB (UM) = 53648kB [ 592.357877] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 592.374080] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 592.404561] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 592.413504] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 592.443930] 13290 total pagecache pages [ 592.448006] 0 pages in swap cache [ 592.451555] Swap cache stats: add 0, delete 0, find 0/0 [ 592.478673] Free swap = 0kB [ 592.481721] Total swap = 0kB [ 592.484740] 2097051 pages RAM [ 592.491452] 0 pages HighMem/MovableOnly [ 592.495469] 369649 pages reserved [ 592.520606] 0 pages cma reserved [ 592.524003] Unreclaimable slab info: [ 592.531334] Name Used Total [ 592.553150] pid_2 38KB 208KB [ 592.564910] batadv_tt_change_cache 5KB 7KB [ 592.583904] batadv_tl_cache 6KB 12KB [ 592.591985] TIPC 16KB 30KB [ 592.612332] SCTPv6 18KB 37KB [ 592.623461] DCCPv6 22KB 30KB [ 592.653483] DCCP 21KB 35KB [ 592.659777] RXRPC 17KB 26KB [ 592.665148] rxrpc_call_jar 101KB 102KB [ 592.691948] bridge_fdb_cache 12KB 19KB [ 592.706074] fib6_nodes 180KB 240KB [ 592.724569] ip6_dst_cache 588KB 588KB [ 592.734203] RAWv6 92KB 108KB [ 592.752873] UDPv6 31KB 37KB [ 592.763457] TCPv6 24KB 30KB [ 592.785392] nf_conntrack 7KB 11KB [ 592.793346] t10_alua_lu_gp_cache 0KB 3KB [ 592.817986] sd_ext_cdb 0KB 7KB [ 592.823382] scsi_sense_cache 1056KB 1060KB [ 592.845806] virtio_scsi_cmd 16KB 16KB [ 592.853829] sgpool-128 8KB 8KB [ 592.875810] sgpool-64 4KB 12KB [ 592.881244] sgpool-32 2KB 15KB [ 592.903353] sgpool-16 1KB 7KB [ 592.912909] sgpool-8 0KB 7KB [ 592.934884] mqueue_inode_cache 13KB 37KB [ 592.941308] bio_post_read_ctx 14KB 15KB [ 592.963601] bio-2 14KB 15KB [ 592.971540] jfs_mp 7KB 7KB [ 592.993511] cifs_small_rq 15KB 16KB [ 593.001829] cifs_request 67KB 67KB [ 593.025006] cifs_mpx_ids 0KB 7KB [ 593.048806] nfs_commit_data 3KB 14KB [ 593.054199] nfs_write_data 34KB 44KB [ 593.065714] ext4_system_zone 1KB 7KB [ 593.094116] bio-1 1KB 7KB [ 593.099569] pid_namespace 3KB 11KB [ 593.104942] rpc_buffers 17KB 25KB [ 593.128702] rpc_tasks 2KB 7KB [ 593.134122] UNIX 1198KB 1256KB [ 593.139563] tcp_bind_bucket 2KB 4KB [ 593.144933] ip_fib_trie 27KB 35KB [ 593.172122] ip_fib_alias 128KB 169KB [ 593.185325] ip_dst_cache 11KB 16KB [ 593.208135] RAW 55KB 60KB [ 593.215152] UDP 42KB 60KB [ 593.242211] TCP 8KB 16KB [ 593.247708] hugetlbfs_inode_cache 3KB 15KB [ 593.253418] fscache_cookie_jar 1KB 11KB [ 593.275867] eventpoll_pwq 26KB 43KB [ 593.302458] eventpoll_epi 49KB 63KB [ 593.329890] inotify_inode_mark 15KB 59KB [ 593.335377] request_queue 199KB 199KB [ 593.364400] blkdev_requests 1KB 3KB [ 593.370058] blkdev_ioc 27KB 30KB [ 593.375427] bio-0 1020KB 1020KB [ 593.414115] biovec-max 1617KB 1617KB [ 593.443109] biovec-64 1063KB 1063KB [ 593.452255] biovec-16 88KB 90KB [ 593.464776] bio_integrity_payload 1KB 8KB [ 593.474203] khugepaged_mm_slot 4KB 34KB [ 593.490310] uid_cache 0KB 4KB [ 593.495696] dmaengine-unmap-2 0KB 3KB [ 593.504724] skbuff_fclone_cache 35KB 78KB [ 593.526140] skbuff_head_cache 8685KB 8685KB [ 593.531530] configfs_dir_cache 3KB 7KB [ 593.553038] file_lock_cache 56KB 202KB [ 593.562158] file_lock_ctx 9KB 11KB [ 593.584506] fsnotify_mark_connector 7KB 35KB [ 593.612124] net_namespace 70KB 70KB [ 593.622892] shmem_inode_cache 8074KB 8353KB [ 593.645107] task_delay_info 211KB 387KB [ 593.672229] taskstats 30KB 122KB [ 593.681310] proc_dir_entry 824KB 832KB [ 593.703445] pde_opener 12KB 34KB [ 593.714854] seq_file 284KB 511KB [ 593.738728] sigqueue 56KB 59KB [ 593.744133] kernfs_node_cache 19227KB 19325KB [ 593.755535] mnt_cache 208KB 212KB [ 593.777732] filp 6993KB 7961KB [ 593.783129] names_cache 125472KB 125472KB [ 593.805386] iint_cache 29KB 63KB [ 593.814880] key_jar 43KB 236KB [ 593.840468] uts_namespace 4KB 11KB [ 593.845872] nsproxy 2KB 7KB [ 593.855559] vm_area_struct 3138KB 4222KB [ 593.878089] mm_struct 477KB 845KB [ 593.883526] fs_cache 209KB 388KB [ 593.905813] files_cache 761KB 918KB [ 593.914542] signal_cache 1407KB 1717KB [ 593.941508] sighand_cache 596KB 638KB [ 593.954250] task_struct 6767KB 6798KB [ 593.963605] cred_jar 2035KB 2220KB [ 593.981617] anon_vma_chain 1010KB 1496KB [ 593.987714] anon_vma 128KB 292KB [ 593.993091] pid 127KB 232KB [ 594.005758] Acpi-Operand 156KB 198KB [ 594.012981] Acpi-ParseExt 9KB 11KB [ 594.040868] Acpi-Parse 41KB 47KB [ 594.051970] Acpi-State 52KB 63KB [ 594.059717] Acpi-Namespace 20KB 27KB [ 594.065100] numa_policy 0KB 3KB [ 594.082095] debug_objects_cache 1308KB 1832KB [ 594.091644] trace_event_file 297KB 298KB [ 594.104374] ftrace_event_field 398KB 401KB [ 594.112963] pool_workqueue 131KB 144KB [ 594.123926] page->ptl 464KB 1008KB [ 594.142043] kmalloc-2097152 2050KB 2050KB [ 594.150423] kmalloc-524288 2056KB 2056KB [ 594.155807] kmalloc-262144 1290KB 1290KB [ 594.163560] kmalloc-131072 650KB 650KB [ 594.171405] kmalloc-65536 2376KB 2442KB [ 594.192848] kmalloc-32768 1980KB 1980KB [ 594.199023] kmalloc-16384 1138KB 1138KB [ 594.204394] kmalloc-8192 4611KB 4611KB [ 594.222579] kmalloc-4096 24667KB 24667KB [ 594.231465] kmalloc-2048 14811KB 15408KB [ 594.236917] kmalloc-1024 12274KB 12324KB [ 594.242279] kmalloc-512 16946KB 16950KB [ 594.260488] kmalloc-256 4954KB 5463KB [ 594.265871] kmalloc-128 1102KB 1401KB [ 594.272049] kmalloc-96 3654KB 4080KB [ 594.283247] kmalloc-64 2591KB 3904KB [ 594.292901] kmalloc-32 1940KB 2543KB [ 594.304634] kmalloc-192 1952KB 2440KB [ 594.312455] kmem_cache 177KB 183KB [ 594.328119] Out of memory: Kill process 1585 (syz-executor.5) score 1002 or sacrifice child [ 594.354372] Killed process 1589 (syz-executor.5) total-vm:60680kB, anon-rss:2548kB, file-rss:14340kB, shmem-rss:40kB [ 594.379891] oom_reaper: reaped process 1589 (syz-executor.5), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 594.400024] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 594.480464] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 594.485304] CPU: 1 PID: 8081 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 594.492752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 594.502108] Call Trace: [ 594.504706] dump_stack+0x1fc/0x2ef [ 594.508348] dump_header+0x15d/0xc3f [ 594.512072] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 594.517177] ? ___ratelimit+0x319/0x590 [ 594.521173] oom_kill_process.cold+0x10/0x692 [ 594.525678] ? check_preemption_disabled+0x41/0x280 [ 594.530706] ? has_intersects_mems_allowed+0x1d6/0x290 [ 594.535985] out_of_memory+0x1072/0x1390 [ 594.540072] ? oom_killer_disable+0x270/0x270 [ 594.544602] ? mutex_trylock+0x15f/0x1a0 [ 594.548673] __alloc_pages_nodemask+0x23a2/0x2890 [ 594.553526] ? find_get_entry+0x4cd/0x8a0 [ 594.557686] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 594.562555] alloc_pages_current+0x193/0x2a0 [ 594.566978] filemap_fault+0x146e/0x2180 [ 594.571069] ext4_filemap_fault+0x84/0xb0 [ 594.575234] __do_fault+0x10b/0x4b0 [ 594.578878] __handle_mm_fault+0x273b/0x41c0 [ 594.583299] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 594.588457] ? vm_insert_page+0x9c0/0x9c0 [ 594.592627] ? check_preemption_disabled+0x41/0x280 [ 594.597654] handle_mm_fault+0x436/0xb10 [ 594.601725] __do_page_fault+0x68e/0xd60 [ 594.605797] ? trace_hardirqs_off_caller+0x6e/0x210 [ 594.610831] ? spurious_fault+0x840/0x840 [ 594.614981] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 594.619839] ? page_fault+0x8/0x30 [ 594.623382] page_fault+0x1e/0x30 [ 594.626836] RIP: 0033:0x46703d [ 594.630027] Code: Bad RIP value. [ 594.633389] RSP: 002b:000000c00005ff10 EFLAGS: 00010202 [ 594.638752] RAX: 0000000000000000 RBX: 0000000000002710 RCX: 000000000046703d [ 594.646027] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000c00005ff10 [ 594.653305] RBP: 000000c00005ff20 R08: 00000000000180cf R09: 000000982fff6f33 [ 594.660582] R10: 0000000000000000 R11: 0000000000000202 R12: 000000c00005f950 [ 594.667854] R13: 000000c0006c8800 R14: 000000c0000004e0 R15: 00007f1ca264e834 [ 594.681438] Mem-Info: [ 594.683892] active_anon:13238 inactive_anon:12859 isolated_anon:0 [ 594.683892] active_file:40 inactive_file:2 isolated_file:0 [ 594.683892] unevictable:0 dirty:0 writeback:0 unstable:0 [ 594.683892] slab_reclaimable:14745 slab_unreclaimable:117766 [ 594.683892] mapped:18041 shmem:13256 pagetables:510 bounce:0 [ 594.683892] free:13940 free_pcp:183 free_cma:0 [ 594.724340] Node 0 active_anon:52072kB inactive_anon:26976kB active_file:156kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:72164kB dirty:0kB writeback:0kB shmem:28412kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 594.759717] Node 1 active_anon:880kB inactive_anon:24460kB active_file:4kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:24612kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 594.793823] Node 0 DMA free:10884kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 594.832671] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 594.842771] Node 0 DMA32 free:17764kB min:35996kB low:44992kB high:53988kB active_anon:51976kB inactive_anon:26976kB active_file:64kB inactive_file:64kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7552kB pagetables:1920kB bounce:0kB free_pcp:616kB local_pcp:248kB free_cma:0kB [ 594.874097] syz-executor.5: vmalloc: allocation failure, allocated 1802178560 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 594.893180] lowmem_reserve[]: 0 0 1 1 1 [ 594.897213] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 594.912243] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 594.930099] lowmem_reserve[]: 0 0 0 0 0 [ 594.934094] Node 1 Normal free:26932kB min:53876kB low:67344kB high:80812kB active_anon:880kB inactive_anon:24460kB active_file:4kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:288kB pagetables:116kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 594.969844] lowmem_reserve[]: 0 0 0 0 0 [ 594.973876] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10884kB [ 594.989303] CPU: 0 PID: 1589 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 594.993438] Node 0 DMA32: 1979*4kB (UME) 874*8kB (UME) 159*16kB (UME) 11*32kB (UM) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17804kB [ 594.997114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 594.997119] Call Trace: [ 594.997140] dump_stack+0x1fc/0x2ef [ 594.997157] warn_alloc.cold+0x7b/0x18f [ 595.010873] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 595.020209] ? zone_watermark_ok_safe+0x260/0x260 [ 595.020230] ? retint_kernel+0x2d/0x2d [ 595.022790] Node 1 Normal: 123*4kB (ME) 103*8kB (ME) 107*16kB (UME) 75*32kB (ME) 50*64kB (UME) 21*128kB (ME) 9*256kB (UME) 4*512kB (UM) 1*1024kB (M) 1*2048kB (U) 2*4096kB (UM) = 26932kB [ 595.026425] __vmalloc_area_node+0x4fd/0x780 [ 595.026448] ? __vmalloc_node_range+0x180/0x180 [ 595.030399] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 595.041388] ? _raw_spin_unlock+0x29/0x40 [ 595.041401] ? __get_vm_area_node+0x2e2/0x3a0 [ 595.041422] __vmalloc_node_range+0xed/0x180 [ 595.046257] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 595.050123] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 595.066791] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 595.071183] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 595.075830] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 595.084651] vmalloc_user+0x70/0xe0 [ 595.084665] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 595.084683] vb2_vmalloc_alloc+0xb3/0x2f0 [ 595.088828] 13290 total pagecache pages [ 595.093300] __vb2_queue_alloc+0x472/0xe60 [ 595.097708] 0 pages in swap cache [ 595.106277] vb2_core_create_bufs+0x273/0x7e0 [ 595.106293] ? __vb2_queue_free+0x870/0x870 [ 595.110767] Swap cache stats: add 0, delete 0, find 0/0 [ 595.119589] ? mutex_trylock+0x1a0/0x1a0 [ 595.119604] ? __video_do_ioctl+0x632/0xcd0 [ 595.119624] vb2_create_bufs+0x332/0x620 [ 595.124961] Free swap = 0kB [ 595.133527] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 595.133540] ? __video_do_ioctl+0x632/0xcd0 [ 595.133555] ? mutex_trylock+0x1a0/0x1a0 [ 595.137177] Total swap = 0kB [ 595.141564] ? mark_held_locks+0xf0/0xf0 [ 595.145683] 2097051 pages RAM [ 595.149666] vb2_ioctl_create_bufs+0x20d/0x360 [ 595.149679] ? memset+0x20/0x40 [ 595.149697] v4l_create_bufs+0xb2/0x160 [ 595.153992] 0 pages HighMem/MovableOnly [ 595.157435] __video_do_ioctl+0x49a/0xcd0 [ 595.157458] ? v4l_querycap+0x340/0x340 [ 595.161927] 369649 pages reserved [ 595.166258] ? __might_fault+0x192/0x1d0 [ 595.166274] ? v4l_querycap+0x340/0x340 [ 595.166291] video_usercopy+0x13f/0xfa0 [ 595.171630] 0 pages cma reserved [ 595.175689] ? v4l_enumstd+0x60/0x60 [ 595.180010] Unreclaimable slab info: [ 595.184056] ? do_futex+0x171/0x1880 [ 595.187066] Name Used Total [ 595.192159] ? mark_held_locks+0xf0/0xf0 [ 595.196494] pid_2 38KB 208KB [ 595.200526] ? debug_check_no_obj_freed+0x201/0x490 [ 595.203582] batadv_tt_change_cache 4KB 7KB [ 595.207578] ? video_usercopy+0xfa0/0xfa0 [ 595.207595] v4l2_ioctl+0x147/0x1a0 [ 595.210681] batadv_tl_cache 5KB 12KB [ 595.215254] ? video_devdata+0xa0/0xa0 [ 595.218560] TIPC 15KB 30KB [ 595.222478] do_vfs_ioctl+0xcdb/0x12e0 [ 595.226462] SCTPv6 18KB 37KB [ 595.230581] ? lock_downgrade+0x720/0x720 [ 595.234537] DCCPv6 20KB 30KB [ 595.237971] ? check_preemption_disabled+0x41/0x280 [ 595.237985] ? ioctl_preallocate+0x200/0x200 [ 595.238003] ? __fget+0x356/0x510 [ 595.242040] DCCP 19KB 35KB [ 595.246001] ? do_dup2+0x450/0x450 [ 595.246013] ? __se_sys_futex+0x298/0x3b0 [ 595.246036] ksys_ioctl+0x9b/0xc0 [ 595.250009] RXRPC 16KB 26KB [ 595.253336] __x64_sys_ioctl+0x6f/0xb0 [ 595.257048] rxrpc_call_jar 101KB 102KB [ 595.260737] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 595.264441] bridge_fdb_cache 12KB 19KB [ 595.270050] do_syscall_64+0xf9/0x620 [ 595.270067] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 595.270081] RIP: 0033:0x7fc97f6c90f9 [ 595.274124] fib6_nodes 179KB 240KB [ 595.279469] Code: Bad RIP value. [ 595.279477] RSP: 002b:00007fc97dc3b168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 595.279493] RAX: ffffffffffffffda RBX: 00007fc97f7e8f80 RCX: 00007fc97f6c90f9 [ 595.284489] ip6_dst_cache 592KB 592KB [ 595.290265] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 595.290274] RBP: 00007fc97f724ae9 R08: 0000000000000000 R09: 0000000000000000 [ 595.290281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 595.290293] R13: 00007fff183c727f R14: 00007fc97dc3b300 R15: 0000000000022000 [ 595.294426] RAWv6 91KB 108KB [ 595.364619] Mem-Info: [ 595.366471] UDPv6 30KB 37KB [ 595.366486] TCPv6 24KB 30KB [ 595.366506] nf_conntrack 6KB 11KB [ 595.366574] t10_alua_lu_gp_cache 0KB 3KB [ 595.459629] active_anon:13214 inactive_anon:12859 isolated_anon:0 [ 595.459629] active_file:17 inactive_file:17 isolated_file:0 [ 595.459629] unevictable:0 dirty:0 writeback:0 unstable:0 [ 595.459629] slab_reclaimable:14745 slab_unreclaimable:117749 [ 595.459629] mapped:18041 shmem:13256 pagetables:509 bounce:0 [ 595.459629] free:13897 free_pcp:215 free_cma:0 [ 595.470623] sd_ext_cdb 0KB 7KB [ 595.470633] scsi_sense_cache 1056KB 1060KB [ 595.470642] virtio_scsi_cmd 16KB 16KB [ 595.470655] sgpool-128 8KB 8KB [ 595.470663] sgpool-64 4KB 12KB [ 595.470671] sgpool-32 2KB 15KB [ 595.470680] sgpool-16 1KB 7KB [ 595.470689] sgpool-8 0KB 7KB [ 595.470705] mqueue_inode_cache 13KB 37KB [ 595.470721] bio_post_read_ctx 14KB 15KB [ 595.505662] Node 0 active_anon:51976kB inactive_anon:26976kB active_file:64kB inactive_file:64kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:72164kB dirty:0kB writeback:0kB shmem:28412kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 8192kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 595.530115] bio-2 14KB 15KB [ 595.564333] Node 1 active_anon:880kB inactive_anon:24460kB active_file:4kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:24612kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 595.578329] jfs_mp 7KB 7KB [ 595.623585] Node 0 DMA free:10884kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 595.644033] cifs_small_rq 15KB 16KB [ 595.681213] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 595.686316] Node 0 DMA32 free:17764kB min:35996kB low:44992kB high:53988kB active_anon:51976kB inactive_anon:26976kB active_file:64kB inactive_file:64kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7552kB pagetables:1920kB bounce:0kB free_pcp:604kB local_pcp:356kB free_cma:0kB [ 595.689529] cifs_request 67KB 67KB [ 595.729981] lowmem_reserve[]: 0 0 1 1 1 [ 595.734000] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 595.741038] cifs_mpx_ids 0KB 7KB [ 595.774379] lowmem_reserve[]: 0 0 0 0 0 [ 595.780378] Node 1 Normal free:26932kB min:53876kB low:67344kB high:80812kB active_anon:880kB inactive_anon:24460kB active_file:0kB inactive_file:8kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:288kB pagetables:116kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 595.785975] nfs_commit_data 3KB 14KB [ 595.822313] nfs_write_data 34KB 44KB [ 595.825664] lowmem_reserve[]: 0 0 0 0 0 [ 595.827772] ext4_system_zone 1KB 7KB [ 595.831722] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10884kB [ 595.837147] bio-1 1KB 7KB [ 595.837159] pid_namespace 2KB 11KB [ 595.837178] rpc_buffers 17KB 25KB [ 595.837187] rpc_tasks 2KB 7KB [ 595.837198] UNIX 1141KB 1207KB [ 595.849970] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 595.855406] tcp_bind_bucket 1KB 4KB [ 595.860778] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 595.866110] ip_fib_trie 26KB 35KB [ 595.871485] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 595.876811] ip_fib_alias 128KB 169KB [ 595.876821] ip_dst_cache 10KB 16KB [ 595.876832] RAW 54KB 60KB [ 595.876843] UDP 40KB 60KB [ 595.883368] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 595.888745] TCP 8KB 16KB [ 595.895245] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 595.905864] hugetlbfs_inode_cache 3KB 15KB [ 595.907875] Node 0 DMA32: 1979*4kB (UME) 874*8kB (UME) 159*16kB (UME) 11*32kB (UM) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17804kB [ 595.912423] fscache_cookie_jar 1KB 11KB [ 595.917797] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 595.917850] Node 1 Normal: 123*4kB (ME) 103*8kB (ME) 107*16kB (UME) 75*32kB (ME) 50*64kB (UME) 21*128kB (ME) 9*256kB (UME) 4*512kB (UM) 1*1024kB (M) 1*2048kB (U) 2*4096kB (UM) = 26932kB [ 595.925915] eventpoll_pwq 26KB 43KB [ 595.929579] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 595.935141] eventpoll_epi 49KB 63KB [ 595.940560] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 595.940571] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 595.940581] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 595.940587] 13290 total pagecache pages [ 595.940600] 0 pages in swap cache [ 595.940608] Swap cache stats: add 0, delete 0, find 0/0 [ 595.940616] Free swap = 0kB [ 595.953522] inotify_inode_mark 15KB 59KB [ 595.966495] Total swap = 0kB [ 595.966506] 2097051 pages RAM [ 595.966511] 0 pages HighMem/MovableOnly [ 595.966516] 369649 pages reserved [ 595.966522] 0 pages cma reserved [ 596.090574] request_queue 199KB 199KB [ 596.097597] blkdev_requests 1KB 3KB [ 596.102972] blkdev_ioc 23KB 30KB [ 596.112294] bio-0 1020KB 1020KB [ 596.119383] biovec-max 1617KB 1617KB [ 596.124754] biovec-64 1063KB 1063KB [ 596.134085] biovec-16 88KB 90KB [ 596.141077] bio_integrity_payload 1KB 8KB [ 596.150774] khugepaged_mm_slot 4KB 34KB [ 596.157993] uid_cache 0KB 4KB [ 596.163363] dmaengine-unmap-2 0KB 3KB [ 596.172903] skbuff_fclone_cache 34KB 78KB [ 596.180066] skbuff_head_cache 8797KB 8797KB [ 596.185432] configfs_dir_cache 3KB 7KB [ 596.194820] file_lock_cache 56KB 202KB [ 596.201823] file_lock_ctx 9KB 11KB [ 596.212224] fsnotify_mark_connector 7KB 35KB [ 596.219870] net_namespace 70KB 70KB [ 596.225237] shmem_inode_cache 8074KB 8353KB [ 596.234552] task_delay_info 205KB 387KB [ 596.241605] taskstats 30KB 122KB [ 596.250926] proc_dir_entry 823KB 832KB [ 596.257892] pde_opener 12KB 34KB [ 596.263255] seq_file 280KB 511KB [ 596.272551] sigqueue 55KB 59KB [ 596.279534] kernfs_node_cache 19195KB 19309KB [ 596.285162] mnt_cache 208KB 212KB [ 596.294544] filp 6959KB 7961KB [ 596.301543] names_cache 125464KB 125472KB [ 596.310928] iint_cache 28KB 63KB [ 596.317924] key_jar 39KB 210KB [ 596.323297] uts_namespace 3KB 11KB [ 596.333688] nsproxy 2KB 7KB [ 596.340676] vm_area_struct 3124KB 4219KB [ 596.349997] mm_struct 461KB 838KB [ 596.355365] fs_cache 199KB 388KB [ 596.362351] files_cache 731KB 918KB [ 596.371670] signal_cache 1391KB 1717KB [ 596.378795] sighand_cache 568KB 631KB [ 596.384168] task_struct 6748KB 6785KB [ 596.393717] cred_jar 2005KB 2220KB [ 596.400720] anon_vma_chain 997KB 1496KB [ 596.412342] anon_vma 121KB 292KB [ 596.419345] pid 120KB 232KB [ 596.424710] Acpi-Operand 156KB 198KB [ 596.434128] Acpi-ParseExt 9KB 11KB [ 596.441135] Acpi-Parse 41KB 47KB [ 596.473422] Acpi-State 52KB 63KB [ 596.478968] Acpi-Namespace 20KB 27KB [ 596.484344] numa_policy 0KB 3KB [ 596.515995] debug_objects_cache 1308KB 1832KB [ 596.522714] trace_event_file 297KB 298KB [ 596.535953] ftrace_event_field 398KB 401KB [ 596.541543] pool_workqueue 131KB 144KB [ 596.585931] page->ptl 460KB 1008KB [ 596.592627] kmalloc-2097152 2050KB 2050KB [ 596.605913] kmalloc-524288 2056KB 2056KB [ 596.622315] kmalloc-262144 1290KB 1290KB [ 596.627792] kmalloc-131072 650KB 650KB [ 596.633257] kmalloc-65536 2376KB 2442KB [ 596.639185] kmalloc-32768 1980KB 1980KB [ 596.655897] kmalloc-16384 1138KB 1138KB [ 596.661289] kmalloc-8192 4611KB 4611KB [ 596.685910] kmalloc-4096 24667KB 24667KB [ 596.691310] kmalloc-2048 14768KB 15402KB [ 596.706009] kmalloc-1024 12327KB 12332KB [ 596.711399] kmalloc-512 17016KB 17017KB [ 596.735987] kmalloc-256 4954KB 5463KB [ 596.741407] kmalloc-128 1101KB 1401KB [ 596.755884] kmalloc-96 3662KB 4080KB [ 596.761275] kmalloc-64 2579KB 3904KB [ 596.785945] kmalloc-32 1940KB 2543KB [ 596.791341] kmalloc-192 1943KB 2440KB [ 596.802534] kmem_cache 177KB 183KB [ 596.815893] Out of memory (oom_kill_allocating_task): Kill process 8081 (syz-fuzzer) score 0 or sacrifice child [ 596.835978] Killed process 8106 (syz-executor.0) total-vm:48512kB, anon-rss:440kB, file-rss:4kB, shmem-rss:0kB [ 596.856890] oom_reaper: reaped process 8106 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:0kB [ 597.001734] systemd[1]: systemd-journald.service: Failed with result 'signal'. [ 597.033088] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 597.132595] systemd[1]: Starting Load/Save RF Kill Switch Status... [ 597.166008] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 597.173527] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 597.206005] systemd[1]: Stopped Journal Service. [ 597.234219] systemd[1]: Starting Journal Service... [ 597.367960] systemd[1]: Started Load/Save RF Kill Switch Status. [ 597.399212] systemd-journald[2083]: File /run/log/journal/04d8c135ee6b410280ba31a58c89679d/system.journal corrupted or uncleanly shut down, renaming and replacing. [ 598.202608] systemd[1]: Started Journal Service. [ 603.529947] device hsr_slave_1 left promiscuous mode [ 603.539644] device hsr_slave_0 left promiscuous mode [ 603.554843] team0 (unregistering): Port device team_slave_1 removed [ 603.567831] team0 (unregistering): Port device team_slave_0 removed [ 603.578142] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 603.589106] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 603.620897] bond0 (unregistering): Released all slaves [ 603.633945] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 603.815415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 603.823228] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 603.833860] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 603.841303] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 603.848542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 603.856898] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 603.870634] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 603.874215] IPVS: ftp: loaded support on port[0] = 21 [ 603.881568] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 603.895274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 603.905128] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 603.913080] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 603.921357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 603.944114] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 603.950370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 604.108385] chnl_net:caif_netlink_parms(): no params data found [ 604.154255] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 604.170974] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 604.178695] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 604.188177] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 604.199966] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 604.296050] bridge0: port 1(bridge_slave_0) entered blocking state [ 604.302640] bridge0: port 1(bridge_slave_0) entered disabled state [ 604.317666] device bridge_slave_0 entered promiscuous mode [ 604.329882] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 604.345724] bridge0: port 2(bridge_slave_1) entered blocking state [ 604.352105] bridge0: port 2(bridge_slave_1) entered disabled state [ 604.367437] device bridge_slave_1 entered promiscuous mode [ 604.377057] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 604.385944] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 604.400371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 604.432644] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 604.443481] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 604.478068] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 604.491261] team0: Port device team_slave_0 added [ 604.500388] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 604.519294] team0: Port device team_slave_1 added [ 604.554632] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 604.571282] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 604.581250] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 604.602991] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 604.613616] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 604.646611] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 604.665009] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 604.681333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 604.691039] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 604.706258] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 604.712516] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 604.747193] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 604.764862] device veth0_vlan entered promiscuous mode [ 604.773489] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 604.782844] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 604.800317] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 604.824515] device veth1_vlan entered promiscuous mode [ 604.833767] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 604.857628] device hsr_slave_0 entered promiscuous mode [ 604.863978] device hsr_slave_1 entered promiscuous mode [ 604.887614] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 604.902392] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 604.911345] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 604.942273] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 604.950328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 604.964872] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 604.975782] device veth0_macvtap entered promiscuous mode [ 604.982230] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 605.000752] device veth1_macvtap entered promiscuous mode [ 605.010946] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 605.020981] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 605.074247] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 605.101287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 605.112926] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 605.133950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 605.144038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 605.153529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 605.163548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 605.173189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 605.182938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 605.193866] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 605.201174] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 605.210764] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 605.218534] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 605.226450] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 605.234176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 605.248285] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 605.259534] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 605.270283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 605.280717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 605.285423] Bluetooth: hci1: command 0x0409 tx timeout [ 605.290788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 605.306141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 605.315328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 605.325048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 605.337047] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 605.343960] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 605.354157] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 605.362645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 605.377021] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 605.618364] 8021q: adding VLAN 0 to HW filter on device bond0 [ 605.733079] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 605.743644] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 605.753033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 605.760036] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 605.883473] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 605.890080] 8021q: adding VLAN 0 to HW filter on device team0 [ 605.902464] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 605.910229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 605.918720] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 605.927434] bridge0: port 1(bridge_slave_0) entered blocking state [ 605.933792] bridge0: port 1(bridge_slave_0) entered forwarding state [ 605.942297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 606.060580] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 606.069977] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 606.078436] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 606.087252] bridge0: port 2(bridge_slave_1) entered blocking state [ 606.093604] bridge0: port 2(bridge_slave_1) entered forwarding state [ 606.106053] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 606.116760] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 606.124066] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 606.132776] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 606.150975] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 606.160947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 606.169274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 606.177448] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 606.294956] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 606.303423] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 606.311724] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 606.321128] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 606.329863] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 606.337602] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 606.345996] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 606.371311] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 606.382871] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 606.476406] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 606.484178] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 606.496012] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 606.502068] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 606.524290] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 606.531949] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 606.541445] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 606.652191] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 606.661607] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 606.668953] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 606.676164] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 02:32:56 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000000)={0xbc5, 0x5}) [ 606.872826] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 606.883162] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 606.889669] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 606.897516] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 606.910399] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 607.048144] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 607.059012] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 607.067086] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 607.074980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 607.211171] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 607.219051] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 607.227110] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 607.237550] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 607.339628] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 607.347104] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 607.357572] device veth0_vlan entered promiscuous mode [ 607.363727] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 607.371393] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 607.379115] Bluetooth: hci1: command 0x041b tx timeout [ 607.391011] device veth1_vlan entered promiscuous mode [ 607.400373] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 607.508059] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 607.523420] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 607.534038] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 607.542085] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 607.550807] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 607.558504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 607.566587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 607.583504] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 607.592422] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 607.601461] device bridge_slave_1 left promiscuous mode [ 607.607163] bridge0: port 2(bridge_slave_1) entered disabled state [ 607.614301] device bridge_slave_0 left promiscuous mode [ 607.620054] bridge0: port 1(bridge_slave_0) entered disabled state [ 607.629650] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 607.636687] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 607.644261] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 607.652141] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 607.660649] device bridge_slave_1 left promiscuous mode [ 607.666585] bridge0: port 2(bridge_slave_1) entered disabled state [ 607.673597] device bridge_slave_0 left promiscuous mode [ 607.679161] bridge0: port 1(bridge_slave_0) entered disabled state [ 607.688672] device veth1_macvtap left promiscuous mode [ 607.694078] device veth0_macvtap left promiscuous mode [ 607.699506] device veth1_vlan left promiscuous mode [ 607.704592] device veth0_vlan left promiscuous mode [ 609.444979] Bluetooth: hci1: command 0x040f tx timeout [ 611.524973] Bluetooth: hci1: command 0x0419 tx timeout [ 612.011056] device hsr_slave_1 left promiscuous mode [ 612.020045] device hsr_slave_0 left promiscuous mode [ 612.033250] team0 (unregistering): Port device team_slave_1 removed [ 612.042859] team0 (unregistering): Port device team_slave_0 removed [ 612.055932] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 612.066634] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 612.099934] bond0 (unregistering): Released all slaves [ 612.140289] device hsr_slave_1 left promiscuous mode [ 612.147938] device hsr_slave_0 left promiscuous mode [ 612.163607] team0 (unregistering): Port device team_slave_1 removed [ 612.173715] team0 (unregistering): Port device team_slave_0 removed [ 612.183562] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 612.193936] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 612.226380] bond0 (unregistering): Released all slaves [ 612.237686] device veth0_macvtap entered promiscuous mode [ 612.244455] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 612.254739] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 612.271672] device veth1_macvtap entered promiscuous mode [ 612.282746] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 612.293568] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 612.303053] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 612.315541] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.324877] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 612.334585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.344287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 612.354186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.364445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 612.374256] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.385240] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 612.392200] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 612.398888] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 612.407041] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 612.417328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.427254] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.437292] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.447656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.456866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.467908] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.477280] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 612.487360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 612.498023] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 612.505099] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 612.511826] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 612.520280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 612.700997] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 612.718963] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 612.746281] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 612.771929] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 612.782242] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready 02:33:02 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x1, 0x0, 0x5}) [ 612.800128] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 612.809483] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 612.821357] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 02:33:02 executing program 5: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000003c0)=@fd={0x1, 0x3, 0x4, 0x14020, 0x5, {0x0, 0x2710}, {0x1, 0x8, 0xec, 0x80, 0x40, 0x2, "7bf3a4d2"}, 0x2, 0x4, {}, 0x6, 0x0, r1}) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000080)=0x3) 02:33:02 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000000)={0xbc5, 0x5}) 02:33:02 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x1, 0x0, 0x5}) 02:33:02 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) pipe2$watch_queue(&(0x7f0000000140), 0x80) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:02 executing program 0: pipe2$watch_queue(&(0x7f0000000300), 0x80) socket$can_bcm(0x1d, 0x2, 0x2) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={0x0}}, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:03 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000100)={0x1, 0x1, 0x4, 0x0, 0xc1}) clock_gettime(0x0, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000080)) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r6, 0x0, 0x0) r7 = syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) sendmsg$GTP_CMD_NEWPDP(r6, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x58, r7, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@GTPA_TID={0xc, 0x3, 0x4}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_LINK={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010100}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}]}, 0x58}, 0x1, 0x0, 0x0, 0xe7092783d077c62b}, 0xc0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r5, 0xc058565d, &(0x7f00000001c0)=@overlay={0x9, 0x2, 0x4, 0x4, 0x9, {0x0, 0x2710}, {0x4, 0x2, 0x2, 0x0, 0x40, 0x40, "34513ff2"}, 0x829, 0x3, {}, 0x5, 0x0, r4}) 02:33:03 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, 0x0) 02:33:03 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x1, 0x0, 0x5}) 02:33:03 executing program 5: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000080)=0x3) 02:33:03 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, 0x0) 02:33:03 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) (async, rerun: 64) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) (rerun: 64) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) (async, rerun: 32) r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (rerun: 32) ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000100)={0x1, 0x1, 0x4, 0x0, 0xc1}) clock_gettime(0x0, &(0x7f0000000040)) (async) clock_gettime(0x0, &(0x7f0000000080)) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r6, 0x0, 0x0) (async, rerun: 64) r7 = syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) (rerun: 64) sendmsg$GTP_CMD_NEWPDP(r6, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x58, r7, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@GTPA_TID={0xc, 0x3, 0x4}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_LINK={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010100}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}]}, 0x58}, 0x1, 0x0, 0x0, 0xe7092783d077c62b}, 0xc0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r5, 0xc058565d, &(0x7f00000001c0)=@overlay={0x9, 0x2, 0x4, 0x4, 0x9, {0x0, 0x2710}, {0x4, 0x2, 0x2, 0x0, 0x40, 0x40, "34513ff2"}, 0x829, 0x3, {}, 0x5, 0x0, r4}) 02:33:03 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x1, 0x0, 0x5}) [ 614.073665] IPVS: ftp: loaded support on port[0] = 21 [ 614.176529] chnl_net:caif_netlink_parms(): no params data found [ 614.222862] bridge0: port 1(bridge_slave_0) entered blocking state [ 614.232100] bridge0: port 1(bridge_slave_0) entered disabled state [ 614.239797] device bridge_slave_0 entered promiscuous mode [ 614.248039] bridge0: port 2(bridge_slave_1) entered blocking state [ 614.254383] bridge0: port 2(bridge_slave_1) entered disabled state [ 614.262412] device bridge_slave_1 entered promiscuous mode [ 614.280240] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 614.289638] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 614.310281] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 614.317562] team0: Port device team_slave_0 added [ 614.322930] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 614.330620] team0: Port device team_slave_1 added [ 614.348243] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 614.354548] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 614.379838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 614.390986] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 614.397313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 614.423410] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 614.438362] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 614.446020] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 614.465149] device hsr_slave_0 entered promiscuous mode [ 614.470802] device hsr_slave_1 entered promiscuous mode [ 614.477443] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 614.484727] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 614.550606] bridge0: port 2(bridge_slave_1) entered blocking state [ 614.557139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 614.563837] bridge0: port 1(bridge_slave_0) entered blocking state [ 614.570248] bridge0: port 1(bridge_slave_0) entered forwarding state [ 614.602821] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 614.610085] 8021q: adding VLAN 0 to HW filter on device bond0 [ 614.620280] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 614.629645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 614.637208] bridge0: port 1(bridge_slave_0) entered disabled state [ 614.643841] bridge0: port 2(bridge_slave_1) entered disabled state [ 614.651344] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 614.662131] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 614.668628] 8021q: adding VLAN 0 to HW filter on device team0 [ 614.678038] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 614.685887] bridge0: port 1(bridge_slave_0) entered blocking state [ 614.692235] bridge0: port 1(bridge_slave_0) entered forwarding state [ 614.705542] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 614.714062] bridge0: port 2(bridge_slave_1) entered blocking state [ 614.720496] bridge0: port 2(bridge_slave_1) entered forwarding state [ 614.735212] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 614.743070] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 614.751143] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 614.761293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 614.773921] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 614.784553] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 614.790592] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 614.799073] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 614.829529] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 614.838506] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 614.845598] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 614.858993] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 614.892988] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 614.903439] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 614.936854] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 614.943910] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 614.951429] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 614.961048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 614.968922] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 614.976163] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 614.986740] device veth0_vlan entered promiscuous mode [ 614.996728] device veth1_vlan entered promiscuous mode [ 615.002495] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 615.011796] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 615.024181] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 615.033851] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 615.041190] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 615.049435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 615.059168] device veth0_macvtap entered promiscuous mode [ 615.066529] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 615.075022] device veth1_macvtap entered promiscuous mode [ 615.083622] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 615.093265] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 615.102284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.112369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.121536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.131361] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.140514] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.150293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.159477] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.169236] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.178562] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 615.188336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.199440] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 615.207802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 615.217640] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 615.227753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.237645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.246902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.256978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.266204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.275989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.285159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.294937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.304060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 615.313854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 615.324000] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 615.331985] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 615.339871] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 615.348563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 615.480228] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 615.487569] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 615.495809] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 615.502574] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready 02:33:05 executing program 0: pipe2$watch_queue(&(0x7f0000000300), 0x80) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={0x0}}, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:05 executing program 5: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000080)=0x3) 02:33:05 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, 0x0) 02:33:05 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) pipe2$watch_queue(&(0x7f0000000140), 0x80) 02:33:05 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x1, 0x0, 0x5}) 02:33:05 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) (async) r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000100)={0x1, 0x1, 0x4, 0x0, 0xc1}) clock_gettime(0x0, &(0x7f0000000040)) (async) clock_gettime(0x0, &(0x7f0000000080)) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r6, 0x0, 0x0) r7 = syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) sendmsg$GTP_CMD_NEWPDP(r6, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x58, r7, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@GTPA_TID={0xc, 0x3, 0x4}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_LINK={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010100}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}]}, 0x58}, 0x1, 0x0, 0x0, 0xe7092783d077c62b}, 0xc0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r5, 0xc058565d, &(0x7f00000001c0)=@overlay={0x9, 0x2, 0x4, 0x4, 0x9, {0x0, 0x2710}, {0x4, 0x2, 0x2, 0x0, 0x40, 0x40, "34513ff2"}, 0x829, 0x3, {}, 0x5, 0x0, r4}) [ 615.530678] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 615.538387] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 615.547341] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 615.554404] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 02:33:05 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000000)={0x0, 0x5}) 02:33:05 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:05 executing program 5: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000000080)=0x3) 02:33:05 executing program 0: pipe2$watch_queue(&(0x7f0000000300), 0x80) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={0x0}}, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:05 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000000)=0x2) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)=[&(0x7f0000000080)='!.\x00', &(0x7f0000000140)='}^}*]-)\'\x00'], &(0x7f0000000400)=[&(0x7f00000001c0)='/dev/vim2m\x00', &(0x7f0000000200)='+\x00', &(0x7f0000000240)='{:-\x00', &(0x7f0000000280)='/dev/vim2m\x00', &(0x7f00000002c0)=']/\x00', &(0x7f0000000300)='\'\x00', &(0x7f0000000340)=',:\\\x00', &(0x7f0000000380)='/dev/vim2m\x00', &(0x7f00000003c0)='{}\x00'], 0x1000) 02:33:05 executing program 5: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000000080)=0x3) 02:33:05 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000000)) 02:33:05 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:05 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) (async) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000000)=0x2) (async) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)=[&(0x7f0000000080)='!.\x00', &(0x7f0000000140)='}^}*]-)\'\x00'], &(0x7f0000000400)=[&(0x7f00000001c0)='/dev/vim2m\x00', &(0x7f0000000200)='+\x00', &(0x7f0000000240)='{:-\x00', &(0x7f0000000280)='/dev/vim2m\x00', &(0x7f00000002c0)=']/\x00', &(0x7f0000000300)='\'\x00', &(0x7f0000000340)=',:\\\x00', &(0x7f0000000380)='/dev/vim2m\x00', &(0x7f00000003c0)='{}\x00'], 0x1000) 02:33:05 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:05 executing program 0: pipe2$watch_queue(&(0x7f0000000300), 0x80) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={0x0}}, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:05 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:05 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) pipe2$watch_queue(&(0x7f0000000140), 0x80) 02:33:05 executing program 5: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000000080)=0x3) 02:33:05 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) (async) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000000)=0x2) (async) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)=[&(0x7f0000000080)='!.\x00', &(0x7f0000000140)='}^}*]-)\'\x00'], &(0x7f0000000400)=[&(0x7f00000001c0)='/dev/vim2m\x00', &(0x7f0000000200)='+\x00', &(0x7f0000000240)='{:-\x00', &(0x7f0000000280)='/dev/vim2m\x00', &(0x7f00000002c0)=']/\x00', &(0x7f0000000300)='\'\x00', &(0x7f0000000340)=',:\\\x00', &(0x7f0000000380)='/dev/vim2m\x00', &(0x7f00000003c0)='{}\x00'], 0x1000) 02:33:05 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x0, 0x1, 0x1, 0x0, 0x5}) 02:33:05 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:05 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={0x0}}, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:06 executing program 5: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000080)=0x3) 02:33:06 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x4], 0x1, 0x80000, 0x0, 0xffffffffffffffff}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x3}) 02:33:06 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x0, 0x1, 0x1, 0x0, 0x5}) 02:33:06 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:06 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x4], 0x1, 0x80000, 0x0, 0xffffffffffffffff}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x3}) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x4], 0x1, 0x80000}) (async) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x3}) (async) 02:33:06 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={0x0}}, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:06 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) pipe2$watch_queue(&(0x7f0000000140), 0x80) 02:33:06 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000080)=0x3) 02:33:06 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x0, 0x1, 0x1, 0x0, 0x5}) 02:33:06 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x4], 0x1, 0x80000, 0x0, 0xffffffffffffffff}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x3}) 02:33:06 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={0x0}}, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) [ 616.089203] Bluetooth: hci2: command 0x0409 tx timeout 02:33:06 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x1f, 0x2) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000080)=0x3) 02:33:06 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) read$proc_mixer(0xffffffffffffffff, &(0x7f0000000000)=""/16, 0x10) 02:33:06 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) pipe2$watch_queue(&(0x7f0000000140), 0x80) 02:33:06 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x7, 0x0, 0x1, 0x0, 0x5}) 02:33:06 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) 02:33:06 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x1f, 0x2) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000080)=0x3) 02:33:06 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) read$proc_mixer(0xffffffffffffffff, &(0x7f0000000000)=""/16, 0x10) 02:33:06 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:06 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x7, 0x0, 0x1, 0x0, 0x5}) 02:33:06 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x1f, 0x2) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000080)=0x3) 02:33:06 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) (async) read$proc_mixer(0xffffffffffffffff, &(0x7f0000000000)=""/16, 0x10) 02:33:06 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) r0 = add_key$fscrypt_v1(0x0, &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:06 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) 02:33:06 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x7, 0x0, 0x1, 0x0, 0x5}) 02:33:06 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000080)=0x3) 02:33:06 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:06 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) r0 = add_key$fscrypt_v1(0x0, &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:06 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, &(0x7f0000000040)=0xffffffffffffffff) ioctl$vim2m_VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f0000000140)=@fd={0x8001, 0x0, 0x4, 0xe000, 0xffff, {0x77359400}, {0x4, 0x2, 0x4, 0x2, 0x2, 0xc, "7beb9f64"}, 0x0, 0x4, {}, 0x6, 0x0, r2}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:06 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x0, 0x0, 0x5}) 02:33:06 executing program 5: syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000000080)=0x3) 02:33:06 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) r0 = add_key$fscrypt_v1(0x0, &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:06 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) (async) ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, &(0x7f0000000040)=0xffffffffffffffff) ioctl$vim2m_VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f0000000140)=@fd={0x8001, 0x0, 0x4, 0xe000, 0xffff, {0x77359400}, {0x4, 0x2, 0x4, 0x2, 0x2, 0xc, "7beb9f64"}, 0x0, 0x4, {}, 0x6, 0x0, r2}) (async) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:06 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x0, 0x0, 0x5}) 02:33:06 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:06 executing program 5: syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000000080)=0x3) 02:33:06 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), 0x0, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:06 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, &(0x7f0000000040)=0xffffffffffffffff) ioctl$vim2m_VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f0000000140)=@fd={0x8001, 0x0, 0x4, 0xe000, 0xffff, {0x77359400}, {0x4, 0x2, 0x4, 0x2, 0x2, 0xc, "7beb9f64"}, 0x0, 0x4, {}, 0x6, 0x0, r2}) (async) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:06 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) 02:33:06 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x0, 0x0, 0x5}) 02:33:06 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:06 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), 0x0, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:06 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000000)={0x0, 0xfffffffd}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:06 executing program 5: syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000000080)=0x3) 02:33:06 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, 0x0) 02:33:06 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000000)={0x0, 0xfffffffd}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:06 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x1}) 02:33:06 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), 0x0, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:06 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, 0x0) 02:33:06 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) 02:33:06 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000000)={0x0, 0xfffffffd}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:07 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x1}) 02:33:07 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) 02:33:07 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:07 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, 0x0) 02:33:07 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000140)=@userptr={0x2, 0x2, 0x4, 0xe000, 0x2, {r1, r2/1000+10000}, {0x5, 0xc, 0x1f, 0x4, 0x2, 0x5, "f7271866"}, 0x1, 0x2, {&(0x7f0000000080)}, 0x20}) 02:33:07 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:07 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x1}) 02:33:07 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000080)) 02:33:07 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee00, 0xffffffffffffffff) 02:33:07 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:07 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) 02:33:07 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) (async) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) (async) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000140)=@userptr={0x2, 0x2, 0x4, 0xe000, 0x2, {r1, r2/1000+10000}, {0x5, 0xc, 0x1f, 0x4, 0x2, 0x5, "f7271866"}, 0x1, 0x2, {&(0x7f0000000080)}, 0x20}) 02:33:07 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, 0x0, 0xee00, 0xffffffffffffffff) 02:33:07 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) 02:33:07 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) 02:33:07 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, 0x0, 0xee00, 0xffffffffffffffff) 02:33:07 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) (async, rerun: 32) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) (rerun: 32) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000140)=@userptr={0x2, 0x2, 0x4, 0xe000, 0x2, {r1, r2/1000+10000}, {0x5, 0xc, 0x1f, 0x4, 0x2, 0x5, "f7271866"}, 0x1, 0x2, {&(0x7f0000000080)}, 0x20}) 02:33:07 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) 02:33:07 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:07 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) 02:33:07 executing program 2: ioctl$PPPIOCGFLAGS1(0xffffffffffffffff, 0x8004745a, &(0x7f0000000000)) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:07 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:07 executing program 0: sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x0) add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, 0x0, 0xee00, 0xffffffffffffffff) 02:33:07 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:07 executing program 2: ioctl$PPPIOCGFLAGS1(0xffffffffffffffff, 0x8004745a, &(0x7f0000000000)) (async) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:07 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000140)=@userptr={0x2, 0x2, 0x4, 0xe000, 0x2, {r1, r2/1000+10000}, {0x5, 0xc, 0x1f, 0x4, 0x2, 0x5, "f7271866"}, 0x1, 0x2, {&(0x7f0000000080)}, 0x20}) 02:33:07 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:07 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) 02:33:07 executing program 2: ioctl$PPPIOCGFLAGS1(0xffffffffffffffff, 0x8004745a, &(0x7f0000000000)) (async) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:07 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000140)=@userptr={0x2, 0x2, 0x4, 0xe000, 0x2, {r1, r2/1000+10000}, {0x5, 0xc, 0x1f, 0x4, 0x2, 0x5, "f7271866"}, 0x1, 0x2, {&(0x7f0000000080)}, 0x20}) 02:33:07 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:07 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000140)=@userptr={0x2, 0x2, 0x4, 0xe000, 0x2, {r1, r2/1000+10000}, {0x5, 0xc, 0x1f, 0x4, 0x2, 0x5, "f7271866"}, 0x1, 0x2, {&(0x7f0000000080)}, 0x20}) 02:33:07 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:07 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:07 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:07 executing program 2: r0 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_MODIFY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r0, 0x8, 0x70bd27, 0x25dfdbfb, {}, [@L2TP_ATTR_DATA_SEQ={0x5}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004000}, 0x40) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0), 0x0, 0x8, &(0x7f0000000300)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x44, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_LINK={0x8}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_LINK={0x8, 0x1, r2}, @GTPA_MS_ADDRESS={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @GTPA_LINK={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x40800}, 0x15) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$PPPOEIOCSFWD(r3, 0x4008b100, &(0x7f00000002c0)={0x18, 0x0, {0x3, @empty, 'tunl0\x00'}}) ioctl$vim2m_VIDIOC_EXPBUF(r1, 0xc0405610, &(0x7f0000000040)={0x1, 0x2, 0x9, 0x80400}) 02:33:07 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) clock_gettime(0x0, &(0x7f0000000040)) 02:33:07 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:07 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:07 executing program 2: r0 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_MODIFY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r0, 0x8, 0x70bd27, 0x25dfdbfb, {}, [@L2TP_ATTR_DATA_SEQ={0x5}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004000}, 0x40) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0), 0x0, 0x8, &(0x7f0000000300)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x44, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_LINK={0x8}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_LINK={0x8, 0x1, r2}, @GTPA_MS_ADDRESS={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @GTPA_LINK={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x40800}, 0x15) (async) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) (async) ioctl$PPPOEIOCSFWD(r3, 0x4008b100, &(0x7f00000002c0)={0x18, 0x0, {0x3, @empty, 'tunl0\x00'}}) (async) ioctl$vim2m_VIDIOC_EXPBUF(r1, 0xc0405610, &(0x7f0000000040)={0x1, 0x2, 0x9, 0x80400}) 02:33:07 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:07 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:07 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) 02:33:07 executing program 2: r0 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_MODIFY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r0, 0x8, 0x70bd27, 0x25dfdbfb, {}, [@L2TP_ATTR_DATA_SEQ={0x5}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004000}, 0x40) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0), 0x0, 0x8, &(0x7f0000000300)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x44, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_LINK={0x8}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_LINK={0x8, 0x1, r2}, @GTPA_MS_ADDRESS={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @GTPA_LINK={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x40800}, 0x15) (async) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) (async) ioctl$PPPOEIOCSFWD(r3, 0x4008b100, &(0x7f00000002c0)={0x18, 0x0, {0x3, @empty, 'tunl0\x00'}}) (async) ioctl$vim2m_VIDIOC_EXPBUF(r1, 0xc0405610, &(0x7f0000000040)={0x1, 0x2, 0x9, 0x80400}) 02:33:07 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:08 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:08 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:08 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$vim2m_VIDIOC_QUERYCAP(r1, 0x80685600, &(0x7f0000000140)) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f00000001c0)=0x3) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000280)=0x1) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000200)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000000)={r3, 0x1, 0x9}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:08 executing program 0: ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:08 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:08 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:08 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$vim2m_VIDIOC_QUERYCAP(r1, 0x80685600, &(0x7f0000000140)) (async) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f00000001c0)=0x3) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000280)=0x1) (async) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000200)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000000)={r3, 0x1, 0x9}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:08 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:08 executing program 0: ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:08 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:08 executing program 0: ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:08 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$vim2m_VIDIOC_QUERYCAP(r1, 0x80685600, &(0x7f0000000140)) (async) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f00000001c0)=0x3) (async) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000280)=0x1) (async) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000200)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000000)={r3, 0x1, 0x9}) (async) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) [ 618.164218] Bluetooth: hci2: command 0x041b tx timeout 02:33:08 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:08 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:08 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:08 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4, 0x0, 0x4}) socketpair(0x3, 0x1, 0x6, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_udp_int(r1, 0x11, 0x65, &(0x7f0000000040), &(0x7f0000000080)=0x4) 02:33:08 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:08 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) 02:33:08 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:08 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4, 0x0, 0x4}) socketpair(0x3, 0x1, 0x6, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_udp_int(r1, 0x11, 0x65, &(0x7f0000000040), &(0x7f0000000080)=0x4) 02:33:08 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:08 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:08 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) 02:33:08 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:08 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4, 0x0, 0x4}) socketpair(0x3, 0x1, 0x6, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_udp_int(r1, 0x11, 0x65, &(0x7f0000000040), &(0x7f0000000080)=0x4) 02:33:08 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:08 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:08 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:08 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) socket$can_raw(0x1d, 0x3, 0x1) 02:33:08 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:08 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) 02:33:08 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:08 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) (async) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) socket$can_raw(0x1d, 0x3, 0x1) 02:33:08 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) 02:33:08 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:08 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:08 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) (async) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) socket$can_raw(0x1d, 0x3, 0x1) 02:33:08 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:08 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:08 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, 0x0) 02:33:08 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:08 executing program 2: ioctl$PPPIOCGUNIT(0xffffffffffffffff, 0x80047456, &(0x7f0000000040)) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000080)={0x1, 0x1}) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$PPPIOCDISCONN(0xffffffffffffffff, 0x7439) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:08 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:08 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:08 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, 0x0) 02:33:08 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:08 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, 0x0) 02:33:08 executing program 2: ioctl$PPPIOCGUNIT(0xffffffffffffffff, 0x80047456, &(0x7f0000000040)) (async) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000080)={0x1, 0x1}) (async) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async) ioctl$PPPIOCDISCONN(0xffffffffffffffff, 0x7439) (async) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:09 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:09 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:09 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:09 executing program 2: ioctl$PPPIOCGUNIT(0xffffffffffffffff, 0x80047456, &(0x7f0000000040)) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000080)={0x1, 0x1}) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async, rerun: 64) ioctl$PPPIOCDISCONN(0xffffffffffffffff, 0x7439) (rerun: 64) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:09 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:09 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:09 executing program 1: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:09 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:09 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:09 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:09 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:09 executing program 2: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f0000000040)={r0, r1/1000+60000}, 0x10) r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4, 0x0, 0x7}) 02:33:09 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:09 executing program 1: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:09 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:09 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:09 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:09 executing program 2: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f0000000040)={r0, r1/1000+60000}, 0x10) (async) r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4, 0x0, 0x7}) 02:33:09 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:09 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x0, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:09 executing program 2: clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f0000000040)={r0, r1/1000+60000}, 0x10) r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4, 0x0, 0x7}) clock_gettime(0x0, &(0x7f0000000000)) (async) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f0000000040)={r0, r1/1000+60000}, 0x10) (async) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async) ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4, 0x0, 0x7}) (async) 02:33:09 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:09 executing program 1: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:09 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x0, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:09 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000240)=@userptr={0x80, 0x1, 0x4, 0xe000, 0x6, {}, {0x1, 0x8, 0x9, 0x6, 0x3f, 0x0, "32014413"}, 0x3f, 0x2, {&(0x7f0000000040)}, 0x4, 0x0, 0xffffffffffffffff}) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {r3, r4/1000+60000}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda, 0x0, r2}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_CREATE_BUFS(r5, 0xc100565c, &(0x7f0000000140)={0xffffffc1, 0x8, 0x1, {0x3, @raw_data="fa810d1ba9448780fe6b8f82a4d7c50acc45682bf22f153365bd17537af483dcf3c6c957e39dbebc0ad8b8e345d90121d56c437608473e10e054c390612a8f1fde0de7ce2217714c8c7a5840b90405483a20a0dced9e3364f8828126e83490573043840c93fb0cfe7f6bbf2c773d522808a434cf9ab090d9d7785fda2752309678f8fdee66580b9cd09832a52fb094502a2ee0d32dc3c3adba44003c107e0b7c2e5768b2bd7cd40720af126d3707a47c1284845289e32d2ad298e0839b28aba32bf1bb7b23feada1"}, 0x8000000}) 02:33:09 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x0, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:09 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:09 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:09 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x2, 0x0, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:09 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000240)=@userptr={0x80, 0x1, 0x4, 0xe000, 0x6, {}, {0x1, 0x8, 0x9, 0x6, 0x3f, 0x0, "32014413"}, 0x3f, 0x2, {&(0x7f0000000040)}, 0x4, 0x0, 0xffffffffffffffff}) (async) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {r3, r4/1000+60000}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda, 0x0, r2}) (async) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) (async) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) (async) ioctl$vim2m_VIDIOC_CREATE_BUFS(r5, 0xc100565c, &(0x7f0000000140)={0xffffffc1, 0x8, 0x1, {0x3, @raw_data="fa810d1ba9448780fe6b8f82a4d7c50acc45682bf22f153365bd17537af483dcf3c6c957e39dbebc0ad8b8e345d90121d56c437608473e10e054c390612a8f1fde0de7ce2217714c8c7a5840b90405483a20a0dced9e3364f8828126e83490573043840c93fb0cfe7f6bbf2c773d522808a434cf9ab090d9d7785fda2752309678f8fdee66580b9cd09832a52fb094502a2ee0d32dc3c3adba44003c107e0b7c2e5768b2bd7cd40720af126d3707a47c1284845289e32d2ad298e0839b28aba32bf1bb7b23feada1"}, 0x8000000}) 02:33:09 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:09 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:09 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000240)=@userptr={0x80, 0x1, 0x4, 0xe000, 0x6, {}, {0x1, 0x8, 0x9, 0x6, 0x3f, 0x0, "32014413"}, 0x3f, 0x2, {&(0x7f0000000040)}, 0x4, 0x0, 0xffffffffffffffff}) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {r3, r4/1000+60000}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda, 0x0, r2}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_CREATE_BUFS(r5, 0xc100565c, &(0x7f0000000140)={0xffffffc1, 0x8, 0x1, {0x3, @raw_data="fa810d1ba9448780fe6b8f82a4d7c50acc45682bf22f153365bd17537af483dcf3c6c957e39dbebc0ad8b8e345d90121d56c437608473e10e054c390612a8f1fde0de7ce2217714c8c7a5840b90405483a20a0dced9e3364f8828126e83490573043840c93fb0cfe7f6bbf2c773d522808a434cf9ab090d9d7785fda2752309678f8fdee66580b9cd09832a52fb094502a2ee0d32dc3c3adba44003c107e0b7c2e5768b2bd7cd40720af126d3707a47c1284845289e32d2ad298e0839b28aba32bf1bb7b23feada1"}, 0x8000000}) 02:33:09 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:09 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:09 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async, rerun: 64) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (rerun: 64) ioctl$vim2m_VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000240)=@userptr={0x80, 0x1, 0x4, 0xe000, 0x6, {}, {0x1, 0x8, 0x9, 0x6, 0x3f, 0x0, "32014413"}, 0x3f, 0x2, {&(0x7f0000000040)}, 0x4, 0x0, 0xffffffffffffffff}) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {r3, r4/1000+60000}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda, 0x0, r2}) (async) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) (async) ioctl$vim2m_VIDIOC_CREATE_BUFS(r5, 0xc100565c, &(0x7f0000000140)={0xffffffc1, 0x8, 0x1, {0x3, @raw_data="fa810d1ba9448780fe6b8f82a4d7c50acc45682bf22f153365bd17537af483dcf3c6c957e39dbebc0ad8b8e345d90121d56c437608473e10e054c390612a8f1fde0de7ce2217714c8c7a5840b90405483a20a0dced9e3364f8828126e83490573043840c93fb0cfe7f6bbf2c773d522808a434cf9ab090d9d7785fda2752309678f8fdee66580b9cd09832a52fb094502a2ee0d32dc3c3adba44003c107e0b7c2e5768b2bd7cd40720af126d3707a47c1284845289e32d2ad298e0839b28aba32bf1bb7b23feada1"}, 0x8000000}) 02:33:09 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:09 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000240)=@userptr={0x80, 0x1, 0x4, 0xe000, 0x6, {}, {0x1, 0x8, 0x9, 0x6, 0x3f, 0x0, "32014413"}, 0x3f, 0x2, {&(0x7f0000000040)}, 0x4, 0x0, 0xffffffffffffffff}) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {r3, r4/1000+60000}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda, 0x0, r2}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_CREATE_BUFS(r5, 0xc100565c, &(0x7f0000000140)={0xffffffc1, 0x8, 0x1, {0x3, @raw_data="fa810d1ba9448780fe6b8f82a4d7c50acc45682bf22f153365bd17537af483dcf3c6c957e39dbebc0ad8b8e345d90121d56c437608473e10e054c390612a8f1fde0de7ce2217714c8c7a5840b90405483a20a0dced9e3364f8828126e83490573043840c93fb0cfe7f6bbf2c773d522808a434cf9ab090d9d7785fda2752309678f8fdee66580b9cd09832a52fb094502a2ee0d32dc3c3adba44003c107e0b7c2e5768b2bd7cd40720af126d3707a47c1284845289e32d2ad298e0839b28aba32bf1bb7b23feada1"}, 0x8000000}) 02:33:09 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:09 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000240)=@userptr={0x80, 0x1, 0x4, 0xe000, 0x6, {}, {0x1, 0x8, 0x9, 0x6, 0x3f, 0x0, "32014413"}, 0x3f, 0x2, {&(0x7f0000000040)}, 0x4, 0x0, 0xffffffffffffffff}) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {r3, r4/1000+60000}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda, 0x0, r2}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_CREATE_BUFS(r5, 0xc100565c, &(0x7f0000000140)={0xffffffc1, 0x8, 0x1, {0x3, @raw_data="fa810d1ba9448780fe6b8f82a4d7c50acc45682bf22f153365bd17537af483dcf3c6c957e39dbebc0ad8b8e345d90121d56c437608473e10e054c390612a8f1fde0de7ce2217714c8c7a5840b90405483a20a0dced9e3364f8828126e83490573043840c93fb0cfe7f6bbf2c773d522808a434cf9ab090d9d7785fda2752309678f8fdee66580b9cd09832a52fb094502a2ee0d32dc3c3adba44003c107e0b7c2e5768b2bd7cd40720af126d3707a47c1284845289e32d2ad298e0839b28aba32bf1bb7b23feada1"}, 0x8000000}) 02:33:09 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:09 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:09 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000240)=@userptr={0x80, 0x1, 0x4, 0xe000, 0x6, {}, {0x1, 0x8, 0x9, 0x6, 0x3f, 0x0, "32014413"}, 0x3f, 0x2, {&(0x7f0000000040)}, 0x4, 0x0, 0xffffffffffffffff}) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {r3, r4/1000+60000}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda, 0x0, r2}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) 02:33:09 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:10 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000240)=@userptr={0x80, 0x1, 0x4, 0xe000, 0x6, {}, {0x1, 0x8, 0x9, 0x6, 0x3f, 0x0, "32014413"}, 0x3f, 0x2, {&(0x7f0000000040)}, 0x4, 0x0, 0xffffffffffffffff}) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {r3, r4/1000+60000}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda, 0x0, r2}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:10 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:10 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:10 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:10 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:10 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000240)=@userptr={0x80, 0x1, 0x4, 0xe000, 0x6, {}, {0x1, 0x8, 0x9, 0x6, 0x3f, 0x0, "32014413"}, 0x3f, 0x2, {&(0x7f0000000040)}, 0x4, 0x0, 0xffffffffffffffff}) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {r3, r4/1000+60000}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda, 0x0, r2}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:10 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:10 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:10 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000240)=@userptr={0x80, 0x1, 0x4, 0xe000, 0x6, {}, {0x1, 0x8, 0x9, 0x6, 0x3f, 0x0, "32014413"}, 0x3f, 0x2, {&(0x7f0000000040)}, 0x4, 0x0, 0xffffffffffffffff}) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {r3, r4/1000+60000}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda, 0x0, r2}) 02:33:10 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:10 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:10 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000240)=@userptr={0x80, 0x1, 0x4, 0xe000, 0x6, {}, {0x1, 0x8, 0x9, 0x6, 0x3f, 0x0, "32014413"}, 0x3f, 0x2, {&(0x7f0000000040)}, 0x4, 0x0, 0xffffffffffffffff}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda, 0x0, r2}) 02:33:10 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:10 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) [ 620.244157] Bluetooth: hci2: command 0x040f tx timeout 02:33:10 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:10 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:10 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:10 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:10 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:10 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:10 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:10 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:10 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:10 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:10 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:10 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:10 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:10 executing program 1: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:10 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:10 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:10 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:10 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:10 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:10 executing program 1: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:11 executing program 1: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:11 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:11 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:11 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:11 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:11 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:11 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:11 executing program 5: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:11 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:11 executing program 5: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:11 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:11 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:11 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:11 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:11 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:11 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:11 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:11 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:11 executing program 5: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:11 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:11 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:11 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f00000002c0)=@mmap={0x6, 0x1, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:11 executing program 2: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:11 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:11 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:11 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:11 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, 0x0) 02:33:11 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:11 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:11 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:11 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:11 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:11 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, 0x0) 02:33:11 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:11 executing program 2: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:11 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:11 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:11 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, 0x0) 02:33:11 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:11 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x0, 0x1, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:11 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:11 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:11 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:12 executing program 0: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x0, 0x0, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:12 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:12 executing program 2: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:12 executing program 0: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:12 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x0, 0x0, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:12 executing program 0: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x0, 0x0, 0x4, 0xe000, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:12 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:12 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 0: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x0, 0x1, 0x4, 0x0, 0x5, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:12 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:12 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) 02:33:12 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:12 executing program 0: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x3, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:12 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) [ 622.327798] Bluetooth: hci2: command 0x0419 tx timeout 02:33:12 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0xc, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:12 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:12 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x32, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:12 executing program 0: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:12 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:12 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:12 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x81, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:12 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:12 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:12 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:12 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:12 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:12 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:12 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "c05fc1d3"}, 0x4, 0x1, {}, 0xeeda}) 02:33:12 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:12 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, 0x0) 02:33:12 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "c05fc1d3"}, 0x0, 0x1, {}, 0xeeda}) 02:33:12 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:12 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:12 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, 0x0) 02:33:12 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@mmap={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "c05fc1d3"}}) 02:33:13 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:13 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:13 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, 0x0) 02:33:13 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:13 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x0, 0xfff, 0x18, 0x80880}) 02:33:13 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x0, 0xfff, 0x18, 0x80880}) 02:33:13 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x0, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:13 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:13 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x0, 0xfff, 0x18, 0x80880}) 02:33:13 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x0, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:13 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x0, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0x0, 0x18, 0x80880}) 02:33:13 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x0, 0xfff, 0x18, 0x80880}) 02:33:13 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x0, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:13 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x0, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x80880}) 02:33:13 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:13 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x0, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x0, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:13 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x80880}) 02:33:13 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:14 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x0, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x0, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x0, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x80880}) 02:33:14 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x0, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0x0, 0x18}) 02:33:14 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x0, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:14 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x0, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0x0, 0x18}) 02:33:14 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x0, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x0, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x0, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 1: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:14 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 1: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x0, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:14 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:14 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x0, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 1: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:14 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:14 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:14 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) 02:33:15 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 4: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) 02:33:15 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 1: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 4: syz_open_dev$vim2m(0x0, 0x0, 0x2) 02:33:15 executing program 1: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:15 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 4: syz_open_dev$vim2m(0x0, 0x0, 0x2) 02:33:15 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 1: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) [ 625.286156] ieee802154 phy0 wpan0: encryption failed: -22 [ 625.291810] ieee802154 phy1 wpan1: encryption failed: -22 02:33:15 executing program 4: syz_open_dev$vim2m(0x0, 0x0, 0x2) 02:33:15 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:15 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:15 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:15 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:16 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 5: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 5: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 5: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:16 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:16 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:16 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:16 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:16 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:16 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:16 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:16 executing program 3: openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 3: openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:16 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:16 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:17 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 3: openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x0, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x0, 0x1, 0x0, 0x7f}) 02:33:17 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x0, 0x1, 0x0, 0x7f}) 02:33:17 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:17 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x0, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x0, 0x1, 0x0, 0x7f}) 02:33:17 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 0: openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x0, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 4: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x0, 0x7f}) 02:33:17 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x0, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:17 executing program 4: openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:17 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x0, 0x7f}) 02:33:17 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x0, 0x7f}) 02:33:17 executing program 4: openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x0, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:17 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 4: openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x0, 0x7f}) 02:33:18 executing program 1: openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x0, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:18 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1}) 02:33:18 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x0, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1}) 02:33:18 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:18 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x0, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x0, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1}) 02:33:18 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x0, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x0, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:18 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x0, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x0, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:18 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:18 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x0, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x0, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:19 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x0, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x0, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 0: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x0, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:19 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x0, {0x3}, 0x7fffffff}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:19 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:19 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x0, {0x3}, 0x7fffffff}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:19 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:19 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x0, {0x3}, 0x7fffffff}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 1: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x0, {}, 0x7fffffff}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:19 executing program 1: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:20 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 1: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:20 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:20 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:20 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:20 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 5: ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 5: ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 5: ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:20 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0x0, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:20 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0x0, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 1: syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 1: syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0x0, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 1: syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:21 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x0, {}, 0x7fffffff}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 5: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:21 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x0, {}, 0x7fffffff}, {0x7f, 0x1}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 5: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:21 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 5: syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:21 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:21 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:21 executing program 3: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:21 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:22 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:22 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:22 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:22 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:22 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:22 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:22 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:22 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:22 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:22 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:22 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:22 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:22 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:22 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:22 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:22 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:22 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:22 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:22 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:22 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:22 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:22 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:22 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:22 executing program 0: ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:22 executing program 3: ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:22 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:22 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:23 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:23 executing program 3: ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:23 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:23 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:23 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:23 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:23 executing program 3: ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:23 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:23 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:23 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:23 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:23 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:23 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:23 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:23 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:23 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:23 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:23 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:23 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x0, 0x0, "883b5516"}, 0x0, 0x3, {&(0x7f00000001c0)=[{0x1000}, {0x7f, 0x1}]}}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:23 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:23 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) 02:33:23 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:23 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:23 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:23 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:23 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:23 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:23 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, 0x0) 02:33:23 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:23 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:23 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:23 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:23 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, 0x0) 02:33:23 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) socket$can_raw(0x1d, 0x3, 0x1) 02:33:23 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) 02:33:23 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, 0x0) 02:33:23 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) socket$can_raw(0x1d, 0x3, 0x1) 02:33:23 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x0, 0x0, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:23 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:23 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) socket$can_raw(0x1d, 0x3, 0x1) 02:33:23 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) socket$can_raw(0x1d, 0x3, 0x1) 02:33:24 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:24 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x0, 0x0, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:24 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:24 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) socket$can_raw(0x1d, 0x3, 0x1) 02:33:24 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) socket$can_raw(0x1d, 0x3, 0x1) 02:33:24 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) socket$can_raw(0x1d, 0x3, 0x1) 02:33:24 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) socket$can_raw(0x1d, 0x3, 0x1) 02:33:24 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x0, 0x7f}) 02:33:24 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x0, 0x0, 0x6, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:24 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) 02:33:24 executing program 1: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) socket$can_raw(0x1d, 0x3, 0x1) 02:33:24 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) socket$can_raw(0x1d, 0x3, 0x1) 02:33:24 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) 02:33:24 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x0, 0x2, 0x0, "81364d6e34a8b2a195ee9c4bf365414ce8a4fe4c9a79c102748a7cef6551329d"}) 02:33:24 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:24 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) 02:33:24 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) socket$can_raw(0x1d, 0x3, 0x1) socket$can_raw(0x1d, 0x3, 0x1) 02:33:24 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) 02:33:24 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:24 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:24 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) 02:33:24 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) socket$can_raw(0x1d, 0x3, 0x1) 02:33:24 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) socket$can_raw(0x1d, 0x3, 0x1) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:24 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:24 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:24 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x0, 0x1, 0x0, 0x7f}) 02:33:24 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) 02:33:24 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) socket$can_raw(0x1d, 0x3, 0x1) 02:33:24 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) socket$can_raw(0x1d, 0x3, 0x1) 02:33:24 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:24 executing program 5: socket$can_raw(0x1d, 0x3, 0x1) 02:33:24 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:24 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) socket$can_raw(0x1d, 0x3, 0x1) 02:33:24 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) 02:33:24 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) 02:33:24 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:24 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x1, 0x0, 0x5}) 02:33:24 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000000)=0x2) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)=[&(0x7f0000000080)='!.\x00', &(0x7f0000000140)='}^}*]-)\'\x00'], &(0x7f0000000400)=[&(0x7f00000001c0)='/dev/vim2m\x00', &(0x7f0000000200)='+\x00', &(0x7f0000000240)='{:-\x00', &(0x7f0000000280)='/dev/vim2m\x00', &(0x7f00000002c0)=']/\x00', &(0x7f0000000300)='\'\x00', &(0x7f0000000340)=',:\\\x00', &(0x7f0000000380)='/dev/vim2m\x00', &(0x7f00000003c0)='{}\x00'], 0x1000) 02:33:24 executing program 1: socket$can_raw(0x1d, 0x3, 0x1) socket$can_raw(0x1d, 0x3, 0x1) 02:33:24 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) 02:33:24 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) pipe2$watch_queue(&(0x7f0000000140), 0x80) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:33:24 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x0, 0x0, 0x7f}) 02:33:24 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000100)={0x1, 0x1, 0x4, 0x0, 0xc1}) clock_gettime(0x0, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000080)) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r6, 0x0, 0x0) r7 = syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) sendmsg$GTP_CMD_NEWPDP(r6, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x58, r7, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@GTPA_TID={0xc, 0x3, 0x4}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_LINK={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010100}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}]}, 0x58}, 0x1, 0x0, 0x0, 0xe7092783d077c62b}, 0xc0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r5, 0xc058565d, &(0x7f00000001c0)=@overlay={0x9, 0x2, 0x4, 0x4, 0x9, {0x0, 0x2710}, {0x4, 0x2, 0x2, 0x0, 0x40, 0x40, "34513ff2"}, 0x829, 0x3, {}, 0x5, 0x0, r4}) 02:33:24 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000000)=0x2) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)=[&(0x7f0000000080)='!.\x00', &(0x7f0000000140)='}^}*]-)\'\x00'], &(0x7f0000000400)=[&(0x7f00000001c0)='/dev/vim2m\x00', &(0x7f0000000200)='+\x00', &(0x7f0000000240)='{:-\x00', &(0x7f0000000280)='/dev/vim2m\x00', &(0x7f00000002c0)=']/\x00', &(0x7f0000000300)='\'\x00', &(0x7f0000000340)=',:\\\x00', &(0x7f0000000380)='/dev/vim2m\x00', &(0x7f00000003c0)='{}\x00'], 0x1000) 02:33:24 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:24 executing program 1: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000003c0)=@fd={0x1, 0x3, 0x4, 0x14020, 0x5, {0x0, 0x2710}, {0x1, 0x8, 0xec, 0x80, 0x40, 0x2, "7bf3a4d2"}, 0x2, 0x4, {}, 0x6, 0x0, r1}) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000080)=0x3) 02:33:24 executing program 0: socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) 02:33:24 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000100)={0x1, 0x1, 0x4, 0x0, 0xc1}) clock_gettime(0x0, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000080)) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r6, 0x0, 0x0) r7 = syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) sendmsg$GTP_CMD_NEWPDP(r6, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x58, r7, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@GTPA_TID={0xc, 0x3, 0x4}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_LINK={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010100}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}]}, 0x58}, 0x1, 0x0, 0x0, 0xe7092783d077c62b}, 0xc0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r5, 0xc058565d, &(0x7f00000001c0)=@overlay={0x9, 0x2, 0x4, 0x4, 0x9, {0x0, 0x2710}, {0x4, 0x2, 0x2, 0x0, 0x40, 0x40, "34513ff2"}, 0x829, 0x3, {}, 0x5, 0x0, r4}) 02:33:24 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000003c0)=@fd={0x1, 0x3, 0x4, 0x14020, 0x5, {0x0, 0x2710}, {0x1, 0x8, 0xec, 0x80, 0x40, 0x2, "7bf3a4d2"}, 0x2, 0x4, {}, 0x6, 0x0, r2}) ioctl$vim2m_VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000080)=0x3) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:33:24 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000000)=0x2) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)=[&(0x7f0000000080)='!.\x00', &(0x7f0000000140)='}^}*]-)\'\x00'], &(0x7f0000000400)=[&(0x7f00000001c0)='/dev/vim2m\x00', &(0x7f0000000200)='+\x00', &(0x7f0000000240)='{:-\x00', &(0x7f0000000280)='/dev/vim2m\x00', &(0x7f00000002c0)=']/\x00', &(0x7f0000000300)='\'\x00', &(0x7f0000000340)=',:\\\x00', &(0x7f0000000380)='/dev/vim2m\x00', &(0x7f00000003c0)='{}\x00'], 0x1000) 02:33:24 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:24 executing program 0: socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) 02:33:25 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) pipe2$watch_queue(&(0x7f0000000140), 0x80) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) 02:33:25 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000100)={0x1, 0x1, 0x4, 0x0, 0xc1}) clock_gettime(0x0, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000080)) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r6, 0x0, 0x0) r7 = syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) sendmsg$GTP_CMD_NEWPDP(r6, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x58, r7, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@GTPA_TID={0xc, 0x3, 0x4}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_LINK={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010100}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}]}, 0x58}, 0x1, 0x0, 0x0, 0xe7092783d077c62b}, 0xc0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r5, 0xc058565d, &(0x7f00000001c0)=@overlay={0x9, 0x2, 0x4, 0x4, 0x9, {0x0, 0x2710}, {0x4, 0x2, 0x2, 0x0, 0x40, 0x40, "34513ff2"}, 0x829, 0x3, {}, 0x5, 0x0, r4}) 02:33:25 executing program 3: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)=[&(0x7f0000000080)='!.\x00', &(0x7f0000000140)='}^}*]-)\'\x00'], &(0x7f0000000400)=[&(0x7f00000001c0)='/dev/vim2m\x00', &(0x7f0000000200)='+\x00', &(0x7f0000000240)='{:-\x00', &(0x7f0000000280)='/dev/vim2m\x00', &(0x7f00000002c0)=']/\x00', &(0x7f0000000300)='\'\x00', &(0x7f0000000340)=',:\\\x00', &(0x7f0000000380)='/dev/vim2m\x00', &(0x7f00000003c0)='{}\x00'], 0x1000) 02:33:25 executing program 0: socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) 02:33:25 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 02:33:25 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)=[&(0x7f0000000080)='!.\x00', &(0x7f0000000140)='}^}*]-)\'\x00'], &(0x7f0000000400)=[&(0x7f00000001c0)='/dev/vim2m\x00', &(0x7f0000000200)='+\x00', &(0x7f0000000240)='{:-\x00', &(0x7f0000000280)='/dev/vim2m\x00', &(0x7f00000002c0)=']/\x00', &(0x7f0000000300)='\'\x00', &(0x7f0000000340)=',:\\\x00', &(0x7f0000000380)='/dev/vim2m\x00', &(0x7f00000003c0)='{}\x00'], 0x1000) 02:33:25 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {0x0}, 0x3f}) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1}) 02:33:25 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000100)={0x1, 0x1, 0x4, 0x0, 0xc1}) clock_gettime(0x0, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000080)) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r5, 0x0, 0x0) r6 = syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) sendmsg$GTP_CMD_NEWPDP(r5, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x58, r6, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@GTPA_TID={0xc, 0x3, 0x4}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_LINK={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010100}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}]}, 0x58}, 0x1, 0x0, 0x0, 0xe7092783d077c62b}, 0xc0) [ 637.602453] Bluetooth: hci0: command 0x0406 tx timeout [ 640.066632] oom_reaper: reaped process 5033 (syz-executor.1), now anon-rss:0kB, file-rss:14336kB, shmem-rss:20kB [ 640.095620] systemd-journal invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 640.109991] systemd-journal cpuset=/ mems_allowed=0-1 [ 640.115282] CPU: 1 PID: 2083 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 [ 640.123168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 640.132557] Call Trace: [ 640.135156] dump_stack+0x1fc/0x2ef [ 640.138794] dump_header+0x15d/0xc3f [ 640.142538] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 640.147644] ? ___ratelimit+0x319/0x590 [ 640.151629] oom_kill_process.cold+0x10/0x692 [ 640.156126] ? check_preemption_disabled+0x41/0x280 [ 640.161131] ? has_intersects_mems_allowed+0x1d6/0x290 [ 640.166436] out_of_memory+0x1072/0x1390 [ 640.170510] ? oom_killer_disable+0x270/0x270 [ 640.170665] syz-executor.1: vmalloc: allocation failure, allocated 1732841472 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 640.175028] ? mutex_trylock+0x15f/0x1a0 [ 640.175050] __alloc_pages_nodemask+0x23a2/0x2890 [ 640.175070] ? find_get_entry+0x4cd/0x8a0 [ 640.175089] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 640.175122] alloc_pages_current+0x193/0x2a0 [ 640.193885] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 640.197939] filemap_fault+0x146e/0x2180 [ 640.220533] ext4_filemap_fault+0x84/0xb0 [ 640.224681] __do_fault+0x10b/0x4b0 [ 640.228318] __handle_mm_fault+0x273b/0x41c0 [ 640.232732] ? vm_insert_page+0x9c0/0x9c0 [ 640.236886] ? check_preemption_disabled+0x41/0x280 [ 640.241895] handle_mm_fault+0x436/0xb10 [ 640.245954] __do_page_fault+0x68e/0xd60 [ 640.250012] ? trace_hardirqs_off_caller+0x6e/0x210 [ 640.255027] ? spurious_fault+0x840/0x840 [ 640.259179] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 640.264111] ? page_fault+0x8/0x30 [ 640.267648] page_fault+0x1e/0x30 [ 640.271092] RIP: 0033:0x7fd82b9d22e3 [ 640.274813] Code: Bad RIP value. [ 640.278169] RSP: 002b:00007ffc44b807e8 EFLAGS: 00010246 [ 640.283526] RAX: 0000000000000001 RBX: 0000556d7c57f1e0 RCX: 00007fd82b9d22e3 [ 640.290790] RDX: 0000000000000013 RSI: 00007ffc44b807f0 RDI: 000000000000000c [ 640.298226] RBP: 00007ffc44b809e0 R08: 00007ffc44bb9000 R09: 000000a445e0d35d [ 640.305506] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc44b807f0 [ 640.312774] R13: 0000000000000001 R14: ffffffffffffffff R15: 0005f44f528d6346 [ 640.320060] CPU: 0 PID: 5033 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 640.326955] Mem-Info: [ 640.327872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 640.330298] active_anon:14060 inactive_anon:14895 isolated_anon:0 [ 640.330298] active_file:26 inactive_file:5 isolated_file:0 [ 640.330298] unevictable:0 dirty:0 writeback:0 unstable:0 [ 640.330298] slab_reclaimable:15197 slab_unreclaimable:128096 [ 640.330298] mapped:22109 shmem:15308 pagetables:560 bounce:0 [ 640.330298] free:13845 free_pcp:149 free_cma:0 [ 640.339712] Call Trace: [ 640.339735] dump_stack+0x1fc/0x2ef [ 640.339752] warn_alloc.cold+0x7b/0x18f [ 640.339789] ? zone_watermark_ok_safe+0x260/0x260 [ 640.372955] Node 0 active_anon:54820kB inactive_anon:26996kB active_file:24kB inactive_file:36kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86504kB dirty:0kB writeback:0kB shmem:28444kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 640.375487] ? rcu_nmi_exit+0xb3/0x180 [ 640.379106] Node 1 active_anon:1420kB inactive_anon:32584kB active_file:80kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1932kB dirty:0kB writeback:0kB shmem:32788kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 640.383071] __vmalloc_area_node+0x4fd/0x780 [ 640.383093] ? __vmalloc_node_range+0x180/0x180 [ 640.387907] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 640.415575] ? _raw_spin_unlock+0x29/0x40 [ 640.415589] ? __get_vm_area_node+0x2e2/0x3a0 [ 640.415608] __vmalloc_node_range+0xed/0x180 [ 640.415637] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 640.415650] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 640.415660] vmalloc_user+0x70/0xe0 [ 640.415673] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 640.415686] vb2_vmalloc_alloc+0xb3/0x2f0 [ 640.415702] __vb2_queue_alloc+0x472/0xe60 [ 640.415724] vb2_core_create_bufs+0x273/0x7e0 [ 640.415757] ? __vb2_queue_free+0x870/0x870 [ 640.415775] ? mutex_trylock+0x1a0/0x1a0 [ 640.415789] ? __video_do_ioctl+0x632/0xcd0 [ 640.415814] vb2_create_bufs+0x332/0x620 [ 640.415832] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 640.415845] ? __video_do_ioctl+0x632/0xcd0 [ 640.415858] ? mutex_trylock+0x1a0/0x1a0 [ 640.415874] ? mark_held_locks+0xf0/0xf0 [ 640.415891] ? futex_wait_queue_me+0x404/0x5e0 [ 640.415909] vb2_ioctl_create_bufs+0x20d/0x360 [ 640.415924] ? memset+0x20/0x40 [ 640.415942] v4l_create_bufs+0xb2/0x160 [ 640.415961] __video_do_ioctl+0x49a/0xcd0 [ 640.415983] ? v4l_querycap+0x340/0x340 [ 640.416002] ? __might_fault+0x192/0x1d0 [ 640.416020] ? v4l_querycap+0x340/0x340 [ 640.416036] video_usercopy+0x13f/0xfa0 [ 640.416059] ? v4l_enumstd+0x60/0x60 [ 640.416074] ? do_futex+0x171/0x1880 [ 640.416090] ? mark_held_locks+0xf0/0xf0 [ 640.416108] ? debug_check_no_obj_freed+0x201/0x490 [ 640.416132] ? video_usercopy+0xfa0/0xfa0 [ 640.416144] v4l2_ioctl+0x147/0x1a0 [ 640.416157] ? video_devdata+0xa0/0xa0 [ 640.416174] do_vfs_ioctl+0xcdb/0x12e0 [ 640.416189] ? lock_downgrade+0x720/0x720 [ 640.416205] ? check_preemption_disabled+0x41/0x280 [ 640.416219] ? ioctl_preallocate+0x200/0x200 [ 640.416238] ? __fget+0x356/0x510 [ 640.416256] ? do_dup2+0x450/0x450 [ 640.416270] ? __se_sys_futex+0x298/0x3b0 [ 640.416293] ksys_ioctl+0x9b/0xc0 [ 640.416308] __x64_sys_ioctl+0x6f/0xb0 [ 640.416322] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 640.416337] do_syscall_64+0xf9/0x620 [ 640.416356] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 640.416369] RIP: 0033:0x7f4dd02630f9 [ 640.416384] Code: Bad RIP value. [ 640.416391] RSP: 002b:00007f4dce7d5168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 640.416406] RAX: ffffffffffffffda RBX: 00007f4dd0382f80 RCX: 00007f4dd02630f9 [ 640.416414] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 640.416422] RBP: 00007f4dd02beae9 R08: 0000000000000000 R09: 0000000000000000 [ 640.416430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 640.416438] R13: 00007ffe2f8179bf R14: 00007f4dce7d5300 R15: 0000000000022000 [ 640.423324] Mem-Info: [ 640.457337] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 640.457543] active_anon:14060 inactive_anon:14895 isolated_anon:0 [ 640.457543] active_file:26 inactive_file:5 isolated_file:0 [ 640.457543] unevictable:0 dirty:0 writeback:0 unstable:0 [ 640.457543] slab_reclaimable:15197 slab_unreclaimable:128096 [ 640.457543] mapped:22109 shmem:15308 pagetables:560 bounce:0 [ 640.457543] free:13845 free_pcp:149 free_cma:0 [ 640.487249] Node 0 DMA32 free:17832kB min:35996kB low:44992kB high:53988kB active_anon:54820kB inactive_anon:26996kB active_file:24kB inactive_file:36kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7584kB pagetables:2028kB bounce:0kB free_pcp:348kB local_pcp:100kB free_cma:0kB [ 640.494513] Node 0 active_anon:54820kB inactive_anon:26996kB active_file:24kB inactive_file:36kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86504kB dirty:0kB writeback:0kB shmem:28444kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 640.496987] lowmem_reserve[]: 0 0 1 1 1 [ 640.501324] Node 1 active_anon:1420kB inactive_anon:32584kB active_file:80kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1932kB dirty:0kB writeback:0kB shmem:32788kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 640.511561] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 640.516700] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 640.516734] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 640.516754] Node 0 DMA32 free:17832kB min:35996kB low:44992kB high:53988kB active_anon:54820kB inactive_anon:26996kB active_file:24kB inactive_file:36kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7584kB pagetables:2028kB bounce:0kB free_pcp:348kB local_pcp:248kB free_cma:0kB [ 640.516793] lowmem_reserve[]: 0 0 1 1 1 [ 640.516812] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 640.516842] lowmem_reserve[]: 0 0 0 0 0 [ 640.516862] Node 1 Normal free:26680kB min:53876kB low:67344kB high:80812kB active_anon:1420kB inactive_anon:32584kB active_file:80kB inactive_file:104kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:288kB pagetables:212kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 640.516895] lowmem_reserve[]: 0 0 0 0 0 [ 640.516914] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 640.516988] Node 0 DMA32: 1028*4kB (ME) 1007*8kB (MEH) 246*16kB (MEH) 26*32kB (UMEH) 8*64kB (UH) 3*128kB (H) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17832kB [ 640.517057] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 640.517113] Node 1 Normal: 140*4kB (UME) 127*8kB (UME) 111*16kB (UME) 89*32kB (UME) 60*64kB (UME) 26*128kB (UM) 8*256kB (ME) 2*512kB (M) 2*1024kB (UM) 2*2048kB (UM) 1*4096kB (U) = 26680kB [ 640.517203] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 640.517214] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 640.517224] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 640.517235] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 640.517240] 15344 total pagecache pages [ 640.517254] 0 pages in swap cache [ 640.517262] Swap cache stats: add 0, delete 0, find 0/0 [ 640.517267] Free swap = 0kB [ 640.517272] Total swap = 0kB [ 640.517280] 2097051 pages RAM [ 640.517285] 0 pages HighMem/MovableOnly [ 640.517290] 369649 pages reserved [ 640.517295] 0 pages cma reserved [ 641.151772] lowmem_reserve[]: 0 0 0 0 0 [ 641.157509] Node 1 Normal free:26680kB min:53876kB low:67344kB high:80812kB active_anon:1420kB inactive_anon:32584kB active_file:24kB inactive_file:24kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:288kB pagetables:212kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 641.191105] lowmem_reserve[]: 0 0 0 0 0 [ 641.195166] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 641.217052] Node 0 DMA32: 1028*4kB (ME) 1018*8kB (UMEH) 246*16kB (MEH) 26*32kB (UMEH) 8*64kB (UH) 3*128kB (H) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17920kB [ 641.231884] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 641.249915] Node 1 Normal: 140*4kB (UME) 127*8kB (UME) 111*16kB (UME) 89*32kB (UME) 60*64kB (UME) 26*128kB (UM) 8*256kB (ME) 2*512kB (M) 2*1024kB (UM) 2*2048kB (UM) 1*4096kB (U) = 26680kB [ 641.271533] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 641.280554] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 641.294317] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 641.305703] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 641.316972] 15335 total pagecache pages [ 641.320985] 0 pages in swap cache [ 641.326917] Swap cache stats: add 0, delete 0, find 0/0 [ 641.336830] Free swap = 0kB [ 641.339858] Total swap = 0kB [ 641.345471] 2097051 pages RAM [ 641.348606] 0 pages HighMem/MovableOnly [ 641.355243] 369649 pages reserved [ 641.358694] 0 pages cma reserved [ 641.364678] Unreclaimable slab info: [ 641.368398] Name Used Total [ 641.376768] pid_2 92KB 204KB [ 641.384723] batadv_tl_cache 4KB 12KB [ 641.390121] TIPC 10KB 22KB [ 641.398264] SCTPv6 14KB 30KB [ 641.406139] DCCPv6 17KB 30KB [ 641.411517] DCCP 16KB 28KB [ 641.419383] RXRPC 11KB 26KB [ 641.427187] rxrpc_call_jar 78KB 118KB [ 641.435070] bridge_fdb_cache 9KB 23KB [ 641.443478] fib6_nodes 156KB 240KB [ 641.448861] ip6_dst_cache 123KB 431KB [ 641.459306] RAWv6 70KB 94KB [ 641.465040] UDPv6 26KB 37KB [ 641.470418] TCPv6 27KB 48KB [ 641.480702] nf_conntrack 7KB 11KB [ 641.486334] t10_alua_lu_gp_cache 0KB 3KB [ 641.497120] sd_ext_cdb 0KB 7KB [ 641.502633] scsi_sense_cache 1056KB 1060KB [ 641.508038] virtio_scsi_cmd 16KB 16KB [ 641.518258] sgpool-128 8KB 8KB [ 641.525406] sgpool-64 4KB 12KB [ 641.530866] sgpool-32 2KB 15KB [ 641.542850] sgpool-16 1KB 7KB [ 641.548230] sgpool-8 0KB 7KB [ 641.556963] mqueue_inode_cache 10KB 30KB [ 641.564228] bio_post_read_ctx 14KB 15KB [ 641.571486] bio-2 14KB 15KB [ 641.580476] jfs_mp 7KB 7KB [ 641.587591] cifs_small_rq 15KB 16KB [ 641.596199] cifs_request 67KB 67KB [ 641.601672] cifs_mpx_ids 0KB 7KB [ 641.610395] nfs_commit_data 3KB 14KB [ 641.618969] nfs_write_data 34KB 44KB [ 641.626055] ext4_system_zone 1KB 7KB [ 641.631642] bio-1 1KB 7KB [ 641.640313] pid_namespace 2KB 11KB [ 641.649617] rpc_buffers 17KB 25KB [ 641.658226] rpc_tasks 2KB 7KB [ 641.665226] UNIX 76KB 135KB [ 641.670602] tcp_bind_bucket 1KB 4KB [ 641.679549] ip_fib_trie 23KB 39KB [ 641.687253] ip_fib_alias 112KB 173KB [ 641.696372] ip_dst_cache 4KB 20KB [ 641.701845] RAW 42KB 52KB [ 641.708859] UDP 25KB 54KB [ 641.717447] TCP 14KB 28KB [ 641.724474] hugetlbfs_inode_cache 3KB 15KB [ 641.730283] fscache_cookie_jar 1KB 11KB [ 641.739353] eventpoll_pwq 13KB 43KB [ 641.748979] eventpoll_epi 25KB 63KB [ 641.757638] inotify_inode_mark 44KB 59KB [ 641.765022] request_queue 199KB 199KB [ 641.770421] blkdev_requests 1KB 3KB [ 641.779322] blkdev_ioc 12KB 27KB [ 641.787016] bio-0 159KB 225KB [ 641.796058] biovec-max 1320KB 1410KB [ 641.801576] biovec-64 139KB 181KB [ 641.809042] biovec-16 30KB 33KB [ 641.817794] bio_integrity_payload 1KB 8KB [ 641.825374] khugepaged_mm_slot 20KB 34KB [ 641.830875] uid_cache 0KB 4KB [ 641.839630] dmaengine-unmap-2 0KB 3KB [ 641.850293] skbuff_fclone_cache 211KB 232KB [ 641.859410] skbuff_head_cache 1677KB 3907KB [ 641.867757] configfs_dir_cache 3KB 7KB [ 641.876960] file_lock_cache 195KB 209KB [ 641.885341] file_lock_ctx 9KB 11KB [ 641.896063] fsnotify_mark_connector 23KB 31KB [ 641.904248] net_namespace 52KB 52KB [ 641.909767] shmem_inode_cache 8488KB 8536KB [ 641.918674] task_delay_info 222KB 387KB [ 641.927487] taskstats 127KB 141KB [ 641.936264] proc_dir_entry 700KB 832KB [ 641.941661] pde_opener 11KB 34KB [ 641.948830] seq_file 267KB 511KB [ 641.959979] sigqueue 27KB 59KB [ 641.967373] kernfs_node_cache 18234KB 18250KB [ 641.976083] mnt_cache 173KB 204KB [ 641.981468] filp 4947KB 7702KB [ 641.988819] names_cache 162056KB 162116KB [ 641.997754] iint_cache 20KB 59KB [ 642.005260] key_jar 22KB 135KB [ 642.010750] uts_namespace 2KB 7KB [ 642.019593] nsproxy 1KB 7KB [ 642.026978] vm_area_struct 2939KB 4006KB [ 642.035627] mm_struct 611KB 760KB [ 642.041037] fs_cache 164KB 380KB [ 642.048169] files_cache 588KB 971KB [ 642.059152] signal_cache 1108KB 1840KB [ 642.066309] sighand_cache 592KB 645KB [ 642.071800] task_struct 6489KB 6577KB [ 642.080602] cred_jar 1082KB 2236KB [ 642.090334] anon_vma_chain 987KB 1492KB [ 642.099335] anon_vma 177KB 292KB [ 642.106533] pid 67KB 232KB [ 642.111914] Acpi-Operand 156KB 198KB [ 642.117474] Acpi-ParseExt 9KB 11KB [ 642.127676] Acpi-Parse 41KB 47KB [ 642.133339] Acpi-State 52KB 63KB [ 642.139002] Acpi-Namespace 20KB 27KB [ 642.149413] numa_policy 0KB 3KB [ 642.157847] debug_objects_cache 1288KB 1828KB [ 642.169271] trace_event_file 297KB 298KB [ 642.175244] ftrace_event_field 398KB 401KB [ 642.180724] pool_workqueue 121KB 152KB [ 642.191077] page->ptl 671KB 1008KB [ 642.196855] kmalloc-2097152 2050KB 2050KB [ 642.207370] kmalloc-524288 2056KB 2056KB [ 642.213113] kmalloc-262144 1290KB 1290KB [ 642.218500] kmalloc-131072 650KB 650KB [ 642.229173] kmalloc-65536 1848KB 2178KB [ 642.235035] kmalloc-32768 1650KB 1716KB [ 642.241016] kmalloc-16384 940KB 1023KB [ 642.254377] kmalloc-8192 3968KB 4034KB [ 642.264010] kmalloc-4096 20026KB 20085KB [ 642.269575] kmalloc-2048 12552KB 14815KB [ 642.278360] kmalloc-1024 7677KB 11694KB [ 642.285529] kmalloc-512 7019KB 11816KB [ 642.290913] kmalloc-256 4153KB 5715KB [ 642.299652] kmalloc-128 993KB 1401KB [ 642.306954] kmalloc-96 2994KB 4076KB [ 642.315836] kmalloc-64 2981KB 3904KB [ 642.321390] kmalloc-32 1737KB 2543KB [ 642.330814] kmalloc-192 1537KB 2572KB [ 642.339482] kmem_cache 177KB 183KB [ 642.346812] Out of memory (oom_kill_allocating_task): Kill process 2083 (systemd-journal) score 0 or sacrifice child [ 642.364644] Killed process 2083 (systemd-journal) total-vm:46096kB, anon-rss:480kB, file-rss:4kB, shmem-rss:1804kB [ 642.379004] oom_reaper: reaped process 2083 (systemd-journal), now anon-rss:0kB, file-rss:0kB, shmem-rss:1804kB [ 642.536321] systemd[1]: systemd-journald.service: Failed with result 'signal'. [ 642.547718] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 642.594781] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 642.607305] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 642.615530] systemd[1]: Stopped Journal Service. [ 642.640742] systemd[1]: Starting Journal Service... [ 643.004946] systemd-journald[5070]: File /run/log/journal/04d8c135ee6b410280ba31a58c89679d/system.journal corrupted or uncleanly shut down, renaming and replacing. [ 643.479298] systemd[1]: Started Journal Service. 02:33:35 executing program 3: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)=[&(0x7f0000000080)='!.\x00', &(0x7f0000000140)='}^}*]-)\'\x00'], &(0x7f0000000400)=[&(0x7f00000001c0)='/dev/vim2m\x00', &(0x7f0000000200)='+\x00', &(0x7f0000000240)='{:-\x00', &(0x7f0000000280)='/dev/vim2m\x00', &(0x7f00000002c0)=']/\x00', &(0x7f0000000300)='\'\x00', &(0x7f0000000340)=',:\\\x00', &(0x7f0000000380)='/dev/vim2m\x00', &(0x7f00000003c0)='{}\x00'], 0x1000) 02:33:35 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 02:33:35 executing program 4: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 02:33:35 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000003c0)=@fd={0x1, 0x3, 0x4, 0x14020, 0x5, {0x0, 0x2710}, {0x1, 0x8, 0xec, 0x80, 0x40, 0x2, "7bf3a4d2"}, 0x2, 0x4, {}, 0x6, 0x0, r2}) ioctl$vim2m_VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000080)=0x3) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:33:35 executing program 5: socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x4, 0x1}}], 0x50) 02:33:35 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000100)={0x1, 0x1, 0x4, 0x0, 0xc1}) clock_gettime(0x0, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000080)) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r5, 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) 02:33:35 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 02:33:35 executing program 3: execveat(0xffffffffffffff9c, 0x0, &(0x7f0000000180)=[&(0x7f0000000080)='!.\x00', &(0x7f0000000140)='}^}*]-)\'\x00'], &(0x7f0000000400)=[&(0x7f00000001c0)='/dev/vim2m\x00', &(0x7f0000000200)='+\x00', &(0x7f0000000240)='{:-\x00', &(0x7f0000000280)='/dev/vim2m\x00', &(0x7f00000002c0)=']/\x00', &(0x7f0000000300)='\'\x00', &(0x7f0000000340)=',:\\\x00', &(0x7f0000000380)='/dev/vim2m\x00', &(0x7f00000003c0)='{}\x00'], 0x1000) 02:33:35 executing program 4: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 02:33:35 executing program 5: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 02:33:35 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000100)={0x1, 0x1, 0x4, 0x0, 0xc1}) clock_gettime(0x0, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000080)) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) 02:33:35 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}, {{0x3, 0x1}, {0x3, 0x1, 0x1}}], 0x48) 02:33:35 executing program 3: execveat(0xffffffffffffff9c, 0x0, &(0x7f0000000180)=[&(0x7f0000000080)='!.\x00', &(0x7f0000000140)='}^}*]-)\'\x00'], &(0x7f0000000400)=[&(0x7f00000001c0)='/dev/vim2m\x00', &(0x7f0000000200)='+\x00', &(0x7f0000000240)='{:-\x00', &(0x7f0000000280)='/dev/vim2m\x00', &(0x7f00000002c0)=']/\x00', &(0x7f0000000300)='\'\x00', &(0x7f0000000340)=',:\\\x00', &(0x7f0000000380)='/dev/vim2m\x00', &(0x7f00000003c0)='{}\x00'], 0x1000) [ 650.556752] oom_reaper: reaped process 5085 (syz-executor.1), now anon-rss:0kB, file-rss:14336kB, shmem-rss:20kB [ 650.599189] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 650.615797] in:imklog cpuset=/ mems_allowed=0-1 [ 650.620510] CPU: 0 PID: 7800 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 650.627948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 650.637491] Call Trace: [ 650.640082] dump_stack+0x1fc/0x2ef [ 650.643698] dump_header+0x15d/0xc3f [ 650.647426] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 650.651263] syz-executor.1: vmalloc: allocation failure, allocated 1727991808 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 650.652515] ? ___ratelimit+0x319/0x590 [ 650.666337] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 650.670249] oom_kill_process.cold+0x10/0x692 [ 650.679800] ? check_preemption_disabled+0x41/0x280 [ 650.684807] ? has_intersects_mems_allowed+0x1d6/0x290 [ 650.690073] out_of_memory+0x1072/0x1390 [ 650.694125] ? oom_killer_disable+0x270/0x270 [ 650.698607] ? mutex_trylock+0x15f/0x1a0 [ 650.702670] __alloc_pages_nodemask+0x23a2/0x2890 [ 650.707500] ? find_get_entry+0x4cd/0x8a0 [ 650.711640] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 650.716493] alloc_pages_current+0x193/0x2a0 [ 650.720885] filemap_fault+0x146e/0x2180 [ 650.724942] ext4_filemap_fault+0x84/0xb0 [ 650.729091] __do_fault+0x10b/0x4b0 [ 650.732715] __handle_mm_fault+0x273b/0x41c0 [ 650.737114] ? vm_insert_page+0x9c0/0x9c0 [ 650.741269] ? lock_downgrade+0x720/0x720 [ 650.745413] ? check_preemption_disabled+0x41/0x280 [ 650.750425] handle_mm_fault+0x436/0xb10 [ 650.754483] __do_page_fault+0x68e/0xd60 [ 650.758665] ? trace_hardirqs_off_caller+0x6e/0x210 [ 650.763684] ? spurious_fault+0x840/0x840 [ 650.767832] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 650.772672] ? page_fault+0x8/0x30 [ 650.776201] page_fault+0x1e/0x30 [ 650.779643] RIP: 0033:0x7f40d24a322d [ 650.783344] Code: Bad RIP value. [ 650.786701] RSP: 002b:00007f40cfe3f580 EFLAGS: 00010293 [ 650.792052] RAX: 0000000000000077 RBX: 0000000000000000 RCX: 00007f40d24a322d [ 650.799318] RDX: 0000000000001fa0 RSI: 00007f40cfe3fda0 RDI: 0000000000000004 [ 650.806577] RBP: 0000557a841899d0 R08: 00007f40d161c940 R09: 0000000004000001 [ 650.813833] R10: 0000000000000001 R11: 0000000000000293 R12: 00007f40cfe3fda0 [ 650.821091] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f40cfe3fdd8 [ 650.828371] CPU: 1 PID: 5085 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 650.836189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 650.842681] Mem-Info: [ 650.845544] Call Trace: [ 650.848032] active_anon:14055 inactive_anon:16927 isolated_anon:0 [ 650.848032] active_file:16 inactive_file:12 isolated_file:0 [ 650.848032] unevictable:0 dirty:0 writeback:0 unstable:0 [ 650.848032] slab_reclaimable:15167 slab_unreclaimable:126415 [ 650.848032] mapped:21970 shmem:17356 pagetables:557 bounce:0 [ 650.848032] free:13878 free_pcp:974 free_cma:0 [ 650.850613] dump_stack+0x1fc/0x2ef [ 650.886137] Node 0 active_anon:55228kB inactive_anon:35188kB active_file:40kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:87880kB dirty:0kB writeback:0kB shmem:36636kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 8192kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 650.887450] warn_alloc.cold+0x7b/0x18f [ 650.914991] Node 1 active_anon:992kB inactive_anon:32520kB active_file:24kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:32788kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 650.918895] ? zone_watermark_ok_safe+0x260/0x260 [ 650.945580] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 650.950361] ? retint_kernel+0x2d/0x2d [ 650.978904] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 650.980438] ? policy_node+0xe1/0x140 [ 650.985452] Node 0 DMA32 free:18092kB min:35996kB low:44992kB high:53988kB active_anon:55228kB inactive_anon:35188kB active_file:40kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7616kB pagetables:2112kB bounce:0kB free_pcp:2404kB local_pcp:1384kB free_cma:0kB [ 650.989219] __vmalloc_area_node+0x4fd/0x780 [ 651.018267] lowmem_reserve[]: 0 0 1 1 1 [ 651.022646] ? __vmalloc_node_range+0x180/0x180 [ 651.022665] ? _raw_spin_unlock+0x29/0x40 [ 651.026620] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 651.031294] ? __get_vm_area_node+0x2e2/0x3a0 [ 651.031313] __vmalloc_node_range+0xed/0x180 [ 651.031331] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 651.035455] lowmem_reserve[]: 0 0 0 0 0 [ 651.061325] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 651.061339] vmalloc_user+0x70/0xe0 [ 651.061353] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 651.061372] vb2_vmalloc_alloc+0xb3/0x2f0 [ 651.068243] Node 1 Normal free:26540kB min:53876kB low:67344kB high:80812kB active_anon:992kB inactive_anon:32520kB active_file:24kB inactive_file:8kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:256kB pagetables:116kB bounce:0kB free_pcp:1492kB local_pcp:12kB free_cma:0kB [ 651.070256] __vb2_queue_alloc+0x472/0xe60 [ 651.074587] lowmem_reserve[]: 0 0 0 0 0 [ 651.078529] vb2_core_create_bufs+0x273/0x7e0 [ 651.083872] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 651.087467] ? __vb2_queue_free+0x870/0x870 [ 651.091788] Node 0 DMA32: 1241*4kB (UME) 867*8kB (UMEH) 178*16kB (MEH) 28*32kB (UMEH) 17*64kB (MEH) 7*128kB (MH) 2*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18140kB [ 651.095921] ? mutex_trylock+0x1a0/0x1a0 [ 651.124629] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 651.128845] ? __video_do_ioctl+0x632/0xcd0 [ 651.132805] Node 1 Normal: 161*4kB (ME) 135*8kB (ME) 75*16kB (ME) 64*32kB (UME) 61*64kB (UME) 28*128kB (M) 9*256kB (UME) 3*512kB (UM) 2*1024kB (UM) 2*2048kB (UM) 1*4096kB (U) = 26540kB [ 651.137276] vb2_create_bufs+0x332/0x620 [ 651.150445] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 651.154732] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 651.154751] ? __video_do_ioctl+0x632/0xcd0 [ 651.172477] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 651.174124] ? mutex_trylock+0x1a0/0x1a0 [ 651.185141] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 651.189414] ? mark_held_locks+0xf0/0xf0 [ 651.205974] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 651.210000] vb2_ioctl_create_bufs+0x20d/0x360 [ 651.218822] 17384 total pagecache pages [ 651.223897] ? memset+0x20/0x40 [ 651.223916] v4l_create_bufs+0xb2/0x160 [ 651.228209] 0 pages in swap cache [ 651.236828] __video_do_ioctl+0x49a/0xcd0 [ 651.236849] ? v4l_querycap+0x340/0x340 [ 651.240880] Swap cache stats: add 0, delete 0, find 0/0 [ 651.249717] ? __might_fault+0x192/0x1d0 [ 651.249738] ? v4l_querycap+0x340/0x340 [ 651.253786] Free swap = 0kB [ 651.262355] video_usercopy+0x13f/0xfa0 [ 651.262380] ? v4l_enumstd+0x60/0x60 [ 651.269174] Total swap = 0kB [ 651.270907] ? do_futex+0x171/0x1880 [ 651.274191] 2097051 pages RAM [ 651.278133] ? mark_held_locks+0xf0/0xf0 [ 651.281578] 0 pages HighMem/MovableOnly [ 651.285731] ? debug_check_no_obj_freed+0x201/0x490 [ 651.289672] 369649 pages reserved [ 651.295028] ? video_usercopy+0xfa0/0xfa0 [ 651.295038] v4l2_ioctl+0x147/0x1a0 [ 651.295053] ? video_devdata+0xa0/0xa0 [ 651.299097] 0 pages cma reserved [ 651.303055] do_vfs_ioctl+0xcdb/0x12e0 [ 651.303068] ? lock_downgrade+0x720/0x720 [ 651.303085] ? check_preemption_disabled+0x41/0x280 [ 651.306072] Unreclaimable slab info: [ 651.310043] ? ioctl_preallocate+0x200/0x200 [ 651.313837] Name Used Total [ 651.316831] ? __fget+0x356/0x510 [ 651.320532] pid_2 88KB 204KB [ 651.323630] ? do_dup2+0x450/0x450 [ 651.323644] ? __se_sys_futex+0x298/0x3b0 [ 651.323666] ksys_ioctl+0x9b/0xc0 [ 651.327779] batadv_tl_cache 4KB 12KB [ 651.331682] __x64_sys_ioctl+0x6f/0xb0 [ 651.331696] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 651.331713] do_syscall_64+0xf9/0x620 [ 651.336718] TIPC 10KB 22KB [ 651.340149] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 651.344300] SCTPv6 14KB 30KB [ 651.347884] RIP: 0033:0x7f4dd02630f9 [ 651.351784] DCCPv6 17KB 30KB [ 651.355106] Code: Bad RIP value. [ 651.358973] DCCP 16KB 28KB [ 651.363106] RSP: 002b:00007f4dce7d5168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 651.363119] RAX: ffffffffffffffda RBX: 00007f4dd0382f80 RCX: 00007f4dd02630f9 [ 651.363127] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 651.363138] RBP: 00007f4dd02beae9 R08: 0000000000000000 R09: 0000000000000000 [ 651.368162] RXRPC 11KB 26KB [ 651.371826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 651.371834] R13: 00007ffe2f8179bf R14: 00007f4dce7d5300 R15: 0000000000022000 [ 651.386252] Mem-Info: [ 651.403495] rxrpc_call_jar 78KB 118KB [ 651.417008] active_anon:14055 inactive_anon:16927 isolated_anon:0 [ 651.417008] active_file:16 inactive_file:12 isolated_file:0 [ 651.417008] unevictable:0 dirty:0 writeback:0 unstable:0 [ 651.417008] slab_reclaimable:15167 slab_unreclaimable:126415 [ 651.417008] mapped:21970 shmem:17356 pagetables:557 bounce:0 [ 651.417008] free:13878 free_pcp:974 free_cma:0 [ 651.421573] bridge_fdb_cache 9KB 23KB [ 651.423895] Node 0 active_anon:55228kB inactive_anon:35188kB active_file:40kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:87880kB dirty:0kB writeback:0kB shmem:36636kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 8192kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 651.429185] fib6_nodes 156KB 240KB [ 651.446749] Node 1 active_anon:992kB inactive_anon:32520kB active_file:24kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:32788kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 651.451153] ip6_dst_cache 140KB 431KB [ 651.454510] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 651.457583] RAWv6 70KB 94KB [ 651.476713] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 651.485591] UDPv6 26KB 37KB [ 651.490751] Node 0 DMA32 free:18092kB min:35996kB low:44992kB high:53988kB active_anon:55228kB inactive_anon:35188kB active_file:40kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7616kB pagetables:2112kB bounce:0kB free_pcp:2404kB local_pcp:1020kB free_cma:0kB [ 651.494154] TCPv6 27KB 48KB [ 651.494173] nf_conntrack 8KB 11KB [ 651.509262] lowmem_reserve[]: 0 0 1 1 1 [ 651.516009] t10_alua_lu_gp_cache 0KB 3KB [ 651.516597] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 651.556715] sd_ext_cdb 0KB 7KB [ 651.598759] lowmem_reserve[]: 0 0 0 0 0 [ 651.617106] scsi_sense_cache 1056KB 1060KB [ 651.645938] Node 1 Normal free:26540kB min:53876kB low:67344kB high:80812kB active_anon:992kB inactive_anon:32520kB active_file:24kB inactive_file:8kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:256kB pagetables:116kB bounce:0kB free_pcp:1492kB local_pcp:1480kB free_cma:0kB [ 651.648461] virtio_scsi_cmd 16KB 16KB [ 651.660624] lowmem_reserve[]: 0 0 0 0 0 [ 651.668852] sgpool-128 8KB 8KB [ 651.703622] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 651.711370] sgpool-64 4KB 12KB [ 651.725488] Node 0 DMA32: 1241*4kB (UME) 868*8kB (UMEH) 178*16kB (MEH) 28*32kB (UMEH) 17*64kB (MEH) 7*128kB (MH) 2*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18148kB [ 651.741425] sgpool-32 2KB 15KB [ 651.759885] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 651.791158] sgpool-16 1KB 7KB [ 651.800933] Node 1 Normal: 161*4kB (ME) 135*8kB (ME) 75*16kB (ME) 64*32kB (UME) 61*64kB (UME) 28*128kB (M) 9*256kB (UME) 3*512kB (UM) 2*1024kB (UM) 2*2048kB (UM) 1*4096kB (U) = 26540kB [ 651.818594] sgpool-8 0KB 7KB [ 651.839992] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 651.859666] mqueue_inode_cache 10KB 30KB [ 651.878823] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 651.897551] bio_post_read_ctx 14KB 15KB [ 651.904446] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 651.908798] bio-2 14KB 15KB [ 651.918368] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 651.925232] jfs_mp 7KB 7KB [ 651.936075] cifs_small_rq 15KB 16KB [ 651.941481] cifs_request 67KB 67KB [ 651.942130] 17384 total pagecache pages [ 651.946841] cifs_mpx_ids 0KB 7KB [ 651.950821] 0 pages in swap cache [ 651.959808] nfs_commit_data 3KB 14KB [ 651.965222] nfs_write_data 34KB 44KB [ 651.970617] ext4_system_zone 1KB 7KB [ 651.970963] Swap cache stats: add 0, delete 0, find 0/0 [ 651.979199] bio-1 1KB 7KB [ 651.989112] pid_namespace 2KB 11KB [ 651.993127] Free swap = 0kB [ 651.997508] Total swap = 0kB [ 651.998139] rpc_buffers 17KB 25KB [ 652.000525] 2097051 pages RAM [ 652.005950] rpc_tasks 2KB 7KB [ 652.005960] UNIX 84KB 105KB [ 652.005975] tcp_bind_bucket 1KB 4KB [ 652.005992] ip_fib_trie 23KB 39KB [ 652.020311] 0 pages HighMem/MovableOnly [ 652.030058] ip_fib_alias 112KB 173KB [ 652.030601] 369649 pages reserved [ 652.034744] ip_dst_cache 4KB 20KB [ 652.048861] 0 pages cma reserved [ 652.052318] RAW 42KB 52KB [ 652.057683] UDP 25KB 54KB [ 652.063112] TCP 11KB 22KB [ 652.068480] hugetlbfs_inode_cache 3KB 15KB [ 652.077387] fscache_cookie_jar 1KB 11KB [ 652.082886] eventpoll_pwq 15KB 43KB [ 652.089965] eventpoll_epi 28KB 63KB [ 652.098584] inotify_inode_mark 34KB 59KB [ 652.107873] request_queue 199KB 199KB [ 652.117339] blkdev_requests 1KB 3KB [ 652.126693] blkdev_ioc 16KB 27KB [ 652.136139] bio-0 323KB 352KB [ 652.145666] biovec-max 1377KB 1443KB [ 652.155394] biovec-64 268KB 291KB [ 652.160757] biovec-16 37KB 45KB [ 652.176506] bio_integrity_payload 1KB 8KB [ 652.184654] khugepaged_mm_slot 16KB 34KB [ 652.197966] uid_cache 0KB 4KB [ 652.205863] dmaengine-unmap-2 0KB 3KB [ 652.217145] skbuff_fclone_cache 196KB 225KB [ 652.225349] skbuff_head_cache 2453KB 3907KB [ 652.230718] configfs_dir_cache 3KB 7KB [ 652.244338] file_lock_cache 173KB 209KB [ 652.249722] file_lock_ctx 9KB 11KB [ 652.259896] fsnotify_mark_connector 18KB 31KB [ 652.268872] net_namespace 52KB 52KB [ 652.279038] shmem_inode_cache 8447KB 8536KB [ 652.287752] task_delay_info 185KB 387KB [ 652.299893] taskstats 111KB 141KB [ 652.308429] proc_dir_entry 695KB 828KB [ 652.318662] pde_opener 8KB 34KB [ 652.327214] seq_file 273KB 511KB [ 652.337596] sigqueue 14KB 55KB [ 652.346340] kernfs_node_cache 18231KB 18250KB [ 652.356818] mnt_cache 173KB 204KB [ 652.365528] filp 5161KB 7698KB [ 652.370892] names_cache 159498KB 159528KB [ 652.384300] iint_cache 22KB 59KB [ 652.389673] key_jar 22KB 135KB [ 652.410409] uts_namespace 2KB 7KB [ 652.416710] nsproxy 1KB 7KB [ 652.429780] vm_area_struct 2949KB 3998KB [ 652.436180] mm_struct 567KB 760KB [ 652.449072] fs_cache 123KB 376KB [ 652.455223] files_cache 483KB 896KB [ 652.460599] signal_cache 999KB 1811KB [ 652.474345] sighand_cache 541KB 631KB [ 652.479748] task_struct 6217KB 6293KB [ 652.489770] cred_jar 1107KB 2228KB [ 652.505978] anon_vma_chain 949KB 1492KB [ 652.512284] anon_vma 131KB 292KB [ 652.517646] pid 52KB 228KB [ 652.530238] Acpi-Operand 156KB 198KB [ 652.536609] Acpi-ParseExt 9KB 11KB [ 652.549373] Acpi-Parse 41KB 47KB [ 652.555545] Acpi-State 52KB 63KB [ 652.569944] Acpi-Namespace 20KB 27KB [ 652.576206] numa_policy 0KB 3KB [ 652.588926] debug_objects_cache 1286KB 1828KB [ 652.595334] trace_event_file 297KB 298KB [ 652.603180] ftrace_event_field 398KB 401KB [ 652.608646] pool_workqueue 121KB 152KB [ 652.622402] page->ptl 647KB 1008KB [ 652.627831] kmalloc-2097152 2050KB 2050KB [ 652.637959] kmalloc-524288 2056KB 2056KB [ 652.656065] kmalloc-262144 1290KB 1290KB [ 652.661501] kmalloc-131072 650KB 650KB [ 652.666896] kmalloc-65536 1848KB 1914KB [ 652.680245] kmalloc-32768 1650KB 1650KB [ 652.685669] kmalloc-16384 973KB 1023KB [ 652.699314] kmalloc-8192 3968KB 4009KB [ 652.706998] kmalloc-4096 19660KB 19707KB [ 652.720947] kmalloc-2048 12297KB 14688KB [ 652.726344] kmalloc-1024 7704KB 11694KB [ 652.736711] kmalloc-512 8335KB 11816KB [ 652.746113] kmalloc-256 4150KB 5715KB [ 652.756474] kmalloc-128 930KB 1401KB [ 652.762256] kmalloc-96 3144KB 4076KB [ 652.767796] kmalloc-64 2954KB 3904KB [ 652.777940] kmalloc-32 1767KB 2543KB [ 652.783352] kmalloc-192 1501KB 2572KB [ 652.788832] kmem_cache 177KB 183KB [ 652.799708] Out of memory (oom_kill_allocating_task): Kill process 7800 (in:imklog) score 0 or sacrifice child [ 652.818250] Killed process 7795 (rsyslogd) total-vm:254332kB, anon-rss:1024kB, file-rss:0kB, shmem-rss:0kB [ 652.835714] oom_reaper: reaped process 7795 (rsyslogd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 02:33:46 executing program 5: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 02:33:46 executing program 4: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 02:33:46 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}], 0x40) 02:33:46 executing program 3: execveat(0xffffffffffffff9c, 0x0, &(0x7f0000000180)=[&(0x7f0000000080)='!.\x00', &(0x7f0000000140)='}^}*]-)\'\x00'], &(0x7f0000000400)=[&(0x7f00000001c0)='/dev/vim2m\x00', &(0x7f0000000200)='+\x00', &(0x7f0000000240)='{:-\x00', &(0x7f0000000280)='/dev/vim2m\x00', &(0x7f00000002c0)=']/\x00', &(0x7f0000000300)='\'\x00', &(0x7f0000000340)=',:\\\x00', &(0x7f0000000380)='/dev/vim2m\x00', &(0x7f00000003c0)='{}\x00'], 0x1000) 02:33:46 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000003c0)=@fd={0x1, 0x3, 0x4, 0x14020, 0x5, {0x0, 0x2710}, {0x1, 0x8, 0xec, 0x80, 0x40, 0x2, "7bf3a4d2"}, 0x2, 0x4, {}, 0x6, 0x0, r2}) ioctl$vim2m_VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000080)=0x3) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:33:46 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000100)={0x1, 0x1, 0x4, 0x0, 0xc1}) clock_gettime(0x0, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000080)) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) 02:33:46 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000100)={0x1, 0x1, 0x4, 0x0, 0xc1}) clock_gettime(0x0, &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000080)) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r5, 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) 02:33:46 executing program 4: setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) 02:33:46 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000100)={0x1, 0x1, 0x4, 0x0, 0xc1}) clock_gettime(0x0, &(0x7f0000000040)) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) 02:33:46 executing program 3: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000400)=[&(0x7f00000001c0)='/dev/vim2m\x00', &(0x7f0000000200)='+\x00', &(0x7f0000000240)='{:-\x00', &(0x7f0000000280)='/dev/vim2m\x00', &(0x7f00000002c0)=']/\x00', &(0x7f0000000300)='\'\x00', &(0x7f0000000340)=',:\\\x00', &(0x7f0000000380)='/dev/vim2m\x00', &(0x7f00000003c0)='{}\x00'], 0x1000) 02:33:46 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}], 0x38) 02:33:46 executing program 4: setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) 02:33:46 executing program 5: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}], 0x40) [ 661.058054] oom_reaper: reaped process 5125 (syz-executor.1), now anon-rss:0kB, file-rss:14336kB, shmem-rss:20kB [ 661.108923] systemd-journal invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 661.126639] systemd-journal cpuset=/ mems_allowed=0-1 [ 661.131914] CPU: 0 PID: 5070 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 [ 661.139870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 661.140278] syz-executor.1: vmalloc: allocation failure, allocated 1733541888 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 661.149211] Call Trace: [ 661.165567] dump_stack+0x1fc/0x2ef [ 661.166509] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 661.169197] dump_header+0x15d/0xc3f [ 661.177976] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 661.183070] ? ___ratelimit+0x319/0x590 [ 661.187054] oom_kill_process.cold+0x10/0x692 [ 661.191626] ? check_preemption_disabled+0x41/0x280 [ 661.196635] ? has_intersects_mems_allowed+0x1d6/0x290 [ 661.201911] out_of_memory+0x1072/0x1390 [ 661.205975] ? oom_killer_disable+0x270/0x270 [ 661.210462] ? mutex_trylock+0x15f/0x1a0 [ 661.214516] __alloc_pages_nodemask+0x23a2/0x2890 [ 661.219375] ? find_get_entry+0x4cd/0x8a0 [ 661.223543] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 661.228393] alloc_pages_current+0x193/0x2a0 [ 661.232795] filemap_fault+0x146e/0x2180 [ 661.236849] ext4_filemap_fault+0x84/0xb0 [ 661.241078] __do_fault+0x10b/0x4b0 [ 661.244728] __handle_mm_fault+0x273b/0x41c0 [ 661.249130] ? vm_insert_page+0x9c0/0x9c0 [ 661.253279] ? check_preemption_disabled+0x41/0x280 [ 661.258288] handle_mm_fault+0x436/0xb10 [ 661.262348] __do_page_fault+0x68e/0xd60 [ 661.266422] ? trace_hardirqs_off_caller+0x6e/0x210 [ 661.271428] ? spurious_fault+0x840/0x840 [ 661.275565] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 661.280408] ? page_fault+0x8/0x30 [ 661.283944] page_fault+0x1e/0x30 [ 661.287390] RIP: 0033:0x7fa8e01ee2e3 [ 661.291092] Code: Bad RIP value. [ 661.294443] RSP: 002b:00007ffdbb368b58 EFLAGS: 00010246 [ 661.299793] RAX: 0000000000000001 RBX: 000055a68d3ce1e0 RCX: 00007fa8e01ee2e3 [ 661.307056] RDX: 0000000000000013 RSI: 00007ffdbb368b60 RDI: 000000000000000c [ 661.314404] RBP: 00007ffdbb368d50 R08: 00007ffdbb3c3000 R09: 000000a85ed1c875 [ 661.321670] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdbb368b60 [ 661.329024] R13: 0000000000000001 R14: ffffffffffffffff R15: 0005f44f53818750 [ 661.336321] CPU: 1 PID: 5125 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 661.339183] Mem-Info: [ 661.344120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 661.344125] Call Trace: [ 661.344146] dump_stack+0x1fc/0x2ef [ 661.344163] warn_alloc.cold+0x7b/0x18f [ 661.344181] ? zone_watermark_ok_safe+0x260/0x260 [ 661.346598] active_anon:14013 inactive_anon:16927 isolated_anon:0 [ 661.346598] active_file:32 inactive_file:32 isolated_file:0 [ 661.346598] unevictable:0 dirty:4 writeback:0 unstable:0 [ 661.346598] slab_reclaimable:15121 slab_unreclaimable:125282 [ 661.346598] mapped:22023 shmem:17356 pagetables:560 bounce:0 [ 661.346598] free:13778 free_pcp:927 free_cma:0 [ 661.356025] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 661.356045] ? retint_kernel+0x2d/0x2d [ 661.356074] __vmalloc_area_node+0x4fd/0x780 [ 661.358646] Node 0 active_anon:54148kB inactive_anon:35184kB active_file:88kB inactive_file:68kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:88068kB dirty:4kB writeback:0kB shmem:36632kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 661.362250] ? __vmalloc_node_range+0x180/0x180 [ 661.362267] ? _raw_spin_unlock+0x29/0x40 [ 661.366238] Node 1 active_anon:1904kB inactive_anon:32524kB active_file:40kB inactive_file:60kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:12kB writeback:0kB shmem:32792kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 661.371050] ? __get_vm_area_node+0x2e2/0x3a0 [ 661.371069] __vmalloc_node_range+0xed/0x180 [ 661.371101] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 661.406550] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 661.409660] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 661.413549] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 661.417929] vmalloc_user+0x70/0xe0 [ 661.445520] Node 0 DMA32 free:17536kB min:35996kB low:44992kB high:53988kB active_anon:54148kB inactive_anon:35184kB active_file:116kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1996kB bounce:0kB free_pcp:2008kB local_pcp:1464kB free_cma:0kB [ 661.450157] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 661.450170] vb2_vmalloc_alloc+0xb3/0x2f0 [ 661.450186] __vb2_queue_alloc+0x472/0xe60 [ 661.454318] lowmem_reserve[]: 0 0 1 1 1 [ 661.481384] vb2_core_create_bufs+0x273/0x7e0 [ 661.481400] ? __vb2_queue_free+0x870/0x870 [ 661.485867] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 661.490285] ? mutex_trylock+0x1a0/0x1a0 [ 661.490303] ? __video_do_ioctl+0x632/0xcd0 [ 661.494596] lowmem_reserve[]: 0 0 0 0 0 [ 661.520788] vb2_create_bufs+0x332/0x620 [ 661.520805] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 661.520818] ? __video_do_ioctl+0x632/0xcd0 [ 661.520828] ? mutex_trylock+0x1a0/0x1a0 [ 661.520840] ? mark_held_locks+0xf0/0xf0 [ 661.520854] ? futex_wait_queue_me+0x404/0x5e0 [ 661.520871] vb2_ioctl_create_bufs+0x20d/0x360 [ 661.520883] ? memset+0x20/0x40 [ 661.520899] v4l_create_bufs+0xb2/0x160 [ 661.520916] __video_do_ioctl+0x49a/0xcd0 [ 661.520933] ? v4l_querycap+0x340/0x340 [ 661.520950] ? __might_fault+0x192/0x1d0 [ 661.520966] ? v4l_querycap+0x340/0x340 [ 661.520980] video_usercopy+0x13f/0xfa0 [ 661.521000] ? v4l_enumstd+0x60/0x60 [ 661.521013] ? do_futex+0x171/0x1880 [ 661.521028] ? mark_held_locks+0xf0/0xf0 [ 661.521062] ? debug_check_no_obj_freed+0x201/0x490 [ 661.521085] ? video_usercopy+0xfa0/0xfa0 [ 661.521098] v4l2_ioctl+0x147/0x1a0 [ 661.521110] ? video_devdata+0xa0/0xa0 [ 661.521125] do_vfs_ioctl+0xcdb/0x12e0 [ 661.521140] ? lock_downgrade+0x720/0x720 [ 661.521155] ? check_preemption_disabled+0x41/0x280 [ 661.521169] ? ioctl_preallocate+0x200/0x200 [ 661.521186] ? __fget+0x356/0x510 [ 661.521202] ? do_dup2+0x450/0x450 [ 661.521217] ? __se_sys_futex+0x298/0x3b0 [ 661.521238] ksys_ioctl+0x9b/0xc0 [ 661.521278] __x64_sys_ioctl+0x6f/0xb0 [ 661.521293] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 661.521307] do_syscall_64+0xf9/0x620 [ 661.521326] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 661.521338] RIP: 0033:0x7f4dd02630f9 [ 661.521353] Code: Bad RIP value. [ 661.521360] RSP: 002b:00007f4dce7d5168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 661.521373] RAX: ffffffffffffffda RBX: 00007f4dd0382f80 RCX: 00007f4dd02630f9 [ 661.521381] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 661.521389] RBP: 00007f4dd02beae9 R08: 0000000000000000 R09: 0000000000000000 [ 661.521397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 661.521406] R13: 00007ffe2f8179bf R14: 00007f4dce7d5300 R15: 0000000000022000 [ 661.531625] Mem-Info: [ 661.533110] Node 1 Normal free:26708kB min:53876kB low:67344kB high:80812kB active_anon:1904kB inactive_anon:32524kB active_file:20kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:244kB bounce:0kB free_pcp:1700kB local_pcp:0kB free_cma:0kB [ 661.536898] active_anon:14013 inactive_anon:16927 isolated_anon:0 [ 661.536898] active_file:32 inactive_file:32 isolated_file:0 [ 661.536898] unevictable:0 dirty:4 writeback:0 unstable:0 [ 661.536898] slab_reclaimable:15121 slab_unreclaimable:125282 [ 661.536898] mapped:22023 shmem:17356 pagetables:560 bounce:0 [ 661.536898] free:13778 free_pcp:927 free_cma:0 [ 661.565504] lowmem_reserve[]: 0 0 0 0 0 [ 661.565526] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 661.578267] Node 0 active_anon:54148kB inactive_anon:35184kB active_file:88kB inactive_file:68kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:88068kB dirty:4kB writeback:0kB shmem:36632kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 661.578297] Node 1 active_anon:1904kB inactive_anon:32524kB active_file:40kB inactive_file:60kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:12kB writeback:0kB shmem:32792kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 661.582299] Node 0 DMA32: 1320*4kB (UME) 817*8kB (UMEH) 187*16kB (UMEH) 23*32kB (UMEH) 11*64kB (UMEH) 9*128kB (UMH) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17656kB [ 661.586834] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 661.591138] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 661.591193] Node 1 Normal: 181*4kB (UM) 166*8kB (ME) 123*16kB (UME) 79*32kB (UME) 33*64kB (UME) 3*128kB (M) 7*256kB (ME) 3*512kB (M) 4*1024kB (UM) 1*2048kB (M) 2*4096kB (U) = 26708kB [ 661.591269] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 661.591279] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 661.591289] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 661.591299] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 661.591304] 17422 total pagecache pages [ 661.591317] 0 pages in swap cache [ 661.591324] Swap cache stats: add 0, delete 0, find 0/0 [ 661.591329] Free swap = 0kB [ 661.591334] Total swap = 0kB [ 661.591341] 2097051 pages RAM [ 661.591346] 0 pages HighMem/MovableOnly [ 661.591355] 369649 pages reserved [ 661.626329] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 661.627427] 0 pages cma reserved [ 661.631426] Node 0 DMA32 free:17536kB min:35996kB low:44992kB high:53988kB active_anon:54148kB inactive_anon:35184kB active_file:116kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1996kB bounce:0kB free_pcp:2008kB local_pcp:544kB free_cma:0kB [ 661.631457] lowmem_reserve[]: 0 0 1 1 1 [ 661.635500] Unreclaimable slab info: [ 661.648920] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 661.648982] Name Used Total [ 661.653214] lowmem_reserve[]: 0 0 0 0 0 [ 661.657636] pid_2 84KB 204KB [ 661.670580] Node 1 Normal free:26708kB min:53876kB low:67344kB high:80812kB active_anon:1904kB inactive_anon:32524kB active_file:20kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:244kB bounce:0kB free_pcp:1700kB local_pcp:1700kB free_cma:0kB [ 661.673874] batadv_tl_cache 4KB 12KB [ 661.677703] lowmem_reserve[]: 0 0 0 0 0 [ 661.681812] TIPC 10KB 22KB [ 661.681833] SCTPv6 14KB 30KB [ 661.681852] DCCPv6 17KB 30KB [ 661.693529] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 661.697220] DCCP 16KB 28KB [ 661.705441] Node 0 DMA32: 1320*4kB (UME) 817*8kB (UMEH) 187*16kB (UMEH) 23*32kB (UMEH) 11*64kB (UMEH) 9*128kB (UMH) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17656kB [ 661.706357] RXRPC 11KB 26KB [ 661.714619] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 661.715851] rxrpc_call_jar 78KB 118KB [ 661.719718] Node 1 Normal: 181*4kB (UM) 166*8kB (ME) 123*16kB (UME) 79*32kB (UME) 33*64kB (UME) 3*128kB (M) 7*256kB (ME) 3*512kB (M) 4*1024kB (UM) 1*2048kB (M) 2*4096kB (U) = 26708kB [ 661.723639] bridge_fdb_cache 9KB 23KB [ 661.723655] fib6_nodes 156KB 240KB [ 661.723663] ip6_dst_cache 135KB 423KB [ 661.723675] RAWv6 70KB 94KB [ 661.723686] UDPv6 26KB 37KB [ 661.723700] TCPv6 27KB 48KB [ 661.733498] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 661.737291] nf_conntrack 9KB 11KB [ 661.745046] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 661.748487] t10_alua_lu_gp_cache 0KB 3KB [ 661.755407] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 661.755802] sd_ext_cdb 0KB 7KB [ 661.774263] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 661.776740] scsi_sense_cache 1056KB 1060KB [ 661.788702] 17382 total pagecache pages [ 661.791769] virtio_scsi_cmd 16KB 16KB [ 661.791781] sgpool-128 8KB 8KB [ 661.791789] sgpool-64 4KB 12KB [ 661.791798] sgpool-32 2KB 15KB [ 661.791808] sgpool-16 1KB 7KB [ 661.791817] sgpool-8 0KB 7KB [ 661.791835] mqueue_inode_cache 10KB 30KB [ 661.791857] bio_post_read_ctx 14KB 15KB [ 661.804742] 0 pages in swap cache [ 661.806529] bio-2 14KB 15KB [ 661.817133] Swap cache stats: add 0, delete 0, find 0/0 [ 661.822819] jfs_mp 7KB 7KB [ 661.822859] cifs_small_rq 15KB 16KB [ 661.822872] cifs_request 67KB 67KB [ 661.829858] Free swap = 0kB [ 661.854093] cifs_mpx_ids 0KB 7KB [ 661.887420] Total swap = 0kB [ 661.887435] 2097051 pages RAM [ 661.913751] nfs_commit_data 3KB 14KB [ 661.932630] 0 pages HighMem/MovableOnly [ 661.932635] 369649 pages reserved [ 661.932640] 0 pages cma reserved [ 662.518173] nfs_write_data 34KB 44KB [ 662.538506] ext4_system_zone 1KB 7KB [ 662.559172] bio-1 1KB 7KB [ 662.568054] pid_namespace 2KB 11KB [ 662.587836] rpc_buffers 17KB 25KB [ 662.607770] rpc_tasks 2KB 7KB [ 662.616509] UNIX 118KB 120KB [ 662.637269] tcp_bind_bucket 1KB 4KB [ 662.658838] ip_fib_trie 23KB 39KB [ 662.669339] ip_fib_alias 112KB 173KB [ 662.689092] ip_dst_cache 4KB 20KB [ 662.694579] RAW 42KB 52KB [ 662.713324] UDP 32KB 54KB [ 662.718717] TCP 11KB 22KB [ 662.729620] hugetlbfs_inode_cache 3KB 15KB [ 662.736405] fscache_cookie_jar 1KB 11KB [ 662.748130] eventpoll_pwq 17KB 43KB [ 662.753571] eventpoll_epi 33KB 63KB [ 662.758936] inotify_inode_mark 31KB 55KB [ 662.769749] request_queue 199KB 199KB [ 662.775860] blkdev_requests 1KB 3KB [ 662.785875] blkdev_ioc 24KB 27KB [ 662.792493] bio-0 522KB 525KB [ 662.797943] biovec-max 1435KB 1452KB [ 662.810019] biovec-64 434KB 441KB [ 662.817365] biovec-16 49KB 52KB [ 662.826062] bio_integrity_payload 1KB 8KB [ 662.833440] khugepaged_mm_slot 15KB 34KB [ 662.839523] uid_cache 0KB 4KB [ 662.849817] dmaengine-unmap-2 0KB 3KB [ 662.856864] skbuff_fclone_cache 173KB 217KB [ 662.866653] skbuff_head_cache 3229KB 3907KB [ 662.875542] configfs_dir_cache 3KB 7KB [ 662.885753] file_lock_cache 160KB 209KB [ 662.896857] file_lock_ctx 9KB 11KB [ 662.907112] fsnotify_mark_connector 20KB 31KB [ 662.916917] net_namespace 52KB 52KB [ 662.926831] shmem_inode_cache 8401KB 8528KB [ 662.934212] task_delay_info 170KB 387KB [ 662.944236] taskstats 107KB 141KB [ 662.951785] proc_dir_entry 694KB 828KB [ 662.957155] pde_opener 7KB 34KB [ 662.966211] seq_file 271KB 511KB [ 662.974963] sigqueue 28KB 55KB [ 662.983960] kernfs_node_cache 18235KB 18250KB [ 662.989329] mnt_cache 173KB 204KB [ 662.996532] filp 5386KB 7695KB [ 663.005192] names_cache 157466KB 157505KB [ 663.012434] iint_cache 25KB 59KB [ 663.017807] key_jar 22KB 135KB [ 663.026622] uts_namespace 2KB 7KB [ 663.033876] nsproxy 1KB 7KB [ 663.039246] vm_area_struct 2886KB 3998KB [ 663.049296] mm_struct 520KB 747KB [ 663.056544] fs_cache 112KB 372KB [ 663.065385] files_cache 434KB 858KB [ 663.072635] signal_cache 944KB 1775KB [ 663.078004] sighand_cache 534KB 624KB [ 663.087134] task_struct 5908KB 5996KB [ 663.094408] cred_jar 1217KB 2228KB [ 663.099777] anon_vma_chain 917KB 1492KB [ 663.108656] anon_vma 148KB 292KB [ 663.115888] pid 50KB 228KB [ 663.129257] Acpi-Operand 156KB 198KB [ 663.136540] Acpi-ParseExt 9KB 11KB [ 663.145972] Acpi-Parse 41KB 47KB [ 663.153454] Acpi-State 52KB 63KB [ 663.158912] Acpi-Namespace 20KB 27KB [ 663.167965] numa_policy 0KB 3KB [ 663.176003] debug_objects_cache 1286KB 1828KB [ 663.185238] trace_event_file 297KB 298KB [ 663.192504] ftrace_event_field 398KB 401KB [ 663.197971] pool_workqueue 121KB 152KB [ 663.206981] page->ptl 607KB 1008KB [ 663.214305] kmalloc-2097152 2050KB 2050KB [ 663.219674] kmalloc-524288 2056KB 2056KB [ 663.228497] kmalloc-262144 1290KB 1290KB [ 663.235743] kmalloc-131072 650KB 650KB [ 663.244486] kmalloc-65536 1848KB 1914KB [ 663.252268] kmalloc-32768 1650KB 1650KB [ 663.257641] kmalloc-16384 973KB 1023KB [ 663.266405] kmalloc-8192 3968KB 4009KB [ 663.273564] kmalloc-4096 19380KB 19418KB [ 663.278932] kmalloc-2048 12165KB 14643KB [ 663.288218] kmalloc-1024 7738KB 11694KB [ 663.295720] kmalloc-512 9601KB 11816KB [ 663.304457] kmalloc-256 4143KB 5715KB [ 663.311715] kmalloc-128 904KB 1401KB [ 663.317187] kmalloc-96 3219KB 4076KB [ 663.325902] kmalloc-64 2874KB 3904KB [ 663.333060] kmalloc-32 1790KB 2543KB [ 663.338428] kmalloc-192 1497KB 2572KB [ 663.347192] kmem_cache 177KB 183KB [ 663.354933] Out of memory (oom_kill_allocating_task): Kill process 5070 (systemd-journal) score 0 or sacrifice child [ 663.369026] Killed process 5070 (systemd-journal) total-vm:46096kB, anon-rss:476kB, file-rss:4kB, shmem-rss:1532kB [ 663.385673] oom_reaper: reaped process 5070 (systemd-journal), now anon-rss:0kB, file-rss:0kB, shmem-rss:1540kB [ 663.511723] systemd[1]: systemd-journald.service: Failed with result 'signal'. [ 663.520756] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 663.539049] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 663.546668] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 663.556300] systemd[1]: Stopped Journal Service. [ 663.576057] systemd[1]: Starting Journal Service... [ 663.896529] systemd-journald[5152]: File /run/log/journal/04d8c135ee6b410280ba31a58c89679d/system.journal corrupted or uncleanly shut down, renaming and replacing. [ 664.158735] systemd[1]: Started Journal Service. 02:33:56 executing program 3: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x1000) 02:33:56 executing program 5: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}, {{0x2, 0x0, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x2, 0x1, 0x0, 0x1}}], 0x40) 02:33:56 executing program 4: setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) 02:33:56 executing program 3: execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0) 02:33:56 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000003c0)=@fd={0x1, 0x3, 0x4, 0x14020, 0x5, {0x0, 0x2710}, {0x1, 0x8, 0xec, 0x80, 0x40, 0x2, "7bf3a4d2"}, 0x2, 0x4, {}, 0x6, 0x0, r1}) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:33:56 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000100)={0x1, 0x1, 0x4, 0x0, 0xc1}) clock_gettime(0x0, &(0x7f0000000040)) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) 02:33:56 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}], 0x30) 02:33:56 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000100)={0x1, 0x1, 0x4, 0x0, 0xc1}) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) 02:33:56 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000004c0)=0xffffffffffffffff) ioctl$vim2m_VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {r2, r3/1000+10000}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff, 0x0, r4}) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r5, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000000040)=[0x0], &(0x7f0000000080)=[0x0], 0x0, 0x8, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:33:56 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}], 0x28) 02:33:56 executing program 4: socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) 02:33:56 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) 02:33:56 executing program 3: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}], 0x30) [ 671.418430] oom_reaper: reaped process 5172 (syz-executor.1), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 671.457100] systemd-journal invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 671.493576] systemd-journal cpuset=/ mems_allowed=0-1 [ 671.498842] CPU: 1 PID: 5152 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 [ 671.506725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 671.516088] Call Trace: [ 671.518667] dump_stack+0x1fc/0x2ef [ 671.522284] dump_header+0x15d/0xc3f [ 671.526004] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 671.531087] ? ___ratelimit+0x319/0x590 [ 671.535044] oom_kill_process.cold+0x10/0x692 [ 671.539524] ? check_preemption_disabled+0x41/0x280 [ 671.544534] ? has_intersects_mems_allowed+0x1d6/0x290 [ 671.549793] out_of_memory+0x1072/0x1390 [ 671.553837] ? oom_killer_disable+0x270/0x270 [ 671.558407] ? mutex_trylock+0x15f/0x1a0 [ 671.562593] __alloc_pages_nodemask+0x23a2/0x2890 [ 671.567442] ? find_get_entry+0x4cd/0x8a0 [ 671.571588] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 671.576555] alloc_pages_current+0x193/0x2a0 [ 671.580961] filemap_fault+0x146e/0x2180 [ 671.585022] ext4_filemap_fault+0x84/0xb0 [ 671.589307] __do_fault+0x10b/0x4b0 [ 671.592932] __handle_mm_fault+0x273b/0x41c0 [ 671.597332] ? vm_insert_page+0x9c0/0x9c0 [ 671.601485] ? check_preemption_disabled+0x41/0x280 [ 671.606508] handle_mm_fault+0x436/0xb10 [ 671.610567] __do_page_fault+0x68e/0xd60 [ 671.614613] ? trace_hardirqs_off_caller+0x6e/0x210 [ 671.619698] ? spurious_fault+0x840/0x840 [ 671.624274] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 671.629102] ? page_fault+0x8/0x30 [ 671.632625] page_fault+0x1e/0x30 [ 671.636064] RIP: 0033:0x7fadd75e62e3 [ 671.639778] Code: Bad RIP value. [ 671.643132] RSP: 002b:00007ffdcb97da18 EFLAGS: 00010246 [ 671.648473] RAX: 0000000000000001 RBX: 0000560154ec81e0 RCX: 00007fadd75e62e3 [ 671.655722] RDX: 0000000000000013 RSI: 00007ffdcb97da20 RDI: 000000000000000c [ 671.662972] RBP: 00007ffdcb97dc10 R08: 00007ffdcb9f3000 R09: 000000aafecbc456 [ 671.670221] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdcb97da20 [ 671.677559] R13: 0000000000000001 R14: ffffffffffffffff R15: 0005f44f541dee67 [ 671.691443] syz-executor.1: vmalloc: allocation failure, allocated 1728331776 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 671.692695] Mem-Info: [ 671.707723] active_anon:14036 inactive_anon:18959 isolated_anon:0 [ 671.707723] active_file:62 inactive_file:23 isolated_file:0 [ 671.707723] unevictable:0 dirty:15 writeback:0 unstable:0 [ 671.707723] slab_reclaimable:15133 slab_unreclaimable:124576 [ 671.707723] mapped:22040 shmem:19404 pagetables:560 bounce:0 [ 671.707723] free:13792 free_pcp:905 free_cma:0 [ 671.708338] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 671.745471] Node 0 active_anon:53988kB inactive_anon:43312kB active_file:152kB inactive_file:48kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:88008kB dirty:32kB writeback:0kB shmem:44824kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 671.754802] CPU: 1 PID: 5172 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 671.774920] Node 1 active_anon:2156kB inactive_anon:32524kB active_file:96kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:152kB dirty:28kB writeback:0kB shmem:32792kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 671.782613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 671.782619] Call Trace: [ 671.782641] dump_stack+0x1fc/0x2ef [ 671.782659] warn_alloc.cold+0x7b/0x18f [ 671.809722] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 671.819156] ? zone_watermark_ok_safe+0x260/0x260 [ 671.819168] ? retint_kernel+0x2d/0x2d [ 671.819190] ? policy_node+0xa7/0x140 [ 671.821743] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 671.825373] __vmalloc_area_node+0x4fd/0x780 [ 671.829338] Node 0 DMA32 free:17772kB min:35996kB low:44992kB high:53988kB active_anon:53988kB inactive_anon:43312kB active_file:404kB inactive_file:448kB unevictable:0kB writepending:132kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7456kB pagetables:1916kB bounce:0kB free_pcp:1636kB local_pcp:1568kB free_cma:0kB [ 671.855505] ? __vmalloc_node_range+0x180/0x180 [ 671.855517] ? _raw_spin_unlock+0x29/0x40 [ 671.855533] ? __get_vm_area_node+0x2e2/0x3a0 [ 671.860368] lowmem_reserve[]: 0 0 1 1 1 [ 671.864224] __vmalloc_node_range+0xed/0x180 [ 671.864240] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 671.864252] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 671.864267] vmalloc_user+0x70/0xe0 [ 671.876875] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 671.877449] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 671.911533] lowmem_reserve[]: 0 0 0 0 0 [ 671.915637] vb2_vmalloc_alloc+0xb3/0x2f0 [ 671.920156] Node 1 Normal free:26528kB min:53876kB low:67344kB high:80812kB active_anon:2156kB inactive_anon:32524kB active_file:180kB inactive_file:172kB unevictable:0kB writepending:128kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:416kB pagetables:324kB bounce:0kB free_pcp:1984kB local_pcp:252kB free_cma:0kB [ 671.924092] __vb2_queue_alloc+0x472/0xe60 [ 671.928468] lowmem_reserve[]: 0 0 0 0 0 [ 671.932878] vb2_core_create_bufs+0x273/0x7e0 [ 671.932893] ? __vb2_queue_free+0x870/0x870 [ 671.932910] ? mutex_trylock+0x1a0/0x1a0 [ 671.938332] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 671.941959] ? __video_do_ioctl+0x632/0xcd0 [ 671.941984] vb2_create_bufs+0x332/0x620 [ 671.967825] Node 0 DMA32: 566*4kB (ME) 737*8kB (UMEH) 187*16kB (UMEH) 39*32kB (UMEH) 22*64kB (MEH) 9*128kB (UMH) 4*256kB (UM) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 17520kB [ 671.972130] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 671.972142] ? __video_do_ioctl+0x632/0xcd0 [ 671.972157] ? mutex_trylock+0x1a0/0x1a0 [ 671.976204] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 671.980431] ? mark_held_locks+0xf0/0xf0 [ 671.980450] vb2_ioctl_create_bufs+0x20d/0x360 [ 671.980467] ? memset+0x20/0x40 [ 672.009609] Node 1 Normal: 216*4kB (UM) 212*8kB (M) 142*16kB (UME) 74*32kB (UME) 24*64kB (UME) 3*128kB (UM) 6*256kB (ME) 3*512kB (M) 4*1024kB (UM) 1*2048kB (M) 2*4096kB (U) = 26528kB [ 672.013817] v4l_create_bufs+0xb2/0x160 [ 672.017765] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 672.022245] __video_do_ioctl+0x49a/0xcd0 [ 672.022270] ? v4l_querycap+0x340/0x340 [ 672.026568] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 672.030620] ? __might_fault+0x192/0x1d0 [ 672.030640] ? v4l_querycap+0x340/0x340 [ 672.043820] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 672.048111] video_usercopy+0x13f/0xfa0 [ 672.052171] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 672.068182] ? v4l_enumstd+0x60/0x60 [ 672.068199] ? do_futex+0x171/0x1880 [ 672.073294] 19457 total pagecache pages [ 672.077592] ? mark_held_locks+0xf0/0xf0 [ 672.081674] 0 pages in swap cache [ 672.092656] ? debug_check_no_obj_freed+0x201/0x490 [ 672.092679] ? video_usercopy+0xfa0/0xfa0 [ 672.096713] Swap cache stats: add 0, delete 0, find 0/0 [ 672.101276] v4l2_ioctl+0x147/0x1a0 [ 672.101290] ? video_devdata+0xa0/0xa0 [ 672.101307] do_vfs_ioctl+0xcdb/0x12e0 [ 672.104560] Free swap = 0kB [ 672.121021] ? lock_downgrade+0x720/0x720 [ 672.121035] ? check_preemption_disabled+0x41/0x280 [ 672.121051] ? ioctl_preallocate+0x200/0x200 [ 672.124998] Total swap = 0kB [ 672.133824] ? __fget+0x356/0x510 [ 672.133846] ? do_dup2+0x450/0x450 [ 672.137979] 2097051 pages RAM [ 672.141937] ? __se_sys_futex+0x298/0x3b0 [ 672.141962] ksys_ioctl+0x9b/0xc0 [ 672.150527] 0 pages HighMem/MovableOnly [ 672.154564] __x64_sys_ioctl+0x6f/0xb0 [ 672.158514] 369649 pages reserved [ 672.167337] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 672.167351] do_syscall_64+0xf9/0x620 [ 672.167370] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 672.171335] 0 pages cma reserved [ 672.179878] RIP: 0033:0x7f4dd02630f9 [ 672.179907] Code: Bad RIP value. [ 672.183603] Unreclaimable slab info: [ 672.187307] RSP: 002b:00007f4dce7d5168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 672.191314] Name Used Total [ 672.195339] RAX: ffffffffffffffda RBX: 00007f4dd0382f80 RCX: 00007f4dd02630f9 [ 672.198770] pid_2 74KB 204KB [ 672.203758] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 672.203766] RBP: 00007f4dd02beae9 R08: 0000000000000000 R09: 0000000000000000 [ 672.203773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 672.203784] R13: 00007ffe2f8179bf R14: 00007f4dce7d5300 R15: 0000000000022000 [ 672.207981] batadv_tl_cache 4KB 12KB [ 672.229217] Mem-Info: [ 672.243280] TIPC 10KB 22KB [ 672.254713] active_anon:14012 inactive_anon:18959 isolated_anon:0 [ 672.254713] active_file:14 inactive_file:14 isolated_file:0 [ 672.254713] unevictable:0 dirty:0 writeback:0 unstable:0 [ 672.254713] slab_reclaimable:15132 slab_unreclaimable:124582 [ 672.254713] mapped:21970 shmem:19404 pagetables:559 bounce:0 [ 672.254713] free:13729 free_pcp:905 free_cma:0 [ 672.262280] SCTPv6 14KB 30KB [ 672.266035] Node 0 active_anon:53896kB inactive_anon:43312kB active_file:36kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:87880kB dirty:0kB writeback:0kB shmem:44824kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 8192kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 672.276009] DCCPv6 17KB 30KB [ 672.279335] Node 1 active_anon:2152kB inactive_anon:32524kB active_file:20kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:32792kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 672.284771] DCCP 16KB 28KB [ 672.285142] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 672.297185] RXRPC 11KB 26KB [ 672.301257] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 672.307893] rxrpc_call_jar 78KB 118KB [ 672.314039] Node 0 DMA32 free:17520kB min:35996kB low:44992kB high:53988kB active_anon:53896kB inactive_anon:43312kB active_file:36kB inactive_file:32kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7456kB pagetables:1912kB bounce:0kB free_pcp:1636kB local_pcp:68kB free_cma:0kB [ 672.324393] bridge_fdb_cache 9KB 23KB [ 672.328180] lowmem_reserve[]: 0 0 1 1 1 [ 672.340556] fib6_nodes 156KB 240KB [ 672.352112] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 672.362508] ip6_dst_cache 151KB 423KB [ 672.372517] lowmem_reserve[]: 0 0 0 0 0 [ 672.378207] RAWv6 70KB 94KB [ 672.408336] Node 1 Normal free:26528kB min:53876kB low:67344kB high:80812kB active_anon:2152kB inactive_anon:32524kB active_file:20kB inactive_file:24kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:416kB pagetables:324kB bounce:0kB free_pcp:1984kB local_pcp:1732kB free_cma:0kB [ 672.428599] UDPv6 26KB 37KB [ 672.441458] lowmem_reserve[]: 0 0 0 0 0 [ 672.460577] TCPv6 27KB 48KB [ 672.484963] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 672.512128] nf_conntrack 9KB 11KB [ 672.521410] Node 0 DMA32: 566*4kB (ME) 737*8kB (UMEH) 187*16kB (UMEH) 39*32kB (UMEH) 22*64kB (MEH) 9*128kB (UMH) 4*256kB (UM) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 17520kB [ 672.556773] t10_alua_lu_gp_cache 0KB 3KB [ 672.572373] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 672.598657] sd_ext_cdb 0KB 7KB [ 672.609292] Node 1 Normal: 216*4kB (UM) 212*8kB (M) 142*16kB (UME) 74*32kB (UME) 24*64kB (UME) 3*128kB (UM) 6*256kB (ME) 3*512kB (M) 4*1024kB (UM) 1*2048kB (M) 2*4096kB (U) = 26528kB [ 672.643532] scsi_sense_cache 1056KB 1060KB [ 672.655633] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 672.672910] virtio_scsi_cmd 16KB 16KB [ 672.682265] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 672.695856] sgpool-128 8KB 8KB [ 672.714110] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 672.734625] sgpool-64 4KB 12KB [ 672.753422] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 672.763204] sgpool-32 2KB 15KB [ 672.781527] 19432 total pagecache pages [ 672.791559] sgpool-16 1KB 7KB [ 672.798662] 0 pages in swap cache [ 672.799570] sgpool-8 0KB 7KB [ 672.805668] Swap cache stats: add 0, delete 0, find 0/0 [ 672.808297] mqueue_inode_cache 10KB 30KB [ 672.819284] Free swap = 0kB [ 672.822304] Total swap = 0kB [ 672.825322] 2097051 pages RAM [ 672.825997] bio_post_read_ctx 14KB 15KB [ 672.828417] 0 pages HighMem/MovableOnly [ 672.833860] bio-2 14KB 15KB [ 672.833871] jfs_mp 7KB 7KB [ 672.846038] 369649 pages reserved [ 672.853101] 0 pages cma reserved [ 672.854386] cifs_small_rq 15KB 16KB [ 672.863395] cifs_request 67KB 67KB [ 672.868768] cifs_mpx_ids 0KB 7KB [ 672.877499] nfs_commit_data 3KB 14KB [ 672.886503] nfs_write_data 34KB 44KB [ 672.895122] ext4_system_zone 1KB 7KB [ 672.904134] bio-1 1KB 7KB [ 672.912815] pid_namespace 2KB 11KB [ 672.918228] rpc_buffers 17KB 25KB [ 672.927211] rpc_tasks 2KB 7KB [ 672.935735] UNIX 142KB 146KB [ 672.944689] tcp_bind_bucket 1KB 4KB [ 672.953398] ip_fib_trie 23KB 39KB [ 672.958784] ip_fib_alias 112KB 173KB [ 672.967878] ip_dst_cache 4KB 20KB [ 672.976779] RAW 42KB 52KB [ 672.985645] UDP 30KB 54KB [ 672.994244] TCP 11KB 22KB [ 673.003120] hugetlbfs_inode_cache 3KB 15KB [ 673.008841] fscache_cookie_jar 1KB 11KB [ 673.017484] eventpoll_pwq 18KB 43KB [ 673.026294] eventpoll_epi 33KB 63KB [ 673.034864] inotify_inode_mark 29KB 55KB [ 673.044057] request_queue 199KB 199KB [ 673.052793] blkdev_requests 1KB 3KB [ 673.058401] blkdev_ioc 20KB 27KB [ 673.067322] bio-0 702KB 705KB [ 673.076114] biovec-max 1485KB 1485KB [ 673.085439] biovec-64 587KB 598KB [ 673.094032] biovec-16 56KB 60KB [ 673.106843] bio_integrity_payload 1KB 8KB [ 673.116539] khugepaged_mm_slot 13KB 34KB [ 673.133442] uid_cache 0KB 4KB [ 673.138820] dmaengine-unmap-2 0KB 3KB [ 673.148168] skbuff_fclone_cache 173KB 210KB [ 673.165193] skbuff_head_cache 3969KB 3971KB [ 673.174683] configfs_dir_cache 3KB 7KB [ 673.188028] file_lock_cache 151KB 209KB [ 673.197451] file_lock_ctx 9KB 11KB [ 673.209904] fsnotify_mark_connector 16KB 31KB [ 673.215802] net_namespace 52KB 52KB [ 673.232703] shmem_inode_cache 8359KB 8520KB [ 673.238079] task_delay_info 159KB 387KB [ 673.255042] taskstats 93KB 141KB [ 673.263906] proc_dir_entry 694KB 828KB [ 673.277617] pde_opener 10KB 34KB [ 673.300577] seq_file 286KB 511KB [ 673.305960] sigqueue 25KB 55KB [ 673.315416] kernfs_node_cache 18229KB 18250KB [ 673.328487] mnt_cache 173KB 204KB [ 673.337821] filp 5643KB 7695KB [ 673.354755] names_cache 156395KB 156434KB [ 673.361855] iint_cache 27KB 59KB [ 673.367244] key_jar 22KB 135KB [ 673.383889] uts_namespace 2KB 7KB [ 673.393090] nsproxy 1KB 7KB [ 673.398476] vm_area_struct 2955KB 3998KB [ 673.407501] mm_struct 515KB 747KB [ 673.416059] fs_cache 106KB 372KB [ 673.425156] files_cache 407KB 832KB [ 673.433835] signal_cache 912KB 1732KB [ 673.442998] sighand_cache 568KB 624KB [ 673.448378] task_struct 5542KB 5630KB [ 673.456875] cred_jar 1319KB 2228KB [ 673.465802] anon_vma_chain 942KB 1492KB [ 673.474498] anon_vma 145KB 292KB [ 673.483374] pid 51KB 228KB [ 673.488742] Acpi-Operand 156KB 198KB [ 673.497610] Acpi-ParseExt 9KB 11KB [ 673.514837] Acpi-Parse 41KB 47KB [ 673.530596] Acpi-State 52KB 63KB [ 673.536542] Acpi-Namespace 20KB 27KB [ 673.548423] numa_policy 0KB 3KB [ 673.555632] debug_objects_cache 1286KB 1828KB [ 673.566664] trace_event_file 297KB 298KB [ 673.572879] ftrace_event_field 398KB 401KB [ 673.584397] pool_workqueue 121KB 152KB [ 673.590201] page->ptl 601KB 1008KB [ 673.595606] kmalloc-2097152 2050KB 2050KB [ 673.601799] kmalloc-524288 2056KB 2056KB [ 673.607909] kmalloc-262144 1290KB 1290KB [ 673.613333] kmalloc-131072 650KB 650KB [ 673.619549] kmalloc-65536 1848KB 1914KB [ 673.625559] kmalloc-32768 1650KB 1650KB [ 673.631022] kmalloc-16384 1006KB 1056KB [ 673.636801] kmalloc-8192 3968KB 4009KB [ 673.642847] kmalloc-4096 19159KB 19197KB [ 673.648886] kmalloc-2048 11887KB 14401KB [ 673.654845] kmalloc-1024 7603KB 11662KB [ 673.661527] kmalloc-512 10782KB 11816KB [ 673.666892] kmalloc-256 4151KB 5715KB [ 673.672284] kmalloc-128 895KB 1401KB [ 673.677647] kmalloc-96 3317KB 4076KB [ 673.683614] kmalloc-64 2757KB 3904KB [ 673.689617] kmalloc-32 1797KB 2543KB [ 673.695000] kmalloc-192 1499KB 2572KB [ 673.705871] kmem_cache 177KB 183KB [ 673.711909] Out of memory (oom_kill_allocating_task): Kill process 5152 (systemd-journal) score 0 or sacrifice child [ 673.729011] Killed process 5152 (systemd-journal) total-vm:46096kB, anon-rss:464kB, file-rss:0kB, shmem-rss:1300kB [ 673.749555] oom_reaper: reaped process 5152 (systemd-journal), now anon-rss:0kB, file-rss:0kB, shmem-rss:1300kB [ 673.941565] systemd[1]: systemd-journald.service: Failed with result 'signal'. [ 673.955073] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 673.981387] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 673.988262] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 674.001992] systemd[1]: Stopped Journal Service. [ 674.017956] systemd[1]: Starting Journal Service... [ 674.185601] systemd-journald[5196]: File /run/log/journal/04d8c135ee6b410280ba31a58c89679d/system.journal corrupted or uncleanly shut down, renaming and replacing. [ 674.442578] systemd[1]: Started Journal Service. 02:34:07 executing program 4: socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) 02:34:07 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}], 0x20) 02:34:07 executing program 3: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x2, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x0, 0x1}}, {{0x4}, {0x1, 0x1, 0x1, 0x1}}, {{0x4, 0x1, 0x1, 0x1}, {0x2, 0x0, 0x1}}], 0x30) 02:34:07 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:34:07 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000004c0)=0xffffffffffffffff) ioctl$vim2m_VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {r2, r3/1000+10000}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff, 0x0, r4}) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r5, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000000040)=[0x0], &(0x7f0000000080)=[0x0], 0x0, 0x8, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:34:07 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f00000002c0)=@userptr={0x7fffffff, 0x2, 0x4, 0x0, 0x10001, {r1, r2/1000+60000}, {0x4, 0x0, 0x1, 0x8, 0x4, 0x34, "29094e17"}, 0xe8, 0x2, {&(0x7f0000000180)}, 0x3ff, 0x0, r3}) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r3) 02:34:07 executing program 4: socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0) 02:34:07 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x4, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}], 0x18) 02:34:07 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r1, 0x0, 0x0}, 0x10) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r1) 02:34:07 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000003c0)=@fd={0x1, 0x3, 0x4, 0x14020, 0x5, {0x0, 0x2710}, {0x1, 0x8, 0xec, 0x80, 0x40, 0x2, "7bf3a4d2"}, 0x2, 0x4, {}, 0x6, 0x0, r1}) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:34:07 executing program 5: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000004c0)=0xffffffffffffffff) ioctl$vim2m_VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {r2, r3/1000+10000}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff, 0x0, r4}) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r5, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000000040)=[0x0], &(0x7f0000000080)=[0x0], 0x0, 0x8, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:34:07 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x3, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10) 02:34:07 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000004c0)=0xffffffffffffffff) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {r1, r2/1000+10000}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff, 0x0, r3}) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r4, 0x0, 0x0}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r4, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000000040)=[0x0], &(0x7f0000000080)=[0x0], 0x0, 0x8, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000240)}}, 0x10) 02:34:07 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r1) 02:34:07 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}], 0x8) 02:34:07 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000340)={0x0, 0xffffffff}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r1, 0x0, 0x0}, 0x10) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r1) 02:34:07 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)) r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r0) [ 682.353355] oom_reaper: reaped process 5210 (syz-executor.1), now anon-rss:0kB, file-rss:14332kB, shmem-rss:8kB [ 682.409690] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 682.425793] in:imklog cpuset=/ mems_allowed=0-1 [ 682.431703] CPU: 0 PID: 5112 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 682.439155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 682.448508] Call Trace: [ 682.451104] dump_stack+0x1fc/0x2ef [ 682.454738] dump_header+0x15d/0xc3f [ 682.458458] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 682.463559] ? ___ratelimit+0x319/0x590 [ 682.467576] oom_kill_process.cold+0x10/0x692 [ 682.472079] ? check_preemption_disabled+0x41/0x280 [ 682.477101] ? has_intersects_mems_allowed+0x1d6/0x290 [ 682.482381] out_of_memory+0x1072/0x1390 [ 682.486448] ? oom_killer_disable+0x270/0x270 [ 682.490941] ? mutex_trylock+0x15f/0x1a0 [ 682.494987] __alloc_pages_nodemask+0x23a2/0x2890 [ 682.498077] syz-executor.1: vmalloc: allocation failure, allocated 1720365056 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 682.499828] ? find_get_entry+0x4cd/0x8a0 [ 682.513670] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 682.517781] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 682.527799] alloc_pages_current+0x193/0x2a0 [ 682.532292] filemap_fault+0x146e/0x2180 [ 682.536351] ext4_filemap_fault+0x84/0xb0 [ 682.540493] __do_fault+0x10b/0x4b0 [ 682.544112] __handle_mm_fault+0x273b/0x41c0 [ 682.548512] ? vm_insert_page+0x9c0/0x9c0 [ 682.552654] ? lock_downgrade+0x720/0x720 [ 682.556816] ? check_preemption_disabled+0x41/0x280 [ 682.562032] handle_mm_fault+0x436/0xb10 [ 682.566736] __do_page_fault+0x68e/0xd60 [ 682.570812] ? trace_hardirqs_off_caller+0x6e/0x210 [ 682.575883] ? spurious_fault+0x840/0x840 [ 682.580025] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 682.584874] ? page_fault+0x8/0x30 [ 682.588445] page_fault+0x1e/0x30 [ 682.591922] RIP: 0033:0x7f645fbf622d [ 682.595637] Code: Bad RIP value. [ 682.598991] RSP: 002b:00007f645d592580 EFLAGS: 00010293 [ 682.604342] RAX: 0000000000000076 RBX: 0000000000000000 RCX: 00007f645fbf622d [ 682.611599] RDX: 0000000000001fa0 RSI: 00007f645d592da0 RDI: 0000000000000004 [ 682.618859] RBP: 00005561e82f99d0 R08: 00007f645ed6f940 R09: 0000000000000000 [ 682.626143] R10: 2ce33e6c02ce33e7 R11: 0000000000000293 R12: 00007f645d592da0 [ 682.633612] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f645d592dd8 [ 682.640912] CPU: 1 PID: 5210 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 682.646434] Mem-Info: [ 682.648737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 682.648743] Call Trace: [ 682.648765] dump_stack+0x1fc/0x2ef [ 682.648782] warn_alloc.cold+0x7b/0x18f [ 682.648798] ? zone_watermark_ok_safe+0x260/0x260 [ 682.648814] ? retint_kernel+0x2d/0x2d [ 682.651237] active_anon:14588 inactive_anon:20991 isolated_anon:0 [ 682.651237] active_file:27 inactive_file:30 isolated_file:0 [ 682.651237] unevictable:0 dirty:19 writeback:0 unstable:0 [ 682.651237] slab_reclaimable:15110 slab_unreclaimable:123739 [ 682.651237] mapped:22025 shmem:21452 pagetables:575 bounce:0 [ 682.651237] free:13851 free_pcp:861 free_cma:0 [ 682.660607] __vmalloc_area_node+0x4fd/0x780 [ 682.660628] ? __vmalloc_node_range+0x180/0x180 [ 682.660645] ? _raw_spin_unlock+0x29/0x40 [ 682.663234] Node 0 active_anon:55848kB inactive_anon:43248kB active_file:48kB inactive_file:72kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86596kB dirty:40kB writeback:0kB shmem:44824kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 12288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 682.666928] ? __get_vm_area_node+0x2e2/0x3a0 [ 682.670942] Node 1 active_anon:2504kB inactive_anon:40716kB active_file:60kB inactive_file:48kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1504kB dirty:36kB writeback:0kB shmem:40984kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 682.675731] __vmalloc_node_range+0xed/0x180 [ 682.679652] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 682.713034] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 682.713051] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 682.713066] vmalloc_user+0x70/0xe0 [ 682.713080] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 682.713093] vb2_vmalloc_alloc+0xb3/0x2f0 [ 682.713106] __vb2_queue_alloc+0x472/0xe60 [ 682.713131] vb2_core_create_bufs+0x273/0x7e0 [ 682.713148] ? __vb2_queue_free+0x870/0x870 [ 682.713164] ? mutex_trylock+0x1a0/0x1a0 [ 682.713179] ? __video_do_ioctl+0x632/0xcd0 [ 682.713200] vb2_create_bufs+0x332/0x620 [ 682.713217] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 682.713230] ? __video_do_ioctl+0x632/0xcd0 [ 682.713244] ? mutex_trylock+0x1a0/0x1a0 [ 682.713259] ? mark_held_locks+0xf0/0xf0 [ 682.713286] vb2_ioctl_create_bufs+0x20d/0x360 [ 682.713300] ? memset+0x20/0x40 [ 682.713318] v4l_create_bufs+0xb2/0x160 [ 682.713337] __video_do_ioctl+0x49a/0xcd0 [ 682.713358] ? v4l_querycap+0x340/0x340 [ 682.713378] ? __might_fault+0x192/0x1d0 [ 682.713396] ? v4l_querycap+0x340/0x340 [ 682.713411] video_usercopy+0x13f/0xfa0 [ 682.713431] ? v4l_enumstd+0x60/0x60 [ 682.713445] ? do_futex+0x171/0x1880 [ 682.713462] ? mark_held_locks+0xf0/0xf0 [ 682.713480] ? debug_check_no_obj_freed+0x201/0x490 [ 682.713505] ? video_usercopy+0xfa0/0xfa0 [ 682.713522] v4l2_ioctl+0x147/0x1a0 [ 682.713535] ? video_devdata+0xa0/0xa0 [ 682.713552] do_vfs_ioctl+0xcdb/0x12e0 [ 682.713568] ? lock_downgrade+0x720/0x720 [ 682.713583] ? check_preemption_disabled+0x41/0x280 [ 682.713598] ? ioctl_preallocate+0x200/0x200 [ 682.713616] ? __fget+0x356/0x510 [ 682.713634] ? do_dup2+0x450/0x450 [ 682.713649] ? __se_sys_futex+0x298/0x3b0 [ 682.713673] ksys_ioctl+0x9b/0xc0 [ 682.713690] __x64_sys_ioctl+0x6f/0xb0 [ 682.713704] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 682.713718] do_syscall_64+0xf9/0x620 [ 682.713737] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 682.713749] RIP: 0033:0x7f4dd02630f9 [ 682.713762] Code: Bad RIP value. [ 682.713770] RSP: 002b:00007f4dce7d5168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 682.713783] RAX: ffffffffffffffda RBX: 00007f4dd0382f80 RCX: 00007f4dd02630f9 [ 682.713791] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 682.713799] RBP: 00007f4dd02beae9 R08: 0000000000000000 R09: 0000000000000000 [ 682.713807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 682.713815] R13: 00007ffe2f8179bf R14: 00007f4dce7d5300 R15: 0000000000022000 [ 682.726067] Mem-Info: [ 682.734001] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 682.761194] active_anon:14588 inactive_anon:20991 isolated_anon:0 [ 682.761194] active_file:27 inactive_file:30 isolated_file:0 [ 682.761194] unevictable:0 dirty:19 writeback:0 unstable:0 [ 682.761194] slab_reclaimable:15110 slab_unreclaimable:123764 [ 682.761194] mapped:22025 shmem:21452 pagetables:575 bounce:0 [ 682.761194] free:13851 free_pcp:858 free_cma:0 [ 682.791705] Node 0 DMA32 free:17844kB min:35996kB low:44992kB high:53988kB active_anon:55848kB inactive_anon:43248kB active_file:36kB inactive_file:432kB unevictable:0kB writepending:140kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1968kB bounce:0kB free_pcp:1688kB local_pcp:1460kB free_cma:0kB [ 682.797279] Node 0 active_anon:55848kB inactive_anon:43248kB active_file:48kB inactive_file:72kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86596kB dirty:40kB writeback:0kB shmem:44824kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 12288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 682.825091] lowmem_reserve[]: 0 0 1 1 1 [ 682.836865] Node 1 active_anon:2512kB inactive_anon:40716kB active_file:16kB inactive_file:16kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1376kB dirty:0kB writeback:0kB shmem:40984kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 682.836922] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 682.841226] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 682.841258] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 682.867194] lowmem_reserve[]: 0 0 0 0 0 [ 682.872119] Node 0 DMA32 free:18192kB min:35996kB low:44992kB high:53988kB active_anon:55752kB inactive_anon:43248kB active_file:44kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1964kB bounce:0kB free_pcp:1580kB local_pcp:248kB free_cma:0kB [ 682.878604] Node 1 Normal free:27012kB min:53876kB low:67344kB high:80812kB active_anon:2512kB inactive_anon:40716kB active_file:16kB inactive_file:16kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:416kB pagetables:332kB bounce:0kB free_pcp:1744kB local_pcp:184kB free_cma:0kB [ 682.881174] lowmem_reserve[]: 0 0 1 1 1 [ 682.887496] lowmem_reserve[]: 0 0 0 0 0 [ 682.890309] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 682.890341] lowmem_reserve[]: 0 0 0 0 0 [ 682.890397] Node 1 Normal free:28612kB min:53876kB low:67344kB high:80812kB active_anon:2512kB inactive_anon:40716kB active_file:16kB inactive_file:16kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:416kB pagetables:332kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 682.918001] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 682.922537] lowmem_reserve[]: 0 0 0 0 0 [ 682.925380] Node 0 DMA32: 649*4kB (UME) 723*8kB (UME) 183*16kB (UME) 42*32kB (UME) 26*64kB (UME) 11*128kB (UM) 5*256kB (UM) 3*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 19564kB [ 682.929538] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 682.958369] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 682.959466] Node 0 DMA32: 649*4kB (UME) 723*8kB (UME) 183*16kB (UME) 42*32kB (UME) 26*64kB (UME) 11*128kB (UM) 5*256kB (UM) 3*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 19564kB [ 682.963786] Node 1 Normal: 235*4kB (UME) 201*8kB (ME) 156*16kB (UME) 89*32kB (ME) 30*64kB (ME) 4*128kB (UM) 2*256kB (UE) 1*512kB (M) 1*1024kB (M) 2*2048kB (UM) 3*4096kB (U) = 28756kB [ 682.967227] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 682.988815] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 682.990919] Node 1 Normal: 235*4kB (UME) 201*8kB (ME) 156*16kB (UME) 89*32kB (ME) 30*64kB (ME) 4*128kB (UM) 2*256kB (UE) 1*512kB (M) 1*1024kB (M) 2*2048kB (UM) 3*4096kB (U) = 28756kB [ 682.996023] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 682.999931] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 683.020209] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 683.025631] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 683.043778] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 683.047600] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 683.058517] 21481 total pagecache pages [ 683.091939] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 683.132330] 0 pages in swap cache [ 683.149296] 21481 total pagecache pages [ 683.161721] Swap cache stats: add 0, delete 0, find 0/0 [ 683.184212] 0 pages in swap cache [ 683.213816] Free swap = 0kB [ 683.241770] Swap cache stats: add 0, delete 0, find 0/0 [ 683.276194] Total swap = 0kB [ 683.312090] Free swap = 0kB [ 683.333381] 2097051 pages RAM [ 683.352753] Total swap = 0kB [ 683.364230] 0 pages HighMem/MovableOnly [ 683.392539] 2097051 pages RAM [ 683.397198] 369649 pages reserved [ 683.425347] 0 pages HighMem/MovableOnly [ 683.444406] 0 pages cma reserved [ 683.465785] 369649 pages reserved [ 683.466736] Unreclaimable slab info: [ 683.492717] 0 pages cma reserved [ 683.502217] Name Used Total [ 683.631575] pid_2 70KB 204KB [ 683.637008] batadv_tl_cache 4KB 12KB [ 683.642455] TIPC 10KB 22KB [ 683.647894] SCTPv6 14KB 30KB [ 683.653360] DCCPv6 17KB 30KB [ 683.658777] DCCP 16KB 28KB [ 683.664174] RXRPC 11KB 26KB [ 683.669720] rxrpc_call_jar 78KB 118KB [ 683.675092] bridge_fdb_cache 9KB 23KB [ 683.680602] fib6_nodes 156KB 240KB [ 683.685978] ip6_dst_cache 177KB 423KB [ 683.691402] RAWv6 70KB 94KB [ 683.696789] UDPv6 26KB 37KB [ 683.702204] TCPv6 30KB 48KB [ 683.707578] nf_conntrack 9KB 11KB [ 683.713072] t10_alua_lu_gp_cache 0KB 3KB [ 683.718945] sd_ext_cdb 0KB 7KB [ 683.726005] scsi_sense_cache 1056KB 1060KB [ 683.731439] virtio_scsi_cmd 16KB 16KB [ 683.736810] sgpool-128 8KB 8KB [ 683.742236] sgpool-64 4KB 12KB [ 683.747604] sgpool-32 2KB 15KB [ 683.753058] sgpool-16 1KB 7KB [ 683.758471] sgpool-8 0KB 7KB [ 683.763843] mqueue_inode_cache 10KB 30KB [ 683.769351] bio_post_read_ctx 14KB 15KB [ 683.774784] bio-2 14KB 15KB [ 683.780221] jfs_mp 7KB 7KB [ 683.785713] cifs_small_rq 15KB 16KB [ 683.791151] cifs_request 67KB 67KB [ 683.796523] cifs_mpx_ids 0KB 7KB [ 683.801964] nfs_commit_data 3KB 14KB [ 683.807331] nfs_write_data 34KB 44KB [ 683.812782] ext4_system_zone 1KB 7KB [ 683.818267] bio-1 1KB 7KB [ 683.823640] pid_namespace 2KB 11KB [ 683.831044] rpc_buffers 17KB 25KB [ 683.836433] rpc_tasks 2KB 7KB [ 683.842155] UNIX 165KB 165KB [ 683.847798] tcp_bind_bucket 1KB 4KB [ 683.853235] ip_fib_trie 23KB 39KB [ 683.858667] ip_fib_alias 112KB 173KB [ 683.864032] ip_dst_cache 4KB 20KB [ 683.869494] RAW 42KB 52KB [ 683.874861] UDP 30KB 54KB [ 683.880300] TCP 11KB 22KB [ 683.885665] hugetlbfs_inode_cache 3KB 15KB [ 683.891660] fscache_cookie_jar 1KB 11KB [ 683.897163] eventpoll_pwq 22KB 43KB [ 683.902576] eventpoll_epi 47KB 63KB [ 683.908079] inotify_inode_mark 28KB 55KB [ 683.913539] request_queue 199KB 199KB [ 683.919072] blkdev_requests 1KB 3KB [ 683.924461] blkdev_ioc 23KB 27KB [ 683.931872] bio-0 870KB 877KB [ 683.937240] biovec-max 1526KB 1526KB [ 683.942655] biovec-64 751KB 756KB [ 683.948078] biovec-16 65KB 71KB [ 683.953447] bio_integrity_payload 1KB 8KB [ 683.962730] khugepaged_mm_slot 15KB 34KB [ 683.968251] uid_cache 0KB 4KB [ 683.973614] dmaengine-unmap-2 0KB 3KB [ 683.982518] skbuff_fclone_cache 159KB 210KB [ 683.988116] skbuff_head_cache 4771KB 4773KB [ 683.993477] configfs_dir_cache 3KB 7KB [ 684.002486] file_lock_cache 137KB 209KB [ 684.007904] file_lock_ctx 9KB 11KB [ 684.013268] fsnotify_mark_connector 14KB 31KB [ 684.022705] net_namespace 52KB 52KB [ 684.034340] shmem_inode_cache 8328KB 8512KB [ 684.043199] task_delay_info 153KB 387KB [ 684.053393] taskstats 86KB 141KB [ 684.062360] proc_dir_entry 694KB 828KB [ 684.067732] pde_opener 8KB 34KB [ 684.081406] seq_file 295KB 511KB [ 684.086892] sigqueue 24KB 55KB [ 684.096313] kernfs_node_cache 18232KB 18250KB [ 684.106118] mnt_cache 173KB 204KB [ 684.115414] filp 5912KB 7687KB [ 684.125039] names_cache 154606KB 154644KB [ 684.135013] iint_cache 30KB 59KB [ 684.144683] key_jar 22KB 135KB [ 684.153981] uts_namespace 2KB 7KB [ 684.164729] nsproxy 1KB 7KB [ 684.174134] vm_area_struct 3000KB 3994KB [ 684.183876] mm_struct 498KB 747KB [ 684.193354] fs_cache 108KB 372KB [ 684.203243] files_cache 408KB 825KB [ 684.212699] signal_cache 869KB 1703KB [ 684.222658] sighand_cache 561KB 624KB [ 684.232348] task_struct 5252KB 5340KB [ 684.243952] cred_jar 1442KB 2228KB [ 684.253505] anon_vma_chain 991KB 1492KB [ 684.263404] anon_vma 140KB 292KB [ 684.272915] pid 55KB 228KB [ 684.282743] Acpi-Operand 156KB 198KB [ 684.292293] Acpi-ParseExt 9KB 11KB [ 684.297668] Acpi-Parse 41KB 47KB [ 684.307239] Acpi-State 52KB 63KB [ 684.316463] Acpi-Namespace 20KB 27KB [ 684.326009] numa_policy 0KB 3KB [ 684.335229] debug_objects_cache 1286KB 1828KB [ 684.347261] trace_event_file 297KB 298KB [ 684.356920] ftrace_event_field 398KB 401KB [ 684.366768] pool_workqueue 121KB 152KB [ 684.376078] page->ptl 573KB 1008KB [ 684.385890] kmalloc-2097152 2050KB 2050KB [ 684.395181] kmalloc-524288 2056KB 2056KB [ 684.404951] kmalloc-262144 1290KB 1290KB [ 684.414329] kmalloc-131072 650KB 650KB [ 684.424129] kmalloc-65536 1848KB 1914KB [ 684.433528] kmalloc-32768 1650KB 1650KB [ 684.445581] kmalloc-16384 1039KB 1056KB [ 684.455070] kmalloc-8192 3968KB 4009KB [ 684.464762] kmalloc-4096 18887KB 18921KB [ 684.474162] kmalloc-2048 11577KB 14178KB [ 684.484414] kmalloc-1024 7563KB 11647KB [ 684.493974] kmalloc-512 12085KB 12093KB [ 684.503749] kmalloc-256 4168KB 5715KB [ 684.513228] kmalloc-128 902KB 1401KB [ 684.524527] kmalloc-96 3429KB 4076KB [ 684.535379] kmalloc-64 2688KB 3900KB [ 684.541899] kmalloc-32 1824KB 2543KB [ 684.549773] kmalloc-192 1507KB 2572KB [ 684.555212] kmem_cache 177KB 183KB [ 684.565606] Out of memory (oom_kill_allocating_task): Kill process 5112 (in:imklog) score 0 or sacrifice child [ 684.576021] Killed process 5110 (rsyslogd) total-vm:254332kB, anon-rss:728kB, file-rss:0kB, shmem-rss:0kB [ 684.594185] oom_reaper: reaped process 5110 (rsyslogd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 686.729661] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.735383] ieee802154 phy1 wpan1: encryption failed: -22 02:34:18 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), 0xffffffffffffffff) 02:34:18 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000003c0)=@fd={0x1, 0x3, 0x4, 0x14020, 0x5, {0x0, 0x2710}, {0x1, 0x8, 0xec, 0x80, 0x40, 0x2, "7bf3a4d2"}, 0x2, 0x4, {}, 0x6, 0x0, r1}) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:34:18 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:34:18 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000004c0)=0xffffffffffffffff) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {r1, r2/1000+10000}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff, 0x0, r3}) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r4, 0x0, 0x0}, 0x10) 02:34:18 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000003c0)=@fd={0x1, 0x3, 0x4, 0x14020, 0x5, {0x0, 0x2710}, {0x1, 0x8, 0xec, 0x80, 0x40, 0x2, "7bf3a4d2"}, 0x2, 0x4, {}, 0x6, 0x0, r2}) ioctl$vim2m_VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000080)=0x3) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4, 0x0, 0x81}) 02:34:18 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}], 0x8) 02:34:18 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}], 0x8) 02:34:18 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000004c0)=0xffffffffffffffff) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {r1, r2/1000+10000}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff, 0x0, r3}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:34:18 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), 0xffffffffffffffff) 02:34:18 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), 0xffffffffffffffff) 02:34:18 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000004c0)=0xffffffffffffffff) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {r1, r2/1000+10000}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff, 0x0, r3}) 02:34:18 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x0, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10) [ 693.172099] oom_reaper: reaped process 5266 (syz-executor.3), now anon-rss:0kB, file-rss:14332kB, shmem-rss:20kB [ 693.213550] systemd-journal invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 693.225957] systemd-journal cpuset=/ mems_allowed=0-1 [ 693.231227] CPU: 0 PID: 5196 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 [ 693.239110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 693.248489] Call Trace: [ 693.251083] dump_stack+0x1fc/0x2ef [ 693.254715] dump_header+0x15d/0xc3f [ 693.258434] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 693.263539] ? ___ratelimit+0x319/0x590 [ 693.267517] oom_kill_process.cold+0x10/0x692 [ 693.272017] ? check_preemption_disabled+0x41/0x280 [ 693.277036] ? has_intersects_mems_allowed+0x1d6/0x290 [ 693.282312] out_of_memory+0x1072/0x1390 [ 693.286380] ? oom_killer_disable+0x270/0x270 [ 693.290885] ? mutex_trylock+0x15f/0x1a0 [ 693.294950] __alloc_pages_nodemask+0x23a2/0x2890 [ 693.299799] ? find_get_entry+0x4cd/0x8a0 [ 693.303959] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 693.308830] alloc_pages_current+0x193/0x2a0 [ 693.313242] filemap_fault+0x146e/0x2180 [ 693.317313] ext4_filemap_fault+0x84/0xb0 [ 693.321463] __do_fault+0x10b/0x4b0 [ 693.325178] __handle_mm_fault+0x273b/0x41c0 [ 693.326986] syz-executor.3: vmalloc: allocation failure, allocated 1724575744 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 693.329586] ? vm_insert_page+0x9c0/0x9c0 [ 693.343866] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 693.347679] ? check_preemption_disabled+0x41/0x280 [ 693.347698] handle_mm_fault+0x436/0xb10 [ 693.361807] __do_page_fault+0x68e/0xd60 [ 693.365862] ? trace_hardirqs_off_caller+0x6e/0x210 [ 693.370922] ? spurious_fault+0x840/0x840 [ 693.375073] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 693.379936] ? page_fault+0x8/0x30 [ 693.383485] page_fault+0x1e/0x30 [ 693.386928] RIP: 0033:0x7fcd943642e3 [ 693.390632] Code: Bad RIP value. [ 693.393980] RSP: 002b:00007ffd4e39aff8 EFLAGS: 00010246 [ 693.399326] RAX: 0000000000000001 RBX: 00005631225fe1e0 RCX: 00007fcd943642e3 [ 693.406581] RDX: 0000000000000013 RSI: 00007ffd4e39b000 RDI: 000000000000000c [ 693.413837] RBP: 00007ffd4e39b1f0 R08: 00007ffd4e3d4000 R09: 000000b0d240735f [ 693.421093] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd4e39b000 [ 693.428347] R13: 0000000000000001 R14: ffffffffffffffff R15: 0005f44f5579118d [ 693.435621] CPU: 1 PID: 5266 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 693.440884] Mem-Info: [ 693.443525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 693.445947] active_anon:15119 inactive_anon:20991 isolated_anon:0 [ 693.445947] active_file:34 inactive_file:31 isolated_file:0 [ 693.445947] unevictable:0 dirty:0 writeback:27 unstable:0 [ 693.445947] slab_reclaimable:15092 slab_unreclaimable:122860 [ 693.445947] mapped:22043 shmem:21452 pagetables:591 bounce:0 [ 693.445947] free:13835 free_pcp:203 free_cma:0 [ 693.455348] Call Trace: [ 693.455369] dump_stack+0x1fc/0x2ef [ 693.455385] warn_alloc.cold+0x7b/0x18f [ 693.455403] ? zone_watermark_ok_safe+0x260/0x260 [ 693.455418] ? retint_kernel+0x2d/0x2d [ 693.455449] __vmalloc_area_node+0x4fd/0x780 [ 693.455468] ? __vmalloc_node_range+0x180/0x180 [ 693.455481] ? _raw_spin_unlock+0x29/0x40 [ 693.455494] ? __get_vm_area_node+0x2e2/0x3a0 [ 693.455513] __vmalloc_node_range+0xed/0x180 [ 693.455530] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 693.455546] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 693.455559] vmalloc_user+0x70/0xe0 [ 693.455578] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 693.455593] vb2_vmalloc_alloc+0xb3/0x2f0 [ 693.455608] __vb2_queue_alloc+0x472/0xe60 [ 693.455635] vb2_core_create_bufs+0x273/0x7e0 [ 693.455651] ? __vb2_queue_free+0x870/0x870 [ 693.455667] ? mutex_trylock+0x1a0/0x1a0 [ 693.455683] ? __video_do_ioctl+0x632/0xcd0 [ 693.455703] vb2_create_bufs+0x332/0x620 [ 693.455721] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 693.455735] ? __video_do_ioctl+0x632/0xcd0 [ 693.455747] ? mutex_trylock+0x1a0/0x1a0 [ 693.455763] ? mark_held_locks+0xf0/0xf0 [ 693.455784] vb2_ioctl_create_bufs+0x20d/0x360 [ 693.455799] ? memset+0x20/0x40 [ 693.455817] v4l_create_bufs+0xb2/0x160 [ 693.455835] __video_do_ioctl+0x49a/0xcd0 [ 693.455857] ? v4l_querycap+0x340/0x340 [ 693.455874] ? __might_fault+0x192/0x1d0 [ 693.455892] ? v4l_querycap+0x340/0x340 [ 693.455907] video_usercopy+0x13f/0xfa0 [ 693.455943] ? v4l_enumstd+0x60/0x60 [ 693.492905] Node 0 active_anon:57988kB inactive_anon:43248kB active_file:48kB inactive_file:96kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86560kB dirty:0kB writeback:60kB shmem:44824kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 14336kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 693.495476] ? do_futex+0x171/0x1880 [ 693.499503] Node 1 active_anon:2488kB inactive_anon:40716kB active_file:88kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1612kB dirty:0kB writeback:48kB shmem:40984kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 693.504277] ? mark_held_locks+0xf0/0xf0 [ 693.511481] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 693.512573] ? debug_check_no_obj_freed+0x201/0x490 [ 693.517365] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 693.521467] ? video_usercopy+0xfa0/0xfa0 [ 693.525926] Node 0 DMA32 free:17852kB min:35996kB low:44992kB high:53988kB active_anon:57988kB inactive_anon:43248kB active_file:48kB inactive_file:40kB unevictable:0kB writepending:160kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7520kB pagetables:2036kB bounce:0kB free_pcp:556kB local_pcp:312kB free_cma:0kB [ 693.530324] v4l2_ioctl+0x147/0x1a0 [ 693.530337] ? video_devdata+0xa0/0xa0 [ 693.530353] do_vfs_ioctl+0xcdb/0x12e0 [ 693.530368] ? lock_downgrade+0x720/0x720 [ 693.530383] ? check_preemption_disabled+0x41/0x280 [ 693.530399] ? ioctl_preallocate+0x200/0x200 [ 693.536820] lowmem_reserve[]: 0 0 1 1 1 [ 693.540049] ? __fget+0x356/0x510 [ 693.543649] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 693.547962] ? do_dup2+0x450/0x450 [ 693.547975] ? __se_sys_futex+0x298/0x3b0 [ 693.547995] ksys_ioctl+0x9b/0xc0 [ 693.548015] __x64_sys_ioctl+0x6f/0xb0 [ 693.554013] lowmem_reserve[]: 0 0 0 0 0 [ 693.556365] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 693.560886] Node 1 Normal free:26620kB min:53876kB low:67344kB high:80812kB active_anon:2488kB inactive_anon:40716kB active_file:88kB inactive_file:56kB unevictable:0kB writepending:148kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:416kB pagetables:328kB bounce:0kB free_pcp:252kB local_pcp:4kB free_cma:0kB [ 693.565164] do_syscall_64+0xf9/0x620 [ 693.572872] lowmem_reserve[]: 0 0 0 0 0 [ 693.573535] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 693.577628] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 693.582665] RIP: 0033:0x7f15d34aa0f9 [ 693.590421] Node 0 DMA32: 671*4kB (ME) 728*8kB (UME) 166*16kB (UME) 27*32kB (UME) 23*64kB (UME) 12*128kB (UM) 7*256kB (M) 2*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 17852kB [ 693.591026] Code: Bad RIP value. [ 693.595149] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 693.599728] RSP: 002b:00007f15d1a1c168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 693.599753] RAX: ffffffffffffffda RBX: 00007f15d35c9f80 RCX: 00007f15d34aa0f9 [ 693.599761] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 693.599768] RBP: 00007f15d3505ae9 R08: 0000000000000000 R09: 0000000000000000 [ 693.599775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 693.599783] R13: 00007fff974dc66f R14: 00007f15d1a1c300 R15: 0000000000022000 [ 693.606266] Mem-Info: [ 693.610489] Node 1 Normal: 222*4kB (UME) 195*8kB (ME) 161*16kB (UM) 82*32kB (ME) 22*64kB (M) 8*128kB (M) 4*256kB (UME) 3*512kB (UM) 0*1024kB 1*2048kB (M) 3*4096kB (U) = 26976kB [ 693.611285] active_anon:15119 inactive_anon:20991 isolated_anon:0 [ 693.611285] active_file:34 inactive_file:31 isolated_file:0 [ 693.611285] unevictable:0 dirty:0 writeback:27 unstable:0 [ 693.611285] slab_reclaimable:15092 slab_unreclaimable:122860 [ 693.611285] mapped:22043 shmem:21452 pagetables:591 bounce:0 [ 693.611285] free:13835 free_pcp:201 free_cma:0 [ 693.615209] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 693.624577] Node 0 active_anon:57988kB inactive_anon:43248kB active_file:48kB inactive_file:96kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86560kB dirty:0kB writeback:60kB shmem:44824kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 14336kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 693.631278] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 693.631558] Node 1 active_anon:2488kB inactive_anon:40716kB active_file:88kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1612kB dirty:0kB writeback:48kB shmem:40984kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 693.663204] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 693.694776] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 693.724141] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 693.726846] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 693.730709] 21504 total pagecache pages [ 693.734792] Node 0 DMA32 free:17852kB min:35996kB low:44992kB high:53988kB active_anon:57988kB inactive_anon:43248kB active_file:48kB inactive_file:40kB unevictable:0kB writepending:160kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7520kB pagetables:2036kB bounce:0kB free_pcp:548kB local_pcp:244kB free_cma:0kB [ 693.772030] 0 pages in swap cache [ 693.775430] lowmem_reserve[]: 0 0 1 1 1 [ 693.779575] Swap cache stats: add 0, delete 0, find 0/0 [ 693.779581] Free swap = 0kB [ 693.779586] Total swap = 0kB [ 693.779595] 2097051 pages RAM [ 693.784592] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 693.797118] 0 pages HighMem/MovableOnly [ 693.822572] lowmem_reserve[]: 0 0 0 0 0 [ 693.822595] Node 1 Normal free:26620kB min:53876kB low:67344kB high:80812kB active_anon:2488kB inactive_anon:40716kB active_file:88kB inactive_file:56kB unevictable:0kB writepending:148kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:416kB pagetables:328kB bounce:0kB free_pcp:252kB local_pcp:248kB free_cma:0kB [ 693.822629] lowmem_reserve[]: 0 0 0 0 0 [ 693.834388] 369649 pages reserved [ 693.837773] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 693.841819] 0 pages cma reserved [ 693.846340] Node 0 DMA32: 671*4kB (ME) 728*8kB (UME) 166*16kB (UME) 27*32kB (UME) 23*64kB (UME) 12*128kB (UM) 7*256kB (M) 2*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 17852kB [ 693.901329] Unreclaimable slab info: [ 693.901389] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 693.905071] Name Used Total [ 693.920531] Node 1 Normal: 221*4kB (ME) 196*8kB (UME) 161*16kB (UM) 82*32kB (ME) 22*64kB (M) 8*128kB (M) 3*256kB (ME) 3*512kB (UM) 0*1024kB 1*2048kB (M) 3*4096kB (U) = 26724kB [ 693.920608] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 693.920617] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 693.920626] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 693.920648] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 693.938628] pid_2 63KB 204KB [ 693.942839] 21482 total pagecache pages [ 693.960907] batadv_tl_cache 4KB 12KB [ 693.964699] 0 pages in swap cache [ 693.964708] Swap cache stats: add 0, delete 0, find 0/0 [ 693.964713] Free swap = 0kB [ 693.964718] Total swap = 0kB [ 693.964727] 2097051 pages RAM [ 693.964731] 0 pages HighMem/MovableOnly [ 693.964735] 369649 pages reserved [ 693.964739] 0 pages cma reserved [ 694.431014] TIPC 10KB 22KB [ 694.436392] SCTPv6 14KB 30KB [ 694.441809] DCCPv6 17KB 30KB [ 694.450605] DCCP 16KB 28KB [ 694.456021] RXRPC 11KB 26KB [ 694.461434] rxrpc_call_jar 78KB 118KB [ 694.470156] bridge_fdb_cache 9KB 23KB [ 694.476037] fib6_nodes 156KB 240KB [ 694.481435] ip6_dst_cache 169KB 423KB [ 694.490209] RAWv6 70KB 94KB [ 694.495573] UDPv6 26KB 37KB [ 694.504417] TCPv6 27KB 48KB [ 694.513195] nf_conntrack 10KB 11KB [ 694.522250] t10_alua_lu_gp_cache 0KB 3KB [ 694.531258] sd_ext_cdb 0KB 7KB [ 694.536627] scsi_sense_cache 1056KB 1060KB [ 694.545286] virtio_scsi_cmd 16KB 16KB [ 694.554128] sgpool-128 8KB 8KB [ 694.562836] sgpool-64 4KB 12KB [ 694.571638] sgpool-32 2KB 15KB [ 694.581260] sgpool-16 1KB 7KB [ 694.586623] sgpool-8 0KB 7KB [ 694.595255] mqueue_inode_cache 10KB 30KB [ 694.604146] bio_post_read_ctx 14KB 15KB [ 694.613297] bio-2 14KB 15KB [ 694.622196] jfs_mp 7KB 7KB [ 694.631116] cifs_small_rq 15KB 16KB [ 694.636498] cifs_request 67KB 67KB [ 694.645385] cifs_mpx_ids 0KB 7KB [ 694.654240] nfs_commit_data 3KB 14KB [ 694.663281] nfs_write_data 34KB 44KB [ 694.672191] ext4_system_zone 1KB 7KB [ 694.677933] bio-1 1KB 7KB [ 694.685741] pid_namespace 2KB 11KB [ 694.691820] rpc_buffers 17KB 25KB [ 694.697742] rpc_tasks 2KB 7KB [ 694.703919] UNIX 198KB 198KB [ 694.710164] tcp_bind_bucket 1KB 4KB [ 694.716299] ip_fib_trie 23KB 39KB [ 694.722010] ip_fib_alias 112KB 173KB [ 694.727448] ip_dst_cache 4KB 20KB [ 694.732811] RAW 42KB 52KB [ 694.738319] UDP 35KB 54KB [ 694.743687] TCP 11KB 22KB [ 694.749101] hugetlbfs_inode_cache 3KB 15KB [ 694.754806] fscache_cookie_jar 1KB 11KB [ 694.760297] eventpoll_pwq 20KB 43KB [ 694.765655] eventpoll_epi 40KB 63KB [ 694.771059] inotify_inode_mark 25KB 55KB [ 694.776502] request_queue 199KB 199KB [ 694.781905] blkdev_requests 1KB 3KB [ 694.789378] blkdev_ioc 24KB 30KB [ 694.794742] bio-0 1067KB 1068KB [ 694.800251] biovec-max 1575KB 1575KB [ 694.805614] biovec-64 929KB 929KB [ 694.811049] biovec-16 75KB 78KB [ 694.816410] bio_integrity_payload 1KB 8KB [ 694.822305] khugepaged_mm_slot 11KB 34KB [ 694.827856] uid_cache 0KB 4KB [ 694.833213] dmaengine-unmap-2 0KB 3KB [ 694.838632] skbuff_fclone_cache 146KB 206KB [ 694.844189] skbuff_head_cache 5608KB 5610KB [ 694.849607] configfs_dir_cache 3KB 7KB [ 694.855423] file_lock_cache 120KB 209KB [ 694.861711] file_lock_ctx 9KB 11KB [ 694.867955] fsnotify_mark_connector 13KB 31KB [ 694.873904] net_namespace 52KB 52KB [ 694.879352] shmem_inode_cache 8287KB 8508KB [ 694.886811] task_delay_info 143KB 387KB [ 694.892914] taskstats 76KB 141KB [ 694.898962] proc_dir_entry 694KB 828KB [ 694.905058] pde_opener 7KB 34KB [ 694.911188] seq_file 298KB 507KB [ 694.916778] sigqueue 35KB 55KB [ 694.922276] kernfs_node_cache 18234KB 18250KB [ 694.927844] mnt_cache 173KB 204KB [ 694.933943] filp 6100KB 7687KB [ 694.939403] names_cache 151814KB 151852KB [ 694.944823] iint_cache 31KB 59KB [ 694.950298] key_jar 22KB 135KB [ 694.955818] uts_namespace 2KB 7KB [ 694.961393] nsproxy 1KB 7KB [ 694.966936] vm_area_struct 2918KB 3990KB [ 694.972368] mm_struct 464KB 734KB [ 694.977943] fs_cache 96KB 372KB [ 694.983444] files_cache 377KB 810KB [ 694.990924] signal_cache 828KB 1689KB [ 694.996373] sighand_cache 555KB 624KB [ 695.002003] task_struct 4860KB 4949KB [ 695.008169] cred_jar 1534KB 2228KB [ 695.013604] anon_vma_chain 931KB 1492KB [ 695.019487] anon_vma 137KB 292KB [ 695.024906] pid 51KB 228KB [ 695.031101] Acpi-Operand 156KB 198KB [ 695.037102] Acpi-ParseExt 9KB 11KB [ 695.042789] Acpi-Parse 41KB 47KB [ 695.048223] Acpi-State 52KB 63KB [ 695.053647] Acpi-Namespace 20KB 27KB [ 695.059078] numa_policy 0KB 3KB [ 695.064439] debug_objects_cache 1286KB 1828KB [ 695.070043] trace_event_file 297KB 298KB [ 695.075401] ftrace_event_field 398KB 401KB [ 695.080901] pool_workqueue 121KB 152KB [ 695.086262] page->ptl 538KB 1008KB [ 695.093499] kmalloc-2097152 2050KB 2050KB [ 695.098927] kmalloc-524288 2056KB 2056KB [ 695.104347] kmalloc-262144 1290KB 1290KB [ 695.109772] kmalloc-131072 650KB 650KB [ 695.115133] kmalloc-65536 1848KB 1914KB [ 695.120597] kmalloc-32768 1650KB 1650KB [ 695.125955] kmalloc-16384 1039KB 1056KB [ 695.131480] kmalloc-8192 3968KB 4009KB [ 695.136920] kmalloc-4096 18683KB 18721KB [ 695.142292] kmalloc-2048 11358KB 13986KB [ 695.147768] kmalloc-1024 7638KB 11647KB [ 695.153130] kmalloc-512 13391KB 13391KB [ 695.158585] kmalloc-256 4161KB 5715KB [ 695.163945] kmalloc-128 882KB 1401KB [ 695.169374] kmalloc-96 3497KB 4076KB [ 695.174734] kmalloc-64 2601KB 3900KB [ 695.180148] kmalloc-32 1831KB 2543KB [ 695.185517] kmalloc-192 1508KB 2572KB [ 695.190950] kmem_cache 177KB 183KB [ 695.198206] Out of memory (oom_kill_allocating_task): Kill process 5196 (systemd-journal) score 0 or sacrifice child [ 695.209144] Killed process 5196 (systemd-journal) total-vm:46096kB, anon-rss:476kB, file-rss:0kB, shmem-rss:1536kB [ 695.220888] oom_reaper: reaped process 5196 (systemd-journal), now anon-rss:0kB, file-rss:0kB, shmem-rss:1536kB [ 695.400203] systemd[1]: systemd-journald.service: Failed with result 'signal'. [ 695.413344] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 695.453497] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 695.471502] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 695.480404] systemd[1]: Stopped Journal Service. [ 695.495689] systemd[1]: Starting Journal Service... [ 695.698012] systemd-journald[5291]: File /run/log/journal/04d8c135ee6b410280ba31a58c89679d/system.journal corrupted or uncleanly shut down, renaming and replacing. [ 696.160020] systemd[1]: Started Journal Service. 02:34:28 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10) 02:34:28 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:34:28 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), 0xffffffffffffffff) 02:34:28 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r0) 02:34:28 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000003c0)=@fd={0x1, 0x3, 0x4, 0x14020, 0x5, {0x0, 0x2710}, {0x1, 0x8, 0xec, 0x80, 0x40, 0x2, "7bf3a4d2"}, 0x2, 0x4, {}, 0x6, 0x0, r2}) ioctl$vim2m_VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000080)=0x3) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4, 0x0, 0x81}) 02:34:28 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {r1, r2/1000+10000}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:34:28 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000140)) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), 0xffffffffffffffff) 02:34:28 executing program 2: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r0) 02:34:28 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10) 02:34:28 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:34:28 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) pipe2$watch_queue(&(0x7f0000000140), 0x80) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r4, 0x0, 0x0}, 0x10) 02:34:29 executing program 2: r0 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r0) [ 699.036359] Bluetooth: hci5: command 0x0406 tx timeout [ 703.843325] oom_reaper: reaped process 5306 (syz-executor.3), now anon-rss:0kB, file-rss:14332kB, shmem-rss:20kB [ 703.876743] systemd-journal invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 703.890569] systemd-journal cpuset=/ mems_allowed=0-1 [ 703.895798] CPU: 0 PID: 5291 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 [ 703.903697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 703.913079] Call Trace: [ 703.915685] dump_stack+0x1fc/0x2ef [ 703.919336] dump_header+0x15d/0xc3f [ 703.923061] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 703.928166] ? ___ratelimit+0x319/0x590 [ 703.932162] oom_kill_process.cold+0x10/0x692 [ 703.936668] ? check_preemption_disabled+0x41/0x280 [ 703.941724] ? has_intersects_mems_allowed+0x1d6/0x290 [ 703.947035] out_of_memory+0x1072/0x1390 [ 703.951202] ? oom_killer_disable+0x270/0x270 [ 703.955878] ? mutex_trylock+0x15f/0x1a0 [ 703.959949] __alloc_pages_nodemask+0x23a2/0x2890 [ 703.964822] ? find_get_entry+0x4cd/0x8a0 [ 703.968987] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 703.973860] alloc_pages_current+0x193/0x2a0 [ 703.978273] filemap_fault+0x146e/0x2180 [ 703.982351] ext4_filemap_fault+0x84/0xb0 [ 703.986506] __do_fault+0x10b/0x4b0 [ 703.990138] __handle_mm_fault+0x273b/0x41c0 [ 703.994557] ? vm_insert_page+0x9c0/0x9c0 [ 703.998719] ? check_preemption_disabled+0x41/0x280 [ 704.003760] handle_mm_fault+0x436/0xb10 [ 704.007826] __do_page_fault+0x68e/0xd60 [ 704.011875] ? trace_hardirqs_off_caller+0x6e/0x210 [ 704.016887] ? spurious_fault+0x840/0x840 [ 704.021029] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 704.025907] ? page_fault+0x8/0x30 [ 704.029453] page_fault+0x1e/0x30 [ 704.032907] RIP: 0033:0x7fa12bbab2e3 [ 704.036618] Code: Bad RIP value. [ 704.039991] RSP: 002b:00007fffead578f8 EFLAGS: 00010246 [ 704.045349] RAX: 0000000000000001 RBX: 000055e449b9a1e0 RCX: 00007fa12bbab2e3 [ 704.052629] RDX: 0000000000000013 RSI: 00007fffead57900 RDI: 000000000000000c [ 704.059906] RBP: 00007fffead57af0 R08: 0000000002faf080 R09: 000000b3f556bc76 [ 704.067191] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffead57900 [ 704.074450] R13: 0000000000000001 R14: ffffffffffffffff R15: 0005f44f5633fce0 [ 704.082852] Mem-Info: [ 704.085340] active_anon:14619 inactive_anon:23023 isolated_anon:0 [ 704.085340] active_file:16 inactive_file:16 isolated_file:1 [ 704.085340] unevictable:0 dirty:0 writeback:0 unstable:0 [ 704.085340] slab_reclaimable:15149 slab_unreclaimable:122196 [ 704.085340] mapped:21970 shmem:23500 pagetables:575 bounce:0 [ 704.085340] free:13813 free_pcp:832 free_cma:0 [ 704.124488] syz-executor.3: vmalloc: allocation failure, allocated 1718550528 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 704.129301] Node 0 active_anon:56104kB inactive_anon:43248kB active_file:24kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86504kB dirty:0kB writeback:0kB shmem:44824kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 12288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 704.141899] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 704.175105] CPU: 1 PID: 5306 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 704.179696] Node 1 active_anon:2372kB inactive_anon:48844kB active_file:40kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):4kB mapped:1376kB dirty:0kB writeback:0kB shmem:49176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 704.182999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 704.183008] Call Trace: [ 704.221923] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 704.223205] dump_stack+0x1fc/0x2ef [ 704.253201] warn_alloc.cold+0x7b/0x18f [ 704.257355] ? zone_watermark_ok_safe+0x260/0x260 [ 704.261122] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 704.263444] ? retint_kernel+0x2d/0x2d [ 704.273006] __vmalloc_area_node+0x4fd/0x780 [ 704.273786] Node 0 DMA32 free:17932kB min:35996kB low:44992kB high:53988kB active_anon:56104kB inactive_anon:43248kB active_file:24kB inactive_file:24kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1972kB bounce:0kB free_pcp:744kB local_pcp:512kB free_cma:0kB [ 704.277942] ? __vmalloc_node_range+0x180/0x180 [ 704.277957] ? _raw_spin_unlock+0x29/0x40 [ 704.277969] ? __get_vm_area_node+0x2e2/0x3a0 [ 704.277988] __vmalloc_node_range+0xed/0x180 [ 704.278002] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 704.278018] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 704.318499] lowmem_reserve[]: 0 0 1 1 1 [ 704.321065] vmalloc_user+0x70/0xe0 [ 704.325462] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 704.329876] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 704.329889] vb2_vmalloc_alloc+0xb3/0x2f0 [ 704.329903] __vb2_queue_alloc+0x472/0xe60 [ 704.329926] vb2_core_create_bufs+0x273/0x7e0 [ 704.329941] ? __vb2_queue_free+0x870/0x870 [ 704.329958] ? mutex_trylock+0x1a0/0x1a0 [ 704.329973] ? __video_do_ioctl+0x632/0xcd0 [ 704.329991] vb2_create_bufs+0x332/0x620 [ 704.330009] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 704.347323] lowmem_reserve[]: 0 0 0 0 0 [ 704.369576] ? __video_do_ioctl+0x632/0xcd0 [ 704.369592] ? mutex_trylock+0x1a0/0x1a0 [ 704.369606] ? mark_held_locks+0xf0/0xf0 [ 704.369627] vb2_ioctl_create_bufs+0x20d/0x360 [ 704.369644] ? memset+0x20/0x40 [ 704.369662] v4l_create_bufs+0xb2/0x160 [ 704.369680] __video_do_ioctl+0x49a/0xcd0 [ 704.369701] ? v4l_querycap+0x340/0x340 [ 704.382734] Node 1 Normal free:26452kB min:53876kB low:67344kB high:80812kB active_anon:2372kB inactive_anon:48844kB active_file:40kB inactive_file:40kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:416kB pagetables:328kB bounce:0kB free_pcp:2584kB local_pcp:880kB free_cma:0kB [ 704.387141] ? __might_fault+0x192/0x1d0 [ 704.387161] ? v4l_querycap+0x340/0x340 [ 704.387175] video_usercopy+0x13f/0xfa0 [ 704.387197] ? v4l_enumstd+0x60/0x60 [ 704.387210] ? do_futex+0x171/0x1880 [ 704.387229] ? mark_held_locks+0xf0/0xf0 [ 704.402957] lowmem_reserve[]: 0 0 0 0 0 [ 704.404057] ? debug_check_no_obj_freed+0x201/0x490 [ 704.413044] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 704.413831] ? video_usercopy+0xfa0/0xfa0 [ 704.430101] Node 0 DMA32: 643*4kB (UME) 737*8kB (ME) 180*16kB (UME) 50*32kB (UME) 20*64kB (ME) 14*128kB (M) 3*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 18324kB [ 704.431122] v4l2_ioctl+0x147/0x1a0 [ 704.434433] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 704.438410] ? video_devdata+0xa0/0xa0 [ 704.438426] do_vfs_ioctl+0xcdb/0x12e0 [ 704.438440] ? lock_downgrade+0x720/0x720 [ 704.438454] ? check_preemption_disabled+0x41/0x280 [ 704.438467] ? ioctl_preallocate+0x200/0x200 [ 704.438483] ? __fget+0x356/0x510 [ 704.438498] ? do_dup2+0x450/0x450 [ 704.438514] ? __se_sys_futex+0x298/0x3b0 [ 704.445627] Node 1 Normal: 319*4kB (UME) 247*8kB (UME) 154*16kB (ME) 48*32kB (M) 10*64kB (M) 3*128kB (ME) 1*256kB (U) 1*512kB (M) 1*1024kB (M) 2*2048kB (UM) 3*4096kB (U) = 26452kB [ 704.446712] ksys_ioctl+0x9b/0xc0 [ 704.446728] __x64_sys_ioctl+0x6f/0xb0 [ 704.446742] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 704.446757] do_syscall_64+0xf9/0x620 [ 704.446776] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 704.446788] RIP: 0033:0x7f15d34aa0f9 [ 704.446802] Code: Bad RIP value. [ 704.485372] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 704.487875] RSP: 002b:00007f15d1a1c168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 704.487888] RAX: ffffffffffffffda RBX: 00007f15d35c9f80 RCX: 00007f15d34aa0f9 [ 704.487894] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 704.487902] RBP: 00007f15d3505ae9 R08: 0000000000000000 R09: 0000000000000000 [ 704.487908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 704.487916] R13: 00007fff974dc66f R14: 00007f15d1a1c300 R15: 0000000000022000 [ 704.492842] Mem-Info: [ 704.508222] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 704.512552] active_anon:14619 inactive_anon:23023 isolated_anon:0 [ 704.512552] active_file:16 inactive_file:16 isolated_file:1 [ 704.512552] unevictable:0 dirty:0 writeback:0 unstable:0 [ 704.512552] slab_reclaimable:15149 slab_unreclaimable:122196 [ 704.512552] mapped:21970 shmem:23500 pagetables:575 bounce:0 [ 704.512552] free:13813 free_pcp:826 free_cma:0 [ 704.521782] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 704.533884] Node 0 active_anon:56104kB inactive_anon:43248kB active_file:24kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86504kB dirty:0kB writeback:0kB shmem:44824kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 12288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 704.548597] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 704.566633] Node 1 active_anon:2372kB inactive_anon:48844kB active_file:40kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):4kB mapped:1376kB dirty:0kB writeback:0kB shmem:49176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 704.575211] 23533 total pagecache pages [ 704.585698] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 704.595733] 0 pages in swap cache [ 704.613534] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 704.620508] Swap cache stats: add 0, delete 0, find 0/0 [ 704.625118] Node 0 DMA32 free:17932kB min:35996kB low:44992kB high:53988kB active_anon:56104kB inactive_anon:43248kB active_file:24kB inactive_file:24kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1972kB bounce:0kB free_pcp:716kB local_pcp:204kB free_cma:0kB [ 704.626165] Free swap = 0kB [ 704.626170] Total swap = 0kB [ 704.626179] 2097051 pages RAM [ 704.626184] 0 pages HighMem/MovableOnly [ 704.626188] 369649 pages reserved [ 704.626193] 0 pages cma reserved [ 704.626199] Unreclaimable slab info: [ 704.626204] Name Used Total [ 704.626220] pid_2 65KB 204KB [ 704.636123] lowmem_reserve[]: 0 0 1 1 1 [ 704.645865] batadv_tl_cache 4KB 12KB [ 704.661501] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 704.665869] TIPC 10KB 22KB [ 704.678302] lowmem_reserve[]: 0 0 0 0 0 [ 704.681074] SCTPv6 14KB 30KB [ 704.697664] Node 1 Normal free:26452kB min:53876kB low:67344kB high:80812kB active_anon:2372kB inactive_anon:48844kB active_file:40kB inactive_file:40kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:416kB pagetables:328kB bounce:0kB free_pcp:2584kB local_pcp:1704kB free_cma:0kB [ 704.733974] DCCPv6 17KB 30KB [ 704.744862] lowmem_reserve[]: 0 0 0 0 0 [ 704.780184] DCCP 16KB 28KB [ 704.814537] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 704.851706] RXRPC 11KB 26KB [ 704.851985] Node 0 DMA32: 643*4kB (UME) 737*8kB (ME) 180*16kB (UME) 50*32kB (UME) 20*64kB (ME) 14*128kB (M) 3*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 18324kB [ 704.891374] rxrpc_call_jar 78KB 118KB [ 704.902118] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 704.904928] bridge_fdb_cache 9KB 23KB [ 704.915425] Node 1 Normal: 319*4kB (UME) 247*8kB (UME) 154*16kB (ME) 48*32kB (M) 10*64kB (M) 3*128kB (ME) 1*256kB (U) 1*512kB (M) 1*1024kB (M) 2*2048kB (UM) 3*4096kB (U) = 26452kB [ 704.923299] fib6_nodes 156KB 240KB [ 704.936617] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 704.964851] ip6_dst_cache 168KB 423KB [ 704.973319] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 705.005545] RAWv6 70KB 94KB [ 705.010289] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 705.015697] UDPv6 26KB 37KB [ 705.033167] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 705.058145] TCPv6 45KB 48KB [ 705.066600] 23533 total pagecache pages [ 705.068615] nf_conntrack 11KB 11KB [ 705.089380] 0 pages in swap cache [ 705.100508] t10_alua_lu_gp_cache 0KB 3KB [ 705.105844] Swap cache stats: add 0, delete 0, find 0/0 [ 705.113260] sd_ext_cdb 0KB 7KB [ 705.125569] Free swap = 0kB [ 705.137915] scsi_sense_cache 1056KB 1060KB [ 705.141716] Total swap = 0kB [ 705.155076] virtio_scsi_cmd 16KB 16KB [ 705.156596] 2097051 pages RAM [ 705.174924] sgpool-128 8KB 8KB [ 705.176299] 0 pages HighMem/MovableOnly [ 705.176308] 369649 pages reserved [ 705.179336] sgpool-64 4KB 12KB [ 705.184695] 0 pages cma reserved [ 705.202689] sgpool-32 2KB 15KB [ 705.240580] sgpool-16 1KB 7KB [ 705.260535] sgpool-8 0KB 7KB [ 705.272609] mqueue_inode_cache 10KB 30KB [ 705.293030] bio_post_read_ctx 14KB 15KB [ 705.303204] bio-2 14KB 15KB [ 705.323277] jfs_mp 7KB 7KB [ 705.332819] cifs_small_rq 15KB 16KB [ 705.352719] cifs_request 67KB 67KB [ 705.365428] cifs_mpx_ids 0KB 7KB [ 705.389086] nfs_commit_data 3KB 14KB [ 705.394481] nfs_write_data 34KB 44KB [ 705.414546] ext4_system_zone 1KB 7KB [ 705.423118] bio-1 1KB 7KB [ 705.443798] pid_namespace 2KB 11KB [ 705.454352] rpc_buffers 17KB 25KB [ 705.474731] rpc_tasks 2KB 7KB [ 705.483605] UNIX 223KB 225KB [ 705.503700] tcp_bind_bucket 1KB 4KB [ 705.512643] ip_fib_trie 23KB 39KB [ 705.532545] ip_fib_alias 112KB 173KB [ 705.553988] ip_dst_cache 4KB 20KB [ 705.563288] RAW 42KB 52KB [ 705.584021] UDP 48KB 54KB [ 705.589536] TCP 19KB 22KB [ 705.594908] hugetlbfs_inode_cache 3KB 15KB [ 705.617280] fscache_cookie_jar 1KB 11KB [ 705.622797] eventpoll_pwq 30KB 43KB [ 705.643642] eventpoll_epi 58KB 63KB [ 705.653836] inotify_inode_mark 23KB 55KB [ 705.675049] request_queue 199KB 199KB [ 705.681135] blkdev_requests 1KB 3KB [ 705.694313] blkdev_ioc 26KB 30KB [ 705.700433] bio-0 1256KB 1256KB [ 705.711649] biovec-max 1625KB 1625KB [ 705.719424] biovec-64 1075KB 1078KB [ 705.725431] biovec-16 87KB 90KB [ 705.736881] bio_integrity_payload 1KB 8KB [ 705.744186] khugepaged_mm_slot 13KB 34KB [ 705.754584] uid_cache 0KB 4KB [ 705.761585] dmaengine-unmap-2 0KB 3KB [ 705.771047] skbuff_fclone_cache 133KB 206KB [ 705.778381] skbuff_head_cache 6360KB 6363KB [ 705.783762] configfs_dir_cache 3KB 7KB [ 705.794168] file_lock_cache 117KB 209KB [ 705.800515] file_lock_ctx 9KB 11KB [ 705.809972] fsnotify_mark_connector 18KB 31KB [ 705.818575] net_namespace 52KB 52KB [ 705.824643] shmem_inode_cache 8244KB 8477KB [ 705.835255] task_delay_info 139KB 387KB [ 705.843816] taskstats 79KB 141KB [ 705.859894] proc_dir_entry 694KB 828KB [ 705.871960] pde_opener 7KB 34KB [ 705.890309] seq_file 310KB 507KB [ 705.899643] sigqueue 43KB 55KB [ 705.905058] kernfs_node_cache 18236KB 18250KB [ 705.913695] mnt_cache 173KB 204KB [ 705.922909] filp 6397KB 7687KB [ 705.932763] names_cache 148907KB 148945KB [ 705.940847] iint_cache 34KB 59KB [ 705.949546] key_jar 22KB 135KB [ 705.955017] uts_namespace 2KB 7KB [ 705.963193] nsproxy 1KB 7KB [ 705.972476] vm_area_struct 3065KB 3987KB [ 705.980560] mm_struct 440KB 721KB [ 705.988899] fs_cache 93KB 372KB [ 705.994943] files_cache 367KB 795KB [ 706.004587] signal_cache 803KB 1681KB [ 706.013768] sighand_cache 571KB 624KB [ 706.022850] task_struct 4507KB 4595KB [ 706.032216] cred_jar 1678KB 2228KB [ 706.041562] anon_vma_chain 984KB 1492KB [ 706.051548] anon_vma 153KB 292KB [ 706.060885] pid 50KB 228KB [ 706.070058] Acpi-Operand 156KB 198KB [ 706.078735] Acpi-ParseExt 9KB 11KB [ 706.084113] Acpi-Parse 41KB 47KB [ 706.092490] Acpi-State 52KB 63KB [ 706.101972] Acpi-Namespace 20KB 27KB [ 706.111634] numa_policy 0KB 3KB [ 706.121078] debug_objects_cache 1286KB 1828KB [ 706.130634] trace_event_file 297KB 298KB [ 706.138874] ftrace_event_field 398KB 401KB [ 706.144332] pool_workqueue 121KB 152KB [ 706.153106] page->ptl 528KB 1008KB [ 706.161200] kmalloc-2097152 2050KB 2050KB [ 706.169849] kmalloc-524288 2056KB 2056KB [ 706.175224] kmalloc-262144 1290KB 1290KB [ 706.183324] kmalloc-131072 650KB 650KB [ 706.191873] kmalloc-65536 1848KB 1914KB [ 706.199901] kmalloc-32768 1650KB 1650KB [ 706.205277] kmalloc-16384 1072KB 1072KB [ 706.213497] kmalloc-8192 3968KB 4009KB [ 706.221523] kmalloc-4096 18377KB 18415KB [ 706.229559] kmalloc-2048 11084KB 13744KB [ 706.234927] kmalloc-1024 7625KB 11623KB [ 706.243291] kmalloc-512 14640KB 14640KB [ 706.251351] kmalloc-256 4175KB 5711KB [ 706.260015] kmalloc-128 874KB 1401KB [ 706.265391] kmalloc-96 3594KB 4076KB [ 706.273523] kmalloc-64 2514KB 3896KB [ 706.281550] kmalloc-32 1842KB 2543KB [ 706.289611] kmalloc-192 1500KB 2572KB [ 706.294985] kmem_cache 177KB 183KB [ 706.303307] Out of memory (oom_kill_allocating_task): Kill process 5291 (systemd-journal) score 0 or sacrifice child [ 706.319493] Killed process 5291 (systemd-journal) total-vm:46096kB, anon-rss:468kB, file-rss:0kB, shmem-rss:1292kB [ 706.332127] oom_reaper: reaped process 5291 (systemd-journal), now anon-rss:0kB, file-rss:0kB, shmem-rss:1292kB [ 706.466971] systemd[1]: systemd-journald.service: Failed with result 'signal'. [ 706.482572] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 706.500222] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 706.509111] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 706.521431] systemd[1]: Stopped Journal Service. [ 706.544083] systemd[1]: Starting Journal Service... [ 706.705344] systemd-journald[5338]: File /run/log/journal/04d8c135ee6b410280ba31a58c89679d/system.journal corrupted or uncleanly shut down, renaming and replacing. [ 707.184490] systemd[1]: Started Journal Service. 02:34:39 executing program 2: r0 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r0) 02:34:39 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000003c0)=@fd={0x1, 0x3, 0x4, 0x14020, 0x5, {0x0, 0x2710}, {0x1, 0x8, 0xec, 0x80, 0x40, 0x2, "7bf3a4d2"}, 0x2, 0x4, {}, 0x6, 0x0, r2}) ioctl$vim2m_VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000080)=0x3) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4, 0x0, 0x81}) 02:34:39 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:34:39 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:34:39 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{}, {0x0, 0x0, 0x1, 0x1}}], 0x10) 02:34:39 executing program 2: r0 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), r0) 02:34:39 executing program 4: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10) 02:34:39 executing program 2: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) syz_genetlink_get_family_id$gtp(0x0, r0) 02:34:39 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{}, {0x0, 0x0, 0x0, 0x1}}], 0x10) 02:34:39 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:34:39 executing program 4: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {{}, {0x0, 0x0, 0x1, 0x1}}], 0x10) 02:34:39 executing program 2: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) syz_genetlink_get_family_id$gtp(0x0, r0) [ 714.598817] oom_reaper: reaped process 5355 (syz-executor.3), now anon-rss:0kB, file-rss:14336kB, shmem-rss:20kB [ 714.628719] systemd-journal invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 714.646493] systemd-journal cpuset=/ mems_allowed=0-1 [ 714.652419] CPU: 0 PID: 5338 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 [ 714.660303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 714.669651] Call Trace: [ 714.672244] dump_stack+0x1fc/0x2ef [ 714.675878] dump_header+0x15d/0xc3f [ 714.679597] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 714.684703] ? ___ratelimit+0x319/0x590 [ 714.688682] oom_kill_process.cold+0x10/0x692 [ 714.693186] ? check_preemption_disabled+0x41/0x280 [ 714.698212] ? has_intersects_mems_allowed+0x1d6/0x290 [ 714.703496] out_of_memory+0x1072/0x1390 [ 714.707566] ? oom_killer_disable+0x270/0x270 [ 714.712065] ? mutex_trylock+0x15f/0x1a0 [ 714.716128] __alloc_pages_nodemask+0x23a2/0x2890 [ 714.720983] ? find_get_entry+0x4cd/0x8a0 [ 714.725225] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 714.730074] alloc_pages_current+0x193/0x2a0 [ 714.734464] filemap_fault+0x146e/0x2180 [ 714.738516] ext4_filemap_fault+0x84/0xb0 [ 714.742646] __do_fault+0x10b/0x4b0 [ 714.745385] syz-executor.3: vmalloc: allocation failure, allocated 1711292416 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 714.746264] __handle_mm_fault+0x273b/0x41c0 [ 714.761923] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 714.764432] ? vm_insert_page+0x9c0/0x9c0 [ 714.773677] ? check_preemption_disabled+0x41/0x280 [ 714.778686] handle_mm_fault+0x436/0xb10 [ 714.782756] __do_page_fault+0x68e/0xd60 [ 714.786808] ? trace_hardirqs_off_caller+0x6e/0x210 [ 714.791829] ? spurious_fault+0x840/0x840 [ 714.795978] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 714.800815] ? page_fault+0x8/0x30 [ 714.804356] page_fault+0x1e/0x30 [ 714.807793] RIP: 0033:0x7f4af4da62e3 [ 714.811500] Code: Bad RIP value. [ 714.814873] RSP: 002b:00007ffeb243c848 EFLAGS: 00010246 [ 714.821131] RAX: 0000000000000001 RBX: 00005591f8f711e0 RCX: 00007f4af4da62e3 [ 714.828393] RDX: 0000000000000013 RSI: 00007ffeb243c850 RDI: 000000000000000c [ 714.835662] RBP: 00007ffeb243ca40 R08: 00007ffeb24db000 R09: 000000b61237ddb0 [ 714.842930] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffeb243c850 [ 714.850182] R13: 0000000000000001 R14: ffffffffffffffff R15: 0005f44f56b1dfcd [ 714.857453] CPU: 1 PID: 5355 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 714.865258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 714.874604] Call Trace: [ 714.877196] dump_stack+0x1fc/0x2ef [ 714.879577] Mem-Info: [ 714.880843] warn_alloc.cold+0x7b/0x18f [ 714.883256] active_anon:14629 inactive_anon:25055 isolated_anon:0 [ 714.883256] active_file:12 inactive_file:13 isolated_file:0 [ 714.883256] unevictable:0 dirty:0 writeback:0 unstable:0 [ 714.883256] slab_reclaimable:15059 slab_unreclaimable:121806 [ 714.883256] mapped:21969 shmem:25548 pagetables:573 bounce:0 [ 714.883256] free:13873 free_pcp:1003 free_cma:0 [ 714.887211] ? zone_watermark_ok_safe+0x260/0x260 [ 714.887226] ? retint_kernel+0x2d/0x2d [ 714.887245] ? alloc_pages_current+0x35/0x2a0 [ 714.887280] __vmalloc_area_node+0x4fd/0x780 [ 714.920715] Node 0 active_anon:56112kB inactive_anon:51180kB active_file:40kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:87616kB dirty:0kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 714.925466] ? __vmalloc_node_range+0x180/0x180 [ 714.925485] ? _raw_spin_unlock+0x29/0x40 [ 714.929366] Node 1 active_anon:2404kB inactive_anon:49040kB active_file:8kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:260kB dirty:0kB writeback:0kB shmem:49436kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 714.933830] ? __get_vm_area_node+0x2e2/0x3a0 [ 714.938233] Node 0 DMA free:10868kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 714.965788] __vmalloc_node_range+0xed/0x180 [ 714.965811] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 714.970451] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 714.974597] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 715.001487] Node 0 DMA32 free:18056kB min:35996kB low:44992kB high:53988kB active_anon:56112kB inactive_anon:51180kB active_file:40kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1972kB bounce:0kB free_pcp:1752kB local_pcp:1288kB free_cma:0kB [ 715.005943] vmalloc_user+0x70/0xe0 [ 715.005958] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 715.005974] vb2_vmalloc_alloc+0xb3/0x2f0 [ 715.032080] lowmem_reserve[]: 0 0 1 1 1 [ 715.036464] __vb2_queue_alloc+0x472/0xe60 [ 715.036492] vb2_core_create_bufs+0x273/0x7e0 [ 715.040780] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 715.045785] ? __vb2_queue_free+0x870/0x870 [ 715.045802] ? mutex_trylock+0x1a0/0x1a0 [ 715.045820] ? __video_do_ioctl+0x632/0xcd0 [ 715.051152] lowmem_reserve[]: 0 0 0 0 0 [ 715.080226] vb2_create_bufs+0x332/0x620 [ 715.080249] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 715.083853] Node 1 Normal free:26560kB min:53876kB low:67344kB high:80812kB active_anon:2404kB inactive_anon:49040kB active_file:8kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:416kB pagetables:320kB bounce:0kB free_pcp:2260kB local_pcp:616kB free_cma:0kB [ 715.088164] ? __video_do_ioctl+0x632/0xcd0 [ 715.088179] ? mutex_trylock+0x1a0/0x1a0 [ 715.088196] ? mark_held_locks+0xf0/0xf0 [ 715.092314] lowmem_reserve[]: 0 0 0 0 0 [ 715.096283] vb2_ioctl_create_bufs+0x20d/0x360 [ 715.096303] ? memset+0x20/0x40 [ 715.100509] Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10868kB [ 715.105023] v4l_create_bufs+0xb2/0x160 [ 715.130882] Node 0 DMA32: 650*4kB (UME) 744*8kB (UME) 158*16kB (UME) 21*32kB (UME) 12*64kB (UME) 7*128kB (UM) 1*256kB (U) 1*512kB (M) 2*1024kB (UM) 1*2048kB (M) 0*4096kB = 18280kB [ 715.135175] __video_do_ioctl+0x49a/0xcd0 [ 715.139228] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 715.143527] ? v4l_querycap+0x340/0x340 [ 715.147491] Node 1 Normal: 306*4kB (UM) 265*8kB (UME) 209*16kB (M) 115*32kB (ME) 27*64kB (M) 5*128kB (UM) 2*256kB (UM) 0*512kB 1*1024kB (M) 2*2048kB (UM) 2*4096kB (UE) = 26560kB [ 715.151550] ? __might_fault+0x192/0x1d0 [ 715.156667] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 715.185342] ? v4l_querycap+0x340/0x340 [ 715.185356] video_usercopy+0x13f/0xfa0 [ 715.185378] ? v4l_enumstd+0x60/0x60 [ 715.189689] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 715.193736] ? do_futex+0x171/0x1880 [ 715.197792] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 715.201734] ? mark_held_locks+0xf0/0xf0 [ 715.206336] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 715.209584] ? debug_check_no_obj_freed+0x201/0x490 [ 715.222749] 25573 total pagecache pages [ 715.226698] ? video_usercopy+0xfa0/0xfa0 [ 715.226714] v4l2_ioctl+0x147/0x1a0 [ 715.242841] 0 pages in swap cache [ 715.246949] ? video_devdata+0xa0/0xa0 [ 715.246964] do_vfs_ioctl+0xcdb/0x12e0 [ 715.246982] ? lock_downgrade+0x720/0x720 [ 715.257981] Swap cache stats: add 0, delete 0, find 0/0 [ 715.261928] ? check_preemption_disabled+0x41/0x280 [ 715.277874] Free swap = 0kB [ 715.281908] ? ioctl_preallocate+0x200/0x200 [ 715.290753] Total swap = 0kB [ 715.294706] ? __fget+0x356/0x510 [ 715.298674] 2097051 pages RAM [ 715.302378] ? do_dup2+0x450/0x450 [ 715.311120] 0 pages HighMem/MovableOnly [ 715.314803] ? __se_sys_futex+0x298/0x3b0 [ 715.323630] 369649 pages reserved [ 715.327673] ksys_ioctl+0x9b/0xc0 [ 715.327691] __x64_sys_ioctl+0x6f/0xb0 [ 715.336256] 0 pages cma reserved [ 715.341248] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 715.345315] Unreclaimable slab info: [ 715.349431] do_syscall_64+0xf9/0x620 [ 715.353031] Name Used Total [ 715.356478] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 715.356489] RIP: 0033:0x7f15d34aa0f9 [ 715.356505] Code: Bad RIP value. [ 715.360368] pid_2 53KB 204KB [ 715.364234] RSP: 002b:00007f15d1a1c168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 715.368454] batadv_tl_cache 4KB 12KB [ 715.373708] RAX: ffffffffffffffda RBX: 00007f15d35c9f80 RCX: 00007f15d34aa0f9 [ 715.378737] TIPC 10KB 22KB [ 715.381715] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 715.386156] SCTPv6 14KB 30KB [ 715.389116] RBP: 00007f15d3505ae9 R08: 0000000000000000 R09: 0000000000000000 [ 715.389126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 715.392569] DCCPv6 17KB 30KB [ 715.395654] R13: 00007fff974dc66f R14: 00007f15d1a1c300 R15: 0000000000022000 [ 715.402961] Mem-Info: [ 715.425424] DCCP 16KB 28KB [ 715.426233] active_anon:14629 inactive_anon:25055 isolated_anon:0 [ 715.426233] active_file:12 inactive_file:13 isolated_file:0 [ 715.426233] unevictable:0 dirty:0 writeback:0 unstable:0 [ 715.426233] slab_reclaimable:15059 slab_unreclaimable:121806 [ 715.426233] mapped:21969 shmem:25548 pagetables:573 bounce:0 [ 715.426233] free:13873 free_pcp:972 free_cma:0 [ 715.429935] RXRPC 11KB 26KB [ 715.433662] Node 0 active_anon:56112kB inactive_anon:51180kB active_file:40kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:87616kB dirty:0kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 715.461644] rxrpc_call_jar 78KB 118KB [ 715.464623] Node 1 active_anon:2404kB inactive_anon:49040kB active_file:8kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:260kB dirty:0kB writeback:0kB shmem:49436kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 715.480035] bridge_fdb_cache 9KB 23KB [ 715.484594] Node 0 DMA free:10868kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 715.500815] fib6_nodes 156KB 240KB [ 715.504809] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 715.531925] ip6_dst_cache 171KB 423KB [ 715.536716] Node 0 DMA32 free:18056kB min:35996kB low:44992kB high:53988kB active_anon:56112kB inactive_anon:51180kB active_file:40kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1972kB bounce:0kB free_pcp:1600kB local_pcp:316kB free_cma:0kB [ 715.536750] lowmem_reserve[]: 0 0 1 1 1 [ 715.586188] RAWv6 70KB 94KB [ 715.605399] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 715.625458] UDPv6 26KB 37KB [ 715.637683] lowmem_reserve[]: 0 0 0 0 0 [ 715.637707] Node 1 Normal free:26560kB min:53876kB low:67344kB high:80812kB active_anon:2404kB inactive_anon:49040kB active_file:8kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:416kB pagetables:320kB bounce:0kB free_pcp:2260kB local_pcp:1644kB free_cma:0kB [ 715.637740] lowmem_reserve[]: 0 0 0 0 0 [ 715.655461] TCPv6 30KB 48KB [ 715.669273] Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10868kB [ 715.690106] nf_conntrack 10KB 11KB [ 715.720816] Node 0 DMA32: 650*4kB (UME) 744*8kB (UME) 158*16kB (UME) 21*32kB (UME) 12*64kB (UME) 7*128kB (UM) 1*256kB (U) 1*512kB (M) 2*1024kB (UM) 1*2048kB (M) 0*4096kB = 18280kB [ 715.735950] t10_alua_lu_gp_cache 0KB 3KB [ 715.758438] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 715.769079] sd_ext_cdb 0KB 7KB [ 715.798661] Node 1 Normal: 306*4kB (UM) 265*8kB (UME) 209*16kB (M) 115*32kB (ME) 27*64kB (M) 5*128kB (UM) 2*256kB (UM) 0*512kB 1*1024kB (M) 2*2048kB (UM) 2*4096kB (UE) = 26560kB [ 715.808640] scsi_sense_cache 1056KB 1060KB [ 715.824307] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 715.837924] virtio_scsi_cmd 16KB 16KB [ 715.847372] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 715.859317] sgpool-128 8KB 8KB [ 715.880894] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 715.895674] sgpool-64 4KB 12KB [ 715.912523] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 715.915298] sgpool-32 2KB 15KB [ 715.920620] 25573 total pagecache pages [ 715.937942] sgpool-16 1KB 7KB [ 715.943908] sgpool-8 0KB 7KB [ 715.945473] 0 pages in swap cache [ 715.952713] Swap cache stats: add 0, delete 0, find 0/0 [ 715.957387] mqueue_inode_cache 10KB 30KB [ 715.961526] Free swap = 0kB [ 715.963515] bio_post_read_ctx 14KB 15KB [ 715.969949] Total swap = 0kB [ 715.974988] 2097051 pages RAM [ 715.978736] bio-2 14KB 15KB [ 715.978746] jfs_mp 7KB 7KB [ 715.978786] cifs_small_rq 15KB 16KB [ 715.978796] cifs_request 67KB 67KB [ 715.978805] cifs_mpx_ids 0KB 7KB [ 715.978834] nfs_commit_data 3KB 14KB [ 715.978844] nfs_write_data 34KB 44KB [ 715.978887] ext4_system_zone 1KB 7KB [ 715.978918] bio-1 1KB 7KB [ 715.978929] pid_namespace 2KB 11KB [ 715.978949] rpc_buffers 17KB 25KB [ 715.978958] rpc_tasks 2KB 7KB [ 715.978967] UNIX 245KB 247KB [ 715.978982] tcp_bind_bucket 1KB 4KB [ 715.979000] ip_fib_trie 23KB 39KB [ 715.979009] ip_fib_alias 112KB 173KB [ 715.979018] ip_dst_cache 4KB 20KB [ 715.979029] RAW 42KB 52KB [ 715.979038] UDP 38KB 54KB [ 715.979052] TCP 14KB 22KB [ 715.979064] hugetlbfs_inode_cache 3KB 15KB [ 715.979074] fscache_cookie_jar 1KB 11KB [ 715.979083] eventpoll_pwq 31KB 43KB [ 715.979092] eventpoll_epi 56KB 63KB [ 715.979102] inotify_inode_mark 27KB 47KB [ 715.979115] request_queue 199KB 199KB [ 715.979124] blkdev_requests 1KB 3KB [ 715.979133] blkdev_ioc 31KB 34KB [ 715.979143] bio-0 1440KB 1440KB [ 715.979153] biovec-max 1691KB 1691KB [ 715.979164] biovec-64 1233KB 1244KB [ 715.979174] biovec-16 94KB 97KB [ 715.979183] bio_integrity_payload 1KB 8KB [ 715.979193] khugepaged_mm_slot 9KB 34KB [ 715.979210] uid_cache 0KB 4KB [ 715.979219] dmaengine-unmap-2 0KB 3KB [ 715.979231] skbuff_fclone_cache 103KB 187KB [ 715.979241] skbuff_head_cache 7061KB 7065KB [ 715.979250] configfs_dir_cache 3KB 7KB [ 715.979260] file_lock_cache 103KB 209KB [ 715.979270] file_lock_ctx 9KB 11KB [ 715.979280] fsnotify_mark_connector 14KB 31KB [ 715.979289] net_namespace 52KB 52KB [ 715.979299] shmem_inode_cache 8202KB 8466KB [ 715.979308] task_delay_info 129KB 387KB [ 715.979318] taskstats 62KB 141KB [ 715.979328] proc_dir_entry 694KB 828KB [ 715.979338] pde_opener 7KB 34KB [ 715.979347] seq_file 319KB 507KB [ 715.979357] sigqueue 38KB 55KB [ 715.979367] kernfs_node_cache 18237KB 18250KB [ 715.979377] mnt_cache 173KB 204KB [ 715.979386] filp 6633KB 7687KB [ 715.979396] names_cache 148278KB 148308KB [ 715.979405] iint_cache 36KB 59KB [ 715.979415] key_jar 22KB 135KB [ 715.979424] uts_namespace 2KB 7KB [ 715.979433] nsproxy 1KB 7KB [ 715.979443] vm_area_struct 3118KB 3979KB [ 715.979452] mm_struct 399KB 702KB [ 715.979467] fs_cache 79KB 368KB [ 715.979477] files_cache 323KB 761KB [ 715.979487] signal_cache 737KB 1610KB [ 715.979496] sighand_cache 536KB 624KB [ 715.979506] task_struct 4115KB 4204KB [ 715.979515] cred_jar 1786KB 2228KB [ 715.979525] anon_vma_chain 1015KB 1492KB [ 715.979534] anon_vma 127KB 288KB [ 715.979544] pid 49KB 224KB [ 715.979553] Acpi-Operand 156KB 198KB [ 715.979563] Acpi-ParseExt 9KB 11KB [ 715.979572] Acpi-Parse 41KB 47KB [ 715.979581] Acpi-State 52KB 63KB [ 715.979591] Acpi-Namespace 20KB 27KB [ 715.979602] numa_policy 0KB 3KB [ 715.979612] debug_objects_cache 1286KB 1828KB [ 715.979621] trace_event_file 297KB 298KB [ 715.979631] ftrace_event_field 398KB 401KB [ 715.979640] pool_workqueue 121KB 152KB [ 715.979652] page->ptl 495KB 1008KB [ 715.979698] kmalloc-2097152 2050KB 2050KB [ 715.979709] kmalloc-524288 2056KB 2056KB [ 715.979717] kmalloc-262144 1290KB 1290KB [ 715.979725] kmalloc-131072 650KB 650KB [ 715.979734] kmalloc-65536 1848KB 1914KB [ 715.979742] kmalloc-32768 1650KB 1650KB [ 715.979751] kmalloc-16384 1105KB 1105KB [ 715.979762] kmalloc-8192 3968KB 4009KB [ 715.991299] 0 pages HighMem/MovableOnly [ 716.002542] kmalloc-4096 18262KB 18300KB [ 716.011084] 369649 pages reserved [ 716.012118] kmalloc-2048 10669KB 13406KB [ 716.017467] 0 pages cma reserved [ 716.476679] kmalloc-1024 7625KB 11623KB [ 716.482040] kmalloc-512 15840KB 15840KB [ 716.487480] kmalloc-256 4169KB 5711KB [ 716.492841] kmalloc-128 843KB 1401KB [ 716.498242] kmalloc-96 3729KB 4076KB [ 716.503689] kmalloc-64 2408KB 3892KB [ 716.509158] kmalloc-32 1850KB 2543KB [ 716.514528] kmalloc-192 1507KB 2572KB [ 716.519945] kmem_cache 177KB 183KB [ 716.525351] Out of memory (oom_kill_allocating_task): Kill process 5338 (systemd-journal) score 0 or sacrifice child [ 716.536084] Killed process 5338 (systemd-journal) total-vm:46096kB, anon-rss:468kB, file-rss:0kB, shmem-rss:1292kB [ 716.547775] oom_reaper: reaped process 5338 (systemd-journal), now anon-rss:0kB, file-rss:0kB, shmem-rss:1292kB [ 716.561115] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 716.602743] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 716.613931] CPU: 1 PID: 8110 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 716.621398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 716.630754] Call Trace: [ 716.633350] dump_stack+0x1fc/0x2ef [ 716.636983] dump_header+0x15d/0xc3f [ 716.640705] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 716.645811] ? ___ratelimit+0x319/0x590 [ 716.649785] oom_kill_process.cold+0x10/0x692 [ 716.654287] ? check_preemption_disabled+0x41/0x280 [ 716.659305] ? has_intersects_mems_allowed+0x1d6/0x290 [ 716.664601] out_of_memory+0x1072/0x1390 [ 716.668671] ? oom_killer_disable+0x270/0x270 [ 716.673170] ? mutex_trylock+0x15f/0x1a0 [ 716.677232] __alloc_pages_nodemask+0x23a2/0x2890 [ 716.682087] ? find_get_entry+0x4cd/0x8a0 [ 716.686244] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 716.691116] alloc_pages_current+0x193/0x2a0 [ 716.695525] filemap_fault+0x146e/0x2180 [ 716.699592] ext4_filemap_fault+0x84/0xb0 [ 716.703737] __do_fault+0x10b/0x4b0 [ 716.707385] __handle_mm_fault+0x273b/0x41c0 [ 716.711796] ? vm_insert_page+0x9c0/0x9c0 [ 716.715935] ? __fget+0x356/0x510 [ 716.719398] ? check_preemption_disabled+0x41/0x280 [ 716.724418] handle_mm_fault+0x436/0xb10 [ 716.728486] __do_page_fault+0x68e/0xd60 [ 716.732566] ? trace_hardirqs_off_caller+0x6e/0x210 [ 716.737609] ? spurious_fault+0x840/0x840 [ 716.741760] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 716.746609] ? page_fault+0x8/0x30 [ 716.750153] page_fault+0x1e/0x30 [ 716.753688] RIP: 0033:0x467800 [ 716.756880] Code: Bad RIP value. [ 716.760235] RSP: 002b:000000c0002457e8 EFLAGS: 00010246 [ 716.765589] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000467800 [ 716.772853] RDX: 0000000000000080 RSI: 000000c000245840 RDI: 0000000000000004 [ 716.780119] RBP: 000000c000245e40 R08: 0000000000000000 R09: 000000a67516ee5a [ 716.787384] R10: 00000000000003e7 R11: 0000000000000246 R12: 000000c000245870 [ 716.794650] R13: 0000000000000004 R14: 000000c0009bc820 R15: 000000b0edf4fa49 [ 716.809608] Mem-Info: [ 716.812052] active_anon:14511 inactive_anon:25054 isolated_anon:0 [ 716.812052] active_file:8 inactive_file:17 isolated_file:0 [ 716.812052] unevictable:0 dirty:0 writeback:0 unstable:0 [ 716.812052] slab_reclaimable:15047 slab_unreclaimable:121530 [ 716.812052] mapped:21625 shmem:25548 pagetables:551 bounce:0 [ 716.812052] free:15305 free_pcp:54 free_cma:0 [ 716.853737] Node 0 active_anon:56088kB inactive_anon:51180kB active_file:24kB inactive_file:56kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86500kB dirty:0kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 716.890232] Node 1 active_anon:1956kB inactive_anon:49036kB active_file:8kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:49436kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 716.927066] Node 0 DMA free:10868kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 716.958147] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 716.963792] Node 0 DMA32 free:20932kB min:35996kB low:44992kB high:53988kB active_anon:56088kB inactive_anon:51180kB active_file:24kB inactive_file:56kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1968kB bounce:0kB free_pcp:192kB local_pcp:192kB free_cma:0kB [ 716.999389] lowmem_reserve[]: 0 0 1 1 1 [ 717.007179] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 717.044642] lowmem_reserve[]: 0 0 0 0 0 [ 717.049057] Node 1 Normal free:181000kB min:53876kB low:67344kB high:80812kB active_anon:1956kB inactive_anon:49036kB active_file:208kB inactive_file:2112kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:416kB pagetables:236kB bounce:0kB free_pcp:1916kB local_pcp:564kB free_cma:0kB [ 717.084462] lowmem_reserve[]: 0 0 0 0 0 [ 717.088944] Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10868kB [ 717.106140] Node 0 DMA32: 669*4kB (ME) 1042*8kB (UME) 152*16kB (UME) 15*32kB (UME) 10*64kB (UME) 8*128kB (UM) 6*256kB (UM) 2*512kB (M) 2*1024kB (UM) 1*2048kB (M) 0*4096kB = 22244kB [ 717.123695] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 717.135671] Node 1 Normal: 4*4kB (U) 4*8kB (UE) 38*16kB (UM) 98*32kB (UM) 49*64kB (UM) 24*128kB (UM) 16*256kB (UME) 10*512kB (UME) 10*1024kB (UME) 8*2048kB (UME) 50*4096kB (U) = 250640kB [ 717.148599] systemd[1]: systemd-journald.service: Failed with result 'signal'. [ 717.153520] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 717.168824] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 717.178760] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 717.179438] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 717.188303] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 717.208144] 26868 total pagecache pages [ 717.212923] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 717.219524] 0 pages in swap cache [ 717.222978] Swap cache stats: add 0, delete 0, find 0/0 [ 717.229443] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 717.236862] Free swap = 0kB [ 717.240367] Total swap = 0kB [ 717.243824] 2097051 pages RAM [ 717.246985] 0 pages HighMem/MovableOnly [ 717.250955] 369649 pages reserved [ 717.254398] 0 pages cma reserved [ 717.258484] systemd[1]: Stopped Journal Service. [ 717.274029] systemd[1]: Starting Journal Service... [ 717.279829] Unreclaimable slab info: [ 717.284305] Name Used Total [ 717.290957] pid_2 50KB 204KB [ 717.300568] batadv_tl_cache 4KB 12KB [ 717.306533] TIPC 10KB 22KB [ 717.314159] SCTPv6 14KB 30KB [ 717.320289] DCCPv6 17KB 30KB [ 717.326466] DCCP 16KB 28KB [ 717.332511] RXRPC 11KB 26KB [ 717.338648] rxrpc_call_jar 78KB 118KB [ 717.344897] bridge_fdb_cache 9KB 23KB [ 717.350390] fib6_nodes 156KB 240KB [ 717.356626] ip6_dst_cache 171KB 423KB [ 717.363486] RAWv6 70KB 94KB [ 717.368918] UDPv6 26KB 37KB [ 717.374318] TCPv6 27KB 48KB [ 717.380403] nf_conntrack 10KB 11KB [ 717.386788] t10_alua_lu_gp_cache 0KB 3KB [ 717.393039] sd_ext_cdb 0KB 7KB [ 717.398468] scsi_sense_cache 1056KB 1060KB [ 717.403846] virtio_scsi_cmd 16KB 16KB [ 717.410438] sgpool-128 8KB 8KB [ 717.420318] sgpool-64 4KB 12KB [ 717.443980] sgpool-32 2KB 15KB [ 717.465933] sgpool-16 1KB 7KB [ 717.471324] sgpool-8 0KB 7KB [ 717.477203] mqueue_inode_cache 10KB 30KB [ 717.484128] bio_post_read_ctx 14KB 15KB [ 717.489654] bio-2 14KB 15KB [ 717.495019] jfs_mp 7KB 7KB [ 717.503000] cifs_small_rq 15KB 16KB [ 717.521700] cifs_request 67KB 67KB [ 717.527544] cifs_mpx_ids 0KB 7KB [ 717.533272] nfs_commit_data 3KB 14KB [ 717.538878] nfs_write_data 34KB 44KB [ 717.544306] ext4_system_zone 1KB 7KB [ 717.550146] bio-1 1KB 7KB [ 717.555590] pid_namespace 2KB 11KB [ 717.561066] rpc_buffers 17KB 25KB [ 717.564824] systemd-journald[5381]: File /run/log/journal/04d8c135ee6b410280ba31a58c89679d/system.journal corrupted or uncleanly shut down, renaming and replacing. [ 717.566650] rpc_tasks 2KB 7KB [ 717.586798] UNIX 251KB 251KB [ 717.592169] tcp_bind_bucket 1KB 4KB [ 717.599081] ip_fib_trie 23KB 39KB [ 717.604587] ip_fib_alias 112KB 173KB [ 717.618203] ip_dst_cache 4KB 20KB [ 717.623584] RAW 42KB 52KB [ 717.632082] UDP 38KB 54KB [ 717.639226] TCP 11KB 22KB [ 717.644598] hugetlbfs_inode_cache 3KB 15KB [ 717.653413] fscache_cookie_jar 1KB 11KB [ 717.660418] eventpoll_pwq 31KB 43KB [ 717.669496] eventpoll_epi 63KB 63KB [ 717.674872] inotify_inode_mark 23KB 47KB [ 717.696870] request_queue 199KB 199KB [ 717.702267] blkdev_requests 1KB 3KB [ 717.733416] blkdev_ioc 30KB 34KB [ 717.739203] bio-0 1529KB 1530KB [ 717.756827] biovec-max 1691KB 1691KB [ 717.762229] biovec-64 1301KB 1307KB [ 717.788193] biovec-16 99KB 101KB [ 717.793603] bio_integrity_payload 1KB 8KB [ 717.815186] khugepaged_mm_slot 8KB 34KB [ 717.820740] uid_cache 0KB 4KB [ 717.830900] dmaengine-unmap-2 0KB 3KB [ 717.841011] skbuff_fclone_cache 96KB 187KB [ 717.861219] skbuff_head_cache 7209KB 7211KB [ 717.866959] configfs_dir_cache 3KB 7KB [ 717.875570] file_lock_cache 102KB 209KB [ 717.880938] file_lock_ctx 9KB 11KB [ 717.886760] fsnotify_mark_connector 12KB 31KB [ 717.892656] net_namespace 52KB 52KB [ 717.898407] shmem_inode_cache 8196KB 8462KB [ 717.903795] task_delay_info 128KB 387KB [ 717.909528] taskstats 58KB 141KB [ 717.914901] proc_dir_entry 694KB 828KB [ 717.920642] pde_opener 10KB 34KB [ 717.926304] seq_file 331KB 507KB [ 717.931739] sigqueue 37KB 55KB [ 717.937526] kernfs_node_cache 18243KB 18250KB [ 717.942963] mnt_cache 173KB 204KB [ 717.948670] filp 6643KB 7687KB [ 717.954110] names_cache 146727KB 146727KB [ 717.959806] iint_cache 40KB 59KB [ 717.965492] key_jar 22KB 135KB [ 717.970860] uts_namespace 2KB 7KB [ 717.976589] nsproxy 1KB 7KB [ 717.981963] vm_area_struct 3150KB 3979KB [ 717.987650] mm_struct 396KB 702KB [ 717.993021] fs_cache 77KB 368KB [ 717.998786] files_cache 313KB 742KB [ 718.004153] signal_cache 730KB 1602KB [ 718.009914] sighand_cache 561KB 624KB [ 718.019879] task_struct 4040KB 4128KB [ 718.029992] cred_jar 1795KB 2228KB [ 718.050253] anon_vma_chain 1026KB 1492KB [ 718.055955] anon_vma 135KB 288KB [ 718.065418] pid 48KB 224KB [ 718.070800] Acpi-Operand 156KB 198KB [ 718.088333] Acpi-ParseExt 9KB 11KB [ 718.093737] Acpi-Parse 41KB 47KB [ 718.130367] Acpi-State 52KB 63KB [ 718.137559] Acpi-Namespace 20KB 27KB [ 718.142944] numa_policy 0KB 3KB [ 718.169031] debug_objects_cache 1286KB 1828KB [ 718.174609] trace_event_file 297KB 298KB [ 718.196731] ftrace_event_field 398KB 401KB [ 718.202240] pool_workqueue 121KB 152KB [ 718.225155] page->ptl 493KB 1008KB [ 718.235454] kmalloc-2097152 2050KB 2050KB [ 718.245427] kmalloc-524288 2056KB 2056KB [ 718.250816] kmalloc-262144 1290KB 1290KB [ 718.265157] kmalloc-131072 650KB 650KB [ 718.280763] kmalloc-65536 1848KB 1914KB [ 718.286498] kmalloc-32768 1650KB 1650KB [ 718.302028] kmalloc-16384 1138KB 1138KB [ 718.312145] kmalloc-8192 3968KB 4009KB [ 718.322255] kmalloc-4096 17888KB 17926KB [ 718.332358] kmalloc-2048 10659KB 13406KB [ 718.352587] kmalloc-1024 7665KB 11623KB [ 718.358716] kmalloc-512 16068KB 16068KB [ 718.365374] kmalloc-256 4169KB 5711KB [ 718.370759] kmalloc-128 839KB 1401KB [ 718.395166] kmalloc-96 3774KB 4076KB [ 718.400626] kmalloc-64 2355KB 3892KB [ 718.410762] kmalloc-32 1850KB 2543KB [ 718.420890] kmalloc-192 1507KB 2572KB [ 718.431025] kmem_cache 177KB 183KB [ 718.441152] Out of memory (oom_kill_allocating_task): Kill process 8110 (syz-fuzzer) score 0 or sacrifice child [ 718.454052] systemd[1]: Started Journal Service. [ 718.461920] Killed process 2471 (syz-executor.0) total-vm:48512kB, anon-rss:440kB, file-rss:4kB, shmem-rss:0kB [ 721.828526] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 721.846602] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 721.861661] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 721.868592] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 721.884646] device bridge_slave_1 left promiscuous mode [ 721.890970] bridge0: port 2(bridge_slave_1) entered disabled state [ 721.904739] device bridge_slave_0 left promiscuous mode [ 721.911277] bridge0: port 1(bridge_slave_0) entered disabled state [ 721.927931] device veth1_macvtap left promiscuous mode [ 721.933266] device veth0_macvtap left promiscuous mode [ 721.945040] device veth1_vlan left promiscuous mode [ 721.950114] device veth0_vlan left promiscuous mode 02:34:52 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x4}, {0x1}}, {}], 0x10) 02:34:52 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000003c0)=@fd={0x1, 0x3, 0x4, 0x14020, 0x5, {0x0, 0x2710}, {0x1, 0x8, 0xec, 0x80, 0x40, 0x2, "7bf3a4d2"}, 0x2, 0x4, {}, 0x6, 0x0, r2}) ioctl$vim2m_VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000080)=0x3) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:34:52 executing program 5: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:34:52 executing program 2: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) syz_genetlink_get_family_id$gtp(0x0, r0) 02:34:52 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:34:52 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@multiplanar_overlay={0x6, 0x3, 0x4, 0x100000, 0x2, {0x0, 0x2710}, {0x4, 0x0, 0x7, 0x4, 0x6, 0xff, "883b5516"}, 0x200, 0x3, {&(0x7f00000001c0)=[{0x1000, 0x1, {0x3}, 0x7fffffff}, {0x7f, 0x1, {0x7}, 0x10001}]}, 0x3f}) r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1f, 0x1, 0x1, 0x0, 0x7f}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x4000, 0x2, 0x4}) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000000)={0x2, 0xfff, 0x18, 0x80880}) pipe2$watch_queue(&(0x7f0000000140), 0x80) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r3, 0x0, 0x0}, 0x10) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r4, 0x0, 0x0}, 0x10) bind$pptp(r4, &(0x7f0000000180)={0x18, 0x2, {0x0, @rand_addr=0x64010101}}, 0x1e) 02:34:52 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:34:52 executing program 2: openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), 0xffffffffffffffff) 02:34:52 executing program 2: openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), 0xffffffffffffffff) 02:34:52 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:34:53 executing program 2: openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), 0xffffffffffffffff) 02:34:53 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) [ 726.234890] Bluetooth: hci2: command 0x0409 tx timeout [ 728.314952] Bluetooth: hci2: command 0x041b tx timeout [ 729.481904] device hsr_slave_1 left promiscuous mode [ 729.493315] device hsr_slave_0 left promiscuous mode [ 729.515752] team0 (unregistering): Port device team_slave_1 removed [ 729.527846] team0 (unregistering): Port device team_slave_0 removed [ 729.539360] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 729.551177] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 729.592487] bond0 (unregistering): Released all slaves [ 729.612687] IPVS: ftp: loaded support on port[0] = 21 [ 729.754519] Bluetooth: hci1: command 0x0406 tx timeout [ 729.923288] chnl_net:caif_netlink_parms(): no params data found [ 730.126018] bridge0: port 1(bridge_slave_0) entered blocking state [ 730.132542] bridge0: port 1(bridge_slave_0) entered disabled state [ 730.146997] device bridge_slave_0 entered promiscuous mode [ 730.159843] bridge0: port 2(bridge_slave_1) entered blocking state [ 730.167329] bridge0: port 2(bridge_slave_1) entered disabled state [ 730.180716] device bridge_slave_1 entered promiscuous mode [ 730.212586] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 730.226408] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 730.261105] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 730.269668] team0: Port device team_slave_0 added [ 730.281799] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 730.290245] team0: Port device team_slave_1 added [ 730.323987] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 730.330763] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 730.362377] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 730.380562] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 730.387152] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 730.394607] Bluetooth: hci2: command 0x040f tx timeout [ 730.426501] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 730.447842] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 730.458155] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 730.507822] device hsr_slave_0 entered promiscuous mode [ 730.539008] device hsr_slave_1 entered promiscuous mode [ 730.545561] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 730.579302] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 730.733032] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 730.793681] 8021q: adding VLAN 0 to HW filter on device bond0 [ 730.809503] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 730.823456] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 730.831701] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 730.843506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 730.861601] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 730.870412] 8021q: adding VLAN 0 to HW filter on device team0 [ 730.903108] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 730.924904] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 730.933429] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 730.957992] bridge0: port 1(bridge_slave_0) entered blocking state [ 730.964536] bridge0: port 1(bridge_slave_0) entered forwarding state [ 730.987267] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 730.994821] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 731.002085] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 731.016077] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 731.023764] bridge0: port 2(bridge_slave_1) entered blocking state [ 731.030190] bridge0: port 2(bridge_slave_1) entered forwarding state [ 731.051325] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 731.063958] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 731.079470] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 731.099055] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 731.111469] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 731.123485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 731.133807] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 731.152062] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 731.161383] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 731.172746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 731.188385] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 731.219455] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 731.230743] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 731.242149] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 731.271817] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 731.280916] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 731.296324] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 731.322385] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 731.337491] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 731.760905] oom_reaper: reaped process 5407 (syz-executor.3), now anon-rss:0kB, file-rss:14332kB, shmem-rss:8kB [ 731.785060] systemd-journal invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 731.813698] systemd-journal cpuset=/ mems_allowed=0-1 [ 731.830579] CPU: 0 PID: 5381 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 [ 731.838496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 731.847850] Call Trace: [ 731.850459] dump_stack+0x1fc/0x2ef [ 731.854088] dump_header+0x15d/0xc3f [ 731.857806] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 731.862911] ? ___ratelimit+0x319/0x590 [ 731.866880] oom_kill_process.cold+0x10/0x692 [ 731.871391] ? check_preemption_disabled+0x41/0x280 [ 731.874541] syz-executor.3: vmalloc: allocation failure, allocated 1717137408 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 731.876398] ? has_intersects_mems_allowed+0x1d6/0x290 [ 731.893687] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 731.895433] out_of_memory+0x1072/0x1390 [ 731.895452] ? oom_killer_disable+0x270/0x270 [ 731.895466] ? mutex_trylock+0x15f/0x1a0 [ 731.895483] __alloc_pages_nodemask+0x23a2/0x2890 [ 731.917971] ? find_get_entry+0x4cd/0x8a0 [ 731.922121] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 731.926986] alloc_pages_current+0x193/0x2a0 [ 731.931388] filemap_fault+0x146e/0x2180 [ 731.935448] ext4_filemap_fault+0x84/0xb0 [ 731.939580] __do_fault+0x10b/0x4b0 [ 731.943194] __handle_mm_fault+0x273b/0x41c0 [ 731.947598] ? vm_insert_page+0x9c0/0x9c0 [ 731.951754] ? check_preemption_disabled+0x41/0x280 [ 731.956764] handle_mm_fault+0x436/0xb10 [ 731.960817] __do_page_fault+0x68e/0xd60 [ 731.964881] ? trace_hardirqs_off_caller+0x6e/0x210 [ 731.969894] ? spurious_fault+0x840/0x840 [ 731.974032] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 731.978865] ? page_fault+0x8/0x30 [ 731.982405] page_fault+0x1e/0x30 [ 731.985853] RIP: 0033:0x7f5c19f5db80 [ 731.989560] Code: Bad RIP value. [ 731.992907] RSP: 002b:00007ffc5c44d9b8 EFLAGS: 00010293 [ 731.998256] RAX: 0000000000000007 RBX: 0000561342c1d310 RCX: 00007f5c19f512e3 [ 732.005516] RDX: 0000000000000013 RSI: 00007ffc5c44d9c0 RDI: 0000000000000000 [ 732.012779] RBP: 00007ffc5c44dbf0 R08: 00007ffc5c516000 R09: 000000bc288f2a7b [ 732.020038] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc5c44da00 [ 732.027300] R13: 0000000000000001 R14: 0000000000000001 R15: 0005f44f581c904b [ 732.034582] CPU: 1 PID: 5407 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 732.042386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 732.051736] Call Trace: [ 732.054331] dump_stack+0x1fc/0x2ef [ 732.057966] warn_alloc.cold+0x7b/0x18f [ 732.061964] ? zone_watermark_ok_safe+0x260/0x260 [ 732.061982] Mem-Info: [ 732.066807] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 732.066826] ? retint_kernel+0x2d/0x2d [ 732.066851] __vmalloc_area_node+0x4fd/0x780 [ 732.069259] active_anon:14112 inactive_anon:27084 isolated_anon:0 [ 732.069259] active_file:14 inactive_file:18 isolated_file:0 [ 732.069259] unevictable:0 dirty:0 writeback:0 unstable:0 [ 732.069259] slab_reclaimable:14764 slab_unreclaimable:120103 [ 732.069259] mapped:22009 shmem:27592 pagetables:573 bounce:0 [ 732.069259] free:13769 free_pcp:183 free_cma:0 [ 732.073987] ? __vmalloc_node_range+0x180/0x180 [ 732.077884] Node 0 active_anon:53916kB inactive_anon:51168kB active_file:52kB inactive_file:68kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86504kB dirty:0kB writeback:0kB shmem:52740kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 732.082252] ? _raw_spin_unlock+0x29/0x40 [ 732.115501] Node 1 active_anon:2532kB inactive_anon:57168kB active_file:4kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1532kB dirty:0kB writeback:0kB shmem:57628kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 732.120116] ? __get_vm_area_node+0x2e2/0x3a0 [ 732.147693] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 732.151809] __vmalloc_node_range+0xed/0x180 [ 732.179176] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 732.183195] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 732.209311] Node 0 DMA32 free:17372kB min:35996kB low:44992kB high:53988kB active_anon:53916kB inactive_anon:51168kB active_file:52kB inactive_file:68kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1964kB bounce:0kB free_pcp:480kB local_pcp:236kB free_cma:0kB [ 732.213679] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 732.218688] lowmem_reserve[]: 0 0 1 1 1 [ 732.222981] vmalloc_user+0x70/0xe0 [ 732.251863] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 732.257190] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 732.257203] vb2_vmalloc_alloc+0xb3/0x2f0 [ 732.257219] __vb2_queue_alloc+0x472/0xe60 [ 732.261577] lowmem_reserve[]: 0 0 0 0 0 [ 732.264788] vb2_core_create_bufs+0x273/0x7e0 [ 732.264804] ? __vb2_queue_free+0x870/0x870 [ 732.290649] Node 1 Normal free:26836kB min:53876kB low:67344kB high:80812kB active_anon:2532kB inactive_anon:57168kB active_file:4kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:328kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 732.294943] ? mutex_trylock+0x1a0/0x1a0 [ 732.294959] ? __video_do_ioctl+0x632/0xcd0 [ 732.294979] vb2_create_bufs+0x332/0x620 [ 732.299090] lowmem_reserve[]: 0 0 0 0 0 [ 732.303326] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 732.307326] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 732.311785] ? __video_do_ioctl+0x632/0xcd0 [ 732.316136] Node 0 DMA32: 1074*4kB (ME) 770*8kB (ME) 184*16kB (ME) 14*32kB (ME) 9*64kB (UME) 5*128kB (M) 5*256kB (M) 2*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 17368kB [ 732.344464] ? mutex_trylock+0x1a0/0x1a0 [ 732.344479] ? mark_held_locks+0xf0/0xf0 [ 732.344498] vb2_ioctl_create_bufs+0x20d/0x360 [ 732.344515] ? memset+0x20/0x40 [ 732.348555] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 732.352870] v4l_create_bufs+0xb2/0x160 [ 732.356952] Node 1 Normal: 265*4kB (UME) 220*8kB (ME) 183*16kB (ME) 77*32kB (UM) 13*64kB (UME) 3*128kB (ME) 2*256kB (M) 3*512kB (ME) 3*1024kB (UME) 2*2048kB (ME) 2*4096kB (U) = 26836kB [ 732.360891] __video_do_ioctl+0x49a/0xcd0 [ 732.360913] ? v4l_querycap+0x340/0x340 [ 732.360930] ? __might_fault+0x192/0x1d0 [ 732.360947] ? v4l_querycap+0x340/0x340 [ 732.360961] video_usercopy+0x13f/0xfa0 [ 732.360982] ? v4l_enumstd+0x60/0x60 [ 732.360996] ? do_futex+0x171/0x1880 [ 732.361013] ? mark_held_locks+0xf0/0xf0 [ 732.361048] ? debug_check_no_obj_freed+0x201/0x490 [ 732.361071] ? video_usercopy+0xfa0/0xfa0 [ 732.361090] v4l2_ioctl+0x147/0x1a0 [ 732.361103] ? video_devdata+0xa0/0xa0 [ 732.361119] do_vfs_ioctl+0xcdb/0x12e0 [ 732.361135] ? lock_downgrade+0x720/0x720 [ 732.361151] ? check_preemption_disabled+0x41/0x280 [ 732.361165] ? ioctl_preallocate+0x200/0x200 [ 732.361184] ? __fget+0x356/0x510 [ 732.361200] ? do_dup2+0x450/0x450 [ 732.361215] ? __se_sys_futex+0x298/0x3b0 [ 732.361241] ksys_ioctl+0x9b/0xc0 [ 732.361275] __x64_sys_ioctl+0x6f/0xb0 [ 732.361290] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 732.361305] do_syscall_64+0xf9/0x620 [ 732.361325] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 732.361338] RIP: 0033:0x7f15d34aa0f9 [ 732.361352] Code: Bad RIP value. [ 732.366483] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 732.379603] RSP: 002b:00007f15d1a1c168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 732.379615] RAX: ffffffffffffffda RBX: 00007f15d35c9f80 RCX: 00007f15d34aa0f9 [ 732.379623] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 732.379630] RBP: 00007f15d3505ae9 R08: 0000000000000000 R09: 0000000000000000 [ 732.379636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 732.379647] R13: 00007fff974dc66f R14: 00007f15d1a1c300 R15: 0000000000022000 [ 732.383953] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 732.405420] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 732.431189] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 732.451467] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 732.473710] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 732.478646] Bluetooth: hci2: command 0x0419 tx timeout [ 732.484259] 27624 total pagecache pages [ 732.489006] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 732.491761] 0 pages in swap cache [ 732.499564] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 732.517376] Swap cache stats: add 0, delete 0, find 0/0 [ 732.523886] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 732.538992] Free swap = 0kB [ 732.544084] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 732.560020] Total swap = 0kB [ 732.565346] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 732.587413] 2097051 pages RAM [ 732.594779] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 732.616340] 0 pages HighMem/MovableOnly [ 732.624425] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 732.647313] 369649 pages reserved [ 732.653425] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 732.653729] 0 pages cma reserved [ 732.661617] Mem-Info: [ 732.681305] Unreclaimable slab info: [ 732.685476] active_anon:14112 inactive_anon:27084 isolated_anon:0 [ 732.685476] active_file:14 inactive_file:18 isolated_file:0 [ 732.685476] unevictable:0 dirty:0 writeback:0 unstable:0 [ 732.685476] slab_reclaimable:14764 slab_unreclaimable:120103 [ 732.685476] mapped:22009 shmem:27592 pagetables:573 bounce:0 [ 732.685476] free:13769 free_pcp:170 free_cma:0 [ 732.701231] Name Used Total [ 732.701407] Node 0 active_anon:53916kB inactive_anon:51168kB active_file:52kB inactive_file:68kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86504kB dirty:0kB writeback:0kB shmem:52740kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 732.712108] pid_2 43KB 204KB [ 732.719545] Node 1 active_anon:2532kB inactive_anon:57168kB active_file:4kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1532kB dirty:0kB writeback:0kB shmem:57628kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 732.733281] batadv_tt_change_cache 2KB 3KB [ 732.738504] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 732.748060] batadv_tl_cache 6KB 12KB [ 732.778085] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 732.797102] TIPC 16KB 22KB [ 732.813725] Node 0 DMA32 free:17368kB min:35996kB low:44992kB high:53988kB active_anon:53916kB inactive_anon:51168kB active_file:60kB inactive_file:60kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1964kB bounce:0kB free_pcp:416kB local_pcp:204kB free_cma:0kB [ 732.813758] lowmem_reserve[]: 0 0 1 1 1 [ 732.860918] SCTPv6 26KB 30KB [ 732.876744] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 732.895775] DCCPv6 30KB 30KB [ 732.921950] lowmem_reserve[]: 0 0 0 0 0 [ 732.939439] DCCP 23KB 28KB [ 732.957500] Node 1 Normal free:26836kB min:53876kB low:67344kB high:80812kB active_anon:2532kB inactive_anon:57168kB active_file:4kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:328kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 732.975657] RXRPC 21KB 26KB [ 733.000832] lowmem_reserve[]: 0 0 0 0 0 [ 733.006678] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 733.017486] rxrpc_call_jar 92KB 118KB [ 733.023775] Node 0 DMA32: 1074*4kB (ME) 770*8kB (ME) 184*16kB (ME) 14*32kB (ME) 9*64kB (UME) 5*128kB (M) 5*256kB (M) 2*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 17368kB [ 733.043326] bridge_fdb_cache 15KB 23KB [ 733.044473] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 733.059856] Node 1 Normal: 265*4kB (UME) 220*8kB (ME) 183*16kB (ME) 77*32kB (UM) 13*64kB (UME) 3*128kB (ME) 2*256kB (M) 3*512kB (ME) 3*1024kB (UME) 2*2048kB (ME) 2*4096kB (U) = 26836kB [ 733.063426] fib6_nodes 175KB 240KB [ 733.079908] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 733.090902] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 733.097378] ip6_dst_cache 180KB 412KB [ 733.102976] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 733.113697] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 733.125906] 27624 total pagecache pages [ 733.129894] 0 pages in swap cache [ 733.133339] Swap cache stats: add 0, delete 0, find 0/0 [ 733.138752] Free swap = 0kB [ 733.141765] Total swap = 0kB [ 733.142226] RAWv6 89KB 94KB [ 733.148212] 2097051 pages RAM [ 733.153331] 0 pages HighMem/MovableOnly [ 733.157355] 369649 pages reserved [ 733.160814] 0 pages cma reserved [ 733.162392] UDPv6 35KB 37KB [ 733.189768] TCPv6 42KB 42KB [ 733.203181] nf_conntrack 10KB 11KB [ 733.230639] t10_alua_lu_gp_cache 0KB 3KB [ 733.253538] sd_ext_cdb 0KB 7KB [ 733.279912] scsi_sense_cache 1056KB 1060KB [ 733.303115] virtio_scsi_cmd 16KB 16KB [ 733.330381] sgpool-128 8KB 8KB [ 733.351064] sgpool-64 4KB 12KB [ 733.379598] sgpool-32 2KB 15KB [ 733.388881] sgpool-16 1KB 7KB [ 733.412270] sgpool-8 0KB 7KB [ 733.422467] mqueue_inode_cache 12KB 30KB [ 733.462326] bio_post_read_ctx 14KB 15KB [ 733.468045] bio-2 14KB 15KB [ 733.473412] jfs_mp 7KB 7KB [ 733.493403] cifs_small_rq 15KB 16KB [ 733.498845] cifs_request 67KB 67KB [ 733.517911] cifs_mpx_ids 0KB 7KB [ 733.523313] nfs_commit_data 3KB 14KB [ 733.528717] nfs_write_data 34KB 44KB [ 733.534111] ext4_system_zone 1KB 7KB [ 733.549872] bio-1 1KB 7KB [ 733.555311] pid_namespace 3KB 11KB [ 733.560684] rpc_buffers 17KB 25KB [ 733.576579] rpc_tasks 2KB 7KB [ 733.581970] UNIX 493KB 495KB [ 733.591496] tcp_bind_bucket 3KB 4KB [ 733.603509] ip_fib_trie 28KB 39KB [ 733.612396] ip_fib_alias 123KB 173KB [ 733.624469] ip_dst_cache 12KB 20KB [ 733.629850] RAW 52KB 52KB [ 733.642315] UDP 48KB 54KB [ 733.651144] TCP 11KB 16KB [ 733.663389] hugetlbfs_inode_cache 3KB 15KB [ 733.672584] fscache_cookie_jar 1KB 11KB [ 733.688388] eventpoll_pwq 34KB 43KB [ 733.697902] eventpoll_epi 57KB 63KB [ 733.703275] inotify_inode_mark 18KB 47KB [ 733.718863] request_queue 199KB 199KB [ 733.724282] blkdev_requests 1KB 3KB [ 733.729640] blkdev_ioc 31KB 38KB [ 733.750145] bio-0 1491KB 1563KB [ 733.760305] biovec-max 1666KB 1666KB [ 733.772000] biovec-64 1318KB 1393KB [ 733.782534] biovec-16 113KB 116KB [ 733.799479] bio_integrity_payload 1KB 8KB [ 733.810480] khugepaged_mm_slot 8KB 34KB [ 733.821691] uid_cache 0KB 4KB [ 733.832869] dmaengine-unmap-2 0KB 3KB [ 733.843922] skbuff_fclone_cache 78KB 172KB [ 733.861009] skbuff_head_cache 7610KB 7612KB [ 733.879260] configfs_dir_cache 3KB 7KB [ 733.885859] file_lock_cache 77KB 202KB [ 733.891384] file_lock_ctx 9KB 11KB [ 733.900998] fsnotify_mark_connector 9KB 31KB [ 733.907796] net_namespace 61KB 61KB [ 733.913183] shmem_inode_cache 8154KB 8438KB [ 733.922634] task_delay_info 154KB 387KB [ 733.929403] taskstats 43KB 133KB [ 733.935035] proc_dir_entry 771KB 828KB [ 733.940402] pde_opener 9KB 34KB [ 733.946167] seq_file 326KB 507KB [ 733.951534] sigqueue 54KB 55KB [ 733.956955] kernfs_node_cache 18157KB 18163KB [ 733.962312] mnt_cache 193KB 204KB [ 733.967715] filp 6872KB 7683KB [ 733.973075] names_cache 137933KB 137959KB [ 733.978931] iint_cache 42KB 59KB [ 733.984932] key_jar 22KB 135KB [ 733.990294] uts_namespace 3KB 7KB [ 733.995793] nsproxy 2KB 7KB [ 734.001178] vm_area_struct 3077KB 3971KB [ 734.007269] mm_struct 357KB 682KB [ 734.013056] fs_cache 134KB 368KB [ 734.023662] files_cache 469KB 723KB [ 734.029113] signal_cache 964KB 1566KB [ 734.039126] sighand_cache 619KB 624KB [ 734.045238] task_struct 4904KB 4904KB [ 734.053676] cred_jar 1993KB 2228KB [ 734.066340] anon_vma_chain 1048KB 1492KB [ 734.072575] anon_vma 133KB 288KB [ 734.082996] pid 78KB 224KB [ 734.090305] Acpi-Operand 156KB 198KB [ 734.099961] Acpi-ParseExt 9KB 11KB [ 734.107620] Acpi-Parse 41KB 47KB [ 734.112993] Acpi-State 52KB 63KB [ 734.123183] Acpi-Namespace 20KB 27KB [ 734.130041] numa_policy 0KB 3KB [ 734.139431] debug_objects_cache 1303KB 1828KB [ 734.146215] trace_event_file 297KB 298KB [ 734.152090] ftrace_event_field 398KB 401KB [ 734.162227] pool_workqueue 151KB 152KB [ 734.169788] page->ptl 462KB 1008KB [ 734.179458] kmalloc-2097152 2050KB 2050KB [ 734.185885] kmalloc-524288 2056KB 2056KB [ 734.191251] kmalloc-262144 1290KB 1290KB [ 734.201189] kmalloc-131072 650KB 650KB [ 734.208110] kmalloc-65536 2112KB 2178KB [ 734.213475] kmalloc-32768 1815KB 1815KB [ 734.222873] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 734.234276] kmalloc-16384 1155KB 1188KB [ 734.239675] kmalloc-8192 4248KB 4248KB [ 734.252565] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 734.259357] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 734.271348] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 734.278243] kmalloc-4096 21275KB 21275KB [ 734.283609] kmalloc-2048 11946KB 13323KB [ 734.298754] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 734.310154] kmalloc-1024 8772KB 11623KB [ 734.317045] kmalloc-512 16385KB 16387KB [ 734.322428] kmalloc-256 4464KB 5711KB [ 734.338850] kmalloc-128 922KB 1401KB [ 734.349545] kmalloc-96 3669KB 4076KB [ 734.356025] kmalloc-64 2381KB 3892KB [ 734.361400] kmalloc-32 1869KB 2543KB [ 734.377550] kmalloc-192 1688KB 2572KB [ 734.382932] kmem_cache 177KB 183KB [ 734.394341] Out of memory (oom_kill_allocating_task): Kill process 5381 (systemd-journal) score 0 or sacrifice child [ 734.410930] Killed process 5381 (systemd-journal) total-vm:46096kB, anon-rss:480kB, file-rss:0kB, shmem-rss:1536kB [ 734.422864] oom_reaper: reaped process 5381 (systemd-journal), now anon-rss:0kB, file-rss:0kB, shmem-rss:1540kB [ 734.458762] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 734.470361] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 734.481759] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 734.501090] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 734.560719] systemd[1]: systemd-journald.service: Failed with result 'signal'. [ 734.581755] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 734.608482] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 734.624731] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 734.631551] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 734.644017] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 734.652264] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 734.663649] systemd[1]: Stopped Journal Service. [ 734.671918] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 734.693402] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 734.709274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 734.726438] systemd[1]: Starting Journal Service... [ 734.732893] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 734.743724] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 734.756246] device veth0_vlan entered promiscuous mode [ 734.797738] device veth1_vlan entered promiscuous mode [ 734.804035] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 734.831603] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 734.852569] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 734.866210] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 734.873151] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 734.886498] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 734.886528] systemd-journald[5656]: File /run/log/journal/04d8c135ee6b410280ba31a58c89679d/system.journal corrupted or uncleanly shut down, renaming and replacing. [ 734.893902] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 734.923287] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 734.933392] device veth0_macvtap entered promiscuous mode [ 734.945890] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 734.962453] device veth1_macvtap entered promiscuous mode [ 734.969040] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 734.985439] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 735.001090] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 735.003257] systemd-journald[5656]: /dev/kmsg buffer overrun, some messages lost. [ 735.010527] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 735.032924] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 735.042425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 735.057114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 735.068230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 735.085660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 735.114111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 735.123834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 735.159340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 735.194153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 735.214791] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 735.221847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 735.239952] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 735.247709] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 735.264731] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 735.272684] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 735.296888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 735.306944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 735.334094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 735.344120] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 735.353239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 735.384126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 735.393248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 735.424070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 735.448854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 735.488639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 735.499477] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 735.530790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 735.559241] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 735.567821] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 735.656701] systemd[1]: Started Journal Service. [ 735.937166] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 735.943557] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 735.962311] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 735.993248] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 736.009519] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 736.018667] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 736.038751] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 736.053077] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 02:35:08 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{}], 0x8) 02:35:08 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:35:08 executing program 4: openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000280), 0xffffffffffffffff) 02:35:08 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000003c0)=@fd={0x1, 0x3, 0x4, 0x14020, 0x5, {0x0, 0x2710}, {0x1, 0x8, 0xec, 0x80, 0x40, 0x2, "7bf3a4d2"}, 0x2, 0x4, {}, 0x6, 0x0, r1}) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:35:08 executing program 2: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) syz_genetlink_get_family_id$gtp(0x0, r0) 02:35:08 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:35:08 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x1, 0x0, 0x5}) 02:35:08 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x0, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:35:08 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{}], 0x8) 02:35:08 executing program 4: pipe2$watch_queue(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) socket$can_bcm(0x1d, 0x2, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={0x0}}, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000800), 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000940), 0xffffffffffffffff) ioctl$PPPIOCCONNECT(r0, 0x4004743a, &(0x7f0000000340)=0x2) r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r2, 0xee00, 0xffffffffffffffff) add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc4}, &(0x7f0000000180)={0x0, "80f0a5b90f80f3733e8601ced247b053f171fc606d8be0cc10c682af98f69fe263434ce7cbc5440ec89a485525c14e66029d21fa6c62109f0cba00e4d8000930", 0x28}, 0x48, 0xfffffffffffffff9) 02:35:08 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{}], 0x8) 02:35:08 executing program 2: pipe2$watch_queue(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) socket$can_bcm(0x1d, 0x2, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={0x0}}, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000800), 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000940), 0xffffffffffffffff) ioctl$PPPIOCCONNECT(r0, 0x4004743a, &(0x7f0000000340)=0x2) r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r2, 0xee00, 0xffffffffffffffff) add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc4}, &(0x7f0000000180)={0x0, "80f0a5b90f80f3733e8601ced247b053f171fc606d8be0cc10c682af98f69fe263434ce7cbc5440ec89a485525c14e66029d21fa6c62109f0cba00e4d8000930", 0x28}, 0x48, 0xfffffffffffffff9) 02:35:08 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r1, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x1, 0x0, 0x5}) [ 743.542742] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 743.554422] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 743.559216] CPU: 1 PID: 10306 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 743.566752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 743.576111] Call Trace: [ 743.578720] dump_stack+0x1fc/0x2ef [ 743.582373] dump_header+0x15d/0xc3f [ 743.586111] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 743.591217] ? ___ratelimit+0x319/0x590 [ 743.595198] oom_kill_process.cold+0x10/0x692 [ 743.599703] ? check_preemption_disabled+0x41/0x280 [ 743.604730] ? has_intersects_mems_allowed+0x1d6/0x290 [ 743.610010] out_of_memory+0x1072/0x1390 [ 743.614085] ? oom_killer_disable+0x270/0x270 [ 743.618595] ? mutex_trylock+0x15f/0x1a0 [ 743.622665] __alloc_pages_nodemask+0x23a2/0x2890 [ 743.627535] ? find_get_entry+0x4cd/0x8a0 [ 743.631705] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 743.636593] alloc_pages_current+0x193/0x2a0 [ 743.641009] filemap_fault+0x146e/0x2180 [ 743.645087] ext4_filemap_fault+0x84/0xb0 [ 743.649235] __do_fault+0x10b/0x4b0 [ 743.652881] __handle_mm_fault+0x273b/0x41c0 [ 743.657277] ? do_signal+0x49d/0x1670 [ 743.661061] ? vm_insert_page+0x9c0/0x9c0 [ 743.665217] ? check_preemption_disabled+0x41/0x280 [ 743.670218] handle_mm_fault+0x436/0xb10 [ 743.674267] __do_page_fault+0x68e/0xd60 [ 743.678337] ? trace_hardirqs_off_caller+0x6e/0x210 [ 743.683348] ? spurious_fault+0x840/0x840 [ 743.687479] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 743.692307] ? page_fault+0x8/0x30 [ 743.695845] page_fault+0x1e/0x30 [ 743.699292] RIP: 0033:0x451cf7 [ 743.702465] Code: Bad RIP value. [ 743.705808] RSP: 002b:000000c0068bb8e8 EFLAGS: 00010207 [ 743.711172] RAX: 000000000000000d RBX: fffffffffffffffa RCX: 000000000117c760 [ 743.718421] RDX: 0000000000000003 RSI: 000000000040e3b9 RDI: 0000000000d01a24 [ 743.725670] RBP: 000000c0068bb8f8 R08: 0000000000000211 R09: 000000000040e3b9 [ 743.732943] R10: 0000000000000002 R11: 0000000000000004 R12: 000000000040e378 [ 743.740194] R13: 00000000001202d7 R14: 000000c000001380 R15: 0000000000000000 [ 743.748530] Mem-Info: [ 743.750966] active_anon:15214 inactive_anon:29118 isolated_anon:0 [ 743.750966] active_file:28 inactive_file:7 isolated_file:0 [ 743.750966] unevictable:0 dirty:29 writeback:0 unstable:0 [ 743.750966] slab_reclaimable:14630 slab_unreclaimable:119291 [ 743.750966] mapped:22007 shmem:29644 pagetables:592 bounce:0 [ 743.750966] free:25132 free_pcp:0 free_cma:0 [ 743.784237] Node 0 active_anon:58320kB inactive_anon:51176kB active_file:36kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86540kB dirty:80kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 14336kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 743.812300] Node 1 active_anon:2536kB inactive_anon:65296kB active_file:76kB inactive_file:16kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1488kB dirty:36kB writeback:0kB shmem:65820kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 743.841641] Node 0 DMA free:10972kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 743.953364] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 743.970700] Node 0 DMA32 free:35680kB min:35996kB low:44992kB high:53988kB active_anon:58320kB inactive_anon:51176kB active_file:16kB inactive_file:20kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:2032kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 744.060035] lowmem_reserve[]: 0 0 1 1 1 [ 744.073953] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 744.106761] lowmem_reserve[]: 0 0 0 0 0 [ 744.110762] Node 1 Normal free:53496kB min:53876kB low:67344kB high:80812kB active_anon:2548kB inactive_anon:65296kB active_file:136kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:336kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 744.165873] lowmem_reserve[]: 0 0 0 0 0 [ 744.169983] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 0*32kB 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10972kB [ 744.234240] Node 0 DMA32: 1235*4kB (ME) 825*8kB (ME) 221*16kB (UME) 39*32kB (ME) 23*64kB (ME) 14*128kB (UM) 5*256kB (UM) 2*512kB (M) 2*1024kB (UM) 2*2048kB (M) 2*4096kB (U) = 36228kB [ 744.283035] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 744.315973] Node 1 Normal: 238*4kB (UME) 217*8kB (UME) 178*16kB (ME) 108*32kB (M) 16*64kB (ME) 8*128kB (UME) 7*256kB (UM) 2*512kB (ME) 3*1024kB (UME) 2*2048kB (UE) 8*4096kB (U) = 53792kB [ 744.354182] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 744.363054] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 744.378967] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 744.416073] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 744.461176] 29709 total pagecache pages [ 744.473052] 0 pages in swap cache [ 744.489272] Swap cache stats: add 0, delete 0, find 0/0 [ 744.514379] Free swap = 0kB [ 744.517419] Total swap = 0kB [ 744.520433] 2097051 pages RAM [ 744.541136] 0 pages HighMem/MovableOnly [ 744.562174] 369649 pages reserved [ 744.574295] 0 pages cma reserved [ 744.577691] Unreclaimable slab info: [ 744.581398] Name Used Total [ 744.631446] pid_2 44KB 204KB [ 744.661183] batadv_tt_change_cache 1KB 3KB [ 744.683229] batadv_tl_cache 6KB 12KB [ 744.704403] TIPC 12KB 22KB [ 744.709794] SCTPv6 16KB 30KB [ 744.747283] DCCPv6 17KB 30KB [ 744.765428] DCCP 16KB 28KB [ 744.770853] RXRPC 13KB 26KB [ 744.782006] rxrpc_call_jar 90KB 118KB [ 744.813435] bridge_fdb_cache 11KB 23KB [ 744.818927] fib6_nodes 187KB 240KB [ 744.856820] ip6_dst_cache 256KB 412KB [ 744.862228] RAWv6 81KB 94KB [ 744.918176] UDPv6 30KB 37KB [ 744.939431] TCPv6 39KB 42KB [ 744.973443] nf_conntrack 11KB 11KB [ 744.978907] t10_alua_lu_gp_cache 0KB 3KB [ 745.018394] sd_ext_cdb 0KB 7KB [ 745.040648] scsi_sense_cache 1056KB 1060KB [ 745.046077] virtio_scsi_cmd 16KB 16KB [ 745.051441] sgpool-128 8KB 8KB [ 745.079139] sgpool-64 4KB 12KB [ 745.094615] sgpool-32 2KB 15KB [ 745.100007] sgpool-16 1KB 7KB [ 745.110341] sgpool-8 0KB 7KB [ 745.122207] mqueue_inode_cache 12KB 30KB [ 745.148174] bio_post_read_ctx 14KB 15KB [ 745.169197] bio-2 14KB 15KB [ 745.191611] jfs_mp 7KB 7KB [ 745.216668] cifs_small_rq 15KB 16KB [ 745.222059] cifs_request 67KB 67KB [ 745.253196] cifs_mpx_ids 0KB 7KB [ 745.272484] nfs_commit_data 3KB 14KB [ 745.301972] nfs_write_data 34KB 44KB [ 745.321572] ext4_system_zone 1KB 7KB [ 745.340730] bio-1 1KB 7KB [ 745.346137] pid_namespace 2KB 11KB [ 745.351507] rpc_buffers 17KB 25KB [ 745.416412] rpc_tasks 2KB 7KB [ 745.421806] UNIX 669KB 675KB [ 745.447383] tcp_bind_bucket 1KB 4KB [ 745.452794] ip_fib_trie 28KB 39KB [ 745.490203] ip_fib_alias 132KB 173KB [ 745.505987] ip_dst_cache 7KB 20KB [ 745.511366] RAW 48KB 52KB [ 745.540874] UDP 38KB 54KB [ 745.556808] TCP 14KB 22KB [ 745.574728] hugetlbfs_inode_cache 3KB 15KB [ 745.580461] fscache_cookie_jar 1KB 11KB [ 745.609321] eventpoll_pwq 35KB 43KB [ 745.626960] eventpoll_epi 61KB 63KB [ 745.632350] inotify_inode_mark 20KB 47KB [ 745.639230] request_queue 199KB 199KB [ 745.650916] blkdev_requests 1KB 3KB [ 745.676465] blkdev_ioc 35KB 38KB [ 745.681870] bio-0 1406KB 1440KB [ 745.710599] biovec-max 1650KB 1683KB [ 745.726427] biovec-64 1276KB 1323KB [ 745.731886] biovec-16 115KB 120KB [ 745.759107] bio_integrity_payload 1KB 8KB [ 745.780323] khugepaged_mm_slot 6KB 34KB [ 745.799923] uid_cache 0KB 4KB [ 745.813027] dmaengine-unmap-2 0KB 3KB [ 745.818520] skbuff_fclone_cache 67KB 161KB [ 745.847744] skbuff_head_cache 7700KB 7713KB [ 745.853138] configfs_dir_cache 3KB 7KB [ 745.882147] file_lock_cache 78KB 198KB [ 745.911334] file_lock_ctx 9KB 11KB [ 745.926704] fsnotify_mark_connector 10KB 31KB [ 745.932607] net_namespace 61KB 61KB [ 745.974328] shmem_inode_cache 8146KB 8407KB [ 745.981537] task_delay_info 149KB 387KB [ 745.987516] taskstats 45KB 130KB [ 745.992899] proc_dir_entry 760KB 828KB [ 746.009060] pde_opener 12KB 34KB [ 746.015728] seq_file 327KB 507KB [ 746.021077] sigqueue 55KB 55KB [ 746.034141] kernfs_node_cache 18240KB 18246KB [ 746.039530] mnt_cache 190KB 204KB [ 746.045545] filp 7061KB 7672KB [ 746.050905] names_cache 136875KB 136935KB [ 746.059921] iint_cache 34KB 59KB [ 746.067136] key_jar 28KB 135KB [ 746.072522] uts_namespace 3KB 7KB [ 746.079852] nsproxy 1KB 7KB [ 746.087909] vm_area_struct 3287KB 3967KB [ 746.093274] mm_struct 399KB 682KB [ 746.100355] fs_cache 131KB 368KB [ 746.107598] files_cache 499KB 723KB [ 746.112944] signal_cache 1019KB 1566KB [ 746.121904] sighand_cache 582KB 624KB [ 746.130119] task_struct 5163KB 5201KB [ 746.136637] cred_jar 2017KB 2228KB [ 746.142003] anon_vma_chain 1062KB 1492KB [ 746.149155] anon_vma 163KB 288KB [ 746.158170] pid 81KB 224KB [ 746.167258] Acpi-Operand 156KB 198KB [ 746.172622] Acpi-ParseExt 9KB 11KB [ 746.179845] Acpi-Parse 41KB 47KB [ 746.188831] Acpi-State 52KB 63KB [ 746.197903] Acpi-Namespace 20KB 27KB [ 746.203278] numa_policy 0KB 3KB [ 746.212240] debug_objects_cache 1321KB 1828KB [ 746.219540] trace_event_file 297KB 298KB [ 746.228486] ftrace_event_field 398KB 401KB [ 746.237614] pool_workqueue 131KB 152KB [ 746.242973] page->ptl 468KB 1008KB [ 746.250158] kmalloc-2097152 2050KB 2050KB [ 746.259213] kmalloc-524288 2056KB 2056KB [ 746.268303] kmalloc-262144 1290KB 1290KB [ 746.275425] kmalloc-131072 650KB 650KB [ 746.280770] kmalloc-65536 2112KB 2178KB [ 746.289560] kmalloc-32768 1815KB 1815KB [ 746.298544] kmalloc-16384 1254KB 1254KB [ 746.305841] kmalloc-8192 4463KB 4463KB [ 746.311201] kmalloc-4096 21581KB 21632KB [ 746.318983] kmalloc-2048 12461KB 13317KB [ 746.326854] kmalloc-1024 9072KB 11623KB [ 746.332227] kmalloc-512 16341KB 16443KB [ 746.339296] kmalloc-256 4559KB 5711KB [ 746.348255] kmalloc-128 963KB 1401KB [ 746.357163] kmalloc-96 3654KB 4076KB [ 746.362527] kmalloc-64 2418KB 3892KB [ 746.369628] kmalloc-32 1869KB 2543KB [ 746.378631] kmalloc-192 1721KB 2572KB [ 746.387475] kmem_cache 177KB 183KB [ 746.392858] Out of memory (oom_kill_allocating_task): Kill process 10306 (syz-fuzzer) score 0 or sacrifice child [ 746.406702] Killed process 8113 (syz-executor.4) total-vm:48512kB, anon-rss:436kB, file-rss:4kB, shmem-rss:0kB [ 746.417191] oom_reaper: reaped process 8113 (syz-executor.4), now anon-rss:0kB, file-rss:14336kB, shmem-rss:0kB [ 746.434401] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 746.450099] oom_reaper: reaped process 5713 (syz-executor.3), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 746.460384] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 746.468874] CPU: 0 PID: 10306 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 746.476404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 746.485752] Call Trace: [ 746.488344] dump_stack+0x1fc/0x2ef [ 746.491975] dump_header+0x15d/0xc3f [ 746.495695] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 746.500798] ? ___ratelimit+0x319/0x590 [ 746.504782] oom_kill_process.cold+0x10/0x692 [ 746.509277] ? check_preemption_disabled+0x41/0x280 [ 746.514292] ? has_intersects_mems_allowed+0x1d6/0x290 [ 746.519567] out_of_memory+0x1072/0x1390 [ 746.523634] ? oom_killer_disable+0x270/0x270 [ 746.528128] ? mutex_trylock+0x15f/0x1a0 [ 746.532190] __alloc_pages_nodemask+0x23a2/0x2890 [ 746.537038] ? find_get_entry+0x4cd/0x8a0 [ 746.541193] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 746.546043] alloc_pages_current+0x193/0x2a0 [ 746.550435] filemap_fault+0x146e/0x2180 [ 746.554486] ext4_filemap_fault+0x84/0xb0 [ 746.558694] __do_fault+0x10b/0x4b0 [ 746.562327] __handle_mm_fault+0x273b/0x41c0 [ 746.566735] ? do_signal+0x49d/0x1670 [ 746.570525] ? vm_insert_page+0x9c0/0x9c0 [ 746.574674] ? check_preemption_disabled+0x41/0x280 [ 746.579692] handle_mm_fault+0x436/0xb10 [ 746.583740] __do_page_fault+0x68e/0xd60 [ 746.587792] ? trace_hardirqs_off_caller+0x6e/0x210 [ 746.592810] ? spurious_fault+0x840/0x840 [ 746.596949] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 746.601782] ? page_fault+0x8/0x30 [ 746.605308] page_fault+0x1e/0x30 [ 746.608745] RIP: 0033:0x451cf7 [ 746.611934] Code: Bad RIP value. [ 746.615275] RSP: 002b:000000c0068bb8e8 EFLAGS: 00010207 [ 746.620631] RAX: 000000000000000d RBX: fffffffffffffffa RCX: 000000000117c760 [ 746.627883] RDX: 0000000000000003 RSI: 000000000040e3b9 RDI: 0000000000d01a24 [ 746.635133] RBP: 000000c0068bb8f8 R08: 0000000000000211 R09: 000000000040e3b9 [ 746.642398] R10: 0000000000000002 R11: 0000000000000004 R12: 000000000040e378 [ 746.649654] R13: 00000000001202d7 R14: 000000c000001380 R15: 0000000000000000 [ 746.660368] Mem-Info: [ 746.662801] active_anon:14589 inactive_anon:29118 isolated_anon:0 [ 746.662801] active_file:20 inactive_file:7 isolated_file:0 [ 746.662801] unevictable:0 dirty:0 writeback:0 unstable:0 [ 746.662801] slab_reclaimable:14630 slab_unreclaimable:119288 [ 746.662801] mapped:18413 shmem:29644 pagetables:555 bounce:0 [ 746.662801] free:14601 free_pcp:480 free_cma:0 [ 746.689883] syz-executor.3: vmalloc: allocation failure, allocated 1709817856 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 746.701215] Node 0 active_anon:55808kB inactive_anon:51176kB active_file:4kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:72204kB dirty:0kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 14336kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 746.727781] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 746.740760] Node 1 active_anon:2548kB inactive_anon:65296kB active_file:76kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1448kB dirty:0kB writeback:0kB shmem:65820kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 746.763606] CPU: 1 PID: 5713 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 746.777236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 746.779415] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 746.786580] Call Trace: [ 746.786602] dump_stack+0x1fc/0x2ef [ 746.786618] warn_alloc.cold+0x7b/0x18f [ 746.786634] ? zone_watermark_ok_safe+0x260/0x260 [ 746.786651] ? retint_kernel+0x2d/0x2d [ 746.786680] __vmalloc_area_node+0x4fd/0x780 [ 746.821564] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 746.823110] ? __vmalloc_node_range+0x180/0x180 [ 746.827987] Node 0 DMA32 free:31244kB min:35996kB low:44992kB high:53988kB active_anon:55716kB inactive_anon:51176kB active_file:0kB inactive_file:64kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7456kB pagetables:1880kB bounce:0kB free_pcp:2136kB local_pcp:764kB free_cma:0kB [ 746.831789] ? _raw_spin_unlock+0x29/0x40 [ 746.842879] lowmem_reserve[]: 0 0 1 1 1 [ 746.845845] ? __get_vm_area_node+0x2e2/0x3a0 [ 746.845864] __vmalloc_node_range+0xed/0x180 [ 746.845881] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 746.845898] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 746.881928] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 746.882914] vmalloc_user+0x70/0xe0 [ 746.887416] lowmem_reserve[]: 0 0 0 0 0 [ 746.891780] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 746.904883] Node 1 Normal free:26828kB min:53876kB low:67344kB high:80812kB active_anon:2544kB inactive_anon:65296kB active_file:80kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:336kB bounce:0kB free_pcp:252kB local_pcp:4kB free_cma:0kB [ 746.927366] vb2_vmalloc_alloc+0xb3/0x2f0 [ 746.927381] __vb2_queue_alloc+0x472/0xe60 [ 746.927403] vb2_core_create_bufs+0x273/0x7e0 [ 746.927417] ? __vb2_queue_free+0x870/0x870 [ 746.927433] ? mutex_trylock+0x1a0/0x1a0 [ 746.927449] ? __video_do_ioctl+0x632/0xcd0 [ 746.937544] lowmem_reserve[]: 0 0 0 0 0 [ 746.939354] vb2_create_bufs+0x332/0x620 [ 746.979527] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 746.980621] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 746.985009] Node 0 DMA32: 1135*4kB (UME) 832*8kB (UME) 270*16kB (UME) 81*32kB (UME) 58*64kB (UME) 44*128kB (UM) 9*256kB (UM) 3*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 31292kB [ 746.989073] ? __video_do_ioctl+0x632/0xcd0 [ 747.000001] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 747.001386] ? mutex_trylock+0x1a0/0x1a0 [ 747.023205] Node 1 Normal: 237*4kB (ME) 217*8kB (UME) 179*16kB (UME) 109*32kB (UM) 16*64kB (ME) 7*128kB (ME) 6*256kB (M) 2*512kB (ME) 3*1024kB (UME) 1*2048kB (E) 2*4096kB (U) = 26828kB [ 747.035319] ? mark_held_locks+0xf0/0xf0 [ 747.035341] vb2_ioctl_create_bufs+0x20d/0x360 [ 747.035357] ? memset+0x20/0x40 [ 747.035374] v4l_create_bufs+0xb2/0x160 [ 747.035390] __video_do_ioctl+0x49a/0xcd0 [ 747.035408] ? v4l_querycap+0x340/0x340 [ 747.044976] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 747.050728] ? __might_fault+0x192/0x1d0 [ 747.056129] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 747.071447] ? v4l_querycap+0x340/0x340 [ 747.071463] video_usercopy+0x13f/0xfa0 [ 747.071489] ? v4l_enumstd+0x60/0x60 [ 747.071506] ? do_futex+0x171/0x1880 [ 747.081869] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 747.083433] ? mark_held_locks+0xf0/0xf0 [ 747.083450] ? debug_check_no_obj_freed+0x201/0x490 [ 747.083470] ? video_usercopy+0xfa0/0xfa0 [ 747.083483] v4l2_ioctl+0x147/0x1a0 [ 747.087458] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 747.091577] ? video_devdata+0xa0/0xa0 [ 747.101945] 29672 total pagecache pages [ 747.104444] do_vfs_ioctl+0xcdb/0x12e0 [ 747.104461] ? lock_downgrade+0x720/0x720 [ 747.104476] ? check_preemption_disabled+0x41/0x280 [ 747.104487] ? ioctl_preallocate+0x200/0x200 [ 747.104505] ? __fget+0x356/0x510 [ 747.110802] 0 pages in swap cache [ 747.117209] ? do_dup2+0x450/0x450 [ 747.117225] ? __se_sys_futex+0x298/0x3b0 [ 747.117245] ksys_ioctl+0x9b/0xc0 [ 747.117263] __x64_sys_ioctl+0x6f/0xb0 [ 747.117278] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 747.117293] do_syscall_64+0xf9/0x620 [ 747.127916] Swap cache stats: add 0, delete 0, find 0/0 [ 747.129040] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 747.132733] Free swap = 0kB [ 747.141548] RIP: 0033:0x7f15d34aa0f9 [ 747.141562] Code: Bad RIP value. [ 747.141569] RSP: 002b:00007f15d1a1c168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 747.141581] RAX: ffffffffffffffda RBX: 00007f15d35c9f80 RCX: 00007f15d34aa0f9 [ 747.141589] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 747.141596] RBP: 00007f15d3505ae9 R08: 0000000000000000 R09: 0000000000000000 [ 747.141604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 747.141622] R13: 00007fff974dc66f R14: 00007f15d1a1c300 R15: 0000000000022000 [ 747.152326] Total swap = 0kB [ 747.174166] Mem-Info: [ 747.188755] 2097051 pages RAM [ 747.218342] active_anon:14549 inactive_anon:29118 isolated_anon:0 [ 747.218342] active_file:13 inactive_file:15 isolated_file:0 [ 747.218342] unevictable:0 dirty:0 writeback:0 unstable:0 [ 747.218342] slab_reclaimable:14605 slab_unreclaimable:118890 [ 747.218342] mapped:18404 shmem:29644 pagetables:564 bounce:0 [ 747.218342] free:17656 free_pcp:580 free_cma:0 [ 747.234889] 0 pages HighMem/MovableOnly [ 747.332296] Node 0 active_anon:55652kB inactive_anon:51176kB active_file:16kB inactive_file:20kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:72168kB dirty:0kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 12288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 747.332324] Node 1 active_anon:2544kB inactive_anon:65296kB active_file:36kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1448kB dirty:0kB writeback:0kB shmem:65820kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 747.332329] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 747.332360] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 747.332379] Node 0 DMA32 free:35016kB min:35996kB low:44992kB high:53988kB active_anon:55652kB inactive_anon:51176kB active_file:16kB inactive_file:20kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7456kB pagetables:1920kB bounce:0kB free_pcp:484kB local_pcp:244kB free_cma:0kB [ 747.332411] lowmem_reserve[]: 0 0 1 1 1 [ 747.332429] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 747.332458] lowmem_reserve[]: 0 0 0 0 0 [ 747.332477] Node 1 Normal free:27028kB min:53876kB low:67344kB high:80812kB active_anon:2544kB inactive_anon:65296kB active_file:36kB inactive_file:40kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:336kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 747.332508] lowmem_reserve[]: 0 0 0 0 0 [ 747.332527] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 747.332601] Node 0 DMA32: 1210*4kB (ME) 1008*8kB (UME) 278*16kB (UME) 86*32kB (UME) 65*64kB (UME) 51*128kB (UM) 9*256kB (UM) 3*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 34632kB [ 747.332673] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 747.332727] Node 1 Normal: 236*4kB (ME) 215*8kB (ME) 178*16kB (UME) 108*32kB (UM) 17*64kB (ME) 7*128kB (ME) 7*256kB (UM) 2*512kB (ME) 3*1024kB (UME) 1*2048kB (E) 2*4096kB (U) = 27080kB [ 747.332812] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 747.332822] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 747.332832] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 747.332842] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 747.332848] 29672 total pagecache pages [ 747.332860] 0 pages in swap cache [ 747.332868] Swap cache stats: add 0, delete 0, find 0/0 [ 747.332873] Free swap = 0kB [ 747.332878] Total swap = 0kB [ 747.332885] 2097051 pages RAM [ 747.332890] 0 pages HighMem/MovableOnly [ 747.332895] 369649 pages reserved [ 747.332900] 0 pages cma reserved [ 747.649357] 369649 pages reserved [ 747.652827] 0 pages cma reserved [ 747.656334] Unreclaimable slab info: [ 747.660048] Name Used Total [ 747.665650] pid_2 41KB 204KB [ 747.671079] batadv_tt_change_cache 1KB 3KB [ 747.676911] batadv_tl_cache 5KB 12KB [ 747.682322] TIPC 12KB 22KB [ 747.687783] SCTPv6 16KB 30KB [ 747.693152] DCCPv6 17KB 30KB [ 747.698648] DCCP 16KB 28KB [ 747.704101] RXRPC 13KB 26KB [ 747.709563] rxrpc_call_jar 90KB 118KB [ 747.714972] bridge_fdb_cache 11KB 23KB [ 747.722186] fib6_nodes 184KB 240KB [ 747.727619] ip6_dst_cache 273KB 412KB [ 747.732992] RAWv6 81KB 94KB [ 747.738451] UDPv6 30KB 37KB [ 747.744034] TCPv6 24KB 42KB [ 747.749410] nf_conntrack 10KB 11KB [ 747.754913] t10_alua_lu_gp_cache 0KB 3KB [ 747.760633] sd_ext_cdb 0KB 7KB [ 747.766134] scsi_sense_cache 1056KB 1060KB [ 747.771494] virtio_scsi_cmd 16KB 16KB [ 747.776978] sgpool-128 8KB 8KB [ 747.782350] sgpool-64 4KB 12KB [ 747.813953] sgpool-32 2KB 15KB [ 747.819356] sgpool-16 1KB 7KB [ 747.859211] sgpool-8 0KB 7KB [ 747.900090] mqueue_inode_cache 12KB 30KB [ 747.938945] bio_post_read_ctx 14KB 15KB [ 747.968168] bio-2 14KB 15KB [ 748.001588] jfs_mp 7KB 7KB [ 748.007507] cifs_small_rq 15KB 16KB [ 748.012879] cifs_request 67KB 67KB [ 748.062185] cifs_mpx_ids 0KB 7KB [ 748.103028] nfs_commit_data 3KB 14KB [ 748.149474] nfs_write_data 34KB 44KB [ 748.167321] ieee802154 phy0 wpan0: encryption failed: -22 [ 748.174337] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.176643] ext4_system_zone 1KB 7KB [ 748.236749] bio-1 1KB 7KB [ 748.242145] pid_namespace 2KB 11KB [ 748.292052] rpc_buffers 17KB 25KB [ 748.329984] rpc_tasks 2KB 7KB [ 748.397722] UNIX 667KB 675KB [ 748.403126] tcp_bind_bucket 1KB 4KB [ 748.470807] ip_fib_trie 27KB 39KB [ 748.520127] ip_fib_alias 131KB 173KB [ 748.560240] ip_dst_cache 6KB 20KB [ 748.611777] RAW 48KB 52KB [ 748.640206] UDP 38KB 54KB [ 748.702672] TCP 11KB 16KB [ 748.760241] hugetlbfs_inode_cache 3KB 15KB [ 748.792905] fscache_cookie_jar 1KB 11KB [ 748.839526] eventpoll_pwq 35KB 43KB [ 748.882621] eventpoll_epi 61KB 63KB [ 748.908519] inotify_inode_mark 18KB 47KB [ 748.924969] request_queue 199KB 199KB [ 748.930367] blkdev_requests 1KB 3KB [ 748.966915] blkdev_ioc 31KB 38KB [ 748.972313] bio-0 1406KB 1440KB [ 749.002800] biovec-max 1650KB 1683KB [ 749.008241] biovec-64 1276KB 1323KB [ 749.040887] biovec-16 115KB 120KB [ 749.052861] bio_integrity_payload 1KB 8KB [ 749.092365] khugepaged_mm_slot 5KB 34KB [ 749.121992] uid_cache 0KB 4KB [ 749.130959] dmaengine-unmap-2 0KB 3KB [ 749.160059] skbuff_fclone_cache 66KB 161KB [ 749.172601] skbuff_head_cache 8004KB 8006KB [ 749.202298] configfs_dir_cache 3KB 7KB [ 749.235394] file_lock_cache 71KB 198KB [ 749.240813] file_lock_ctx 9KB 11KB [ 749.270170] fsnotify_mark_connector 9KB 31KB [ 749.283041] net_namespace 61KB 61KB [ 749.312906] shmem_inode_cache 8135KB 8399KB [ 749.366633] task_delay_info 148KB 387KB [ 749.372029] taskstats 44KB 130KB [ 749.412280] proc_dir_entry 760KB 828KB [ 749.438603] pde_opener 12KB 34KB [ 749.476756] seq_file 322KB 507KB [ 749.482154] sigqueue 55KB 55KB [ 749.539379] kernfs_node_cache 18234KB 18246KB [ 749.552920] mnt_cache 190KB 204KB [ 749.590182] filp 7058KB 7672KB [ 749.602060] names_cache 135966KB 136025KB [ 749.663783] iint_cache 34KB 59KB [ 749.669183] key_jar 24KB 135KB [ 749.681887] uts_namespace 3KB 7KB [ 749.690860] nsproxy 1KB 7KB [ 749.703578] vm_area_struct 3285KB 3967KB [ 749.708986] mm_struct 398KB 682KB [ 749.718858] fs_cache 130KB 368KB [ 749.772870] files_cache 496KB 723KB [ 749.799925] signal_cache 1012KB 1559KB [ 749.805398] sighand_cache 573KB 617KB [ 749.810787] task_struct 5151KB 5201KB [ 749.837825] cred_jar 1990KB 2228KB [ 749.846903] anon_vma_chain 1058KB 1492KB [ 749.852271] anon_vma 135KB 288KB [ 749.867405] pid 80KB 224KB [ 749.912179] Acpi-Operand 156KB 198KB [ 749.933665] Acpi-ParseExt 9KB 11KB [ 749.939057] Acpi-Parse 41KB 47KB [ 749.991998] Acpi-State 52KB 63KB [ 750.001380] Acpi-Namespace 20KB 27KB [ 750.032480] numa_policy 0KB 3KB [ 750.037969] debug_objects_cache 1321KB 1828KB [ 750.047699] trace_event_file 297KB 298KB [ 750.053876] ftrace_event_field 398KB 401KB [ 750.059468] pool_workqueue 129KB 152KB [ 750.065735] page->ptl 466KB 1008KB [ 750.072260] kmalloc-2097152 2050KB 2050KB [ 750.081197] kmalloc-524288 2056KB 2056KB [ 750.087715] kmalloc-262144 1290KB 1290KB [ 750.093183] kmalloc-131072 650KB 650KB [ 750.098731] kmalloc-65536 2112KB 2178KB [ 750.104817] kmalloc-32768 1815KB 1815KB [ 750.110751] kmalloc-16384 1221KB 1254KB [ 750.116835] kmalloc-8192 4463KB 4463KB [ 750.122264] kmalloc-4096 21505KB 21556KB [ 750.136473] kmalloc-2048 12450KB 13317KB [ 750.141859] kmalloc-1024 9234KB 11623KB [ 750.147482] kmalloc-512 16901KB 16905KB [ 750.154680] kmalloc-256 4567KB 5711KB [ 750.160746] kmalloc-128 973KB 1401KB [ 750.166215] kmalloc-96 3707KB 4076KB [ 750.171638] kmalloc-64 2414KB 3892KB [ 750.186758] kmalloc-32 1880KB 2543KB [ 750.192283] kmalloc-192 1735KB 2572KB [ 750.198352] kmem_cache 177KB 183KB [ 750.204345] Out of memory (oom_kill_allocating_task): Kill process 10306 (syz-fuzzer) score 0 or sacrifice child [ 750.215888] Killed process 8109 (syz-executor.2) total-vm:48512kB, anon-rss:436kB, file-rss:0kB, shmem-rss:0kB [ 750.752196] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 750.767188] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 750.784448] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 750.792897] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 750.808166] device bridge_slave_1 left promiscuous mode [ 750.816699] bridge0: port 2(bridge_slave_1) entered disabled state [ 750.828454] device bridge_slave_0 left promiscuous mode [ 750.836851] bridge0: port 1(bridge_slave_0) entered disabled state [ 750.850122] device veth1_macvtap left promiscuous mode [ 750.858759] device veth0_macvtap left promiscuous mode [ 750.867224] device veth1_vlan left promiscuous mode [ 750.872289] device veth0_vlan left promiscuous mode [ 751.029811] device hsr_slave_1 left promiscuous mode [ 751.041186] device hsr_slave_0 left promiscuous mode [ 751.069233] team0 (unregistering): Port device team_slave_1 removed [ 751.082339] team0 (unregistering): Port device team_slave_0 removed [ 751.101704] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 751.122640] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 751.176034] bond0 (unregistering): Released all slaves [ 752.892107] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 752.906366] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 752.921683] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 752.929908] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 752.942299] device bridge_slave_1 left promiscuous mode [ 752.950094] bridge0: port 2(bridge_slave_1) entered disabled state [ 752.961676] device bridge_slave_0 left promiscuous mode [ 752.969889] bridge0: port 1(bridge_slave_0) entered disabled state [ 752.984077] device veth1_macvtap left promiscuous mode [ 752.989383] device veth0_macvtap left promiscuous mode [ 752.999181] device veth1_vlan left promiscuous mode [ 753.005501] device veth0_vlan left promiscuous mode [ 753.149338] device hsr_slave_1 left promiscuous mode [ 753.162632] device hsr_slave_0 left promiscuous mode [ 753.185738] team0 (unregistering): Port device team_slave_1 removed [ 753.202486] team0 (unregistering): Port device team_slave_0 removed [ 753.220499] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 753.237567] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 753.289038] bond0 (unregistering): Released all slaves 02:35:24 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:35:24 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r1, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x7, 0x1, 0x1, 0x0, 0x5}) 02:35:24 executing program 2: pipe2$watch_queue(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) socket$can_bcm(0x1d, 0x2, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={0x0}}, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000800), 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000940), 0xffffffffffffffff) ioctl$PPPIOCCONNECT(r0, 0x4004743a, &(0x7f0000000340)=0x2) r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r2, 0xee00, 0xffffffffffffffff) add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc4}, &(0x7f0000000180)={0x0, "80f0a5b90f80f3733e8601ced247b053f171fc606d8be0cc10c682af98f69fe263434ce7cbc5440ec89a485525c14e66029d21fa6c62109f0cba00e4d8000930", 0x28}, 0x48, 0xfffffffffffffff9) add_key$fscrypt_v1(&(0x7f0000000200), &(0x7f0000000240)={'fscrypt:', @desc2}, &(0x7f0000000280)={0x0, "ace4b5cfa5b588a8200e2ff3326e70a932a671d11ebdfeabfaea509f0cbad5f3d03569ded14c2fd529674a86318405f0330710b3322ca254eda80009bccb22b9", 0x14}, 0x48, 0xfffffffffffffffe) keyctl$invalidate(0x3, r2) r3 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) add_key(&(0x7f0000000740)='big_key\x00', 0x0, 0x0, 0x0, r3) 02:35:24 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:35:24 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{}, {0x1}}, {}], 0x10) 02:35:24 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{}, {}], 0x10) 02:35:24 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x0, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:35:24 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000003c0)=@fd={0x1, 0x3, 0x4, 0x14020, 0x5, {0x0, 0x2710}, {0x1, 0x8, 0xec, 0x80, 0x40, 0x2, "7bf3a4d2"}, 0x2, 0x4, {}, 0x6, 0x0, r1}) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) [ 756.110351] IPVS: ftp: loaded support on port[0] = 21 [ 756.126338] IPVS: ftp: loaded support on port[0] = 21 [ 756.449593] chnl_net:caif_netlink_parms(): no params data found [ 756.467978] chnl_net:caif_netlink_parms(): no params data found [ 756.604773] bridge0: port 1(bridge_slave_0) entered blocking state [ 756.613228] bridge0: port 1(bridge_slave_0) entered disabled state [ 756.620889] device bridge_slave_0 entered promiscuous mode [ 756.629247] bridge0: port 1(bridge_slave_0) entered blocking state [ 756.637001] bridge0: port 1(bridge_slave_0) entered disabled state [ 756.645424] device bridge_slave_0 entered promiscuous mode [ 756.653374] bridge0: port 2(bridge_slave_1) entered blocking state [ 756.660363] bridge0: port 2(bridge_slave_1) entered disabled state [ 756.668907] device bridge_slave_1 entered promiscuous mode [ 756.675964] bridge0: port 2(bridge_slave_1) entered blocking state [ 756.683151] bridge0: port 2(bridge_slave_1) entered disabled state [ 756.690761] device bridge_slave_1 entered promiscuous mode [ 756.729748] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 756.740630] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 756.751683] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 756.762279] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 756.790971] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 756.799479] team0: Port device team_slave_0 added [ 756.805434] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 756.813424] team0: Port device team_slave_1 added [ 756.836702] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 756.847278] team0: Port device team_slave_0 added [ 756.859420] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 756.870477] team0: Port device team_slave_1 added [ 756.879021] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 756.885333] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 756.911313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 756.927438] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 756.934505] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 756.960068] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 756.984396] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 756.992445] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 756.999275] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 757.025167] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 757.038136] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 757.044990] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 757.075563] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 757.088334] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 757.105767] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 757.117919] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 757.129958] device hsr_slave_0 entered promiscuous mode [ 757.138613] device hsr_slave_1 entered promiscuous mode [ 757.156489] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 757.164253] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 757.188903] device hsr_slave_0 entered promiscuous mode [ 757.197329] device hsr_slave_1 entered promiscuous mode [ 757.207676] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 757.215833] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 757.420880] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 757.430846] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 757.541717] 8021q: adding VLAN 0 to HW filter on device bond0 [ 757.562181] 8021q: adding VLAN 0 to HW filter on device bond0 [ 757.571884] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 757.587712] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 757.601966] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 757.610471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 757.621524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 757.636387] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 757.647341] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 757.658108] 8021q: adding VLAN 0 to HW filter on device team0 [ 757.666197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 757.676920] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 757.689251] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 757.699308] 8021q: adding VLAN 0 to HW filter on device team0 [ 757.709917] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 757.721428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 757.731821] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 757.745035] bridge0: port 1(bridge_slave_0) entered blocking state [ 757.751452] bridge0: port 1(bridge_slave_0) entered forwarding state [ 757.765719] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 757.781140] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 757.789437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 757.802194] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 757.811015] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 757.824861] bridge0: port 1(bridge_slave_0) entered blocking state [ 757.831290] bridge0: port 1(bridge_slave_0) entered forwarding state [ 757.842162] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 757.852361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 757.866201] bridge0: port 2(bridge_slave_1) entered blocking state [ 757.872654] bridge0: port 2(bridge_slave_1) entered forwarding state [ 757.884603] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 757.900890] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 757.908650] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 757.921744] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 757.930500] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 757.943870] bridge0: port 2(bridge_slave_1) entered blocking state [ 757.950284] bridge0: port 2(bridge_slave_1) entered forwarding state [ 757.960511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 757.970125] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 757.980012] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 757.987843] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 757.996934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 758.008086] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 758.019355] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 758.027185] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 758.035933] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 758.044781] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 758.053542] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 758.064497] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 758.072596] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 758.080513] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 758.090363] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 758.102299] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 758.111825] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 758.120852] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 758.130100] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 758.141664] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 758.150055] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 758.162872] Bluetooth: hci4: command 0x0409 tx timeout [ 758.169223] Bluetooth: hci3: command 0x0409 tx timeout [ 758.170538] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 758.186212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 758.194890] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 758.203427] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 758.211047] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 758.219829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 758.228491] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 758.236944] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 758.246391] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 758.257390] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 758.268128] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 758.275398] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 758.283722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 758.293459] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 758.303603] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 758.310722] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 758.361434] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 758.372010] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 758.385709] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 758.395012] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 758.407552] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 758.423958] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 758.432862] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 758.439118] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 758.446735] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 758.459633] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 758.538558] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 758.553416] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 758.563707] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 758.571220] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 758.590969] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 758.601963] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 758.619061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 758.630973] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 758.706437] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 758.725046] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 758.732020] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 758.749017] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 758.760413] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 758.771056] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 758.787165] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 758.797833] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 758.808412] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 758.822284] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 758.834197] device veth0_vlan entered promiscuous mode [ 758.849152] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 758.857019] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 758.869083] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 758.877260] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 758.893064] device veth0_vlan entered promiscuous mode [ 758.901675] device veth1_vlan entered promiscuous mode [ 758.908304] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 758.920339] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 758.928716] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 758.936682] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 758.946442] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 758.954187] device veth1_vlan entered promiscuous mode [ 758.960673] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 758.978591] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 758.987972] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 758.998454] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 759.006194] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 759.014231] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 759.021577] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 759.029631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 759.053322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 759.066934] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 759.076003] device veth0_macvtap entered promiscuous mode [ 759.083972] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 759.095820] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 759.103273] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 759.110632] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 759.120496] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 759.131290] device veth1_macvtap entered promiscuous mode [ 759.138688] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 759.150213] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 759.158199] device veth0_macvtap entered promiscuous mode [ 759.165270] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 759.175452] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 759.184960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 759.197331] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.207006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 759.217418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.227210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 759.237733] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.247866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 759.258661] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.270766] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 759.279561] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 759.287880] device veth1_macvtap entered promiscuous mode [ 759.296516] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 759.303752] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 759.311016] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 759.319800] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 759.327859] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 759.336835] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 759.347913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 759.358873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.369094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 759.379812] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.389623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 759.401184] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.411040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 759.421469] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.432900] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 759.439787] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 759.450334] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 759.459171] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 759.468019] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 759.488474] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 759.510865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 759.527793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.544668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 759.555371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.569944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 759.580395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.596235] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 759.609600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.619670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 759.630210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.641461] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 759.650251] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 759.662242] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 759.671303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 759.707330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 759.721544] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.736445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 759.747795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.768960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 759.780215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.790129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 759.800902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.812074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 759.827073] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 759.838923] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 759.850976] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 759.867827] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 759.881391] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 760.117020] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 760.132954] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 760.140076] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 760.195968] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 760.211055] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 760.220635] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 760.230352] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 760.238549] Bluetooth: hci3: command 0x041b tx timeout [ 760.244882] Bluetooth: hci4: command 0x041b tx timeout [ 760.262859] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 760.350839] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 760.360519] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 760.380287] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 02:35:30 executing program 2: pipe2$watch_queue(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) socket$can_bcm(0x1d, 0x2, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000740)={0x0}}, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000800), 0x0, 0x0) syz_genetlink_get_family_id$gtp(&(0x7f0000000940), 0xffffffffffffffff) ioctl$PPPIOCCONNECT(r0, 0x4004743a, &(0x7f0000000340)=0x2) r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) keyctl$chown(0x4, r2, 0xee00, 0xffffffffffffffff) add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc4}, &(0x7f0000000180)={0x0, "80f0a5b90f80f3733e8601ced247b053f171fc606d8be0cc10c682af98f69fe263434ce7cbc5440ec89a485525c14e66029d21fa6c62109f0cba00e4d8000930", 0x28}, 0x48, 0xfffffffffffffff9) add_key$fscrypt_v1(&(0x7f0000000200), &(0x7f0000000240)={'fscrypt:', @desc2}, &(0x7f0000000280)={0x0, "ace4b5cfa5b588a8200e2ff3326e70a932a671d11ebdfeabfaea509f0cbad5f3d03569ded14c2fd529674a86318405f0330710b3322ca254eda80009bccb22b9", 0x14}, 0x48, 0xfffffffffffffffe) keyctl$invalidate(0x3, r2) r3 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) add_key(&(0x7f0000000740)='big_key\x00', 0x0, 0x0, 0x0, r3) [ 760.414848] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 760.435333] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 760.448034] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 760.456979] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 02:35:30 executing program 2: ioctl$PPPIOCBRIDGECHAN(0xffffffffffffffff, 0x40047435, &(0x7f0000000080)=0x1649d6ca) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x2, 0x0, 0x2}) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x145900, 0x0) ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000180)={0x1, @raw_data="691e84f41dc616fa51489ab1b7d97d948764213ab2860849881a4e50858365b8cc0d0d93dfd5cef7a50a8987a156be82e27dd85d8ae069337ab9f2272607efeeb1316703c30606a20cc89f64087f34651e160e3c16d51251ee54bdfd50357a30f59d426d852aa3ef90e7c2d7a3fa2de981557a0fa58e80e1c1e748fd054dbc47e997a24baf4c3e7c71202c9c9ee6ea13b547f3c4e41822dfdf5f4f66a43334821db6f55a88876b0e37c896bfa64af9382ed4ed406e750b5d93d46945c30d39e51b0db77a739f5237"}) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x10001, 0x0, 0x1, 0x0, 0xf0}) [ 760.505724] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 02:35:30 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800, 0x0, 0xffffffffffffffff}) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000640)={{&(0x7f0000fed000/0x13000)=nil, 0x13000}, 0x1}) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r6, 0x0, 0x0}, 0x10) r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r7, 0x0, 0x0}, 0x10) sendmsg$nl_route(r4, &(0x7f0000000600)={&(0x7f0000000540), 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=@ipv4_delroute={0x40, 0x19, 0x100, 0x70bd28, 0x25dfdbfe, {0x2, 0x20, 0x20, 0xcf, 0xfc, 0x1, 0xc8, 0x5, 0x100}, [@RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @loopback}}, @RTA_IIF={0x8}, @RTA_TABLE={0x8, 0xf, 0x7}, @RTA_TABLE={0x8, 0xf, 0x153}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x8) r8 = semget$private(0x0, 0x2, 0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) semtimedop(r8, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)={r9, r10+10000000}) ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, &(0x7f0000000340)) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_DQBUF(r5, 0xc0585611, &(0x7f0000000140)=@mmap={0x101, 0x1, 0x4, 0x4000, 0x7, {0x0, 0x2710}, {0x4, 0x1, 0x2, 0x98, 0xf8, 0x2, "d38ec247"}, 0xfffffff7, 0x1, {}, 0x0, 0x0, r4}) 02:35:30 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r1, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f0000000240)={0x1, @win={{0x318c76b6, 0x1, 0x90000000, 0x5}, 0x8, 0x80000000, &(0x7f0000000040)={{0x5, 0x10000, 0x3a4, 0x9}, &(0x7f0000000000)={{0x80, 0xfffffffd, 0x4, 0x6}}}, 0x8001, &(0x7f0000000140)="59e8121fee85a490ed0336088d73fa5d83725ac93cfaa7f0fb8a0dc7a8afd08412514ca015148f3f456b9d6cdf75c203fbc7d497a1c4d67a0fdd02f5915457bd61c37e1854669d2b446bc3f5f7eb2e801ba9d2e45e49d3c705dcc40581b81b5b1f781ed88e6a683ac9a15d81cde0f39487405df3d7b642f34a59db711db8dcac16b1831d6ac47b13eaf02035be3a7661aa11b889f23bcc96296ce5b6e5cd9403e3a726e3fa5e24dd1dce04237597bbb54528c5105131a0c501d74941276fb74d6654a6f753e259835db475c8", 0x3a}}) 02:35:30 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800, 0x0, 0xffffffffffffffff}) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000640)={{&(0x7f0000fed000/0x13000)=nil, 0x13000}, 0x1}) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r6, 0x0, 0x0}, 0x10) r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r7, 0x0, 0x0}, 0x10) sendmsg$nl_route(r4, &(0x7f0000000600)={&(0x7f0000000540), 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=@ipv4_delroute={0x40, 0x19, 0x100, 0x70bd28, 0x25dfdbfe, {0x2, 0x20, 0x20, 0xcf, 0xfc, 0x1, 0xc8, 0x5, 0x100}, [@RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @loopback}}, @RTA_IIF={0x8}, @RTA_TABLE={0x8, 0xf, 0x7}, @RTA_TABLE={0x8, 0xf, 0x153}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x8) r8 = semget$private(0x0, 0x2, 0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) semtimedop(r8, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)={r9, r10+10000000}) ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, &(0x7f0000000340)) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_DQBUF(r5, 0xc0585611, &(0x7f0000000140)=@mmap={0x101, 0x1, 0x4, 0x4000, 0x7, {0x0, 0x2710}, {0x4, 0x1, 0x2, 0x98, 0xf8, 0x2, "d38ec247"}, 0xfffffff7, 0x1, {}, 0x0, 0x0, r4}) [ 762.023005] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 762.034505] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 762.039282] CPU: 1 PID: 8082 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 762.046724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 762.056098] Call Trace: [ 762.058691] dump_stack+0x1fc/0x2ef [ 762.062322] dump_header+0x15d/0xc3f [ 762.066040] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 762.071148] ? ___ratelimit+0x319/0x590 [ 762.075124] oom_kill_process.cold+0x10/0x692 [ 762.079625] ? check_preemption_disabled+0x41/0x280 [ 762.084659] ? has_intersects_mems_allowed+0x1d6/0x290 [ 762.089942] out_of_memory+0x1072/0x1390 [ 762.094024] ? oom_killer_disable+0x270/0x270 [ 762.098528] ? mutex_trylock+0x15f/0x1a0 [ 762.102604] __alloc_pages_nodemask+0x23a2/0x2890 [ 762.107463] ? find_get_entry+0x4cd/0x8a0 [ 762.111627] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 762.116494] alloc_pages_current+0x193/0x2a0 [ 762.120905] filemap_fault+0x146e/0x2180 [ 762.124986] ext4_filemap_fault+0x84/0xb0 [ 762.129145] __do_fault+0x10b/0x4b0 [ 762.132792] __handle_mm_fault+0x273b/0x41c0 [ 762.138779] ? vm_insert_page+0x9c0/0x9c0 [ 762.142939] ? __fget+0x356/0x510 [ 762.146437] ? check_preemption_disabled+0x41/0x280 [ 762.151461] handle_mm_fault+0x436/0xb10 [ 762.155532] __do_page_fault+0x68e/0xd60 [ 762.159610] ? trace_hardirqs_off_caller+0x6e/0x210 [ 762.164644] ? spurious_fault+0x840/0x840 [ 762.168795] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 762.173642] ? page_fault+0x8/0x30 [ 762.177191] page_fault+0x1e/0x30 [ 762.180641] RIP: 0033:0x40b400 [ 762.183830] Code: Bad RIP value. [ 762.187188] RSP: 002b:000000c000061e00 EFLAGS: 00010246 [ 762.192548] RAX: 000000c000042ed8 RBX: 0000000000000000 RCX: 0000000000000001 [ 762.199818] RDX: 000000b1a1123dc1 RSI: 0000000000000000 RDI: 000000b1a1123dc1 [ 762.207084] RBP: 000000c000061e40 R08: 00007ffc0a3ee000 R09: 000000c3fb57dd56 [ 762.214350] R10: 001ce6691a8fc60a R11: 0000000000000001 R12: 000000c000061ce8 [ 762.221619] R13: 0000000000000000 R14: 000000c0000009c0 R15: 0000000000000000 [ 762.246463] Mem-Info: [ 762.248960] active_anon:15825 inactive_anon:29121 isolated_anon:0 [ 762.248960] active_file:11 inactive_file:20 isolated_file:0 [ 762.248960] unevictable:0 dirty:2 writeback:0 unstable:0 [ 762.248960] slab_reclaimable:14131 slab_unreclaimable:115571 [ 762.248960] mapped:22131 shmem:29645 pagetables:628 bounce:0 [ 762.248960] free:25004 free_pcp:117 free_cma:0 [ 762.313071] Bluetooth: hci4: command 0x040f tx timeout [ 762.318631] Bluetooth: hci3: command 0x040f tx timeout [ 762.353144] Node 0 active_anon:59656kB inactive_anon:51160kB active_file:32kB inactive_file:84kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86608kB dirty:0kB writeback:0kB shmem:52716kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 762.415798] Node 1 active_anon:3644kB inactive_anon:65324kB active_file:12kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1916kB dirty:8kB writeback:0kB shmem:65864kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 762.501429] Node 0 DMA free:10976kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 762.589966] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 762.616731] Node 0 DMA32 free:35548kB min:35996kB low:44992kB high:53988kB active_anon:59656kB inactive_anon:51160kB active_file:28kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7520kB pagetables:2080kB bounce:0kB free_pcp:424kB local_pcp:240kB free_cma:0kB [ 762.706520] lowmem_reserve[]: 0 0 1 1 1 [ 762.710539] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 762.798869] lowmem_reserve[]: 0 0 0 0 0 [ 762.802958] Node 1 Normal free:54140kB min:53876kB low:67344kB high:80812kB active_anon:3644kB inactive_anon:65324kB active_file:16kB inactive_file:16kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:480kB pagetables:432kB bounce:0kB free_pcp:16kB local_pcp:16kB free_cma:0kB [ 762.831775] lowmem_reserve[]: 0 0 0 0 0 [ 762.835860] Node 0 DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10976kB [ 762.848779] Node 0 DMA32: 1464*4kB (ME) 864*8kB (MEH) 259*16kB (ME) 66*32kB (UME) 35*64kB (UME) 16*128kB (UM) 14*256kB (UM) 9*512kB (UM) 4*1024kB (UM) 0*2048kB 0*4096kB = 35600kB [ 762.865038] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 762.877660] Node 1 Normal: 345*4kB (ME) 302*8kB (UME) 231*16kB (ME) 109*32kB (UME) 21*64kB (UME) 5*128kB (ME) 1*256kB (M) 2*512kB (UE) 1*1024kB (E) 1*2048kB (E) 9*4096kB (U) = 54180kB [ 762.894272] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 762.903153] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 762.911733] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 762.924011] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 762.932688] 29669 total pagecache pages [ 762.936659] 0 pages in swap cache [ 762.940102] Swap cache stats: add 0, delete 0, find 0/0 [ 762.945605] Free swap = 0kB [ 762.948631] Total swap = 0kB [ 762.951632] 2097051 pages RAM [ 762.954778] 0 pages HighMem/MovableOnly [ 762.958744] 369649 pages reserved [ 762.962231] 0 pages cma reserved [ 762.965590] Unreclaimable slab info: [ 762.969291] Name Used Total [ 762.974848] pid_2 36KB 200KB [ 762.981273] batadv_tt_change_cache 2KB 3KB [ 762.987100] batadv_tl_cache 7KB 12KB [ 762.992543] TIPC 15KB 30KB [ 762.998035] SCTPv6 22KB 37KB [ 763.003429] DCCPv6 17KB 37KB [ 763.008793] DCCP 19KB 35KB [ 763.014259] RXRPC 17KB 32KB [ 763.019616] rxrpc_call_jar 112KB 118KB [ 763.025015] bridge_fdb_cache 15KB 23KB [ 763.030377] fib6_nodes 240KB 240KB [ 763.035759] ip6_dst_cache 487KB 487KB [ 763.041133] RAWv6 101KB 114KB [ 763.049347] UDPv6 37KB 41KB [ 763.054768] TCPv6 42KB 42KB [ 763.060133] nf_conntrack 10KB 11KB [ 763.067835] t10_alua_lu_gp_cache 0KB 3KB [ 763.073647] sd_ext_cdb 0KB 7KB [ 763.080045] scsi_sense_cache 1056KB 1060KB [ 763.085459] virtio_scsi_cmd 16KB 16KB [ 763.090806] sgpool-128 8KB 8KB [ 763.096225] sgpool-64 4KB 12KB [ 763.101591] sgpool-32 2KB 15KB [ 763.106984] sgpool-16 1KB 7KB [ 763.112759] sgpool-8 0KB 7KB [ 763.118213] mqueue_inode_cache 16KB 37KB [ 763.123724] bio_post_read_ctx 14KB 15KB [ 763.129171] bio-2 14KB 15KB [ 763.134599] jfs_mp 7KB 7KB [ 763.139980] cifs_small_rq 15KB 16KB [ 763.145432] cifs_request 67KB 67KB [ 763.150789] cifs_mpx_ids 0KB 7KB [ 763.156205] nfs_commit_data 3KB 14KB [ 763.161571] nfs_write_data 34KB 44KB [ 763.169803] ext4_system_zone 1KB 7KB [ 763.175331] bio-1 1KB 7KB [ 763.182901] pid_namespace 3KB 11KB [ 763.188281] rpc_buffers 17KB 25KB [ 763.194874] rpc_tasks 2KB 7KB [ 763.200238] UNIX 1436KB 1440KB [ 763.205633] tcp_bind_bucket 1KB 4KB [ 763.210986] ip_fib_trie 36KB 39KB [ 763.216387] ip_fib_alias 167KB 173KB [ 763.221739] ip_dst_cache 12KB 20KB [ 763.227151] RAW 61KB 67KB [ 763.232653] UDP 50KB 60KB [ 763.238011] TCP 22KB 22KB [ 763.243430] hugetlbfs_inode_cache 3KB 15KB [ 763.249153] fscache_cookie_jar 1KB 11KB [ 763.254633] eventpoll_pwq 30KB 43KB [ 763.259985] eventpoll_epi 55KB 66KB [ 763.265371] inotify_inode_mark 14KB 43KB [ 763.270825] request_queue 199KB 199KB [ 763.276691] blkdev_requests 1KB 3KB [ 763.287140] blkdev_ioc 26KB 38KB [ 763.292570] bio-0 958KB 1020KB [ 763.297928] biovec-max 1526KB 1617KB [ 763.303706] biovec-64 1015KB 1094KB [ 763.309067] biovec-16 112KB 127KB [ 763.314521] bio_integrity_payload 1KB 8KB [ 763.320215] khugepaged_mm_slot 6KB 34KB [ 763.325730] uid_cache 0KB 4KB [ 763.331111] dmaengine-unmap-2 0KB 3KB [ 763.336531] skbuff_fclone_cache 46KB 105KB [ 763.342110] skbuff_head_cache 8188KB 8190KB [ 763.347471] configfs_dir_cache 3KB 7KB [ 763.353872] file_lock_cache 54KB 190KB [ 763.359242] file_lock_ctx 9KB 11KB [ 763.364629] fsnotify_mark_connector 7KB 31KB [ 763.370519] net_namespace 78KB 78KB [ 763.375958] shmem_inode_cache 8124KB 8388KB [ 763.381328] task_delay_info 229KB 387KB [ 763.387728] taskstats 29KB 111KB [ 763.393165] proc_dir_entry 891KB 896KB [ 763.398520] pde_opener 15KB 34KB [ 763.404215] seq_file 291KB 507KB [ 763.411973] sigqueue 55KB 63KB [ 763.417446] kernfs_node_cache 18240KB 18246KB [ 763.423211] mnt_cache 226KB 232KB [ 763.428583] filp 7136KB 7653KB [ 763.435002] names_cache 116071KB 116131KB [ 763.440367] iint_cache 29KB 55KB [ 763.445772] key_jar 31KB 135KB [ 763.451135] uts_namespace 5KB 11KB [ 763.456542] nsproxy 3KB 7KB [ 763.461906] vm_area_struct 3212KB 3940KB [ 763.467346] mm_struct 485KB 676KB [ 763.472848] fs_cache 253KB 368KB [ 763.478214] files_cache 908KB 911KB [ 763.483606] signal_cache 1674KB 1681KB [ 763.489982] sighand_cache 642KB 659KB [ 763.495514] task_struct 7814KB 7814KB [ 763.500860] cred_jar 2164KB 2228KB [ 763.506286] anon_vma_chain 1020KB 1492KB [ 763.511641] anon_vma 179KB 288KB [ 763.517682] pid 144KB 224KB [ 763.523115] Acpi-Operand 156KB 198KB [ 763.528471] Acpi-ParseExt 9KB 11KB [ 763.533881] Acpi-Parse 41KB 47KB [ 763.539226] Acpi-State 52KB 63KB [ 763.545123] Acpi-Namespace 20KB 27KB [ 763.550499] numa_policy 0KB 3KB [ 763.556042] debug_objects_cache 1491KB 1828KB [ 763.561579] trace_event_file 297KB 298KB [ 763.569809] ftrace_event_field 398KB 401KB [ 763.575312] pool_workqueue 151KB 152KB [ 763.580783] page->ptl 472KB 1008KB [ 763.586182] kmalloc-2097152 2050KB 2050KB [ 763.593414] kmalloc-524288 2056KB 2056KB [ 763.598787] kmalloc-262144 1290KB 1290KB [ 763.604171] kmalloc-131072 650KB 650KB [ 763.609515] kmalloc-65536 2640KB 2706KB [ 763.614951] kmalloc-32768 2145KB 2145KB [ 763.620315] kmalloc-16384 1353KB 1402KB [ 763.625741] kmalloc-8192 5453KB 5453KB [ 763.631109] kmalloc-4096 28092KB 28113KB [ 763.636523] kmalloc-2048 16524KB 16524KB [ 763.641888] kmalloc-1024 12056KB 12119KB [ 763.647838] kmalloc-512 16147KB 16211KB [ 763.653281] kmalloc-256 5453KB 5711KB [ 763.658723] kmalloc-128 1249KB 1401KB [ 763.664216] kmalloc-96 3429KB 4076KB [ 763.669571] kmalloc-64 2650KB 3892KB [ 763.675275] kmalloc-32 1936KB 2543KB [ 763.680724] kmalloc-192 2143KB 2572KB [ 763.688812] kmem_cache 177KB 183KB [ 763.696040] Out of memory (oom_kill_allocating_task): Kill process 8082 (syz-fuzzer) score 0 or sacrifice child [ 763.706696] Killed process 2089 (syz-executor.1) total-vm:48512kB, anon-rss:428kB, file-rss:0kB, shmem-rss:0kB [ 763.717245] oom_reaper: reaped process 2089 (syz-executor.1), now anon-rss:0kB, file-rss:14336kB, shmem-rss:0kB [ 763.783598] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 763.822700] in:imklog cpuset=/ mems_allowed=0-1 [ 763.830340] CPU: 1 PID: 5250 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 763.837717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 763.847067] Call Trace: [ 763.849655] dump_stack+0x1fc/0x2ef [ 763.853287] dump_header+0x15d/0xc3f [ 763.857007] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 763.862112] ? ___ratelimit+0x319/0x590 [ 763.866091] oom_kill_process.cold+0x10/0x692 [ 763.870588] ? check_preemption_disabled+0x41/0x280 [ 763.875616] ? has_intersects_mems_allowed+0x1d6/0x290 [ 763.880897] out_of_memory+0x1072/0x1390 [ 763.884957] ? oom_killer_disable+0x270/0x270 [ 763.889452] ? mutex_trylock+0x15f/0x1a0 [ 763.893515] __alloc_pages_nodemask+0x23a2/0x2890 [ 763.898365] ? find_get_entry+0x4cd/0x8a0 [ 763.902528] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 763.907373] alloc_pages_current+0x193/0x2a0 [ 763.911781] filemap_fault+0x146e/0x2180 [ 763.915857] ext4_filemap_fault+0x84/0xb0 [ 763.920004] __do_fault+0x10b/0x4b0 [ 763.923645] __handle_mm_fault+0x273b/0x41c0 [ 763.928079] ? vm_insert_page+0x9c0/0x9c0 [ 763.932221] ? lock_downgrade+0x720/0x720 [ 763.936476] ? check_preemption_disabled+0x41/0x280 [ 763.941498] handle_mm_fault+0x436/0xb10 [ 763.945568] __do_page_fault+0x68e/0xd60 [ 763.949633] ? trace_hardirqs_off_caller+0x6e/0x210 [ 763.954649] ? spurious_fault+0x840/0x840 [ 763.958800] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 763.963664] ? page_fault+0x8/0x30 [ 763.967204] page_fault+0x1e/0x30 [ 763.970656] RIP: 0033:0x7f128d07022d [ 763.974495] Code: Bad RIP value. [ 763.977858] RSP: 002b:00007f128aa0c580 EFLAGS: 00010293 [ 763.983215] RAX: 0000000000000936 RBX: 0000000000000000 RCX: 00007f128d07022d [ 763.990478] RDX: 0000000000001fa0 RSI: 00007f128aa0cda0 RDI: 0000000000000004 [ 763.997743] RBP: 000055fd1c4bc9d0 R08: 0000000000000000 R09: 0000000004000001 [ 764.005010] R10: 0000000000000001 R11: 0000000000000293 R12: 00007f128aa0cda0 [ 764.012283] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f128aa0cdeb [ 764.021642] Mem-Info: [ 764.024140] active_anon:15796 inactive_anon:29121 isolated_anon:0 [ 764.024140] active_file:11 inactive_file:13 isolated_file:0 [ 764.024140] unevictable:0 dirty:0 writeback:0 unstable:0 [ 764.024140] slab_reclaimable:14124 slab_unreclaimable:115699 [ 764.024140] mapped:22081 shmem:29645 pagetables:601 bounce:0 [ 764.024140] free:24923 free_pcp:167 free_cma:0 [ 764.057910] Node 0 active_anon:59544kB inactive_anon:51160kB active_file:36kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52716kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 764.086137] Node 1 active_anon:3640kB inactive_anon:65324kB active_file:8kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1816kB dirty:0kB writeback:0kB shmem:65864kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 764.113244] Node 0 DMA free:10976kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 764.139551] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 764.144672] Node 0 DMA32 free:35020kB min:35996kB low:44992kB high:53988kB active_anon:59544kB inactive_anon:51160kB active_file:36kB inactive_file:28kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1972kB bounce:0kB free_pcp:396kB local_pcp:232kB free_cma:0kB [ 764.174517] lowmem_reserve[]: 0 0 1 1 1 [ 764.178528] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 764.204536] lowmem_reserve[]: 0 0 0 0 0 [ 764.208521] Node 1 Normal free:53688kB min:53876kB low:67344kB high:80812kB active_anon:3640kB inactive_anon:65324kB active_file:8kB inactive_file:24kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:480kB pagetables:432kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 764.239812] lowmem_reserve[]: 0 0 0 0 0 [ 764.246923] Node 0 DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10976kB [ 764.261459] Node 0 DMA32: 1465*4kB (UME) 865*8kB (UME) 257*16kB (ME) 66*32kB (ME) 34*64kB (UME) 16*128kB (UM) 12*256kB (M) 9*512kB (UM) 4*1024kB (UM) 0*2048kB 0*4096kB = 35004kB [ 764.281527] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 764.296998] Node 1 Normal: 349*4kB (UME) 297*8kB (UME) 232*16kB (ME) 108*32kB (ME) 20*64kB (ME) 6*128kB (UME) 1*256kB (M) 1*512kB (E) 1*1024kB (E) 1*2048kB (E) 9*4096kB (U) = 53692kB [ 764.313949] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 764.322898] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 764.331475] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 764.340361] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 764.348984] 29669 total pagecache pages [ 764.353034] 0 pages in swap cache [ 764.356481] Swap cache stats: add 0, delete 0, find 0/0 [ 764.361831] Free swap = 0kB [ 764.365019] Total swap = 0kB [ 764.368129] 2097051 pages RAM [ 764.371242] 0 pages HighMem/MovableOnly [ 764.375261] 369649 pages reserved [ 764.378700] 0 pages cma reserved [ 764.382078] Unreclaimable slab info: [ 764.385800] Name Used Total [ 764.391339] pid_2 33KB 200KB [ 764.397222] Bluetooth: hci3: command 0x0419 tx timeout [ 764.402870] Bluetooth: hci4: command 0x0419 tx timeout [ 764.404701] batadv_tt_change_cache 2KB 3KB [ 764.419483] batadv_tl_cache 7KB 12KB [ 764.424992] TIPC 15KB 30KB [ 764.430404] SCTPv6 20KB 37KB [ 764.435874] DCCPv6 17KB 37KB [ 764.441293] DCCP 16KB 35KB [ 764.446762] RXRPC 16KB 32KB [ 764.452329] rxrpc_call_jar 112KB 118KB [ 764.457695] bridge_fdb_cache 15KB 23KB [ 764.463099] fib6_nodes 240KB 240KB [ 764.468457] ip6_dst_cache 510KB 510KB [ 764.477260] RAWv6 101KB 114KB [ 764.482776] UDPv6 37KB 41KB [ 764.488138] TCPv6 27KB 42KB [ 764.496706] nf_conntrack 10KB 11KB [ 764.502177] t10_alua_lu_gp_cache 0KB 3KB [ 764.507804] sd_ext_cdb 0KB 7KB [ 764.516510] scsi_sense_cache 1056KB 1060KB [ 764.521878] virtio_scsi_cmd 16KB 16KB [ 764.527297] sgpool-128 8KB 8KB [ 764.535513] sgpool-64 4KB 12KB [ 764.540882] sgpool-32 2KB 15KB [ 764.555683] sgpool-16 1KB 7KB [ 764.561154] sgpool-8 0KB 7KB [ 764.566573] mqueue_inode_cache 15KB 37KB [ 764.575588] bio_post_read_ctx 14KB 15KB [ 764.581014] bio-2 14KB 15KB [ 764.586426] jfs_mp 7KB 7KB [ 764.591798] cifs_small_rq 15KB 16KB [ 764.598469] cifs_request 67KB 67KB [ 764.609661] cifs_mpx_ids 0KB 7KB [ 764.618663] nfs_commit_data 3KB 14KB [ 764.627785] nfs_write_data 34KB 44KB [ 764.637177] ext4_system_zone 1KB 7KB [ 764.646048] bio-1 1KB 7KB [ 764.651418] pid_namespace 3KB 11KB [ 764.660256] rpc_buffers 17KB 25KB [ 764.666558] rpc_tasks 2KB 7KB [ 764.675517] UNIX 1436KB 1440KB [ 764.680902] tcp_bind_bucket 1KB 4KB [ 764.689765] ip_fib_trie 34KB 39KB [ 764.698881] ip_fib_alias 167KB 173KB [ 764.707667] ip_dst_cache 12KB 20KB [ 764.716806] RAW 60KB 67KB [ 764.725757] UDP 47KB 60KB [ 764.731121] TCP 8KB 22KB [ 764.738311] hugetlbfs_inode_cache 3KB 15KB [ 764.747664] fscache_cookie_jar 1KB 11KB [ 764.756651] eventpoll_pwq 28KB 43KB [ 764.765752] eventpoll_epi 51KB 66KB [ 764.771121] inotify_inode_mark 13KB 43KB [ 764.777876] request_queue 199KB 199KB [ 764.787717] blkdev_requests 1KB 3KB [ 764.795178] blkdev_ioc 25KB 38KB [ 764.800564] bio-0 958KB 1020KB [ 764.810640] biovec-max 1526KB 1617KB [ 764.817407] biovec-64 1015KB 1094KB [ 764.826040] biovec-16 111KB 127KB [ 764.831526] bio_integrity_payload 1KB 8KB [ 764.840642] khugepaged_mm_slot 4KB 34KB [ 764.846285] uid_cache 0KB 4KB [ 764.851644] dmaengine-unmap-2 0KB 3KB [ 764.860615] skbuff_fclone_cache 45KB 101KB [ 764.866237] skbuff_head_cache 8342KB 8343KB [ 764.871678] configfs_dir_cache 3KB 7KB [ 764.880789] file_lock_cache 51KB 186KB [ 764.890587] file_lock_ctx 9KB 11KB [ 764.900590] fsnotify_mark_connector 6KB 31KB [ 764.911449] net_namespace 78KB 78KB [ 764.921555] shmem_inode_cache 8118KB 8376KB [ 764.936255] task_delay_info 225KB 387KB [ 764.941622] taskstats 27KB 111KB [ 764.950658] proc_dir_entry 890KB 896KB [ 764.960270] pde_opener 14KB 34KB [ 764.969096] seq_file 288KB 507KB [ 764.978184] sigqueue 55KB 63KB [ 764.985067] kernfs_node_cache 18240KB 18246KB [ 764.990446] mnt_cache 225KB 232KB [ 765.000152] filp 7129KB 7653KB [ 765.006988] names_cache 116063KB 116122KB [ 765.018860] iint_cache 28KB 55KB [ 765.026715] key_jar 27KB 135KB [ 765.035390] uts_namespace 4KB 11KB [ 765.040884] nsproxy 3KB 7KB [ 765.051572] vm_area_struct 3209KB 3940KB [ 765.058724] mm_struct 477KB 676KB [ 765.065120] fs_cache 251KB 368KB [ 765.070491] files_cache 906KB 911KB [ 765.078509] signal_cache 1673KB 1681KB [ 765.085206] sighand_cache 631KB 659KB [ 765.090574] task_struct 7814KB 7814KB [ 765.096664] cred_jar 2158KB 2228KB [ 765.105170] anon_vma_chain 1019KB 1492KB [ 765.110561] anon_vma 174KB 288KB [ 765.118807] pid 143KB 224KB [ 765.125661] Acpi-Operand 156KB 198KB [ 765.138040] Acpi-ParseExt 9KB 11KB [ 765.145858] Acpi-Parse 41KB 47KB [ 765.151226] Acpi-State 52KB 63KB [ 765.156664] Acpi-Namespace 20KB 27KB [ 765.165320] numa_policy 0KB 3KB [ 765.170696] debug_objects_cache 1491KB 1828KB [ 765.179048] trace_event_file 297KB 298KB [ 765.185951] ftrace_event_field 398KB 401KB [ 765.191388] pool_workqueue 146KB 152KB [ 765.205732] page->ptl 470KB 1008KB [ 765.211131] kmalloc-2097152 2050KB 2050KB [ 765.216556] kmalloc-524288 2056KB 2056KB [ 765.225422] kmalloc-262144 1290KB 1290KB [ 765.230793] kmalloc-131072 650KB 650KB [ 765.236231] kmalloc-65536 2640KB 2706KB [ 765.241604] kmalloc-32768 2145KB 2145KB [ 765.248343] kmalloc-16384 1353KB 1402KB [ 765.258610] kmalloc-8192 5453KB 5453KB [ 765.267344] kmalloc-4096 28092KB 28113KB [ 765.275265] kmalloc-2048 16524KB 16524KB [ 765.280648] kmalloc-1024 12103KB 12166KB [ 765.288336] kmalloc-512 16432KB 16496KB [ 765.296300] kmalloc-256 5461KB 5711KB [ 765.301649] kmalloc-128 1249KB 1401KB [ 765.310408] kmalloc-96 3444KB 4076KB [ 765.318884] kmalloc-64 2657KB 3892KB [ 765.327605] kmalloc-32 1940KB 2543KB [ 765.337455] kmalloc-192 2143KB 2572KB [ 765.346404] kmem_cache 177KB 183KB [ 765.351768] Out of memory (oom_kill_allocating_task): Kill process 5250 (in:imklog) score 0 or sacrifice child [ 765.367512] Killed process 5248 (rsyslogd) total-vm:254332kB, anon-rss:688kB, file-rss:0kB, shmem-rss:0kB [ 765.378882] oom_reaper: reaped process 5248 (rsyslogd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 765.683042] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 765.728215] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 765.749433] CPU: 1 PID: 8082 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 765.756900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 765.766346] Call Trace: [ 765.768944] dump_stack+0x1fc/0x2ef [ 765.772582] dump_header+0x15d/0xc3f [ 765.776300] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 765.781403] ? ___ratelimit+0x319/0x590 [ 765.785385] oom_kill_process.cold+0x10/0x692 [ 765.789883] ? check_preemption_disabled+0x41/0x280 [ 765.794906] ? has_intersects_mems_allowed+0x1d6/0x290 [ 765.800181] out_of_memory+0x1072/0x1390 [ 765.804247] ? oom_killer_disable+0x270/0x270 [ 765.808743] ? mutex_trylock+0x15f/0x1a0 [ 765.812807] __alloc_pages_nodemask+0x23a2/0x2890 [ 765.817660] ? find_get_entry+0x4cd/0x8a0 [ 765.821821] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 765.826690] alloc_pages_current+0x193/0x2a0 [ 765.831099] filemap_fault+0x146e/0x2180 [ 765.835176] ext4_filemap_fault+0x84/0xb0 [ 765.839326] __do_fault+0x10b/0x4b0 [ 765.842941] ? do_raw_spin_unlock+0x171/0x230 [ 765.847433] __handle_mm_fault+0x273b/0x41c0 [ 765.851919] ? vm_insert_page+0x9c0/0x9c0 [ 765.856147] ? __fget+0x356/0x510 [ 765.859592] ? check_preemption_disabled+0x41/0x280 [ 765.864607] handle_mm_fault+0x436/0xb10 [ 765.868655] __do_page_fault+0x68e/0xd60 [ 765.872706] ? trace_hardirqs_off_caller+0x6e/0x210 [ 765.877712] ? spurious_fault+0x840/0x840 [ 765.881899] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 765.886899] ? page_fault+0x8/0x30 [ 765.890438] page_fault+0x1e/0x30 [ 765.893886] RIP: 0033:0x43047c [ 765.897076] Code: Bad RIP value. [ 765.900440] RSP: 002b:000000c0000617f0 EFLAGS: 00010246 [ 765.905797] RAX: 0000000000000002 RBX: 0000000000000000 RCX: 0000000000467800 [ 765.913057] RDX: 0000000000000080 RSI: 000000c000061840 RDI: 0000000000000004 [ 765.920324] RBP: 000000c000061e40 R08: 0000000000000000 R09: 000000c3fb57dd56 [ 765.927591] R10: 0000000000000000 R11: 0000000000000246 R12: 000000c000061870 [ 765.934849] R13: 0000000000000000 R14: 000000c0000009c0 R15: 0000000000000000 [ 765.968541] Mem-Info: [ 765.971003] active_anon:15556 inactive_anon:29121 isolated_anon:0 [ 765.971003] active_file:8 inactive_file:16 isolated_file:0 [ 765.971003] unevictable:0 dirty:0 writeback:0 unstable:0 [ 765.971003] slab_reclaimable:14121 slab_unreclaimable:115086 [ 765.971003] mapped:22081 shmem:29645 pagetables:571 bounce:0 [ 765.971003] free:25060 free_pcp:124 free_cma:0 [ 766.006685] Node 0 active_anon:59524kB inactive_anon:51160kB active_file:28kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52716kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 766.040756] Node 1 active_anon:2700kB inactive_anon:65324kB active_file:4kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1816kB dirty:0kB writeback:0kB shmem:65864kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 766.072402] Node 0 DMA free:10976kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 766.102544] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 766.107584] Node 0 DMA32 free:35636kB min:35996kB low:44992kB high:53988kB active_anon:59524kB inactive_anon:51160kB active_file:40kB inactive_file:28kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1972kB bounce:0kB free_pcp:468kB local_pcp:248kB free_cma:0kB [ 766.144065] lowmem_reserve[]: 0 0 1 1 1 [ 766.148064] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 766.174693] lowmem_reserve[]: 0 0 0 0 0 [ 766.178699] Node 1 Normal free:53456kB min:53876kB low:67344kB high:80812kB active_anon:2700kB inactive_anon:65324kB active_file:12kB inactive_file:16kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:312kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 766.218915] lowmem_reserve[]: 0 0 0 0 0 [ 766.222974] Node 0 DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10976kB [ 766.238989] Node 0 DMA32: 1471*4kB (ME) 913*8kB (UME) 282*16kB (UME) 67*32kB (UME) 35*64kB (UME) 16*128kB (UM) 13*256kB (UM) 8*512kB (UM) 4*1024kB (UM) 0*2048kB 0*4096kB = 35652kB [ 766.268737] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 766.279856] Node 1 Normal: 278*4kB (UME) 243*8kB (ME) 202*16kB (UME) 114*32kB (UME) 46*64kB (UME) 9*128kB (UME) 2*256kB (UM) 2*512kB (UE) 1*1024kB (E) 2*2048kB (UE) 8*4096kB (U) = 53456kB [ 766.300316] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 766.309289] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 766.321512] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 766.330404] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 766.340797] 29669 total pagecache pages [ 766.344854] 0 pages in swap cache [ 766.348299] Swap cache stats: add 0, delete 0, find 0/0 [ 766.356986] Free swap = 0kB [ 766.360033] Total swap = 0kB [ 766.363097] 2097051 pages RAM [ 766.366195] 0 pages HighMem/MovableOnly [ 766.370154] 369649 pages reserved [ 766.377087] 0 pages cma reserved [ 766.380466] Unreclaimable slab info: [ 766.384217] Name Used Total [ 766.389756] pid_2 30KB 200KB [ 766.398751] batadv_tt_change_cache 2KB 3KB [ 766.404635] batadv_tl_cache 7KB 12KB [ 766.410249] TIPC 15KB 30KB [ 766.419080] SCTPv6 20KB 37KB [ 766.424509] DCCPv6 17KB 37KB [ 766.429872] DCCP 16KB 35KB [ 766.438859] RXRPC 16KB 32KB [ 766.444288] rxrpc_call_jar 112KB 118KB [ 766.449645] bridge_fdb_cache 15KB 23KB [ 766.458604] fib6_nodes 239KB 240KB [ 766.467627] ip6_dst_cache 521KB 521KB [ 766.476530] RAWv6 101KB 114KB [ 766.485414] UDPv6 37KB 41KB [ 766.490775] TCPv6 24KB 36KB [ 766.499510] nf_conntrack 10KB 11KB [ 766.506595] t10_alua_lu_gp_cache 0KB 3KB [ 766.515125] sd_ext_cdb 0KB 7KB [ 766.520493] scsi_sense_cache 1056KB 1060KB [ 766.528602] virtio_scsi_cmd 16KB 16KB [ 766.535258] sgpool-128 8KB 8KB [ 766.540647] sgpool-64 4KB 12KB [ 766.549251] sgpool-32 2KB 15KB [ 766.555360] sgpool-16 1KB 7KB [ 766.560745] sgpool-8 0KB 7KB [ 766.569837] mqueue_inode_cache 15KB 37KB [ 766.579008] bio_post_read_ctx 14KB 15KB [ 766.586035] bio-2 14KB 15KB [ 766.591510] jfs_mp 7KB 7KB [ 766.605286] cifs_small_rq 15KB 16KB [ 766.610662] cifs_request 67KB 67KB [ 766.616115] cifs_mpx_ids 0KB 7KB [ 766.621486] nfs_commit_data 3KB 14KB [ 766.629245] nfs_write_data 34KB 44KB [ 766.645347] ext4_system_zone 1KB 7KB [ 766.650743] bio-1 1KB 7KB [ 766.656164] pid_namespace 3KB 11KB [ 766.661530] rpc_buffers 17KB 25KB [ 766.670479] rpc_tasks 2KB 7KB [ 766.675880] UNIX 1436KB 1440KB [ 766.681259] tcp_bind_bucket 1KB 4KB [ 766.689318] ip_fib_trie 34KB 39KB [ 766.701753] ip_fib_alias 166KB 173KB [ 766.710706] ip_dst_cache 12KB 20KB [ 766.716842] RAW 60KB 67KB [ 766.728893] UDP 45KB 60KB [ 766.734314] TCP 8KB 16KB [ 766.739678] hugetlbfs_inode_cache 3KB 15KB [ 766.748625] fscache_cookie_jar 1KB 11KB [ 766.754121] eventpoll_pwq 27KB 43KB [ 766.759475] eventpoll_epi 49KB 66KB [ 766.771482] inotify_inode_mark 13KB 43KB [ 766.776982] request_queue 199KB 199KB [ 766.789344] blkdev_requests 1KB 3KB [ 766.794910] blkdev_ioc 24KB 38KB [ 766.800274] bio-0 958KB 1020KB [ 766.809077] biovec-max 1526KB 1617KB [ 766.814483] biovec-64 993KB 1078KB [ 766.819841] biovec-16 111KB 127KB [ 766.828555] bio_integrity_payload 1KB 8KB [ 766.834403] khugepaged_mm_slot 4KB 34KB [ 766.839849] uid_cache 0KB 4KB [ 766.848885] dmaengine-unmap-2 0KB 3KB [ 766.854294] skbuff_fclone_cache 45KB 101KB [ 766.859830] skbuff_head_cache 8507KB 8508KB [ 766.868594] configfs_dir_cache 3KB 7KB [ 766.874312] file_lock_cache 49KB 186KB [ 766.879661] file_lock_ctx 9KB 11KB [ 766.888438] fsnotify_mark_connector 6KB 31KB [ 766.894397] net_namespace 78KB 78KB [ 766.899757] shmem_inode_cache 8104KB 8368KB [ 766.908646] task_delay_info 224KB 387KB [ 766.914098] taskstats 27KB 111KB [ 766.919452] proc_dir_entry 890KB 896KB [ 766.928342] pde_opener 14KB 34KB [ 766.933762] seq_file 273KB 504KB [ 766.939119] sigqueue 55KB 63KB [ 766.948012] kernfs_node_cache 18240KB 18246KB [ 766.953421] mnt_cache 225KB 232KB [ 766.958777] filp 6943KB 7646KB [ 766.967523] names_cache 114439KB 114490KB [ 766.972925] iint_cache 28KB 55KB [ 766.978376] key_jar 27KB 135KB [ 766.987363] uts_namespace 4KB 11KB [ 766.992783] nsproxy 2KB 7KB [ 766.998230] vm_area_struct 3206KB 3940KB [ 767.007285] mm_struct 469KB 676KB [ 767.012696] fs_cache 250KB 368KB [ 767.018054] files_cache 905KB 911KB [ 767.026715] signal_cache 1676KB 1681KB [ 767.032132] sighand_cache 585KB 652KB [ 767.037500] task_struct 7821KB 7821KB [ 767.046088] cred_jar 2128KB 2228KB [ 767.051459] anon_vma_chain 1019KB 1492KB [ 767.056864] anon_vma 146KB 288KB [ 767.065769] pid 142KB 224KB [ 767.071130] Acpi-Operand 156KB 198KB [ 767.076535] Acpi-ParseExt 9KB 11KB [ 767.085447] Acpi-Parse 41KB 47KB [ 767.090805] Acpi-State 52KB 63KB [ 767.096322] Acpi-Namespace 20KB 27KB [ 767.101679] numa_policy 0KB 3KB [ 767.108824] debug_objects_cache 1491KB 1828KB [ 767.114417] trace_event_file 297KB 298KB [ 767.119774] ftrace_event_field 398KB 401KB [ 767.128550] pool_workqueue 144KB 152KB [ 767.133955] page->ptl 469KB 1008KB [ 767.139333] kmalloc-2097152 2050KB 2050KB [ 767.147418] kmalloc-524288 2056KB 2056KB [ 767.164904] kmalloc-262144 1290KB 1290KB [ 767.170276] kmalloc-131072 650KB 650KB [ 767.176920] kmalloc-65536 2640KB 2706KB [ 767.182332] kmalloc-32768 2145KB 2145KB [ 767.187701] kmalloc-16384 1353KB 1402KB [ 767.193113] kmalloc-8192 5453KB 5453KB [ 767.198473] kmalloc-4096 28028KB 28084KB [ 767.203872] kmalloc-2048 16524KB 16524KB [ 767.209230] kmalloc-1024 12159KB 12222KB [ 767.214636] kmalloc-512 16717KB 16781KB [ 767.219994] kmalloc-256 5466KB 5711KB [ 767.225472] kmalloc-128 1249KB 1401KB [ 767.230834] kmalloc-96 3459KB 4076KB [ 767.237547] kmalloc-64 2665KB 3892KB [ 767.242954] kmalloc-32 1946KB 2543KB [ 767.248309] kmalloc-192 2143KB 2572KB [ 767.255192] kmem_cache 177KB 183KB [ 767.260584] Out of memory (oom_kill_allocating_task): Kill process 8082 (syz-fuzzer) score 0 or sacrifice child [ 767.285001] Killed process 5796 (syz-executor.4) total-vm:48512kB, anon-rss:432kB, file-rss:0kB, shmem-rss:0kB [ 767.298773] oom_reaper: reaped process 5796 (syz-executor.4), now anon-rss:0kB, file-rss:14336kB, shmem-rss:0kB [ 767.301599] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 767.336981] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 767.341963] CPU: 0 PID: 8082 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 767.349514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 767.358861] Call Trace: [ 767.361451] dump_stack+0x1fc/0x2ef [ 767.365078] dump_header+0x15d/0xc3f [ 767.368782] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 767.373873] ? ___ratelimit+0x319/0x590 [ 767.377846] oom_kill_process.cold+0x10/0x692 [ 767.382355] ? check_preemption_disabled+0x41/0x280 [ 767.387377] ? has_intersects_mems_allowed+0x1d6/0x290 [ 767.392653] out_of_memory+0x1072/0x1390 [ 767.396721] ? oom_killer_disable+0x270/0x270 [ 767.401217] ? mutex_trylock+0x15f/0x1a0 [ 767.405281] __alloc_pages_nodemask+0x23a2/0x2890 [ 767.410130] ? find_get_entry+0x4cd/0x8a0 [ 767.414299] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 767.419170] alloc_pages_current+0x193/0x2a0 [ 767.423690] filemap_fault+0x146e/0x2180 [ 767.427775] ext4_filemap_fault+0x84/0xb0 [ 767.431948] __do_fault+0x10b/0x4b0 [ 767.435577] ? do_raw_spin_unlock+0x171/0x230 [ 767.440083] __handle_mm_fault+0x273b/0x41c0 [ 767.444499] ? vm_insert_page+0x9c0/0x9c0 [ 767.448645] ? __fget+0x356/0x510 [ 767.452136] ? check_preemption_disabled+0x41/0x280 [ 767.457160] handle_mm_fault+0x436/0xb10 [ 767.461231] __do_page_fault+0x68e/0xd60 [ 767.465301] ? trace_hardirqs_off_caller+0x6e/0x210 [ 767.470313] ? spurious_fault+0x840/0x840 [ 767.474458] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 767.479290] ? page_fault+0x8/0x30 [ 767.482820] page_fault+0x1e/0x30 [ 767.486266] RIP: 0033:0x43047c [ 767.489468] Code: Bad RIP value. [ 767.492825] RSP: 002b:000000c0000617f0 EFLAGS: 00010246 [ 767.498204] RAX: 0000000000000002 RBX: 0000000000000000 RCX: 0000000000467800 [ 767.505462] RDX: 0000000000000080 RSI: 000000c000061840 RDI: 0000000000000004 [ 767.512941] RBP: 000000c000061e40 R08: 0000000000000000 R09: 000000c3fb57dd56 [ 767.520208] R10: 0000000000000000 R11: 0000000000000246 R12: 000000c000061870 [ 767.527473] R13: 0000000000000000 R14: 000000c0000009c0 R15: 0000000000000000 [ 767.538379] Mem-Info: [ 767.541484] active_anon:15456 inactive_anon:29121 isolated_anon:0 [ 767.541484] active_file:9 inactive_file:40 isolated_file:0 [ 767.541484] unevictable:0 dirty:0 writeback:0 unstable:0 [ 767.541484] slab_reclaimable:14109 slab_unreclaimable:115156 [ 767.541484] mapped:18506 shmem:29645 pagetables:571 bounce:0 [ 767.541484] free:26249 free_pcp:474 free_cma:0 [ 767.576632] Node 0 active_anon:59124kB inactive_anon:51160kB active_file:12kB inactive_file:456kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:72208kB dirty:0kB writeback:0kB shmem:52716kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 767.608394] Node 1 active_anon:2700kB inactive_anon:65324kB active_file:24kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1816kB dirty:0kB writeback:0kB shmem:65864kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 767.640516] Node 0 DMA free:10976kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 767.679421] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 767.691331] Node 0 DMA32 free:36896kB min:35996kB low:44992kB high:53988kB active_anon:59124kB inactive_anon:51160kB active_file:112kB inactive_file:196kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7456kB pagetables:1972kB bounce:0kB free_pcp:372kB local_pcp:228kB free_cma:0kB [ 767.746766] lowmem_reserve[]: 0 0 1 1 1 [ 767.750979] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 767.826696] lowmem_reserve[]: 0 0 0 0 0 [ 767.830710] Node 1 Normal free:53760kB min:53876kB low:67344kB high:80812kB active_anon:2660kB inactive_anon:65324kB active_file:0kB inactive_file:24kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:308kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 767.877189] lowmem_reserve[]: 0 0 0 0 0 [ 767.881200] Node 0 DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10976kB [ 767.903512] Node 0 DMA32: 1465*4kB (UME) 861*8kB (UME) 253*16kB (UME) 64*32kB (UME) 32*64kB (UME) 19*128kB (M) 18*256kB (UM) 8*512kB (UM) 4*1024kB (UM) 0*2048kB 0*4096kB = 36124kB [ 767.976504] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 768.005319] Node 1 Normal: 274*4kB (UME) 245*8kB (UME) 200*16kB (ME) 115*32kB (UME) 45*64kB (UME) 10*128kB (UME) 1*256kB (M) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UE) 8*4096kB (U) = 53776kB [ 768.025118] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 768.034370] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 768.034700] syz-executor.4 (5799) used greatest stack depth: 23304 bytes left [ 768.043342] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 768.059777] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 768.068384] 29680 total pagecache pages [ 768.072401] 0 pages in swap cache [ 768.075846] Swap cache stats: add 0, delete 0, find 0/0 [ 768.081201] Free swap = 0kB [ 768.084271] Total swap = 0kB [ 768.087272] 2097051 pages RAM [ 768.090352] 0 pages HighMem/MovableOnly [ 768.094354] 369649 pages reserved [ 768.099733] 0 pages cma reserved [ 768.103141] Unreclaimable slab info: [ 768.106846] Name Used Total [ 768.112461] pid_2 29KB 200KB [ 768.117856] batadv_tt_change_cache 2KB 3KB [ 768.123980] batadv_tl_cache 7KB 12KB [ 768.129342] TIPC 15KB 30KB [ 768.134781] SCTPv6 20KB 37KB [ 768.140145] DCCPv6 17KB 37KB [ 768.145807] DCCP 16KB 35KB [ 768.151171] RXRPC 16KB 32KB [ 768.156584] rxrpc_call_jar 112KB 118KB [ 768.162488] bridge_fdb_cache 15KB 23KB [ 768.167864] fib6_nodes 239KB 240KB [ 768.173260] ip6_dst_cache 521KB 521KB [ 768.179231] RAWv6 101KB 114KB [ 768.184630] UDPv6 37KB 41KB [ 768.189984] TCPv6 24KB 36KB [ 768.195374] nf_conntrack 9KB 11KB [ 768.202018] t10_alua_lu_gp_cache 0KB 3KB [ 768.207642] sd_ext_cdb 0KB 7KB [ 768.213048] scsi_sense_cache 1056KB 1060KB [ 768.218390] virtio_scsi_cmd 16KB 16KB [ 768.223809] sgpool-128 8KB 8KB [ 768.229162] sgpool-64 4KB 12KB [ 768.234538] sgpool-32 2KB 15KB [ 768.239888] sgpool-16 1KB 7KB [ 768.245800] sgpool-8 0KB 7KB [ 768.251446] mqueue_inode_cache 15KB 37KB [ 768.256937] bio_post_read_ctx 14KB 15KB [ 768.270590] bio-2 14KB 15KB [ 768.275999] jfs_mp 7KB 7KB [ 768.281361] cifs_small_rq 15KB 16KB [ 768.290543] cifs_request 67KB 67KB [ 768.296003] cifs_mpx_ids 0KB 7KB [ 768.306609] nfs_commit_data 3KB 14KB [ 768.312751] nfs_write_data 34KB 44KB [ 768.318154] ext4_system_zone 1KB 7KB [ 768.325383] bio-1 1KB 7KB [ 768.330744] pid_namespace 3KB 11KB [ 768.350019] rpc_buffers 17KB 25KB [ 768.355448] rpc_tasks 2KB 7KB [ 768.360808] UNIX 1432KB 1440KB [ 768.375447] tcp_bind_bucket 1KB 4KB [ 768.380923] ip_fib_trie 34KB 39KB [ 768.389927] ip_fib_alias 166KB 173KB [ 768.398342] ip_dst_cache 12KB 20KB [ 768.449487] RAW 60KB 67KB [ 768.520127] UDP 45KB 60KB [ 768.543061] TCP 8KB 16KB [ 768.548440] hugetlbfs_inode_cache 3KB 15KB [ 768.578911] fscache_cookie_jar 1KB 11KB [ 768.605282] eventpoll_pwq 27KB 43KB [ 768.610663] eventpoll_epi 49KB 66KB [ 768.619538] inotify_inode_mark 13KB 43KB [ 768.649838] request_queue 199KB 199KB [ 768.676411] blkdev_requests 1KB 3KB [ 768.685525] blkdev_ioc 24KB 38KB [ 768.690892] bio-0 958KB 1020KB [ 768.720642] biovec-max 1526KB 1617KB [ 768.726863] biovec-64 993KB 1078KB [ 768.739433] biovec-16 115KB 127KB [ 768.744877] bio_integrity_payload 1KB 8KB [ 768.750581] khugepaged_mm_slot 4KB 34KB [ 768.798319] uid_cache 0KB 4KB [ 768.866780] dmaengine-unmap-2 0KB 3KB [ 768.873147] skbuff_fclone_cache 45KB 101KB [ 768.878697] skbuff_head_cache 8688KB 8688KB [ 768.940296] configfs_dir_cache 3KB 7KB [ 768.948344] file_lock_cache 49KB 182KB [ 768.970551] file_lock_ctx 9KB 11KB [ 768.988902] fsnotify_mark_connector 6KB 31KB [ 768.998143] net_namespace 78KB 78KB [ 769.011445] shmem_inode_cache 8102KB 8368KB [ 769.045886] task_delay_info 223KB 387KB [ 769.051268] taskstats 26KB 107KB [ 769.075808] proc_dir_entry 890KB 896KB [ 769.081185] pde_opener 14KB 34KB [ 769.126527] seq_file 271KB 504KB [ 769.150112] sigqueue 53KB 63KB [ 769.188342] kernfs_node_cache 18234KB 18246KB [ 769.215627] mnt_cache 225KB 232KB [ 769.221006] filp 6936KB 7646KB [ 769.248078] names_cache 113734KB 113793KB [ 769.262035] iint_cache 32KB 55KB [ 769.267415] key_jar 27KB 135KB [ 769.298592] uts_namespace 4KB 11KB [ 769.308895] nsproxy 2KB 7KB [ 769.329079] vm_area_struct 3210KB 3940KB [ 769.339458] mm_struct 468KB 676KB [ 769.358259] fs_cache 250KB 368KB [ 769.363710] files_cache 905KB 911KB [ 769.369070] signal_cache 1676KB 1681KB [ 769.386964] sighand_cache 585KB 652KB [ 769.394009] task_struct 7821KB 7821KB [ 769.399371] cred_jar 2122KB 2228KB [ 769.417424] anon_vma_chain 1018KB 1492KB [ 769.424464] anon_vma 141KB 288KB [ 769.430459] pid 142KB 224KB [ 769.456317] Acpi-Operand 156KB 198KB [ 769.494187] Acpi-ParseExt 9KB 11KB [ 769.499566] Acpi-Parse 41KB 47KB [ 769.507488] Acpi-State 52KB 63KB [ 769.567335] Acpi-Namespace 20KB 27KB [ 769.574520] numa_policy 0KB 3KB [ 769.579896] debug_objects_cache 1491KB 1828KB [ 769.620567] trace_event_file 297KB 298KB [ 769.643516] ftrace_event_field 398KB 401KB [ 769.648982] pool_workqueue 143KB 152KB [ 769.661488] page->ptl 469KB 1008KB [ 769.708135] kmalloc-2097152 2050KB 2050KB [ 769.725148] kmalloc-524288 2056KB 2056KB [ 769.730542] kmalloc-262144 1290KB 1290KB [ 769.736998] kmalloc-131072 650KB 650KB [ 769.763524] kmalloc-65536 2640KB 2706KB [ 769.768910] kmalloc-32768 2145KB 2145KB [ 769.781269] kmalloc-16384 1353KB 1402KB [ 769.809128] kmalloc-8192 5453KB 5453KB [ 769.839714] kmalloc-4096 27977KB 28033KB [ 769.863833] kmalloc-2048 16524KB 16524KB [ 769.869265] kmalloc-1024 12261KB 12324KB [ 769.878220] kmalloc-512 17113KB 17175KB [ 769.888816] kmalloc-256 5483KB 5711KB [ 769.906922] kmalloc-128 1255KB 1401KB [ 769.937657] kmalloc-96 3489KB 4076KB [ 769.960703] kmalloc-64 2665KB 3892KB [ 769.970471] kmalloc-32 1953KB 2543KB [ 769.999874] kmalloc-192 2143KB 2572KB [ 770.033226] kmem_cache 177KB 183KB [ 770.038615] Out of memory (oom_kill_allocating_task): Kill process 8082 (syz-fuzzer) score 0 or sacrifice child [ 770.078662] Killed process 587 (syz-executor.5) total-vm:48512kB, anon-rss:428kB, file-rss:4kB, shmem-rss:0kB [ 770.127556] oom_reaper: reaped process 5783 (syz-executor.1), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 770.160455] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 770.219484] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 770.231477] CPU: 1 PID: 8111 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 770.238939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 770.248378] Call Trace: [ 770.250967] dump_stack+0x1fc/0x2ef [ 770.254597] dump_header+0x15d/0xc3f [ 770.258312] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 770.263411] ? ___ratelimit+0x319/0x590 [ 770.267390] oom_kill_process.cold+0x10/0x692 [ 770.271893] ? check_preemption_disabled+0x41/0x280 [ 770.276918] ? has_intersects_mems_allowed+0x1d6/0x290 [ 770.282198] out_of_memory+0x1072/0x1390 [ 770.286267] ? oom_killer_disable+0x270/0x270 [ 770.290766] ? mutex_trylock+0x15f/0x1a0 [ 770.294833] __alloc_pages_nodemask+0x23a2/0x2890 [ 770.299687] ? find_get_entry+0x4cd/0x8a0 [ 770.303848] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 770.308711] alloc_pages_current+0x193/0x2a0 [ 770.313119] filemap_fault+0x146e/0x2180 [ 770.317190] ext4_filemap_fault+0x84/0xb0 [ 770.321337] __do_fault+0x10b/0x4b0 [ 770.325054] __handle_mm_fault+0x273b/0x41c0 [ 770.329486] ? vm_insert_page+0x9c0/0x9c0 [ 770.333647] ? check_preemption_disabled+0x41/0x280 [ 770.338672] handle_mm_fault+0x436/0xb10 [ 770.342736] __do_page_fault+0x68e/0xd60 [ 770.346824] ? trace_hardirqs_off_caller+0x6e/0x210 [ 770.351842] ? spurious_fault+0x840/0x840 [ 770.355989] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 770.360831] ? page_fault+0x8/0x30 [ 770.364372] page_fault+0x1e/0x30 [ 770.367829] RIP: 0033:0x451cf7 [ 770.371103] Code: Bad RIP value. [ 770.374460] RSP: 002b:000000c0009598e8 EFLAGS: 00010246 [ 770.379811] RAX: 00000000000000ad RBX: 0000000000000002 RCX: 000000000117c760 [ 770.387072] RDX: 0000000000000000 RSI: 00000000004ae06a RDI: 0000000000d026a4 [ 770.394334] RBP: 000000c0009598f8 R08: 0000000001f7ee40 R09: 0000000000000000 [ 770.401599] R10: 0000000001000004 R11: 0000000000000202 R12: 000000c0009599a0 [ 770.408883] R13: 0000000000000000 R14: 000000c000950000 R15: 0000000000000000 [ 770.433526] Mem-Info: [ 770.436005] active_anon:14777 inactive_anon:29120 isolated_anon:0 [ 770.436005] active_file:22 inactive_file:0 isolated_file:0 [ 770.436005] unevictable:0 dirty:0 writeback:0 unstable:0 [ 770.436005] slab_reclaimable:14109 slab_unreclaimable:114854 [ 770.436005] mapped:18496 shmem:29645 pagetables:547 bounce:0 [ 770.436005] free:21411 free_pcp:103 free_cma:0 [ 770.485151] Node 0 active_anon:56448kB inactive_anon:51156kB active_file:80kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:72168kB dirty:0kB writeback:0kB shmem:52716kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 770.519798] Node 1 active_anon:2660kB inactive_anon:65324kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1816kB dirty:0kB writeback:0kB shmem:65864kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 770.548226] Node 0 DMA free:10876kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 770.561539] syz-executor.1: vmalloc: allocation failure, allocated 1745248256 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 770.609812] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 770.619188] CPU: 1 PID: 5783 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 770.619325] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 770.626988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 770.626993] Call Trace: [ 770.627015] dump_stack+0x1fc/0x2ef [ 770.627032] warn_alloc.cold+0x7b/0x18f [ 770.627055] ? zone_watermark_ok_safe+0x260/0x260 [ 770.627069] ? retint_kernel+0x2d/0x2d [ 770.627099] __vmalloc_area_node+0x4fd/0x780 [ 770.627119] ? __vmalloc_node_range+0x180/0x180 [ 770.666476] Node 0 DMA32 free:17856kB min:35996kB low:44992kB high:53988kB active_anon:56448kB inactive_anon:51156kB active_file:96kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7392kB pagetables:1880kB bounce:0kB free_pcp:456kB local_pcp:208kB free_cma:0kB [ 770.669407] ? _raw_spin_unlock+0x29/0x40 [ 770.702370] ? __get_vm_area_node+0x2e2/0x3a0 [ 770.706962] __vmalloc_node_range+0xed/0x180 [ 770.711333] lowmem_reserve[]: 0 0 1 1 1 [ 770.711376] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 770.715442] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 770.719642] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 770.750911] vmalloc_user+0x70/0xe0 [ 770.754538] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 770.756872] lowmem_reserve[]: 0 0 0 0 0 [ 770.758852] vb2_vmalloc_alloc+0xb3/0x2f0 [ 770.758867] __vb2_queue_alloc+0x472/0xe60 [ 770.758889] vb2_core_create_bufs+0x273/0x7e0 [ 770.758901] ? __vb2_queue_free+0x870/0x870 [ 770.758916] ? mutex_trylock+0x1a0/0x1a0 [ 770.758930] ? __video_do_ioctl+0x632/0xcd0 [ 770.758947] vb2_create_bufs+0x332/0x620 [ 770.758962] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 770.758974] ? __video_do_ioctl+0x632/0xcd0 [ 770.759003] ? mutex_trylock+0x1a0/0x1a0 [ 770.759017] ? mark_held_locks+0xf0/0xf0 [ 770.759036] vb2_ioctl_create_bufs+0x20d/0x360 [ 770.759050] ? memset+0x20/0x40 [ 770.759068] v4l_create_bufs+0xb2/0x160 [ 770.759086] __video_do_ioctl+0x49a/0xcd0 [ 770.759106] ? v4l_querycap+0x340/0x340 [ 770.759125] ? __might_fault+0x192/0x1d0 [ 770.759142] ? v4l_querycap+0x340/0x340 [ 770.759158] video_usercopy+0x13f/0xfa0 [ 770.759179] ? v4l_enumstd+0x60/0x60 [ 770.759193] ? do_futex+0x171/0x1880 [ 770.759208] ? mark_held_locks+0xf0/0xf0 [ 770.759226] ? debug_check_no_obj_freed+0x201/0x490 [ 770.759249] ? video_usercopy+0xfa0/0xfa0 [ 770.759262] v4l2_ioctl+0x147/0x1a0 [ 770.759279] ? video_devdata+0xa0/0xa0 [ 770.759294] do_vfs_ioctl+0xcdb/0x12e0 [ 770.759310] ? lock_downgrade+0x720/0x720 [ 770.759325] ? check_preemption_disabled+0x41/0x280 [ 770.759339] ? ioctl_preallocate+0x200/0x200 [ 770.759357] ? __fget+0x356/0x510 [ 770.759373] ? do_dup2+0x450/0x450 [ 770.759386] ? __se_sys_futex+0x298/0x3b0 [ 770.759408] ksys_ioctl+0x9b/0xc0 [ 770.759424] __x64_sys_ioctl+0x6f/0xb0 [ 770.759438] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 770.759452] do_syscall_64+0xf9/0x620 [ 770.759469] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 770.759481] RIP: 0033:0x7f4dd02630f9 [ 770.759496] Code: Bad RIP value. [ 770.759503] RSP: 002b:00007f4dce7d5168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 770.759516] RAX: ffffffffffffffda RBX: 00007f4dd0382f80 RCX: 00007f4dd02630f9 [ 770.759524] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 770.759532] RBP: 00007f4dd02beae9 R08: 0000000000000000 R09: 0000000000000000 [ 770.759540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 770.759548] R13: 00007ffe2f8179bf R14: 00007f4dce7d5300 R15: 0000000000022000 [ 770.798377] Mem-Info: [ 770.815669] Node 1 Normal free:26840kB min:53876kB low:67344kB high:80812kB active_anon:2660kB inactive_anon:65324kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:308kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 770.850448] active_anon:14758 inactive_anon:29120 isolated_anon:0 [ 770.850448] active_file:17 inactive_file:17 isolated_file:0 [ 770.850448] unevictable:0 dirty:0 writeback:0 unstable:0 [ 770.850448] slab_reclaimable:14084 slab_unreclaimable:114836 [ 770.850448] mapped:18496 shmem:29645 pagetables:521 bounce:0 [ 770.850448] free:13832 free_pcp:210 free_cma:0 [ 770.909176] lowmem_reserve[]: 0 0 0 0 0 [ 770.992997] Node 0 active_anon:56384kB inactive_anon:51156kB active_file:68kB inactive_file:64kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:72168kB dirty:0kB writeback:0kB shmem:52716kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 14336kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 771.080107] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10876kB [ 771.099353] Node 1 active_anon:2648kB inactive_anon:65324kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1816kB dirty:0kB writeback:0kB shmem:65864kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 771.157726] Node 0 DMA free:10876kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 771.169010] Node 0 DMA32: 1413*4kB (UME) 813*8kB (UME) 217*16kB (ME) 26*32kB (ME) 8*64kB (UME) 3*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17612kB [ 771.220787] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 771.242366] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 771.255048] Node 0 DMA32 free:17604kB min:35996kB low:44992kB high:53988kB active_anon:56384kB inactive_anon:51156kB active_file:68kB inactive_file:64kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7392kB pagetables:1780kB bounce:0kB free_pcp:584kB local_pcp:244kB free_cma:0kB [ 771.310757] Node 1 Normal: 270*4kB (UME) 244*8kB (UME) 200*16kB (UME) 114*32kB (UME) 43*64kB (ME) 9*128kB (UME) 3*256kB (UM) 2*512kB (UE) 1*1024kB (E) 1*2048kB (E) 2*4096kB (U) = 26840kB [ 771.330309] lowmem_reserve[]: 0 0 1 1 1 [ 771.384888] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 771.397651] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 771.483489] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 771.489650] lowmem_reserve[]: 0 0 0 0 0 [ 771.553782] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 771.562740] Node 1 Normal free:26840kB min:53876kB low:67344kB high:80812kB active_anon:2648kB inactive_anon:65324kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:304kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 771.571864] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 771.630844] lowmem_reserve[]: 0 0 0 0 0 [ 771.641162] 29679 total pagecache pages [ 771.671125] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10876kB [ 771.685604] 0 pages in swap cache [ 771.685613] Swap cache stats: add 0, delete 0, find 0/0 [ 771.685618] Free swap = 0kB [ 771.685623] Total swap = 0kB [ 771.685631] 2097051 pages RAM [ 771.685636] 0 pages HighMem/MovableOnly [ 771.685641] 369649 pages reserved [ 771.685645] 0 pages cma reserved [ 771.685652] Unreclaimable slab info: [ 771.685656] Name Used Total [ 771.685668] pid_2 29KB 200KB [ 771.685743] batadv_tt_change_cache 2KB 3KB [ 771.685756] batadv_tl_cache 7KB 12KB [ 771.685783] TIPC 15KB 30KB [ 771.685804] SCTPv6 20KB 37KB [ 771.685822] DCCPv6 17KB 37KB [ 771.685835] DCCP 16KB 35KB [ 771.685876] RXRPC 16KB 32KB [ 771.685885] rxrpc_call_jar 112KB 118KB [ 771.685898] bridge_fdb_cache 14KB 23KB [ 771.685914] fib6_nodes 236KB 240KB [ 771.685923] ip6_dst_cache 532KB 532KB [ 771.685936] RAWv6 101KB 114KB [ 771.685947] UDPv6 37KB 41KB [ 771.685960] TCPv6 24KB 36KB [ 771.685979] nf_conntrack 9KB 11KB [ 771.686043] t10_alua_lu_gp_cache 0KB 3KB [ 771.686057] sd_ext_cdb 0KB 7KB [ 771.686067] scsi_sense_cache 1056KB 1060KB [ 771.686076] virtio_scsi_cmd 16KB 16KB [ 771.686089] sgpool-128 8KB 8KB [ 771.686098] sgpool-64 4KB 12KB [ 771.686108] sgpool-32 2KB 15KB [ 771.686117] sgpool-16 1KB 7KB [ 771.686126] sgpool-8 0KB 7KB [ 771.686143] mqueue_inode_cache 15KB 37KB [ 771.686159] bio_post_read_ctx 14KB 15KB [ 771.686230] bio-2 14KB 15KB [ 771.686239] jfs_mp 7KB 7KB [ 771.686278] cifs_small_rq 15KB 16KB [ 771.686287] cifs_request 67KB 67KB [ 771.686296] cifs_mpx_ids 0KB 7KB [ 771.686323] nfs_commit_data 3KB 14KB [ 771.686331] nfs_write_data 34KB 44KB [ 771.686372] ext4_system_zone 1KB 7KB [ 771.686399] bio-1 1KB 7KB [ 771.686410] pid_namespace 3KB 11KB [ 771.686429] rpc_buffers 17KB 25KB [ 771.686438] rpc_tasks 2KB 7KB [ 771.686446] UNIX 1428KB 1436KB [ 771.686460] tcp_bind_bucket 1KB 4KB [ 771.686477] ip_fib_trie 34KB 39KB [ 771.686485] ip_fib_alias 166KB 173KB [ 771.686494] ip_dst_cache 11KB 20KB [ 771.686505] RAW 60KB 67KB [ 771.686513] UDP 45KB 60KB [ 771.686526] TCP 8KB 16KB [ 771.686537] hugetlbfs_inode_cache 3KB 15KB [ 771.707951] Node 0 DMA32: 1413*4kB (UME) 813*8kB (UME) 217*16kB (ME) 26*32kB (ME) 8*64kB (UME) 3*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17612kB [ 771.807177] fscache_cookie_jar 1KB 11KB [ 771.920117] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 771.958679] eventpoll_pwq 26KB 43KB [ 771.981117] Node 1 Normal: 270*4kB (UME) 244*8kB (UME) 200*16kB (UME) 114*32kB (UME) 43*64kB (ME) 9*128kB (UME) 3*256kB (UM) 2*512kB (UE) 1*1024kB (E) 1*2048kB (E) 2*4096kB (U) = 26840kB [ 772.058659] eventpoll_epi 48KB 66KB [ 772.079318] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 772.127962] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 772.135863] inotify_inode_mark 13KB 43KB [ 772.159774] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 772.166376] request_queue 199KB 199KB [ 772.231123] blkdev_requests 1KB 3KB [ 772.260698] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 772.266744] blkdev_ioc 24KB 38KB [ 772.316091] bio-0 958KB 1020KB [ 772.324315] 29679 total pagecache pages [ 772.328313] 0 pages in swap cache [ 772.351170] biovec-max 1526KB 1617KB [ 772.360244] biovec-64 993KB 1078KB [ 772.370788] Swap cache stats: add 0, delete 0, find 0/0 [ 772.417568] biovec-16 115KB 123KB [ 772.436993] bio_integrity_payload 1KB 8KB [ 772.439704] Free swap = 0kB [ 772.471393] net_ratelimit: 19 callbacks suppressed [ 772.471400] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 772.482936] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 772.487713] khugepaged_mm_slot 4KB 34KB [ 772.489473] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 772.501490] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 772.508019] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 772.514574] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 772.521101] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 772.527649] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 772.534216] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 772.540750] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 772.556150] uid_cache 0KB 4KB [ 772.561594] dmaengine-unmap-2 0KB 3KB [ 772.565049] Total swap = 0kB [ 772.566958] skbuff_fclone_cache 45KB 101KB [ 772.569960] 2097051 pages RAM [ 772.578755] skbuff_head_cache 8838KB 8838KB [ 772.584323] configfs_dir_cache 3KB 7KB [ 772.589869] file_lock_cache 46KB 174KB [ 772.590571] 0 pages HighMem/MovableOnly [ 772.598532] file_lock_ctx 9KB 11KB [ 772.601084] 369649 pages reserved [ 772.605518] fsnotify_mark_connector 6KB 31KB [ 772.608297] 0 pages cma reserved [ 772.617630] net_namespace 78KB 78KB [ 772.623084] shmem_inode_cache 8092KB 8364KB [ 772.628443] task_delay_info 223KB 387KB [ 772.637039] taskstats 25KB 107KB [ 772.642458] proc_dir_entry 890KB 896KB [ 772.647939] pde_opener 13KB 34KB [ 772.656719] seq_file 256KB 504KB [ 772.662124] sigqueue 53KB 63KB [ 772.667523] kernfs_node_cache 18229KB 18246KB [ 772.678246] mnt_cache 225KB 232KB [ 772.683694] filp 6908KB 7638KB [ 772.689057] names_cache 113428KB 113487KB [ 772.705024] iint_cache 32KB 55KB [ 772.710398] key_jar 27KB 135KB [ 772.726252] uts_namespace 4KB 11KB [ 772.731663] nsproxy 2KB 7KB [ 772.737031] vm_area_struct 3196KB 3936KB [ 772.759345] mm_struct 468KB 676KB [ 772.770954] fs_cache 250KB 368KB [ 772.848914] files_cache 905KB 911KB [ 772.860822] signal_cache 1676KB 1681KB [ 772.910465] sighand_cache 580KB 645KB [ 772.934553] task_struct 7821KB 7821KB [ 772.939932] cred_jar 2098KB 2228KB [ 772.980716] anon_vma_chain 1018KB 1492KB [ 773.036501] anon_vma 138KB 288KB [ 773.047857] pid 142KB 224KB [ 773.060038] Acpi-Operand 156KB 198KB [ 773.080950] Acpi-ParseExt 9KB 11KB [ 773.103441] Acpi-Parse 41KB 47KB [ 773.108827] Acpi-State 52KB 63KB [ 773.119302] Acpi-Namespace 20KB 27KB [ 773.161140] numa_policy 0KB 3KB [ 773.197335] debug_objects_cache 1489KB 1828KB [ 773.241024] trace_event_file 297KB 298KB [ 773.268518] ftrace_event_field 398KB 401KB [ 773.301100] pool_workqueue 143KB 152KB [ 773.310336] page->ptl 469KB 1008KB [ 773.350443] kmalloc-2097152 2050KB 2050KB [ 773.373880] kmalloc-524288 2056KB 2056KB [ 773.379299] kmalloc-262144 1290KB 1290KB [ 773.431154] kmalloc-131072 650KB 650KB [ 773.448813] kmalloc-65536 2640KB 2706KB [ 773.454285] kmalloc-32768 2145KB 2145KB [ 773.459684] kmalloc-16384 1353KB 1402KB [ 773.480164] kmalloc-8192 5453KB 5453KB [ 773.490391] kmalloc-4096 27943KB 27999KB [ 773.499235] kmalloc-2048 16524KB 16524KB [ 773.524729] kmalloc-1024 12324KB 12324KB [ 773.530140] kmalloc-512 17193KB 17193KB [ 773.573046] kmalloc-256 5492KB 5711KB [ 773.578465] kmalloc-128 1255KB 1401KB [ 773.611978] kmalloc-96 3489KB 4076KB [ 773.617370] kmalloc-64 2665KB 3892KB [ 773.650804] kmalloc-32 1957KB 2543KB [ 773.659809] kmalloc-192 2143KB 2572KB [ 773.698528] kmem_cache 177KB 183KB [ 773.725704] Out of memory (oom_kill_allocating_task): Kill process 8111 (syz-fuzzer) score 0 or sacrifice child [ 773.767054] Killed process 1630 (syz-executor.3) total-vm:48512kB, anon-rss:432kB, file-rss:0kB, shmem-rss:0kB [ 773.802624] systemd-rfkill invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 773.870910] systemd-rfkill cpuset=/ mems_allowed=0-1 [ 773.967845] CPU: 1 PID: 5757 Comm: systemd-rfkill Not tainted 4.19.211-syzkaller #0 [ 773.975690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 773.985041] Call Trace: [ 773.987641] dump_stack+0x1fc/0x2ef [ 773.991272] dump_header+0x15d/0xc3f [ 773.995013] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 774.000113] ? ___ratelimit+0x319/0x590 [ 774.004091] oom_kill_process.cold+0x10/0x692 [ 774.008590] ? check_preemption_disabled+0x41/0x280 [ 774.013610] ? has_intersects_mems_allowed+0x1d6/0x290 [ 774.018911] out_of_memory+0x1072/0x1390 [ 774.022976] ? oom_killer_disable+0x270/0x270 [ 774.027472] ? mutex_trylock+0x15f/0x1a0 [ 774.031555] __alloc_pages_nodemask+0x23a2/0x2890 [ 774.036429] ? find_get_entry+0x4cd/0x8a0 [ 774.040582] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 774.045461] alloc_pages_current+0x193/0x2a0 [ 774.049867] filemap_fault+0x146e/0x2180 [ 774.053939] ext4_filemap_fault+0x84/0xb0 [ 774.058092] __do_fault+0x10b/0x4b0 [ 774.061726] __handle_mm_fault+0x273b/0x41c0 [ 774.066141] ? vm_insert_page+0x9c0/0x9c0 [ 774.070303] ? check_preemption_disabled+0x41/0x280 [ 774.075321] handle_mm_fault+0x436/0xb10 [ 774.079388] __do_page_fault+0x68e/0xd60 [ 774.083461] ? trace_hardirqs_off_caller+0x6e/0x210 [ 774.088477] ? spurious_fault+0x840/0x840 [ 774.092639] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 774.097485] ? page_fault+0x8/0x30 [ 774.101029] page_fault+0x1e/0x30 [ 774.104479] RIP: 0033:0x7f8e12746aa0 [ 774.108198] Code: Bad RIP value. [ 774.111558] RSP: 002b:00007ffe8a6d6788 EFLAGS: 00010246 [ 774.116918] RAX: 0000000000000000 RBX: 000056001eb92040 RCX: 0000000000000000 [ 774.124210] RDX: 00007ffe8a6d6720 RSI: 0000000000000001 RDI: 00007ffe8a6d6758 [ 774.131478] RBP: 00007ffe8a6d67c8 R08: 0000000000000008 R09: 0000000000000000 [ 774.138747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 774.146015] R13: 00007ffe8a6d67c0 R14: 0000000000000000 R15: 0000000000000003 [ 774.217700] Mem-Info: [ 774.220169] active_anon:14758 inactive_anon:29120 isolated_anon:0 [ 774.220169] active_file:17 inactive_file:5 isolated_file:0 [ 774.220169] unevictable:0 dirty:0 writeback:0 unstable:0 [ 774.220169] slab_reclaimable:14082 slab_unreclaimable:114865 [ 774.220169] mapped:18496 shmem:29645 pagetables:521 bounce:0 [ 774.220169] free:13834 free_pcp:239 free_cma:0 [ 774.329036] Node 0 active_anon:56384kB inactive_anon:51156kB active_file:0kB inactive_file:64kB unevictable:0kB isolated(anon):0kB isolated(file):16kB mapped:72168kB dirty:0kB writeback:0kB shmem:52716kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 14336kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 774.375381] Node 1 active_anon:2648kB inactive_anon:65324kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1816kB dirty:0kB writeback:0kB shmem:65864kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 774.407355] Node 0 DMA free:10876kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 774.438485] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 774.444734] Node 0 DMA32 free:17612kB min:35996kB low:44992kB high:53988kB active_anon:56384kB inactive_anon:51156kB active_file:0kB inactive_file:64kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7360kB pagetables:1780kB bounce:0kB free_pcp:692kB local_pcp:328kB free_cma:0kB [ 774.483403] lowmem_reserve[]: 0 0 1 1 1 [ 774.487395] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 774.519045] lowmem_reserve[]: 0 0 0 0 0 [ 774.523108] Node 1 Normal free:99240kB min:53876kB low:67344kB high:80812kB active_anon:2648kB inactive_anon:65324kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:304kB bounce:0kB free_pcp:1264kB local_pcp:4kB free_cma:0kB [ 774.558694] lowmem_reserve[]: 0 0 0 0 0 [ 774.562788] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10876kB [ 774.581173] Node 0 DMA32: 1413*4kB (UME) 815*8kB (UME) 217*16kB (ME) 27*32kB (UME) 8*64kB (UME) 3*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17660kB [ 774.603058] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 774.618370] Node 1 Normal: 271*4kB (UME) 244*8kB (UME) 202*16kB (UME) 121*32kB (UME) 50*64kB (UME) 17*128kB (UME) 10*256kB (UM) 9*512kB (UE) 9*1024kB (UE) 38*2048kB (UE) 31*4096kB (U) = 236700kB [ 774.641529] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 774.657419] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 774.666092] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 774.679638] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 774.688431] 29679 total pagecache pages [ 774.697048] 0 pages in swap cache [ 774.700503] Swap cache stats: add 0, delete 0, find 0/0 [ 774.706033] Free swap = 0kB [ 774.709043] Total swap = 0kB [ 774.716660] 2097051 pages RAM [ 774.719777] 0 pages HighMem/MovableOnly [ 774.725604] 369649 pages reserved [ 774.729090] 0 pages cma reserved [ 774.736944] Unreclaimable slab info: [ 774.740665] Name Used Total [ 774.746246] pid_2 29KB 200KB [ 774.758819] batadv_tt_change_cache 2KB 3KB [ 774.765384] batadv_tl_cache 7KB 12KB [ 774.770944] TIPC 15KB 30KB [ 774.781335] SCTPv6 20KB 37KB [ 774.786750] DCCPv6 17KB 37KB [ 774.796403] DCCP 16KB 35KB [ 774.802684] RXRPC 16KB 32KB [ 774.808068] rxrpc_call_jar 112KB 118KB [ 774.821196] bridge_fdb_cache 14KB 23KB [ 774.826582] fib6_nodes 236KB 240KB [ 774.855196] ip6_dst_cache 540KB 540KB [ 774.880209] RAWv6 101KB 114KB [ 774.908767] UDPv6 37KB 41KB [ 774.945100] TCPv6 24KB 36KB [ 774.969297] nf_conntrack 9KB 11KB [ 775.005461] t10_alua_lu_gp_cache 0KB 3KB [ 775.045563] sd_ext_cdb 0KB 7KB [ 775.061200] scsi_sense_cache 1056KB 1060KB [ 775.081827] virtio_scsi_cmd 16KB 16KB [ 775.087581] sgpool-128 8KB 8KB [ 775.101165] sgpool-64 4KB 12KB [ 775.106854] sgpool-32 2KB 15KB [ 775.141166] sgpool-16 1KB 7KB [ 775.146570] sgpool-8 0KB 7KB [ 775.161722] mqueue_inode_cache 15KB 37KB [ 775.167202] bio_post_read_ctx 14KB 15KB [ 775.181591] bio-2 14KB 15KB [ 775.186971] jfs_mp 7KB 7KB [ 775.201163] cifs_small_rq 15KB 16KB [ 775.206542] cifs_request 67KB 67KB [ 775.225816] cifs_mpx_ids 0KB 7KB [ 775.245163] nfs_commit_data 3KB 14KB [ 775.250549] nfs_write_data 34KB 44KB [ 775.281329] ext4_system_zone 1KB 7KB [ 775.286786] bio-1 1KB 7KB [ 775.316165] pid_namespace 3KB 11KB [ 775.341155] rpc_buffers 17KB 25KB [ 775.346543] rpc_tasks 2KB 7KB [ 775.367566] UNIX 1426KB 1436KB [ 775.396352] tcp_bind_bucket 1KB 4KB [ 775.415899] ip_fib_trie 34KB 39KB [ 775.437486] ip_fib_alias 166KB 173KB [ 775.443593] ip_dst_cache 11KB 20KB [ 775.458942] RAW 60KB 67KB [ 775.476511] UDP 45KB 60KB [ 775.483322] TCP 8KB 16KB [ 775.489357] hugetlbfs_inode_cache 3KB 15KB [ 775.503711] fscache_cookie_jar 1KB 11KB [ 775.510372] eventpoll_pwq 26KB 43KB [ 775.517377] eventpoll_epi 48KB 66KB [ 775.526577] inotify_inode_mark 13KB 43KB [ 775.535677] request_queue 199KB 199KB [ 775.544911] blkdev_requests 1KB 3KB [ 775.550289] blkdev_ioc 28KB 38KB [ 775.573893] bio-0 947KB 960KB [ 775.579299] biovec-max 1526KB 1617KB [ 775.612975] biovec-64 1015KB 1055KB [ 775.618384] biovec-16 123KB 123KB [ 775.662056] bio_integrity_payload 1KB 8KB [ 775.667807] khugepaged_mm_slot 4KB 34KB [ 775.685910] uid_cache 0KB 4KB [ 775.695286] dmaengine-unmap-2 0KB 3KB [ 775.700679] skbuff_fclone_cache 45KB 101KB [ 775.716941] skbuff_head_cache 8220KB 8358KB [ 775.725713] configfs_dir_cache 3KB 7KB [ 775.732990] file_lock_cache 45KB 174KB [ 775.738354] file_lock_ctx 9KB 11KB [ 775.747096] fsnotify_mark_connector 6KB 31KB [ 775.754683] net_namespace 78KB 78KB [ 775.760057] shmem_inode_cache 8092KB 8364KB [ 775.791914] task_delay_info 234KB 387KB [ 775.797489] taskstats 24KB 107KB [ 775.825320] proc_dir_entry 890KB 896KB [ 775.830715] pde_opener 13KB 34KB [ 775.851961] seq_file 255KB 500KB [ 775.870110] sigqueue 52KB 63KB [ 775.892006] kernfs_node_cache 18224KB 18246KB [ 775.898318] mnt_cache 225KB 232KB [ 775.916489] filp 7256KB 7638KB [ 775.923570] names_cache 117045KB 117045KB [ 775.941295] iint_cache 32KB 55KB [ 775.946665] key_jar 27KB 135KB [ 775.960715] uts_namespace 4KB 11KB [ 775.981751] nsproxy 2KB 7KB [ 775.987158] vm_area_struct 3008KB 3932KB [ 776.003566] mm_struct 468KB 676KB [ 776.021104] fs_cache 264KB 368KB [ 776.026527] files_cache 909KB 911KB [ 776.031946] signal_cache 1681KB 1681KB [ 776.043769] sighand_cache 608KB 645KB [ 776.050725] task_struct 7688KB 7745KB [ 776.071571] cred_jar 2259KB 2260KB [ 776.076965] anon_vma_chain 959KB 1492KB [ 776.106120] anon_vma 146KB 288KB [ 776.111556] pid 144KB 224KB [ 776.116931] Acpi-Operand 156KB 198KB [ 776.141162] Acpi-ParseExt 9KB 11KB [ 776.157383] Acpi-Parse 41KB 47KB [ 776.176209] Acpi-State 52KB 63KB [ 776.186640] Acpi-Namespace 20KB 27KB [ 776.215906] numa_policy 0KB 3KB [ 776.221497] debug_objects_cache 1489KB 1828KB [ 776.227030] trace_event_file 297KB 298KB [ 776.256143] ftrace_event_field 398KB 401KB [ 776.275676] pool_workqueue 142KB 152KB [ 776.281252] page->ptl 458KB 1008KB [ 776.286659] kmalloc-2097152 2050KB 2050KB [ 776.316397] kmalloc-524288 2056KB 2056KB [ 776.331303] kmalloc-262144 1290KB 1290KB [ 776.336686] kmalloc-131072 650KB 650KB [ 776.352306] kmalloc-65536 2640KB 2706KB [ 776.357698] kmalloc-32768 2145KB 2145KB [ 776.378483] kmalloc-16384 1353KB 1402KB [ 776.394923] kmalloc-8192 5189KB 5263KB [ 776.400316] kmalloc-4096 26490KB 26498KB [ 776.410665] kmalloc-2048 16398KB 16492KB [ 776.416802] kmalloc-1024 11865KB 12324KB [ 776.423197] kmalloc-512 15156KB 16271KB [ 776.428564] kmalloc-256 5416KB 5700KB [ 776.434972] kmalloc-128 1255KB 1401KB [ 776.440336] kmalloc-96 3414KB 4076KB [ 776.446964] kmalloc-64 2642KB 3892KB [ 776.453003] kmalloc-32 1897KB 2543KB [ 776.458369] kmalloc-192 2137KB 2572KB [ 776.471024] kmem_cache 177KB 183KB [ 776.476441] Out of memory (oom_kill_allocating_task): Kill process 5757 (systemd-rfkill) score 0 or sacrifice child [ 776.488343] Killed process 5757 (systemd-rfkill) total-vm:37800kB, anon-rss:376kB, file-rss:0kB, shmem-rss:0kB [ 776.500361] oom_reaper: reaped process 5757 (systemd-rfkill), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 02:35:47 executing program 4: openat$dsp1(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000180)=@multiplanar_overlay={0x3fc, 0x0, 0x4, 0x40, 0x1020, {0x0, 0xea60}, {0x4, 0x8, 0x7, 0x0, 0x4, 0x80, "66cd7bcc"}, 0x0, 0x3, {&(0x7f0000000100)=[{0x6, 0x7f, {0x3}, 0x4}, {0x2, 0x5, {0x4}, 0xb41}]}, 0x10}) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000002c0)="d1e7772201dfe59e581aa523308978b9f780933879abdf2a60896d0e0bb7da16e56f50d682ccafbfc03d741d8787f7a6b9bca390bee9cd05404104212a8a2c5a94d6d85af3e99ed13b030bd9c9c5bb6a91b24a7184e2dca7b185296d9e319424e2ea8586f723b1d490c82962079fed2747d734d5d9e302feb14586a23fa5", 0x7e, r0) r2 = request_key(&(0x7f0000000340)='dns_resolver\x00', &(0x7f0000000380)={'syz', 0x1}, &(0x7f00000003c0)='\\]#\\%[[\\:[}{##*\\\x00', 0xfffffffffffffffd) keyctl$reject(0x13, r1, 0x0, 0x8, r2) keyctl$invalidate(0x3, r0) 02:35:47 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:35:47 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800, 0x0, 0xffffffffffffffff}) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000640)={{&(0x7f0000fed000/0x13000)=nil, 0x13000}, 0x1}) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r6, 0x0, 0x0}, 0x10) r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r7, 0x0, 0x0}, 0x10) sendmsg$nl_route(r4, &(0x7f0000000600)={&(0x7f0000000540), 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=@ipv4_delroute={0x40, 0x19, 0x100, 0x70bd28, 0x25dfdbfe, {0x2, 0x20, 0x20, 0xcf, 0xfc, 0x1, 0xc8, 0x5, 0x100}, [@RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @loopback}}, @RTA_IIF={0x8}, @RTA_TABLE={0x8, 0xf, 0x7}, @RTA_TABLE={0x8, 0xf, 0x153}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x8) r8 = semget$private(0x0, 0x2, 0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) semtimedop(r8, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)={r9, r10+10000000}) ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, &(0x7f0000000340)) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_DQBUF(r5, 0xc0585611, &(0x7f0000000140)=@mmap={0x101, 0x1, 0x4, 0x4000, 0x7, {0x0, 0x2710}, {0x4, 0x1, 0x2, 0x98, 0xf8, 0x2, "d38ec247"}, 0xfffffff7, 0x1, {}, 0x0, 0x0, r4}) [ 778.756472] IPVS: ftp: loaded support on port[0] = 21 [ 778.767934] IPVS: ftp: loaded support on port[0] = 21 [ 779.018119] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 779.027250] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 779.041675] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 779.048380] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 779.058975] device bridge_slave_1 left promiscuous mode [ 779.065679] bridge0: port 2(bridge_slave_1) entered disabled state [ 779.073981] device bridge_slave_0 left promiscuous mode [ 779.079465] bridge0: port 1(bridge_slave_0) entered disabled state [ 779.091084] device veth1_macvtap left promiscuous mode [ 779.096397] device veth0_macvtap left promiscuous mode [ 779.102987] device veth1_vlan left promiscuous mode [ 779.108054] device veth0_vlan left promiscuous mode 02:35:50 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:35:50 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x0, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:35:50 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800, 0x0, 0xffffffffffffffff}) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000640)={{&(0x7f0000fed000/0x13000)=nil, 0x13000}, 0x1}) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r6, 0x0, 0x0}, 0x10) r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r7, 0x0, 0x0}, 0x10) sendmsg$nl_route(r4, &(0x7f0000000600)={&(0x7f0000000540), 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=@ipv4_delroute={0x40, 0x19, 0x100, 0x70bd28, 0x25dfdbfe, {0x2, 0x20, 0x20, 0xcf, 0xfc, 0x1, 0xc8, 0x5, 0x100}, [@RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @loopback}}, @RTA_IIF={0x8}, @RTA_TABLE={0x8, 0xf, 0x7}, @RTA_TABLE={0x8, 0xf, 0x153}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x8) r8 = semget$private(0x0, 0x2, 0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) semtimedop(r8, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)={r9, r10+10000000}) ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, &(0x7f0000000340)) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) [ 780.630725] Bluetooth: hci3: command 0x0409 tx timeout [ 780.710788] Bluetooth: hci5: command 0x0409 tx timeout 02:35:51 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) keyctl$invalidate(0x3, r1) 02:35:51 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800, 0x0, 0xffffffffffffffff}) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000640)={{&(0x7f0000fed000/0x13000)=nil, 0x13000}, 0x1}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r6, 0x0, 0x0}, 0x10) sendmsg$nl_route(r4, &(0x7f0000000600)={&(0x7f0000000540), 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=@ipv4_delroute={0x40, 0x19, 0x100, 0x70bd28, 0x25dfdbfe, {0x2, 0x20, 0x20, 0xcf, 0xfc, 0x1, 0xc8, 0x5, 0x100}, [@RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @loopback}}, @RTA_IIF={0x8}, @RTA_TABLE={0x8, 0xf, 0x7}, @RTA_TABLE={0x8, 0xf, 0x153}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x8) r7 = semget$private(0x0, 0x2, 0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) semtimedop(r7, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)={r8, r9+10000000}) ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, &(0x7f0000000340)) 02:35:51 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) keyctl$invalidate(0x3, r1) 02:35:51 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800, 0x0, 0xffffffffffffffff}) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000640)={{&(0x7f0000fed000/0x13000)=nil, 0x13000}, 0x1}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r6, 0x0, 0x0}, 0x10) sendmsg$nl_route(r4, &(0x7f0000000600)={&(0x7f0000000540), 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=@ipv4_delroute={0x40, 0x19, 0x100, 0x70bd28, 0x25dfdbfe, {0x2, 0x20, 0x20, 0xcf, 0xfc, 0x1, 0xc8, 0x5, 0x100}, [@RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @loopback}}, @RTA_IIF={0x8}, @RTA_TABLE={0x8, 0xf, 0x7}, @RTA_TABLE={0x8, 0xf, 0x153}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x8) r7 = semget$private(0x0, 0x2, 0x0) clock_gettime(0x0, &(0x7f00000004c0)={0x0, 0x0}) semtimedop(r7, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)={r8, r9+10000000}) 02:35:51 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) keyctl$invalidate(0x3, r1) 02:35:51 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800, 0x0, 0xffffffffffffffff}) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000640)={{&(0x7f0000fed000/0x13000)=nil, 0x13000}, 0x1}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r6, 0x0, 0x0}, 0x10) sendmsg$nl_route(r4, &(0x7f0000000600)={&(0x7f0000000540), 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=@ipv4_delroute={0x40, 0x19, 0x100, 0x70bd28, 0x25dfdbfe, {0x2, 0x20, 0x20, 0xcf, 0xfc, 0x1, 0xc8, 0x5, 0x100}, [@RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @loopback}}, @RTA_IIF={0x8}, @RTA_TABLE={0x8, 0xf, 0x7}, @RTA_TABLE={0x8, 0xf, 0x153}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x8) r7 = semget$private(0x0, 0x2, 0x0) semtimedop(r7, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) [ 782.710600] Bluetooth: hci3: command 0x041b tx timeout [ 782.790650] Bluetooth: hci5: command 0x041b tx timeout [ 783.350845] Bluetooth: hci7: command 0x0409 tx timeout [ 783.357462] Bluetooth: hci6: command 0x0409 tx timeout [ 784.568288] device hsr_slave_1 left promiscuous mode [ 784.576236] device hsr_slave_0 left promiscuous mode [ 784.591789] team0 (unregistering): Port device team_slave_1 removed [ 784.601646] team0 (unregistering): Port device team_slave_0 removed [ 784.611824] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 784.622739] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 784.652590] bond0 (unregistering): Released all slaves [ 784.676373] IPVS: ftp: loaded support on port[0] = 21 [ 784.797581] Bluetooth: hci3: command 0x040f tx timeout [ 784.870423] Bluetooth: hci5: command 0x040f tx timeout [ 785.033128] IPVS: ftp: loaded support on port[0] = 21 [ 785.333511] chnl_net:caif_netlink_parms(): no params data found [ 785.348316] chnl_net:caif_netlink_parms(): no params data found [ 785.359021] chnl_net:caif_netlink_parms(): no params data found [ 785.427392] chnl_net:caif_netlink_parms(): no params data found [ 785.434675] Bluetooth: hci6: command 0x041b tx timeout [ 785.440045] Bluetooth: hci7: command 0x041b tx timeout [ 785.576834] bridge0: port 1(bridge_slave_0) entered blocking state [ 785.584789] bridge0: port 1(bridge_slave_0) entered disabled state [ 785.603942] device bridge_slave_0 entered promiscuous mode [ 785.612396] bridge0: port 1(bridge_slave_0) entered blocking state [ 785.618790] bridge0: port 1(bridge_slave_0) entered disabled state [ 785.627853] device bridge_slave_0 entered promiscuous mode [ 785.635688] bridge0: port 1(bridge_slave_0) entered blocking state [ 785.643370] bridge0: port 1(bridge_slave_0) entered disabled state [ 785.651759] device bridge_slave_0 entered promiscuous mode [ 785.658958] bridge0: port 2(bridge_slave_1) entered blocking state [ 785.666989] bridge0: port 2(bridge_slave_1) entered disabled state [ 785.675426] device bridge_slave_1 entered promiscuous mode [ 785.682937] bridge0: port 2(bridge_slave_1) entered blocking state [ 785.689383] bridge0: port 2(bridge_slave_1) entered disabled state [ 785.698413] device bridge_slave_1 entered promiscuous mode [ 785.705454] bridge0: port 2(bridge_slave_1) entered blocking state [ 785.712814] bridge0: port 2(bridge_slave_1) entered disabled state [ 785.720168] device bridge_slave_1 entered promiscuous mode [ 785.782656] bridge0: port 1(bridge_slave_0) entered blocking state [ 785.789207] bridge0: port 1(bridge_slave_0) entered disabled state [ 785.807447] device bridge_slave_0 entered promiscuous mode [ 785.820339] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 785.829608] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 785.847137] bridge0: port 2(bridge_slave_1) entered blocking state [ 785.855390] bridge0: port 2(bridge_slave_1) entered disabled state [ 785.862953] device bridge_slave_1 entered promiscuous mode [ 785.870970] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 785.880101] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 785.889821] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 785.912820] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 785.943441] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 785.952651] team0: Port device team_slave_0 added [ 785.959505] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 785.981576] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 785.989175] team0: Port device team_slave_1 added [ 785.997682] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 786.006012] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 786.014026] team0: Port device team_slave_0 added [ 786.034421] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 786.042122] team0: Port device team_slave_0 added [ 786.068370] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 786.085493] team0: Port device team_slave_1 added [ 786.095063] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 786.108278] team0: Port device team_slave_1 added [ 786.117905] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 786.129082] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 786.162714] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 786.213553] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 786.219824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 786.248497] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 786.259553] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 786.267643] team0: Port device team_slave_0 added [ 786.274765] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 786.281407] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 786.306708] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 786.318127] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 786.324585] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 786.349869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 786.361345] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 786.367598] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 786.392919] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 786.406885] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 786.414676] team0: Port device team_slave_1 added [ 786.420246] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 786.426563] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 786.454264] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 786.486335] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 786.497246] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 786.519927] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 786.527896] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 786.547402] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 786.566895] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 786.590027] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 786.597238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 786.622859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 786.658769] device hsr_slave_0 entered promiscuous mode [ 786.669821] device hsr_slave_1 entered promiscuous mode [ 786.678806] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 786.686112] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 786.711733] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 786.725714] device hsr_slave_0 entered promiscuous mode [ 786.732674] device hsr_slave_1 entered promiscuous mode [ 786.742211] device hsr_slave_0 entered promiscuous mode [ 786.748273] device hsr_slave_1 entered promiscuous mode [ 786.754644] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 786.761769] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 786.773141] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 786.780105] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 786.806587] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 786.817975] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 786.833072] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 786.848051] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 786.870416] Bluetooth: hci3: command 0x0419 tx timeout [ 786.897597] device hsr_slave_0 entered promiscuous mode [ 786.904197] device hsr_slave_1 entered promiscuous mode [ 786.933063] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 786.950961] Bluetooth: hci5: command 0x0419 tx timeout [ 786.974065] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 787.512214] Bluetooth: hci7: command 0x040f tx timeout [ 787.517588] Bluetooth: hci6: command 0x040f tx timeout [ 787.649532] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 788.015903] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 788.350865] 8021q: adding VLAN 0 to HW filter on device bond0 [ 788.359109] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 788.385862] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 788.756202] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 788.763765] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 788.770156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 788.777242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 788.814081] 8021q: adding VLAN 0 to HW filter on device bond0 [ 788.923645] 8021q: adding VLAN 0 to HW filter on device bond0 [ 788.932047] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 788.938123] 8021q: adding VLAN 0 to HW filter on device team0 [ 788.946665] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 788.957384] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 788.967144] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 789.065809] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 789.075532] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 789.084062] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 789.092607] bridge0: port 1(bridge_slave_0) entered blocking state [ 789.099031] bridge0: port 1(bridge_slave_0) entered forwarding state [ 789.106551] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 789.116405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 789.125751] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 789.135869] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 789.144588] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 789.150971] 8021q: adding VLAN 0 to HW filter on device team0 [ 789.254666] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 789.262350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 789.271048] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 789.278604] bridge0: port 2(bridge_slave_1) entered blocking state [ 789.285003] bridge0: port 2(bridge_slave_1) entered forwarding state [ 789.293156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 789.300299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 789.309858] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 789.320206] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 789.329045] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 789.335720] 8021q: adding VLAN 0 to HW filter on device team0 [ 789.342242] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 789.350858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 789.358674] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 789.367992] bridge0: port 1(bridge_slave_0) entered blocking state [ 789.374373] bridge0: port 1(bridge_slave_0) entered forwarding state [ 789.384423] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 789.394549] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 789.590178] Bluetooth: hci6: command 0x0419 tx timeout [ 789.595621] Bluetooth: hci7: command 0x0419 tx timeout [ 789.694634] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 789.702778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 789.711823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 789.719544] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 789.727981] bridge0: port 2(bridge_slave_1) entered blocking state [ 789.734384] bridge0: port 2(bridge_slave_1) entered forwarding state [ 789.745110] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 789.757424] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 789.767408] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 790.055041] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 790.062855] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 790.071044] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 790.078739] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 790.086752] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 790.094847] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 790.102584] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 790.115119] 8021q: adding VLAN 0 to HW filter on device bond0 [ 790.124857] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 790.133081] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 790.429591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 790.437550] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 790.447006] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 790.455780] bridge0: port 1(bridge_slave_0) entered blocking state [ 790.462192] bridge0: port 1(bridge_slave_0) entered forwarding state [ 790.471756] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 790.483455] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 790.491489] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 790.498581] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 790.508190] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 790.516712] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 790.822179] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 790.830741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 790.838380] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 790.846446] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 790.854731] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 790.863620] bridge0: port 2(bridge_slave_1) entered blocking state [ 790.870130] bridge0: port 2(bridge_slave_1) entered forwarding state [ 790.877214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 790.884924] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 790.893551] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 790.904979] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 790.913799] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 790.920039] 8021q: adding VLAN 0 to HW filter on device team0 [ 791.217525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 791.225318] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 791.235688] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 791.246804] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 791.255679] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 791.262345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 791.273807] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 791.281243] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 791.288303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 791.296476] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 791.304283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 791.312570] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 791.320365] bridge0: port 1(bridge_slave_0) entered blocking state [ 791.326707] bridge0: port 1(bridge_slave_0) entered forwarding state [ 791.334436] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 791.343996] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 791.354244] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 791.364088] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 791.372523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 791.380696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 791.390253] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 791.502798] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 791.511809] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 791.523262] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 791.531799] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 791.539549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 791.549155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 791.557121] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 791.565112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 791.572861] bridge0: port 2(bridge_slave_1) entered blocking state [ 791.579204] bridge0: port 2(bridge_slave_1) entered forwarding state [ 791.586249] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 791.595445] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 791.602007] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 791.613078] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 791.622545] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 791.643576] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 791.667093] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 791.685887] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 791.697435] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 791.708839] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 791.823720] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 791.830792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 791.838418] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 791.846382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 791.858123] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 791.868305] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 791.877065] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 791.890113] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 791.898296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 791.906451] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 791.915002] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 791.923064] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 791.929882] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 792.045710] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 792.052344] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 792.066108] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 792.074744] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 792.086341] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 792.095652] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 792.213776] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 792.222526] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 792.233704] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 792.242390] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 792.258149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 792.266003] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 792.274277] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 792.281548] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 792.290522] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 792.438019] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 792.449198] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 792.455642] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 792.462892] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 792.471118] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 792.483409] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 792.492049] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 792.504350] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 792.512177] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 792.518881] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 792.537265] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 792.558837] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 792.575769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 792.706735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 792.714845] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 792.734123] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 792.749079] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 792.765900] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 792.778445] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 792.818178] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 792.825040] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 792.835286] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 792.843493] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 792.852717] device bridge_slave_1 left promiscuous mode [ 792.858287] bridge0: port 2(bridge_slave_1) entered disabled state [ 792.865992] device bridge_slave_0 left promiscuous mode [ 792.872091] bridge0: port 1(bridge_slave_0) entered disabled state [ 792.882757] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 792.889487] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 792.897526] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 792.904507] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 792.913440] device bridge_slave_1 left promiscuous mode [ 792.918885] bridge0: port 2(bridge_slave_1) entered disabled state [ 792.926107] device bridge_slave_0 left promiscuous mode [ 792.931763] bridge0: port 1(bridge_slave_0) entered disabled state [ 792.940499] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 792.947316] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 792.957391] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 792.964261] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 792.973162] device bridge_slave_1 left promiscuous mode [ 792.978601] bridge0: port 2(bridge_slave_1) entered disabled state [ 792.986234] device bridge_slave_0 left promiscuous mode [ 792.992228] bridge0: port 1(bridge_slave_0) entered disabled state [ 793.004378] device veth1_macvtap left promiscuous mode [ 793.009806] device veth0_macvtap left promiscuous mode [ 793.015159] device veth1_vlan left promiscuous mode [ 793.020323] device veth0_vlan left promiscuous mode [ 793.025586] device veth1_macvtap left promiscuous mode [ 793.032432] device veth0_macvtap left promiscuous mode [ 793.037743] device veth1_vlan left promiscuous mode [ 793.043083] device veth0_vlan left promiscuous mode [ 793.048384] device veth1_macvtap left promiscuous mode [ 793.053974] device veth0_macvtap left promiscuous mode [ 793.059278] device veth1_vlan left promiscuous mode [ 793.064511] device veth0_vlan left promiscuous mode [ 806.022222] device hsr_slave_1 left promiscuous mode [ 806.032149] device hsr_slave_0 left promiscuous mode [ 806.047350] team0 (unregistering): Port device team_slave_1 removed [ 806.056990] team0 (unregistering): Port device team_slave_0 removed [ 806.067415] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 806.080203] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 806.109714] bond0 (unregistering): Released all slaves [ 806.148455] device hsr_slave_1 left promiscuous mode [ 806.157574] device hsr_slave_0 left promiscuous mode [ 806.174240] team0 (unregistering): Port device team_slave_1 removed [ 806.185647] team0 (unregistering): Port device team_slave_0 removed [ 806.195506] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 806.206693] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 806.237986] bond0 (unregistering): Released all slaves [ 806.276914] device hsr_slave_1 left promiscuous mode [ 806.288149] device hsr_slave_0 left promiscuous mode [ 806.304534] team0 (unregistering): Port device team_slave_1 removed [ 806.313906] team0 (unregistering): Port device team_slave_0 removed [ 806.326694] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 806.337250] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 806.372740] bond0 (unregistering): Released all slaves [ 806.386119] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 806.403306] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 806.412603] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 806.420376] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 806.439764] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 806.448817] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 806.459617] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 806.469508] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 806.476562] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 806.485105] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 806.493383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 806.501657] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 806.510383] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 806.517742] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 806.530304] device veth0_vlan entered promiscuous mode [ 806.537110] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 806.552696] device veth1_vlan entered promiscuous mode [ 806.560274] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 806.567025] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 806.575882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 806.584316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 806.595666] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 806.606477] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 806.624109] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 806.641473] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 806.650013] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 806.658003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 806.670735] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 806.677827] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 806.684844] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 806.694906] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 806.705228] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 806.716183] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 806.725831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 806.733550] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 806.740662] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 806.752052] device veth0_vlan entered promiscuous mode [ 806.763384] device veth1_vlan entered promiscuous mode [ 806.770159] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 806.782713] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 806.790965] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 806.797589] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 806.812320] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 806.824463] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 806.832583] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 806.841082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 806.852102] device veth0_macvtap entered promiscuous mode [ 806.858139] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 806.866986] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 806.875243] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 806.886322] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 806.893657] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 806.901034] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 806.910001] device veth1_macvtap entered promiscuous mode [ 806.916044] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 806.923196] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 806.930591] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 806.937714] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 806.945130] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 806.952774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 806.961189] device veth0_vlan entered promiscuous mode [ 806.971427] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 806.978032] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 806.985818] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 806.993301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 807.000834] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 807.010087] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 807.017400] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 807.031136] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 807.042129] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 807.053837] device veth0_vlan entered promiscuous mode [ 807.062745] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 807.073085] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 807.082008] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 807.095257] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 807.106167] device veth1_vlan entered promiscuous mode [ 807.119577] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 807.127866] device veth0_macvtap entered promiscuous mode [ 807.143246] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 807.157412] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 807.167575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 807.177179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 807.187200] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 807.198875] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 807.205859] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 807.216378] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 807.225873] device veth1_vlan entered promiscuous mode [ 807.233402] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 807.242067] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 807.255159] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 807.263258] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 807.277462] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 807.285405] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 807.299464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 807.309701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 807.320564] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 807.330617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 807.341105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 807.352343] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 807.359613] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 807.369903] device veth1_macvtap entered promiscuous mode [ 807.376204] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 807.391621] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 807.404104] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 807.411630] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 807.419884] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 807.427767] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 807.441979] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 807.457061] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 807.484135] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 807.499757] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 807.506639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 807.531784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 807.548191] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 807.560559] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 807.569086] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 807.576912] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 807.596368] device veth0_macvtap entered promiscuous mode [ 807.606043] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 807.627228] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 807.643526] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 807.655597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 807.680488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 807.693732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 807.705836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 807.722581] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 807.733312] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 807.745165] device veth0_macvtap entered promiscuous mode [ 807.757227] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 807.771461] device veth1_macvtap entered promiscuous mode [ 807.777879] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 807.792842] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 807.802962] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 807.820016] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 807.834676] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 807.844845] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 807.859093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 807.869697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 807.879125] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 807.888957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 807.898074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 807.907870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 807.918641] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 807.925550] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 807.937176] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 807.945403] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 807.956165] device veth1_macvtap entered promiscuous mode [ 807.963274] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 807.973018] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 807.984286] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 807.997425] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 808.014740] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 808.036735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 808.048018] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.062991] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 808.073251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.082481] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 808.092253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.101437] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 808.111196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.121379] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 808.128312] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 808.137545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 808.148121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.158130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 808.168316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.177677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 808.187704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.197005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 808.206967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.216266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 808.226365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.237488] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 808.245279] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 808.255731] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 808.266254] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 808.274568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 808.282879] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 808.291280] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 808.302020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 808.318069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.332696] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 808.343288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.352979] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 808.363202] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.372849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 808.383022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.394808] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 808.402412] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 808.419681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 808.435208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.445848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 808.456603] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.466533] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 808.477345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.487129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 808.497279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.507002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 808.517145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 808.528086] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 808.536277] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 808.544873] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 808.554398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 808.568828] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 808.576790] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 808.679078] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 808.690048] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 808.697168] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 808.755501] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 808.766782] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 808.786035] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 808.799786] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 808.816521] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 809.039105] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 809.061244] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 809.081008] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 809.121744] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 809.139440] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 809.158074] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 809.169741] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 809.187604] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 809.309404] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 809.339950] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 809.347092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 809.376884] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 809.394411] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 809.409311] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 809.421211] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 809.426271] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 809.446108] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 809.456441] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 809.486123] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 809.493760] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 809.497913] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 809.503009] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 809.515624] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 809.524309] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 02:36:19 executing program 4: r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) add_key(&(0x7f0000000740)='big_key\x00', 0x0, 0x0, 0x0, r1) r2 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) add_key(&(0x7f0000000740)='big_key\x00', 0x0, 0x0, 0x0, r2) keyctl$instantiate_iov(0x14, r1, &(0x7f0000000480)=[{&(0x7f0000000340)}, {&(0x7f0000000380)="2313b4906d487f093367cdd4c3b6537e1058165bd0b5c01d6a5c04e03ebd1cf354b38b5c0daa5da2c6fa4d8b2675c8def23245f764cf0700011cd23ea3c9427343ade297f46e61a4bc51305231c4cc163fda82ab70e2c7ac90c0a32a953d47539197e9ade16ea38b32bbbe9eed69bf0270e4485c4b71c17875c3ec2b9bdc0c0097ffc9c9c3e0d6bef824c151287415f9adcffd28e98bde", 0x97}, {&(0x7f0000000440)="0642ca7c4e284ba63369d5d709246d27a964675df24c9d746ad2c54064d68b44e3b0909008086a4a88", 0x29}], 0x3, r2) add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000180)="13ad2258f0bf78df3771c9c364545263521dba8830ee72a69b2735e62d77db4deb1e07a145a71e90d2da9c9158a614e52a5d913ad9ea10cab6bb413f5ebad2ad26dc13e99f05e52414a32c53dcd2dc458b5e391da58b61f6339fdbf3a13dc318cfbc9f03266726f465ddde736675092813babc6279271bd95f42cfe8a552a5a59c0d67bca640d746adfa685eb40844c5dfd631f28b5153883778db", 0x9b, r0) keyctl$invalidate(0x3, r0) r3 = add_key$fscrypt_v1(&(0x7f0000000300), &(0x7f0000000040)={'fscrypt:', @desc2}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51", 0x2e}, 0x48, 0xfffffffffffffffe) add_key(&(0x7f0000000740)='big_key\x00', 0x0, 0x0, 0x0, r3) r4 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) add_key(&(0x7f0000000740)='big_key\x00', 0x0, 0x0, 0x0, r4) r5 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eac415a2bad5b4b98cf879e3608752d117e30b34131edbf01c799692a133baa4c8e1f2eab5767a0f40245882c046f3e03c92a5786870acc98c6b74ccc13d9e51"}, 0x48, 0xfffffffffffffffe) add_key(&(0x7f0000000740)='big_key\x00', 0x0, 0x0, 0x0, r5) keyctl$unlink(0x9, r0, r5) keyctl$unlink(0x9, r3, r4) add_key$user(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x3}, &(0x7f00000002c0)="0c2c688088ec1c887c", 0x9, r0) [ 809.590813] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.596455] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.295563] oom_reaper: reaped process 7374 (syz-executor.3), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 814.336521] systemd-journal invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 814.352982] systemd-journal cpuset=/ mems_allowed=0-1 [ 814.358263] CPU: 1 PID: 5656 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 [ 814.366135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 814.375485] Call Trace: [ 814.378093] dump_stack+0x1fc/0x2ef [ 814.381723] dump_header+0x15d/0xc3f [ 814.385445] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 814.390543] ? ___ratelimit+0x319/0x590 [ 814.394520] oom_kill_process.cold+0x10/0x692 [ 814.399041] ? check_preemption_disabled+0x41/0x280 [ 814.404070] ? has_intersects_mems_allowed+0x1d6/0x290 [ 814.409365] out_of_memory+0x1072/0x1390 [ 814.413462] ? oom_killer_disable+0x270/0x270 [ 814.417959] ? mutex_trylock+0x15f/0x1a0 [ 814.422021] __alloc_pages_nodemask+0x23a2/0x2890 [ 814.426864] ? find_get_entry+0x4cd/0x8a0 [ 814.431019] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 814.435912] alloc_pages_current+0x193/0x2a0 [ 814.440324] filemap_fault+0x146e/0x2180 [ 814.444408] ext4_filemap_fault+0x84/0xb0 [ 814.448576] __do_fault+0x10b/0x4b0 [ 814.452195] __handle_mm_fault+0x273b/0x41c0 [ 814.456589] ? vm_insert_page+0x9c0/0x9c0 [ 814.460737] ? check_preemption_disabled+0x41/0x280 [ 814.465740] handle_mm_fault+0x436/0xb10 [ 814.469783] __do_page_fault+0x68e/0xd60 [ 814.473830] ? trace_hardirqs_off_caller+0x6e/0x210 [ 814.478829] ? spurious_fault+0x840/0x840 [ 814.482982] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 814.487816] ? page_fault+0x8/0x30 [ 814.491344] page_fault+0x1e/0x30 [ 814.494887] RIP: 0033:0x7f0080d0d2e3 [ 814.498588] Code: Bad RIP value. [ 814.501935] RSP: 002b:00007fff25aa7718 EFLAGS: 00010246 [ 814.507279] RAX: 0000000000000001 RBX: 000055a6f2ff31e0 RCX: 00007f0080d0d2e3 [ 814.514542] RDX: 0000000000000014 RSI: 00007fff25aa7720 RDI: 000000000000000c [ 814.521797] RBP: 00007fff25aa7910 R08: 00007fff25bbd000 R09: 000000d034f03c51 [ 814.529048] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff25aa7720 [ 814.536311] R13: 0000000000000001 R14: ffffffffffffffff R15: 0005f44f5cc71a0f [ 814.552220] syz-executor.3: vmalloc: allocation failure, allocated 1718837248 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 814.555554] Mem-Info: [ 814.566054] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 814.566084] CPU: 0 PID: 7374 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 814.566095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 814.583258] active_anon:15730 inactive_anon:29122 isolated_anon:0 [ 814.583258] active_file:29 inactive_file:17 isolated_file:0 [ 814.583258] unevictable:0 dirty:23 writeback:0 unstable:0 [ 814.583258] slab_reclaimable:13699 slab_unreclaimable:115740 [ 814.583258] mapped:22361 shmem:29645 pagetables:617 bounce:0 [ 814.583258] free:13786 free_pcp:1382 free_cma:0 [ 814.590727] Call Trace: [ 814.590748] dump_stack+0x1fc/0x2ef [ 814.590765] warn_alloc.cold+0x7b/0x18f [ 814.590783] ? zone_watermark_ok_safe+0x260/0x260 [ 814.590797] ? rcu_nmi_exit+0xb3/0x180 [ 814.590833] __vmalloc_area_node+0x4fd/0x780 [ 814.632620] Node 0 active_anon:60320kB inactive_anon:51192kB active_file:8kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86668kB dirty:52kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 20480kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 814.634402] ? __vmalloc_node_range+0x180/0x180 [ 814.642262] Node 1 active_anon:2600kB inactive_anon:65296kB active_file:108kB inactive_file:132kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2776kB dirty:40kB writeback:0kB shmem:65820kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 814.643118] ? _raw_spin_unlock+0x29/0x40 [ 814.647499] Node 0 DMA free:10864kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 814.674987] ? __get_vm_area_node+0x2e2/0x3a0 [ 814.675015] __vmalloc_node_range+0xed/0x180 [ 814.675030] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 814.675043] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 814.675054] vmalloc_user+0x70/0xe0 [ 814.675067] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 814.675078] vb2_vmalloc_alloc+0xb3/0x2f0 [ 814.675092] __vb2_queue_alloc+0x472/0xe60 [ 814.675116] vb2_core_create_bufs+0x273/0x7e0 [ 814.675128] ? __vb2_queue_free+0x870/0x870 [ 814.689274] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 814.707120] ? mutex_trylock+0x1a0/0x1a0 [ 814.707135] ? __video_do_ioctl+0x632/0xcd0 [ 814.707155] vb2_create_bufs+0x332/0x620 [ 814.707172] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 814.707197] ? __video_do_ioctl+0x632/0xcd0 [ 814.707207] ? mutex_trylock+0x1a0/0x1a0 [ 814.707223] ? mark_held_locks+0xf0/0xf0 [ 814.720501] Node 0 DMA32 free:17568kB min:35996kB low:44992kB high:53988kB active_anon:60320kB inactive_anon:51192kB active_file:56kB inactive_file:84kB unevictable:0kB writepending:152kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7520kB pagetables:2124kB bounce:0kB free_pcp:3076kB local_pcp:1480kB free_cma:0kB [ 814.737602] ? futex_wait_queue_me+0x404/0x5e0 [ 814.737622] vb2_ioctl_create_bufs+0x20d/0x360 [ 814.737636] ? memset+0x20/0x40 [ 814.737655] v4l_create_bufs+0xb2/0x160 [ 814.737672] __video_do_ioctl+0x49a/0xcd0 [ 814.737691] ? v4l_querycap+0x340/0x340 [ 814.737708] ? __might_fault+0x192/0x1d0 [ 814.750076] lowmem_reserve[]: 0 0 1 1 1 [ 814.750917] ? v4l_querycap+0x340/0x340 [ 814.756255] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 814.759874] video_usercopy+0x13f/0xfa0 [ 814.759894] ? v4l_enumstd+0x60/0x60 [ 814.759908] ? do_futex+0x171/0x1880 [ 814.759924] ? mark_held_locks+0xf0/0xf0 [ 814.759943] ? debug_check_no_obj_freed+0x201/0x490 [ 814.759962] ? video_usercopy+0xfa0/0xfa0 [ 814.759978] v4l2_ioctl+0x147/0x1a0 [ 814.771148] lowmem_reserve[]: 0 0 0 0 0 [ 814.772707] ? video_devdata+0xa0/0xa0 [ 814.777174] Node 1 Normal free:26704kB min:53876kB low:67344kB high:80812kB active_anon:2600kB inactive_anon:65296kB active_file:20kB inactive_file:8kB unevictable:0kB writepending:40kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:344kB bounce:0kB free_pcp:2452kB local_pcp:1440kB free_cma:0kB [ 814.781488] do_vfs_ioctl+0xcdb/0x12e0 [ 814.781504] ? lock_downgrade+0x720/0x720 [ 814.781519] ? check_preemption_disabled+0x41/0x280 [ 814.781534] ? ioctl_preallocate+0x200/0x200 [ 814.781551] ? __fget+0x356/0x510 [ 814.781566] ? do_dup2+0x450/0x450 [ 814.781583] ? __se_sys_futex+0x298/0x3b0 [ 814.796877] lowmem_reserve[]: 0 0 0 0 0 [ 814.799074] ksys_ioctl+0x9b/0xc0 [ 814.799090] __x64_sys_ioctl+0x6f/0xb0 [ 814.799104] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 814.799120] do_syscall_64+0xf9/0x620 [ 814.804219] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10864kB [ 814.808547] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 814.808559] RIP: 0033:0x7fb254ef00f9 [ 814.808572] Code: Bad RIP value. [ 814.808579] RSP: 002b:00007fb253462168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 814.808591] RAX: ffffffffffffffda RBX: 00007fb25500ff80 RCX: 00007fb254ef00f9 [ 814.808599] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 814.808606] RBP: 00007fb254f4bae9 R08: 0000000000000000 R09: 0000000000000000 [ 814.808614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 814.808621] R13: 00007ffd8f48045f R14: 00007fb253462300 R15: 0000000000022000 [ 814.819313] Mem-Info: [ 814.853899] Node 0 DMA32: 1305*4kB (UME) 891*8kB (UME) 251*16kB (UME) 33*32kB (UME) 3*64kB (U) 2*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17868kB [ 814.875988] active_anon:15733 inactive_anon:29122 isolated_anon:0 [ 814.875988] active_file:16 inactive_file:13 isolated_file:0 [ 814.875988] unevictable:0 dirty:0 writeback:0 unstable:0 [ 814.875988] slab_reclaimable:13685 slab_unreclaimable:115686 [ 814.875988] mapped:22281 shmem:29645 pagetables:615 bounce:0 [ 814.875988] free:13951 free_pcp:1324 free_cma:0 [ 814.885143] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 814.924009] Node 0 active_anon:60320kB inactive_anon:51192kB active_file:44kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 814.929864] Node 1 Normal: 358*4kB (UME) 304*8kB (UME) 218*16kB (UME) 128*32kB (ME) 40*64kB (UME) 6*128kB (ME) 0*256kB 2*512kB (ME) 3*1024kB (UME) 2*2048kB (UE) 1*4096kB (U) = 27064kB [ 814.931601] Node 1 active_anon:2612kB inactive_anon:65296kB active_file:20kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2616kB dirty:0kB writeback:0kB shmem:65820kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 814.937806] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 814.948780] Node 0 DMA free:10864kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 814.984096] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 814.994206] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 814.994230] Node 0 DMA32 free:17868kB min:35996kB low:44992kB high:53988kB active_anon:60320kB inactive_anon:51192kB active_file:44kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7520kB pagetables:2116kB bounce:0kB free_pcp:2844kB local_pcp:1364kB free_cma:0kB [ 814.994265] lowmem_reserve[]: 0 0 1 1 1 [ 814.994286] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 814.994317] lowmem_reserve[]: 0 0 0 0 0 [ 814.994343] Node 1 Normal free:27064kB min:53876kB low:67344kB high:80812kB active_anon:2612kB inactive_anon:65296kB active_file:20kB inactive_file:8kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:344kB bounce:0kB free_pcp:2452kB local_pcp:1012kB free_cma:0kB [ 814.994375] lowmem_reserve[]: 0 0 0 0 0 [ 814.994395] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10864kB [ 814.994466] Node 0 DMA32: 1305*4kB (UME) 891*8kB (UME) 251*16kB (UME) 33*32kB (UME) 3*64kB (U) 2*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17868kB [ 814.994533] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 814.994588] Node 1 Normal: 358*4kB (UME) 304*8kB (UME) 218*16kB (UME) 128*32kB (ME) 40*64kB (UME) 6*128kB (ME) 0*256kB 2*512kB (ME) 3*1024kB (UME) 2*2048kB (UE) 1*4096kB (U) = 27064kB [ 814.994675] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 814.994686] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 814.994697] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 814.994708] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 814.994713] 29674 total pagecache pages [ 814.994727] 0 pages in swap cache [ 814.994737] Swap cache stats: add 0, delete 0, find 0/0 [ 814.994742] Free swap = 0kB [ 814.994746] Total swap = 0kB [ 814.994754] 2097051 pages RAM [ 814.994759] 0 pages HighMem/MovableOnly [ 814.994764] 369649 pages reserved [ 814.994769] 0 pages cma reserved [ 815.507553] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 815.534203] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 815.565195] 29674 total pagecache pages [ 815.576366] 0 pages in swap cache [ 815.621257] Swap cache stats: add 0, delete 0, find 0/0 [ 815.626656] Free swap = 0kB [ 815.629763] Total swap = 0kB [ 815.632781] 2097051 pages RAM [ 815.635878] 0 pages HighMem/MovableOnly [ 815.662787] 369649 pages reserved [ 815.666364] 0 pages cma reserved [ 815.683765] Unreclaimable slab info: [ 815.687494] Name Used Total [ 815.709761] pid_2 9KB 104KB [ 815.715210] batadv_tt_change_cache 3KB 7KB [ 815.721075] batadv_tl_cache 8KB 16KB [ 815.726451] TIPC 16KB 37KB [ 815.731885] SCTPv6 22KB 37KB [ 815.737259] DCCPv6 17KB 30KB [ 815.744386] DCCP 16KB 28KB [ 815.750055] RXRPC 17KB 32KB [ 815.755423] rxrpc_call_jar 123KB 141KB [ 815.760896] bridge_fdb_cache 15KB 27KB [ 815.766268] fib6_nodes 262KB 264KB [ 815.771682] ip6_dst_cache 813KB 847KB [ 815.777047] RAWv6 111KB 128KB [ 815.782468] UDPv6 41KB 45KB [ 815.787896] TCPv6 24KB 30KB [ 815.793265] nf_conntrack 15KB 15KB [ 815.798794] t10_alua_lu_gp_cache 0KB 3KB [ 815.804511] sd_ext_cdb 0KB 7KB [ 815.811754] scsi_sense_cache 1056KB 1060KB [ 815.817129] virtio_scsi_cmd 16KB 16KB [ 815.825382] sgpool-128 8KB 8KB [ 815.832337] sgpool-64 4KB 12KB [ 815.842284] sgpool-32 2KB 15KB [ 815.849469] sgpool-16 1KB 7KB [ 815.854841] sgpool-8 0KB 7KB [ 815.863387] mqueue_inode_cache 16KB 37KB [ 815.870472] bio_post_read_ctx 14KB 15KB [ 815.875891] bio-2 14KB 15KB [ 815.884597] jfs_mp 7KB 7KB [ 815.891530] cifs_small_rq 15KB 16KB [ 815.896892] cifs_request 67KB 67KB [ 815.905142] cifs_mpx_ids 0KB 7KB [ 815.914658] nfs_commit_data 3KB 14KB [ 815.923082] nfs_write_data 34KB 44KB [ 815.930139] ext4_system_zone 1KB 7KB [ 815.935548] bio-1 1KB 7KB [ 815.944109] pid_namespace 3KB 11KB [ 815.951116] rpc_buffers 17KB 25KB [ 815.956484] rpc_tasks 2KB 7KB [ 815.964825] UNIX 2141KB 2212KB [ 815.971990] tcp_bind_bucket 1KB 4KB [ 815.977393] ip_fib_trie 38KB 43KB [ 815.985692] ip_fib_alias 184KB 193KB [ 815.997540] ip_dst_cache 17KB 20KB [ 816.005731] RAW 66KB 82KB [ 816.012757] UDP 60KB 74KB [ 816.021066] TCP 8KB 16KB [ 816.026438] hugetlbfs_inode_cache 3KB 15KB [ 816.032286] fscache_cookie_jar 1KB 11KB [ 816.037873] eventpoll_pwq 22KB 43KB [ 816.043237] eventpoll_epi 42KB 66KB [ 816.048647] inotify_inode_mark 12KB 39KB [ 816.054101] request_queue 199KB 199KB [ 816.059564] blkdev_requests 1KB 3KB [ 816.064925] blkdev_ioc 21KB 38KB [ 816.070378] bio-0 489KB 618KB [ 816.075737] biovec-max 1435KB 1468KB [ 816.081189] biovec-64 473KB 622KB [ 816.086560] biovec-16 77KB 105KB [ 816.091998] bio_integrity_payload 1KB 8KB [ 816.098305] khugepaged_mm_slot 2KB 34KB [ 816.104245] uid_cache 0KB 4KB [ 816.110651] dmaengine-unmap-2 0KB 3KB [ 816.122214] skbuff_fclone_cache 28KB 56KB [ 816.128518] skbuff_head_cache 8913KB 8913KB [ 816.134220] configfs_dir_cache 3KB 7KB [ 816.140205] file_lock_cache 28KB 95KB [ 816.145838] file_lock_ctx 9KB 11KB [ 816.152170] fsnotify_mark_connector 5KB 27KB [ 816.158750] net_namespace 87KB 87KB [ 816.164614] shmem_inode_cache 8043KB 8287KB [ 816.170876] task_delay_info 290KB 383KB [ 816.176251] taskstats 14KB 65KB [ 816.181724] proc_dir_entry 996KB 1061KB [ 816.187112] pde_opener 16KB 34KB [ 816.192544] seq_file 214KB 500KB [ 816.197980] sigqueue 40KB 66KB [ 816.204825] kernfs_node_cache 18239KB 18541KB [ 816.210274] mnt_cache 243KB 256KB [ 816.215642] filp 7235KB 7623KB [ 816.231380] names_cache 104864KB 104864KB [ 816.237453] iint_cache 29KB 55KB [ 816.243397] key_jar 32KB 135KB [ 816.248870] uts_namespace 4KB 11KB [ 816.254238] nsproxy 3KB 11KB [ 816.259974] vm_area_struct 2933KB 3855KB [ 816.265680] mm_struct 507KB 643KB [ 816.271233] fs_cache 336KB 384KB [ 816.276601] files_cache 1282KB 1383KB [ 816.282378] signal_cache 2058KB 2436KB [ 816.287861] sighand_cache 559KB 638KB [ 816.293226] task_struct 9102KB 9191KB [ 816.299015] cred_jar 2344KB 2548KB [ 816.305683] anon_vma_chain 898KB 1492KB [ 816.311141] anon_vma 137KB 288KB [ 816.316508] pid 194KB 224KB [ 816.323834] Acpi-Operand 156KB 198KB [ 816.331444] Acpi-ParseExt 9KB 11KB [ 816.336822] Acpi-Parse 41KB 47KB [ 816.342556] Acpi-State 52KB 63KB [ 816.348026] Acpi-Namespace 20KB 27KB [ 816.353414] numa_policy 0KB 3KB [ 816.359023] debug_objects_cache 1551KB 1828KB [ 816.364598] trace_event_file 297KB 298KB [ 816.370128] ftrace_event_field 398KB 401KB [ 816.375600] pool_workqueue 151KB 160KB [ 816.381227] page->ptl 449KB 1008KB [ 816.386629] kmalloc-2097152 2050KB 2050KB [ 816.392062] kmalloc-524288 2056KB 2056KB [ 816.397423] kmalloc-262144 1290KB 1290KB [ 816.402900] kmalloc-131072 650KB 650KB [ 816.408349] kmalloc-65536 2904KB 2970KB [ 816.413712] kmalloc-32768 2310KB 2310KB [ 816.419165] kmalloc-16384 1402KB 1485KB [ 816.426062] kmalloc-8192 5956KB 5956KB [ 816.431534] kmalloc-4096 31110KB 31135KB [ 816.436898] kmalloc-2048 18965KB 19074KB [ 816.442336] kmalloc-1024 13730KB 14600KB [ 816.447791] kmalloc-512 16586KB 16638KB [ 816.453150] kmalloc-256 5975KB 6262KB [ 816.458784] kmalloc-128 1443KB 1472KB [ 816.464180] kmalloc-96 3354KB 4076KB [ 816.469608] kmalloc-64 2788KB 3892KB [ 816.474990] kmalloc-32 1973KB 2543KB [ 816.480420] kmalloc-192 2463KB 2876KB [ 816.485782] kmem_cache 177KB 183KB [ 816.491286] Out of memory (oom_kill_allocating_task): Kill process 5656 (systemd-journal) score 0 or sacrifice child [ 816.502047] Killed process 5656 (systemd-journal) total-vm:46096kB, anon-rss:492kB, file-rss:0kB, shmem-rss:2480kB [ 816.513774] oom_reaper: reaped process 5656 (systemd-journal), now anon-rss:0kB, file-rss:0kB, shmem-rss:2480kB [ 816.539308] systemd[1]: systemd-journald.service: Failed with result 'signal'. [ 816.547029] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 816.566645] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 816.574219] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 816.581296] systemd[1]: Stopped Journal Service. [ 816.597548] systemd[1]: Starting Journal Service... [ 816.710938] systemd-journald[7474]: File /run/log/journal/04d8c135ee6b410280ba31a58c89679d/system.journal corrupted or uncleanly shut down, renaming and replacing. [ 817.203441] systemd[1]: Started Journal Service. 02:36:29 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) 02:36:29 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) clock_gettime(0x0, &(0x7f0000000000)) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r4, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef, 0x0, r4}) getpid() 02:36:29 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800, 0x0, 0xffffffffffffffff}) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000640)={{&(0x7f0000fed000/0x13000)=nil, 0x13000}, 0x1}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r6, 0x0, 0x0}, 0x10) sendmsg$nl_route(r4, &(0x7f0000000600)={&(0x7f0000000540), 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=@ipv4_delroute={0x40, 0x19, 0x100, 0x70bd28, 0x25dfdbfe, {0x2, 0x20, 0x20, 0xcf, 0xfc, 0x1, 0xc8, 0x5, 0x100}, [@RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @loopback}}, @RTA_IIF={0x8}, @RTA_TABLE={0x8, 0xf, 0x7}, @RTA_TABLE={0x8, 0xf, 0x153}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x8) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:36:29 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:36:29 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:36:29 executing program 5: syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:36:30 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800, 0x0, 0xffffffffffffffff}) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000640)={{&(0x7f0000fed000/0x13000)=nil, 0x13000}, 0x1}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r6, 0x0, 0x0}, 0x10) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:36:30 executing program 0: add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$unlink(0x9, 0x0, 0x0) 02:36:30 executing program 5: syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:36:30 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) clock_gettime(0x0, &(0x7f0000000000)) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r4, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef, 0x0, r4}) getpid() 02:36:30 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800, 0x0, 0xffffffffffffffff}) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000640)={{&(0x7f0000fed000/0x13000)=nil, 0x13000}, 0x1}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:36:30 executing program 5: syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000440)=@fd={0x21, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) [ 824.790832] oom_reaper: reaped process 7491 (syz-executor.1), now anon-rss:0kB, file-rss:14332kB, shmem-rss:8kB [ 824.815534] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 824.833703] in:imklog cpuset=/ mems_allowed=0-1 [ 824.838477] CPU: 1 PID: 6343 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 824.845833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 824.855184] Call Trace: [ 824.857784] dump_stack+0x1fc/0x2ef [ 824.861413] dump_header+0x15d/0xc3f [ 824.865129] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 824.870230] ? ___ratelimit+0x319/0x590 [ 824.874201] oom_kill_process.cold+0x10/0x692 [ 824.878696] ? check_preemption_disabled+0x41/0x280 [ 824.883713] ? has_intersects_mems_allowed+0x1d6/0x290 [ 824.888984] out_of_memory+0x1072/0x1390 [ 824.893044] ? oom_killer_disable+0x270/0x270 [ 824.897534] ? mutex_trylock+0x15f/0x1a0 [ 824.901596] __alloc_pages_nodemask+0x23a2/0x2890 [ 824.906440] ? find_get_entry+0x4cd/0x8a0 [ 824.910591] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 824.915449] alloc_pages_current+0x193/0x2a0 [ 824.919854] filemap_fault+0x146e/0x2180 [ 824.923949] ext4_filemap_fault+0x84/0xb0 [ 824.928089] __do_fault+0x10b/0x4b0 [ 824.931698] __handle_mm_fault+0x273b/0x41c0 [ 824.936085] ? vm_insert_page+0x9c0/0x9c0 [ 824.940213] ? lock_downgrade+0x720/0x720 [ 824.944349] ? check_preemption_disabled+0x41/0x280 [ 824.949369] handle_mm_fault+0x436/0xb10 [ 824.953420] __do_page_fault+0x68e/0xd60 [ 824.957464] ? trace_hardirqs_off_caller+0x6e/0x210 [ 824.962462] ? spurious_fault+0x840/0x840 [ 824.966591] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 824.971417] ? page_fault+0x8/0x30 [ 824.974936] page_fault+0x1e/0x30 [ 824.978403] RIP: 0033:0x7f0cd48eb22d [ 824.982100] Code: Bad RIP value. [ 824.985441] RSP: 002b:00007f0cd2287580 EFLAGS: 00010293 [ 824.990781] RAX: 0000000000000076 RBX: 0000000000000000 RCX: 00007f0cd48eb22d [ 824.998056] RDX: 0000000000001fa0 RSI: 00007f0cd2287da0 RDI: 0000000000000004 [ 825.005303] RBP: 000055f67f8d19d0 R08: 00007f0cd3a64940 R09: 0000000004000001 [ 825.012570] R10: 0000000000000001 R11: 0000000000000293 R12: 00007f0cd2287da0 [ 825.019820] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f0cd2287dd8 [ 825.032555] Mem-Info: [ 825.035016] active_anon:15635 inactive_anon:31153 isolated_anon:0 [ 825.035016] active_file:12 inactive_file:12 isolated_file:0 [ 825.035016] unevictable:0 dirty:0 writeback:0 unstable:0 [ 825.035016] slab_reclaimable:13620 slab_unreclaimable:115507 [ 825.035016] mapped:21971 shmem:31692 pagetables:577 bounce:0 [ 825.035016] free:13879 free_pcp:896 free_cma:0 [ 825.047134] syz-executor.1: vmalloc: allocation failure, allocated 1714462720 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 825.079578] Node 0 active_anon:59796kB inactive_anon:51188kB active_file:32kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 18432kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 825.091988] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 825.114392] Node 1 active_anon:2744kB inactive_anon:73424kB active_file:16kB inactive_file:20kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1376kB dirty:0kB writeback:0kB shmem:74012kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 825.123212] CPU: 0 PID: 7491 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 825.148774] Node 0 DMA free:10864kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 825.149748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 825.180493] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 825.185196] Call Trace: [ 825.192277] Node 0 DMA32 free:17704kB min:35996kB low:44992kB high:53988kB active_anon:59796kB inactive_anon:51188kB active_file:32kB inactive_file:28kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7424kB pagetables:1976kB bounce:0kB free_pcp:1764kB local_pcp:256kB free_cma:0kB [ 825.192772] dump_stack+0x1fc/0x2ef [ 825.225343] warn_alloc.cold+0x7b/0x18f [ 825.229326] ? zone_watermark_ok_safe+0x260/0x260 [ 825.229756] lowmem_reserve[]: 0 0 1 1 1 [ 825.234184] ? rcu_nmi_exit+0xb3/0x180 [ 825.242036] __vmalloc_area_node+0x4fd/0x780 [ 825.242948] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 825.246446] ? __vmalloc_node_range+0x180/0x180 [ 825.276936] ? _raw_spin_unlock+0x29/0x40 [ 825.280216] lowmem_reserve[]: 0 0 0 0 0 [ 825.281085] ? __get_vm_area_node+0x2e2/0x3a0 [ 825.285034] Node 1 Normal free:26940kB min:53876kB low:67344kB high:80812kB active_anon:2744kB inactive_anon:73424kB active_file:16kB inactive_file:20kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:332kB bounce:0kB free_pcp:1808kB local_pcp:1264kB free_cma:0kB [ 825.289521] __vmalloc_node_range+0xed/0x180 [ 825.289538] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 825.289552] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 825.289563] vmalloc_user+0x70/0xe0 [ 825.289577] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 825.289589] vb2_vmalloc_alloc+0xb3/0x2f0 [ 825.289606] __vb2_queue_alloc+0x472/0xe60 [ 825.326590] lowmem_reserve[]: 0 0 0 0 0 [ 825.327179] vb2_core_create_bufs+0x273/0x7e0 [ 825.327193] ? __vb2_queue_free+0x870/0x870 [ 825.327211] ? mutex_trylock+0x1a0/0x1a0 [ 825.333057] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10864kB [ 825.336193] ? __video_do_ioctl+0x632/0xcd0 [ 825.348537] Node 0 DMA32: 1462*4kB (UME) 844*8kB (UME) 235*16kB (ME) 32*32kB (ME) 1*64kB (M) 2*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17704kB [ 825.348836] vb2_create_bufs+0x332/0x620 [ 825.352783] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 825.357273] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 825.357288] ? __video_do_ioctl+0x632/0xcd0 [ 825.357301] ? mutex_trylock+0x1a0/0x1a0 [ 825.357317] ? mark_held_locks+0xf0/0xf0 [ 825.357346] vb2_ioctl_create_bufs+0x20d/0x360 [ 825.357360] ? memset+0x20/0x40 [ 825.357378] v4l_create_bufs+0xb2/0x160 [ 825.365495] Node 1 Normal: 293*4kB (ME) 259*8kB (ME) 181*16kB (ME) 80*32kB (ME) 13*64kB (ME) 6*128kB (ME) 1*256kB (M) 2*512kB (UE) 1*1024kB (E) 3*2048kB (UME) 2*4096kB (U) = 26940kB [ 825.365727] __video_do_ioctl+0x49a/0xcd0 [ 825.386432] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 825.397125] ? v4l_querycap+0x340/0x340 [ 825.397143] ? __might_fault+0x192/0x1d0 [ 825.397159] ? v4l_querycap+0x340/0x340 [ 825.397175] video_usercopy+0x13f/0xfa0 [ 825.397196] ? v4l_enumstd+0x60/0x60 [ 825.397210] ? do_futex+0x171/0x1880 [ 825.397225] ? mark_held_locks+0xf0/0xf0 [ 825.397242] ? debug_check_no_obj_freed+0x201/0x490 [ 825.408015] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 825.412323] ? video_usercopy+0xfa0/0xfa0 [ 825.421792] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 825.425745] v4l2_ioctl+0x147/0x1a0 [ 825.431350] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 825.434351] ? video_devdata+0xa0/0xa0 [ 825.444604] 31716 total pagecache pages [ 825.457867] do_vfs_ioctl+0xcdb/0x12e0 [ 825.457884] ? lock_downgrade+0x720/0x720 [ 825.457899] ? check_preemption_disabled+0x41/0x280 [ 825.457913] ? ioctl_preallocate+0x200/0x200 [ 825.457934] ? __fget+0x356/0x510 [ 825.457950] ? do_dup2+0x450/0x450 [ 825.457963] ? __se_sys_futex+0x298/0x3b0 [ 825.457981] ksys_ioctl+0x9b/0xc0 [ 825.457996] __x64_sys_ioctl+0x6f/0xb0 [ 825.470261] 0 pages in swap cache [ 825.470960] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 825.474904] Swap cache stats: add 0, delete 0, find 0/0 [ 825.478946] do_syscall_64+0xf9/0x620 [ 825.478964] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 825.478976] RIP: 0033:0x7f887ce110f9 [ 825.478989] Code: Bad RIP value. [ 825.478997] RSP: 002b:00007f887b383168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 825.479009] RAX: ffffffffffffffda RBX: 00007f887cf30f80 RCX: 00007f887ce110f9 [ 825.479016] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 825.479028] RBP: 00007f887ce6cae9 R08: 0000000000000000 R09: 0000000000000000 [ 825.486669] Free swap = 0kB [ 825.486931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 825.486939] R13: 00007ffdf6230cbf R14: 00007f887b383300 R15: 0000000000022000 [ 825.494065] Mem-Info: [ 825.503346] Total swap = 0kB [ 825.503524] active_anon:15635 inactive_anon:31153 isolated_anon:0 [ 825.503524] active_file:12 inactive_file:12 isolated_file:0 [ 825.503524] unevictable:0 dirty:0 writeback:0 unstable:0 [ 825.503524] slab_reclaimable:13620 slab_unreclaimable:115507 [ 825.503524] mapped:21971 shmem:31692 pagetables:577 bounce:0 [ 825.503524] free:13879 free_pcp:889 free_cma:0 [ 825.513446] 2097051 pages RAM [ 825.521786] Node 0 active_anon:59796kB inactive_anon:51188kB active_file:32kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 18432kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 825.533320] 0 pages HighMem/MovableOnly [ 825.542066] Node 1 active_anon:2744kB inactive_anon:73424kB active_file:16kB inactive_file:20kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1376kB dirty:0kB writeback:0kB shmem:74012kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 825.550323] 369649 pages reserved [ 825.553856] Node 0 DMA free:10864kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 825.563462] 0 pages cma reserved [ 825.570240] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 825.575163] Unreclaimable slab info: [ 825.575896] Node 0 DMA32 free:17704kB min:35996kB low:44992kB high:53988kB active_anon:59796kB inactive_anon:51188kB active_file:32kB inactive_file:28kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7424kB pagetables:1976kB bounce:0kB free_pcp:1744kB local_pcp:1508kB free_cma:0kB [ 825.584056] Name Used Total [ 825.591372] net_ratelimit: 39 callbacks suppressed [ 825.591378] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 825.593575] lowmem_reserve[]: 0 0 1 1 1 [ 825.604662] pid_2 13KB 100KB [ 825.605805] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 825.609605] batadv_tt_change_cache 3KB 7KB [ 825.619160] lowmem_reserve[]: 0 0 0 0 0 [ 825.628595] batadv_tl_cache 8KB 16KB [ 825.638898] Node 1 Normal free:26940kB min:53876kB low:67344kB high:80812kB active_anon:2744kB inactive_anon:73424kB active_file:16kB inactive_file:20kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:332kB bounce:0kB free_pcp:1808kB local_pcp:544kB free_cma:0kB [ 825.650777] TIPC 15KB 37KB [ 825.659097] lowmem_reserve[]: 0 0 0 0 0 [ 825.663693] SCTPv6 22KB 37KB [ 825.665403] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10864kB [ 825.710100] DCCPv6 17KB 30KB [ 825.735917] Node 0 DMA32: 1462*4kB (UME) 844*8kB (UME) 235*16kB (ME) 32*32kB (ME) 1*64kB (M) 2*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17704kB [ 825.771321] DCCP 16KB 28KB [ 825.794278] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 825.810163] RXRPC 16KB 32KB [ 825.838485] Node 1 Normal: 293*4kB (ME) 259*8kB (ME) 181*16kB (ME) 80*32kB (ME) 13*64kB (ME) 6*128kB (ME) 1*256kB (M) 2*512kB (UE) 1*1024kB (E) 3*2048kB (UME) 2*4096kB (U) = 26940kB [ 825.851600] rxrpc_call_jar 112KB 141KB [ 825.855387] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 825.862513] bridge_fdb_cache 15KB 27KB [ 825.888687] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 825.898117] fib6_nodes 260KB 264KB [ 825.906095] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 825.936575] ip6_dst_cache 771KB 825KB [ 825.944359] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 825.964618] RAWv6 111KB 128KB [ 825.982681] 31716 total pagecache pages [ 826.000645] UDPv6 39KB 45KB [ 826.020902] 0 pages in swap cache [ 826.033126] TCPv6 27KB 36KB [ 826.036036] Swap cache stats: add 0, delete 0, find 0/0 [ 826.042543] nf_conntrack 15KB 15KB [ 826.055255] Free swap = 0kB [ 826.061492] t10_alua_lu_gp_cache 0KB 3KB [ 826.062175] Total swap = 0kB [ 826.072358] sd_ext_cdb 0KB 7KB [ 826.084544] 2097051 pages RAM [ 826.086838] scsi_sense_cache 1056KB 1060KB [ 826.093473] 0 pages HighMem/MovableOnly [ 826.094337] virtio_scsi_cmd 16KB 16KB [ 826.102915] 369649 pages reserved [ 826.109043] sgpool-128 8KB 8KB [ 826.118688] 0 pages cma reserved [ 826.124271] sgpool-64 4KB 12KB [ 826.168572] sgpool-32 2KB 15KB [ 826.173944] sgpool-16 1KB 7KB [ 826.183824] sgpool-8 0KB 7KB [ 826.189265] mqueue_inode_cache 15KB 37KB [ 826.194713] bio_post_read_ctx 14KB 15KB [ 826.204871] bio-2 14KB 15KB [ 826.210294] jfs_mp 7KB 7KB [ 826.215683] cifs_small_rq 15KB 16KB [ 826.225529] cifs_request 67KB 67KB [ 826.231048] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 826.245925] cifs_mpx_ids 0KB 7KB [ 826.251371] nfs_commit_data 3KB 14KB [ 826.261901] nfs_write_data 34KB 44KB [ 826.267358] ext4_system_zone 1KB 7KB [ 826.272740] bio-1 1KB 7KB [ 826.282533] pid_namespace 3KB 11KB [ 826.287950] rpc_buffers 17KB 25KB [ 826.293309] rpc_tasks 2KB 7KB [ 826.303034] UNIX 2041KB 2118KB [ 826.308506] tcp_bind_bucket 1KB 4KB [ 826.313874] ip_fib_trie 38KB 43KB [ 826.323935] ip_fib_alias 183KB 193KB [ 826.329362] ip_dst_cache 13KB 20KB [ 826.334733] RAW 66KB 82KB [ 826.344806] UDP 57KB 74KB [ 826.350233] TCP 11KB 22KB [ 826.355595] hugetlbfs_inode_cache 3KB 15KB [ 826.366380] fscache_cookie_jar 1KB 11KB [ 826.372069] eventpoll_pwq 27KB 43KB [ 826.382355] eventpoll_epi 51KB 66KB [ 826.387779] inotify_inode_mark 17KB 39KB [ 826.393228] request_queue 199KB 199KB [ 826.403309] blkdev_requests 1KB 3KB [ 826.408741] blkdev_ioc 19KB 38KB [ 826.414099] bio-0 510KB 577KB [ 826.424263] biovec-max 1427KB 1476KB [ 826.429683] biovec-64 459KB 598KB [ 826.435045] biovec-16 84KB 105KB [ 826.445402] bio_integrity_payload 1KB 8KB [ 826.451185] khugepaged_mm_slot 2KB 34KB [ 826.456644] uid_cache 0KB 4KB [ 826.467260] dmaengine-unmap-2 0KB 3KB [ 826.472635] skbuff_fclone_cache 34KB 48KB [ 826.482092] skbuff_head_cache 8415KB 8415KB [ 826.488303] configfs_dir_cache 3KB 7KB [ 826.493753] file_lock_cache 32KB 95KB [ 826.503229] file_lock_ctx 9KB 11KB [ 826.509412] fsnotify_mark_connector 8KB 27KB [ 826.515291] net_namespace 87KB 87KB [ 826.524642] shmem_inode_cache 8048KB 8279KB [ 826.530916] task_delay_info 261KB 383KB [ 826.536278] taskstats 16KB 57KB [ 826.545571] proc_dir_entry 964KB 1050KB [ 826.554107] pde_opener 15KB 34KB [ 826.564121] seq_file 244KB 500KB [ 826.570346] sigqueue 38KB 66KB [ 826.575718] kernfs_node_cache 18229KB 18537KB [ 826.585024] mnt_cache 226KB 248KB [ 826.595898] filp 7248KB 7623KB [ 826.605471] names_cache 106352KB 106411KB [ 826.622709] iint_cache 23KB 55KB [ 826.629048] key_jar 31KB 135KB [ 826.634416] uts_namespace 4KB 11KB [ 826.651468] nsproxy 2KB 11KB [ 826.656936] vm_area_struct 3057KB 3843KB [ 826.662297] mm_struct 476KB 637KB [ 826.674832] fs_cache 299KB 384KB [ 826.680303] files_cache 1169KB 1365KB [ 826.685662] signal_cache 2005KB 2422KB [ 826.704504] sighand_cache 541KB 638KB [ 826.709924] task_struct 9001KB 9045KB [ 826.715288] cred_jar 2305KB 2548KB [ 826.728769] anon_vma_chain 936KB 1492KB [ 826.734151] anon_vma 142KB 288KB [ 826.744403] pid 172KB 224KB [ 826.753242] Acpi-Operand 156KB 198KB [ 826.763558] Acpi-ParseExt 9KB 11KB [ 826.773186] Acpi-Parse 41KB 47KB [ 826.778714] Acpi-State 52KB 63KB [ 826.784165] Acpi-Namespace 20KB 27KB [ 826.792965] numa_policy 0KB 3KB [ 826.798385] debug_objects_cache 1542KB 1828KB [ 826.803917] trace_event_file 297KB 298KB [ 826.812604] ftrace_event_field 398KB 401KB [ 826.818863] pool_workqueue 145KB 160KB [ 826.824728] page->ptl 448KB 1008KB [ 826.830626] kmalloc-2097152 2050KB 2050KB [ 826.836400] kmalloc-524288 2056KB 2056KB [ 826.842481] kmalloc-262144 1290KB 1290KB [ 826.848583] kmalloc-131072 650KB 650KB [ 826.854047] kmalloc-65536 2904KB 2970KB [ 826.859590] kmalloc-32768 2310KB 2310KB [ 826.865037] kmalloc-16384 1402KB 1452KB [ 826.870615] kmalloc-8192 5915KB 5940KB [ 826.876208] kmalloc-4096 31496KB 31556KB [ 826.887235] kmalloc-2048 18710KB 18889KB [ 826.893260] kmalloc-1024 13681KB 14482KB [ 826.903982] kmalloc-512 15986KB 15986KB [ 826.911445] kmalloc-256 5929KB 6258KB [ 826.921072] kmalloc-128 1392KB 1472KB [ 826.926521] kmalloc-96 3287KB 4076KB [ 826.933446] kmalloc-64 2746KB 3892KB [ 826.942954] kmalloc-32 1979KB 2543KB [ 826.949239] kmalloc-192 2391KB 2876KB [ 826.955240] kmem_cache 177KB 183KB [ 826.965700] Out of memory (oom_kill_allocating_task): Kill process 6343 (in:imklog) score 0 or sacrifice child [ 826.976572] Killed process 6341 (rsyslogd) total-vm:254332kB, anon-rss:820kB, file-rss:0kB, shmem-rss:0kB 02:36:38 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:36:38 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) clock_gettime(0x0, &(0x7f0000000000)) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r4, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef, 0x0, r4}) getpid() 02:36:38 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, 0x0) 02:36:38 executing program 0: add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$unlink(0x9, 0x0, 0x0) 02:36:38 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800, 0x0, 0xffffffffffffffff}) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000640)={{&(0x7f0000fed000/0x13000)=nil, 0x13000}, 0x1}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r5, 0x0, 0x0}, 0x10) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:36:40 executing program 1: pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:36:40 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, 0x0) 02:36:40 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) clock_gettime(0x0, &(0x7f0000000000)) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r4, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef, 0x0, r4}) 02:36:40 executing program 0: add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$unlink(0x9, 0x0, 0x0) 02:36:40 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800, 0x0, 0xffffffffffffffff}) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000640)={{&(0x7f0000fed000/0x13000)=nil, 0x13000}, 0x1}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:36:40 executing program 0: r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, 0x0) keyctl$unlink(0x9, r0, r0) 02:36:40 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x1f, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:36:40 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) clock_gettime(0x0, &(0x7f0000000000)) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef, 0x0, r4}) 02:36:40 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800, 0x0, 0xffffffffffffffff}) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000640)={{&(0x7f0000fed000/0x13000)=nil, 0x13000}, 0x1}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:36:40 executing program 0: r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, 0x0) keyctl$unlink(0x9, r0, r0) 02:36:40 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, 0x0) 02:36:40 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) clock_gettime(0x0, &(0x7f0000000000)) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:36:40 executing program 1: pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:36:40 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x0, 0x2, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:36:40 executing program 0: r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, 0x0) keyctl$unlink(0x9, r0, r0) 02:36:40 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:36:40 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800, 0x0, 0xffffffffffffffff}) ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000640)={{&(0x7f0000fed000/0x13000)=nil, 0x13000}, 0x1}) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:36:40 executing program 1: pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) [ 835.330740] oom_reaper: reaped process 7554 (syz-executor.3), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 835.363614] systemd-journal invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 835.381022] systemd-journal cpuset=/ mems_allowed=0-1 [ 835.386323] CPU: 1 PID: 7474 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 [ 835.394201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 835.403681] Call Trace: [ 835.406275] dump_stack+0x1fc/0x2ef [ 835.409901] dump_header+0x15d/0xc3f [ 835.413616] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 835.418715] ? ___ratelimit+0x319/0x590 [ 835.422690] oom_kill_process.cold+0x10/0x692 [ 835.427224] ? check_preemption_disabled+0x41/0x280 [ 835.432244] ? has_intersects_mems_allowed+0x1d6/0x290 [ 835.437520] out_of_memory+0x1072/0x1390 [ 835.441585] ? oom_killer_disable+0x270/0x270 [ 835.446080] ? mutex_trylock+0x15f/0x1a0 [ 835.450142] __alloc_pages_nodemask+0x23a2/0x2890 [ 835.455094] ? find_get_entry+0x4cd/0x8a0 [ 835.459236] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 835.464069] alloc_pages_current+0x193/0x2a0 [ 835.468476] filemap_fault+0x146e/0x2180 [ 835.472545] ext4_filemap_fault+0x84/0xb0 [ 835.476676] __do_fault+0x10b/0x4b0 [ 835.480293] __handle_mm_fault+0x273b/0x41c0 [ 835.484713] ? vm_insert_page+0x9c0/0x9c0 [ 835.488851] ? check_preemption_disabled+0x41/0x280 [ 835.493851] handle_mm_fault+0x436/0xb10 [ 835.497896] __do_page_fault+0x68e/0xd60 [ 835.501950] ? trace_hardirqs_off_caller+0x6e/0x210 [ 835.506947] ? spurious_fault+0x840/0x840 [ 835.511077] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 835.515915] ? page_fault+0x8/0x30 [ 835.519454] page_fault+0x1e/0x30 [ 835.522888] RIP: 0033:0x7fdd635502e3 [ 835.526585] Code: Bad RIP value. [ 835.529947] RSP: 002b:00007fff10cab7f8 EFLAGS: 00010246 [ 835.535304] RAX: 0000000000000001 RBX: 000055822c1bd1e0 RCX: 00007fdd635502e3 [ 835.542569] RDX: 0000000000000013 RSI: 00007fff10cab800 RDI: 000000000000000c [ 835.549820] RBP: 00007fff10cab9f0 R08: 0000000002faf080 R09: 000000d4ddd2cc9c [ 835.557073] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff10cab800 [ 835.564325] R13: 0000000000000001 R14: ffffffffffffffff R15: 0005f44f5ddcbe48 [ 835.576838] Mem-Info: [ 835.579298] active_anon:14565 inactive_anon:31153 isolated_anon:0 [ 835.579298] active_file:18 inactive_file:2 isolated_file:0 [ 835.579298] unevictable:0 dirty:32 writeback:0 unstable:0 [ 835.579298] slab_reclaimable:13779 slab_unreclaimable:114745 [ 835.579298] mapped:22053 shmem:31692 pagetables:560 bounce:0 [ 835.579298] free:13816 free_pcp:177 free_cma:0 [ 835.585274] syz-executor.3: vmalloc: allocation failure, allocated 1724391424 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 835.616236] Node 0 active_anon:55416kB inactive_anon:51188kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86604kB dirty:92kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 835.631337] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 835.657583] Node 1 active_anon:2844kB inactive_anon:73424kB active_file:68kB inactive_file:16kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1608kB dirty:36kB writeback:0kB shmem:74012kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 835.664135] CPU: 0 PID: 7554 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 835.691833] Node 0 DMA free:10864kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 835.694296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 835.723636] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 835.729803] Call Trace: [ 835.729826] dump_stack+0x1fc/0x2ef [ 835.729844] warn_alloc.cold+0x7b/0x18f [ 835.729864] ? zone_watermark_ok_safe+0x260/0x260 [ 835.734878] Node 0 DMA32 free:17604kB min:35996kB low:44992kB high:53988kB active_anon:55416kB inactive_anon:51188kB active_file:144kB inactive_file:196kB unevictable:0kB writepending:92kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7392kB pagetables:1912kB bounce:0kB free_pcp:456kB local_pcp:208kB free_cma:0kB [ 835.737450] ? retint_kernel+0x2d/0x2d [ 835.737481] __vmalloc_area_node+0x4fd/0x780 [ 835.737500] ? __vmalloc_node_range+0x180/0x180 [ 835.737512] ? _raw_spin_unlock+0x29/0x40 [ 835.737528] ? __get_vm_area_node+0x2e2/0x3a0 [ 835.743687] lowmem_reserve[]: 0 0 1 1 1 [ 835.745116] __vmalloc_node_range+0xed/0x180 [ 835.751806] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 835.779078] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 835.779092] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 835.779103] vmalloc_user+0x70/0xe0 [ 835.779114] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 835.779127] vb2_vmalloc_alloc+0xb3/0x2f0 [ 835.779140] __vb2_queue_alloc+0x472/0xe60 [ 835.779180] vb2_core_create_bufs+0x273/0x7e0 [ 835.779193] ? __vb2_queue_free+0x870/0x870 [ 835.779215] ? mutex_trylock+0x1a0/0x1a0 [ 835.779229] ? __video_do_ioctl+0x632/0xcd0 [ 835.779247] vb2_create_bufs+0x332/0x620 [ 835.779264] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 835.779278] ? __video_do_ioctl+0x632/0xcd0 [ 835.779288] ? mutex_trylock+0x1a0/0x1a0 [ 835.779302] ? mark_held_locks+0xf0/0xf0 [ 835.779322] vb2_ioctl_create_bufs+0x20d/0x360 [ 835.779337] ? memset+0x20/0x40 [ 835.779355] v4l_create_bufs+0xb2/0x160 [ 835.779373] __video_do_ioctl+0x49a/0xcd0 [ 835.779395] ? v4l_querycap+0x340/0x340 [ 835.779413] ? __might_fault+0x192/0x1d0 [ 835.779429] ? v4l_querycap+0x340/0x340 [ 835.779457] video_usercopy+0x13f/0xfa0 [ 835.779477] ? v4l_enumstd+0x60/0x60 [ 835.779490] ? do_futex+0x171/0x1880 [ 835.779505] ? mark_held_locks+0xf0/0xf0 [ 835.779522] ? debug_check_no_obj_freed+0x201/0x490 [ 835.779543] ? video_usercopy+0xfa0/0xfa0 [ 835.779555] v4l2_ioctl+0x147/0x1a0 [ 835.779566] ? video_devdata+0xa0/0xa0 [ 835.779581] do_vfs_ioctl+0xcdb/0x12e0 [ 835.779594] ? lock_downgrade+0x720/0x720 [ 835.779609] ? check_preemption_disabled+0x41/0x280 [ 835.779622] ? ioctl_preallocate+0x200/0x200 [ 835.779637] ? __fget+0x356/0x510 [ 835.779653] ? do_dup2+0x450/0x450 [ 835.779666] ? __se_sys_futex+0x298/0x3b0 [ 835.779686] ksys_ioctl+0x9b/0xc0 [ 835.779700] __x64_sys_ioctl+0x6f/0xb0 [ 835.779712] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 835.779725] do_syscall_64+0xf9/0x620 [ 835.779744] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 835.779772] RIP: 0033:0x7fb254ef00f9 [ 835.779785] Code: Bad RIP value. [ 835.779793] RSP: 002b:00007fb253462168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 835.779806] RAX: ffffffffffffffda RBX: 00007fb25500ff80 RCX: 00007fb254ef00f9 [ 835.779814] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 835.779821] RBP: 00007fb254f4bae9 R08: 0000000000000000 R09: 0000000000000000 [ 835.779829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 835.779837] R13: 00007ffd8f48045f R14: 00007fb253462300 R15: 0000000000022000 [ 835.788244] Mem-Info: [ 835.792932] lowmem_reserve[]: 0 0 0 0 0 [ 835.794399] active_anon:14559 inactive_anon:31153 isolated_anon:0 [ 835.794399] active_file:20 inactive_file:0 isolated_file:0 [ 835.794399] unevictable:0 dirty:3 writeback:32 unstable:0 [ 835.794399] slab_reclaimable:13779 slab_unreclaimable:114718 [ 835.794399] mapped:22038 shmem:31692 pagetables:558 bounce:0 [ 835.794399] free:13826 free_pcp:260 free_cma:0 [ 835.797903] Node 1 Normal free:26724kB min:53876kB low:67344kB high:80812kB active_anon:2840kB inactive_anon:73424kB active_file:20kB inactive_file:12kB unevictable:0kB writepending:140kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:328kB bounce:0kB free_pcp:500kB local_pcp:252kB free_cma:0kB [ 835.797934] lowmem_reserve[]: 0 0 0 0 0 [ 835.797952] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10864kB [ 835.807116] Node 0 active_anon:55396kB inactive_anon:51188kB active_file:36kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86544kB dirty:8kB writeback:92kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 12288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 835.813084] Node 0 DMA32: 1369*4kB (UME) 869*8kB (UME) 243*16kB (UME) 32*32kB (UME) 3*64kB (UE) 2*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17788kB [ 835.836978] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 835.837021] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 835.837062] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 835.837104] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 835.837145] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 835.837186] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 835.859341] Node 1 active_anon:2844kB inactive_anon:73424kB active_file:16kB inactive_file:16kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1536kB dirty:0kB writeback:0kB shmem:74012kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 835.864820] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 835.876485] Node 0 DMA free:10864kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 835.883145] Node 1 Normal: 243*4kB (ME) 239*8kB (UME) 178*16kB (UME) 88*32kB (UME) 20*64kB (UME) 10*128kB (ME) 3*256kB (UM) 3*512kB (UME) 1*1024kB (E) 2*2048kB (ME) 2*4096kB (U) = 26724kB [ 835.884604] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 835.891053] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 835.900357] Node 0 DMA32 free:17708kB min:35996kB low:44992kB high:53988kB active_anon:55396kB inactive_anon:51188kB active_file:36kB inactive_file:36kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7392kB pagetables:1904kB bounce:0kB free_pcp:536kB local_pcp:248kB free_cma:0kB [ 835.902244] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 835.916104] lowmem_reserve[]: 0 0 1 1 1 [ 835.921415] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 835.922243] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 835.926292] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 835.926298] 31718 total pagecache pages [ 835.926310] 0 pages in swap cache [ 835.926317] Swap cache stats: add 0, delete 0, find 0/0 [ 835.926321] Free swap = 0kB [ 835.926326] Total swap = 0kB [ 835.926334] 2097051 pages RAM [ 835.926338] 0 pages HighMem/MovableOnly [ 835.926342] 369649 pages reserved [ 835.926346] 0 pages cma reserved [ 835.926351] Unreclaimable slab info: [ 835.926360] Name Used Total [ 835.940845] lowmem_reserve[]: 0 0 0 0 0 [ 835.944370] pid_2 15KB 100KB [ 835.945759] Node 1 Normal free:26724kB min:53876kB low:67344kB high:80812kB active_anon:2844kB inactive_anon:73424kB active_file:16kB inactive_file:16kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:328kB bounce:0kB free_pcp:500kB local_pcp:248kB free_cma:0kB [ 835.951591] batadv_tt_change_cache 3KB 7KB [ 835.961275] lowmem_reserve[]: 0 0 0 0 0 [ 835.962632] batadv_tl_cache 8KB 16KB [ 835.972995] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10864kB [ 835.975947] TIPC 15KB 37KB [ 835.982457] Node 0 DMA32: 1369*4kB (UME) 869*8kB (UME) 243*16kB (UME) 32*32kB (UME) 3*64kB (UE) 2*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17788kB [ 835.983978] SCTPv6 22KB 37KB [ 835.995520] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 836.001541] DCCPv6 17KB 30KB [ 836.005282] Node 1 Normal: 243*4kB (ME) 239*8kB (UME) 178*16kB (UME) 88*32kB (UME) 20*64kB (UME) 10*128kB (ME) 3*256kB (UM) 3*512kB (UME) 1*1024kB (E) 2*2048kB (ME) 2*4096kB (U) = 26724kB [ 836.006980] DCCP 16KB 28KB [ 836.007021] RXRPC 16KB 32KB [ 836.007030] rxrpc_call_jar 112KB 141KB [ 836.007043] bridge_fdb_cache 15KB 27KB [ 836.020588] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 836.030279] fib6_nodes 254KB 264KB [ 836.039089] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 836.041758] ip6_dst_cache 780KB 825KB [ 836.062286] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 836.063585] RAWv6 111KB 128KB [ 836.073923] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 836.103810] UDPv6 39KB 45KB [ 836.135467] 31718 total pagecache pages [ 836.147048] TCPv6 24KB 30KB [ 836.152759] 0 pages in swap cache [ 836.188800] nf_conntrack 16KB 18KB [ 836.194542] Swap cache stats: add 0, delete 0, find 0/0 [ 836.205642] t10_alua_lu_gp_cache 0KB 3KB [ 836.214220] Free swap = 0kB [ 836.229691] sd_ext_cdb 0KB 7KB [ 836.233863] Total swap = 0kB [ 836.269048] scsi_sense_cache 1056KB 1060KB [ 836.297882] 2097051 pages RAM [ 836.323359] virtio_scsi_cmd 16KB 16KB [ 836.329264] 0 pages HighMem/MovableOnly [ 836.367086] sgpool-128 8KB 8KB [ 836.370701] 369649 pages reserved [ 836.380290] sgpool-64 4KB 12KB [ 836.405811] 0 pages cma reserved [ 836.423073] sgpool-32 2KB 15KB [ 836.491945] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 836.491992] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 836.492036] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 836.492079] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 836.766236] sgpool-16 1KB 7KB [ 836.771603] sgpool-8 0KB 7KB [ 836.777016] mqueue_inode_cache 13KB 30KB [ 836.782482] bio_post_read_ctx 14KB 15KB [ 836.788054] bio-2 14KB 15KB [ 836.793423] jfs_mp 7KB 7KB [ 836.798864] cifs_small_rq 15KB 16KB [ 836.804700] cifs_request 67KB 67KB [ 836.810142] cifs_mpx_ids 0KB 7KB [ 836.815520] nfs_commit_data 3KB 14KB [ 836.820923] nfs_write_data 34KB 44KB [ 836.826363] ext4_system_zone 1KB 7KB [ 836.831748] bio-1 1KB 7KB [ 836.837155] pid_namespace 2KB 11KB [ 836.842538] rpc_buffers 17KB 25KB [ 836.847965] rpc_tasks 2KB 7KB [ 836.853329] UNIX 1991KB 2062KB [ 836.858752] tcp_bind_bucket 1KB 4KB [ 836.864126] ip_fib_trie 37KB 43KB [ 836.869553] ip_fib_alias 180KB 193KB [ 836.874915] ip_dst_cache 12KB 20KB [ 836.880315] RAW 66KB 82KB [ 836.885674] UDP 57KB 74KB [ 836.891159] TCP 8KB 16KB [ 836.904026] hugetlbfs_inode_cache 3KB 15KB [ 836.909817] fscache_cookie_jar 1KB 11KB [ 836.915283] eventpoll_pwq 24KB 43KB [ 836.927257] eventpoll_epi 45KB 66KB [ 836.932637] inotify_inode_mark 19KB 39KB [ 836.938148] request_queue 199KB 199KB [ 836.943521] blkdev_requests 1KB 3KB [ 836.955622] blkdev_ioc 19KB 38KB [ 836.961060] bio-0 593KB 630KB [ 836.972804] biovec-max 1485KB 1534KB [ 836.978233] biovec-64 519KB 598KB [ 836.983596] biovec-16 81KB 101KB [ 836.995541] bio_integrity_payload 1KB 8KB [ 837.001311] khugepaged_mm_slot 3KB 34KB [ 837.013749] uid_cache 0KB 4KB [ 837.019157] dmaengine-unmap-2 0KB 3KB [ 837.024523] skbuff_fclone_cache 27KB 48KB [ 837.036961] skbuff_head_cache 8931KB 8932KB [ 837.042335] configfs_dir_cache 3KB 7KB [ 837.047845] file_lock_cache 48KB 95KB [ 837.053211] file_lock_ctx 9KB 11KB [ 837.065431] fsnotify_mark_connector 7KB 23KB [ 837.071376] net_namespace 87KB 87KB [ 837.083289] shmem_inode_cache 8084KB 8275KB [ 837.088705] task_delay_info 267KB 383KB [ 837.094065] taskstats 26KB 57KB [ 837.106441] proc_dir_entry 950KB 1038KB [ 837.112324] pde_opener 16KB 34KB [ 837.120887] seq_file 264KB 500KB [ 837.129948] sigqueue 53KB 66KB [ 837.135319] kernfs_node_cache 18234KB 18537KB [ 837.144098] mnt_cache 209KB 236KB [ 837.153022] filp 6751KB 7623KB [ 837.162084] names_cache 103674KB 103725KB [ 837.170813] iint_cache 26KB 55KB [ 837.179620] key_jar 31KB 135KB [ 837.184983] uts_namespace 3KB 11KB [ 837.190470] nsproxy 2KB 11KB [ 837.197319] vm_area_struct 3239KB 3836KB [ 837.202982] mm_struct 521KB 637KB [ 837.208978] fs_cache 308KB 380KB [ 837.216653] files_cache 1137KB 1342KB [ 837.222551] signal_cache 2049KB 2422KB [ 837.228506] sighand_cache 561KB 631KB [ 837.234546] task_struct 9323KB 9393KB [ 837.240391] cred_jar 2044KB 2512KB [ 837.246311] anon_vma_chain 1031KB 1492KB [ 837.251680] anon_vma 145KB 288KB [ 837.257195] pid 171KB 224KB [ 837.263098] Acpi-Operand 156KB 198KB [ 837.269113] Acpi-ParseExt 9KB 11KB [ 837.274810] Acpi-Parse 41KB 47KB [ 837.283063] Acpi-State 52KB 63KB [ 837.288604] Acpi-Namespace 20KB 27KB [ 837.294027] numa_policy 0KB 3KB [ 837.299580] debug_objects_cache 1531KB 1828KB [ 837.305226] trace_event_file 297KB 298KB [ 837.310777] ftrace_event_field 398KB 401KB [ 837.318213] pool_workqueue 143KB 160KB [ 837.323690] page->ptl 496KB 1008KB [ 837.329300] kmalloc-2097152 2050KB 2050KB [ 837.334680] kmalloc-524288 2056KB 2056KB [ 837.340288] kmalloc-262144 1290KB 1290KB [ 837.345660] kmalloc-131072 650KB 650KB [ 837.351245] kmalloc-65536 2904KB 2970KB [ 837.356798] kmalloc-32768 2277KB 2277KB [ 837.362221] kmalloc-16384 1386KB 1435KB [ 837.367758] kmalloc-8192 5816KB 5874KB [ 837.373175] kmalloc-4096 31624KB 31666KB [ 837.378959] kmalloc-2048 18661KB 18882KB [ 837.384386] kmalloc-1024 13797KB 14482KB [ 837.389940] kmalloc-512 16816KB 16818KB [ 837.395333] kmalloc-256 5925KB 6258KB [ 837.400861] kmalloc-128 1397KB 1472KB [ 837.406381] kmalloc-96 3339KB 4076KB [ 837.411747] kmalloc-64 2817KB 3892KB [ 837.419119] kmalloc-32 2031KB 2543KB [ 837.424490] kmalloc-192 2334KB 2876KB [ 837.430050] kmem_cache 177KB 183KB [ 837.435418] Out of memory (oom_kill_allocating_task): Kill process 7474 (systemd-journal) score 0 or sacrifice child [ 837.446356] Killed process 7474 (systemd-journal) total-vm:46096kB, anon-rss:472kB, file-rss:0kB, shmem-rss:1536kB [ 837.457995] oom_reaper: reaped process 7474 (systemd-journal), now anon-rss:0kB, file-rss:0kB, shmem-rss:1536kB [ 837.566323] systemd[1]: systemd-journald.service: Failed with result 'signal'. [ 837.575957] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 837.613923] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 837.622712] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 837.634471] systemd[1]: Stopped Journal Service. [ 837.655529] systemd[1]: Starting Journal Service... [ 837.851509] systemd-journald[7594]: File /run/log/journal/04d8c135ee6b410280ba31a58c89679d/system.journal corrupted or uncleanly shut down, renaming and replacing. [ 838.333041] systemd[1]: Started Journal Service. 02:36:51 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:36:51 executing program 0: r0 = add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) 02:36:51 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x0, 0x0, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:36:51 executing program 1: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:36:51 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:36:51 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x9, 0x2, 0x9, 0x1000, 0x3], 0x5, 0x800}) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:36:51 executing program 1: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:36:51 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:36:51 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:36:51 executing program 0: r0 = add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) 02:36:51 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x0, 0x0, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:36:51 executing program 0: r0 = add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) [ 845.783986] oom_reaper: reaped process 7616 (syz-executor.3), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 845.822529] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 845.839708] in:imklog cpuset=/ mems_allowed=0-1 [ 845.844424] CPU: 1 PID: 7520 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 845.851784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 845.861161] Call Trace: [ 845.863760] dump_stack+0x1fc/0x2ef [ 845.867397] dump_header+0x15d/0xc3f [ 845.871122] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 845.876237] ? ___ratelimit+0x319/0x590 [ 845.880228] oom_kill_process.cold+0x10/0x692 [ 845.884725] ? check_preemption_disabled+0x41/0x280 [ 845.889866] ? has_intersects_mems_allowed+0x1d6/0x290 [ 845.895140] out_of_memory+0x1072/0x1390 [ 845.899200] ? oom_killer_disable+0x270/0x270 [ 845.903687] ? mutex_trylock+0x15f/0x1a0 [ 845.907751] __alloc_pages_nodemask+0x23a2/0x2890 [ 845.912601] ? find_get_entry+0x4cd/0x8a0 [ 845.916746] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 845.921587] alloc_pages_current+0x193/0x2a0 [ 845.925994] filemap_fault+0x146e/0x2180 [ 845.930086] ext4_filemap_fault+0x84/0xb0 [ 845.934241] __do_fault+0x10b/0x4b0 [ 845.937856] __handle_mm_fault+0x273b/0x41c0 [ 845.942357] ? vm_insert_page+0x9c0/0x9c0 [ 845.946493] ? lock_downgrade+0x720/0x720 [ 845.950636] ? check_preemption_disabled+0x41/0x280 [ 845.955640] handle_mm_fault+0x436/0xb10 [ 845.959699] __do_page_fault+0x68e/0xd60 [ 845.963749] ? trace_hardirqs_off_caller+0x6e/0x210 [ 845.968771] ? spurious_fault+0x840/0x840 [ 845.972992] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 845.977824] ? page_fault+0x8/0x30 [ 845.981349] page_fault+0x1e/0x30 [ 845.984787] RIP: 0033:0x7f8b44b5c22d [ 845.988493] Code: Bad RIP value. [ 845.991842] RSP: 002b:00007f8b424f8580 EFLAGS: 00010293 [ 845.997190] RAX: 0000000000000076 RBX: 0000000000000000 RCX: 00007f8b44b5c22d [ 846.004456] RDX: 0000000000001fa0 RSI: 00007f8b424f8da0 RDI: 0000000000000004 [ 846.011720] RBP: 00005625f4fc99d0 R08: 00007f8b43cd5940 R09: 0000000004000001 [ 846.018999] R10: 0000000000000001 R11: 0000000000000293 R12: 00007f8b424f8da0 [ 846.026258] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f8b424f8dd8 [ 846.037138] Mem-Info: [ 846.039590] active_anon:14587 inactive_anon:33185 isolated_anon:0 [ 846.039590] active_file:8 inactive_file:14 isolated_file:0 [ 846.039590] unevictable:0 dirty:0 writeback:0 unstable:0 [ 846.039590] slab_reclaimable:13834 slab_unreclaimable:115600 [ 846.039590] mapped:21972 shmem:33740 pagetables:561 bounce:0 [ 846.039590] free:13895 free_pcp:143 free_cma:0 [ 846.055014] syz-executor.3: vmalloc: allocation failure, allocated 1712349184 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 846.073197] Node 0 active_anon:55584kB inactive_anon:51188kB active_file:20kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 846.107822] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 846.114505] Node 1 active_anon:2764kB inactive_anon:81552kB active_file:12kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1380kB dirty:0kB writeback:0kB shmem:82204kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 846.135325] CPU: 0 PID: 7616 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 846.149082] Node 0 DMA free:10884kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 846.156026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 846.156031] Call Trace: [ 846.156052] dump_stack+0x1fc/0x2ef [ 846.156070] warn_alloc.cold+0x7b/0x18f [ 846.156088] ? zone_watermark_ok_safe+0x260/0x260 [ 846.156106] ? retint_kernel+0x2d/0x2d [ 846.182339] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 846.191594] __vmalloc_area_node+0x4fd/0x780 [ 846.191617] ? __vmalloc_node_range+0x180/0x180 [ 846.194181] Node 0 DMA32 free:17868kB min:35996kB low:44992kB high:53988kB active_anon:55584kB inactive_anon:51188kB active_file:20kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7392kB pagetables:1912kB bounce:0kB free_pcp:320kB local_pcp:72kB free_cma:0kB [ 846.197800] ? _raw_spin_unlock+0x29/0x40 [ 846.197814] ? __get_vm_area_node+0x2e2/0x3a0 [ 846.197831] __vmalloc_node_range+0xed/0x180 [ 846.197846] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 846.197859] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 846.197875] vmalloc_user+0x70/0xe0 [ 846.201850] lowmem_reserve[]: 0 0 1 1 1 [ 846.206656] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 846.206670] vb2_vmalloc_alloc+0xb3/0x2f0 [ 846.206688] __vb2_queue_alloc+0x472/0xe60 [ 846.210554] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 846.215571] vb2_core_create_bufs+0x273/0x7e0 [ 846.215586] ? __vb2_queue_free+0x870/0x870 [ 846.215602] ? mutex_trylock+0x1a0/0x1a0 [ 846.215616] ? __video_do_ioctl+0x632/0xcd0 [ 846.215636] vb2_create_bufs+0x332/0x620 [ 846.222398] lowmem_reserve[]: 0 0 0 0 0 [ 846.224683] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 846.253664] Node 1 Normal free:26820kB min:53876kB low:67344kB high:80812kB active_anon:2764kB inactive_anon:81552kB active_file:12kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:332kB bounce:0kB free_pcp:252kB local_pcp:4kB free_cma:0kB [ 846.257721] ? __video_do_ioctl+0x632/0xcd0 [ 846.257737] ? mutex_trylock+0x1a0/0x1a0 [ 846.257753] ? mark_held_locks+0xf0/0xf0 [ 846.257771] ? futex_wait_queue_me+0x404/0x5e0 [ 846.262244] lowmem_reserve[]: 0 0 0 0 0 [ 846.266649] vb2_ioctl_create_bufs+0x20d/0x360 [ 846.266664] ? memset+0x20/0x40 [ 846.266681] v4l_create_bufs+0xb2/0x160 [ 846.266696] __video_do_ioctl+0x49a/0xcd0 [ 846.266716] ? v4l_querycap+0x340/0x340 [ 846.271049] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10884kB [ 846.276896] ? __might_fault+0x192/0x1d0 [ 846.276913] ? v4l_querycap+0x340/0x340 [ 846.276930] video_usercopy+0x13f/0xfa0 [ 846.280531] Node 0 DMA32: 1317*4kB (ME) 867*8kB (UME) 246*16kB (UME) 30*32kB (UME) 2*64kB (ME) 3*128kB (U) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17868kB [ 846.284503] ? v4l_enumstd+0x60/0x60 [ 846.288891] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 846.292942] ? do_futex+0x171/0x1880 [ 846.297186] Node 1 Normal: 289*4kB (M) 248*8kB (M) 200*16kB (UME) 116*32kB (UME) 34*64kB (ME) 14*128kB (UME) 2*256kB (UM) 2*512kB (UE) 1*1024kB (E) 1*2048kB (E) 2*4096kB (U) = 26820kB [ 846.323006] ? mark_held_locks+0xf0/0xf0 [ 846.323023] ? debug_check_no_obj_freed+0x201/0x490 [ 846.323046] ? video_usercopy+0xfa0/0xfa0 [ 846.323056] v4l2_ioctl+0x147/0x1a0 [ 846.323067] ? video_devdata+0xa0/0xa0 [ 846.323082] do_vfs_ioctl+0xcdb/0x12e0 [ 846.323096] ? lock_downgrade+0x720/0x720 [ 846.323111] ? check_preemption_disabled+0x41/0x280 [ 846.323123] ? ioctl_preallocate+0x200/0x200 [ 846.323139] ? __fget+0x356/0x510 [ 846.323156] ? do_dup2+0x450/0x450 [ 846.323170] ? __se_sys_futex+0x298/0x3b0 [ 846.323194] ksys_ioctl+0x9b/0xc0 [ 846.323209] __x64_sys_ioctl+0x6f/0xb0 [ 846.323223] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 846.323237] do_syscall_64+0xf9/0x620 [ 846.323256] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 846.323268] RIP: 0033:0x7fb254ef00f9 [ 846.323281] Code: Bad RIP value. [ 846.323288] RSP: 002b:00007fb253462168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 846.323302] RAX: ffffffffffffffda RBX: 00007fb25500ff80 RCX: 00007fb254ef00f9 [ 846.323310] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 846.323318] RBP: 00007fb254f4bae9 R08: 0000000000000000 R09: 0000000000000000 [ 846.323325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 846.323333] R13: 00007ffd8f48045f R14: 00007fb253462300 R15: 0000000000022000 [ 846.331927] Mem-Info: [ 846.343557] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 846.350784] active_anon:14587 inactive_anon:33185 isolated_anon:0 [ 846.350784] active_file:8 inactive_file:14 isolated_file:0 [ 846.350784] unevictable:0 dirty:0 writeback:0 unstable:0 [ 846.350784] slab_reclaimable:13834 slab_unreclaimable:115600 [ 846.350784] mapped:21972 shmem:33740 pagetables:561 bounce:0 [ 846.350784] free:13895 free_pcp:143 free_cma:0 [ 846.365484] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 846.388740] Node 0 active_anon:55584kB inactive_anon:51188kB active_file:20kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 846.402002] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 846.409396] Node 1 active_anon:2764kB inactive_anon:81552kB active_file:12kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1380kB dirty:0kB writeback:0kB shmem:82204kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 846.409598] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 846.412855] Node 0 DMA free:10884kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 846.428303] 33762 total pagecache pages [ 846.442697] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 846.452555] 0 pages in swap cache [ 846.472647] Node 0 DMA32 free:17868kB min:35996kB low:44992kB high:53988kB active_anon:55584kB inactive_anon:51188kB active_file:20kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7392kB pagetables:1912kB bounce:0kB free_pcp:312kB local_pcp:248kB free_cma:0kB [ 846.486102] Swap cache stats: add 0, delete 0, find 0/0 [ 846.507780] lowmem_reserve[]: 0 0 1 1 1 [ 846.515096] Free swap = 0kB [ 846.524155] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 846.524237] Total swap = 0kB [ 846.528428] lowmem_reserve[]: 0 0 0 0 0 [ 846.528444] Node 1 Normal free:26820kB min:53876kB low:67344kB high:80812kB active_anon:2764kB inactive_anon:81552kB active_file:12kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:332kB bounce:0kB free_pcp:252kB local_pcp:248kB free_cma:0kB [ 846.528474] lowmem_reserve[]: 0 0 0 0 0 [ 846.528493] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10884kB [ 846.528556] Node 0 DMA32: 1317*4kB (ME) 867*8kB (UME) 246*16kB (UME) 30*32kB (UME) 2*64kB (ME) 3*128kB (U) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17868kB [ 846.528625] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 846.528680] Node 1 Normal: 289*4kB (M) 248*8kB (M) 200*16kB (UME) 116*32kB (UME) 34*64kB (ME) 14*128kB (UME) 2*256kB (UM) 2*512kB (UE) 1*1024kB (E) 1*2048kB (E) 2*4096kB (U) = 26820kB [ 846.528769] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 846.528779] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 846.528789] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 846.528799] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 846.528805] 33762 total pagecache pages [ 846.528818] 0 pages in swap cache [ 846.528826] Swap cache stats: add 0, delete 0, find 0/0 [ 846.528830] Free swap = 0kB [ 846.528834] Total swap = 0kB [ 846.528842] 2097051 pages RAM [ 846.528847] 0 pages HighMem/MovableOnly [ 846.528853] 369649 pages reserved [ 846.528858] 0 pages cma reserved [ 847.024439] 2097051 pages RAM [ 847.027619] 0 pages HighMem/MovableOnly [ 847.031584] 369649 pages reserved [ 847.035100] 0 pages cma reserved [ 847.038459] Unreclaimable slab info: [ 847.043943] Name Used Total [ 847.049563] pid_2 16KB 92KB [ 847.055050] batadv_tt_change_cache 3KB 7KB [ 847.060849] batadv_tl_cache 8KB 16KB [ 847.066283] TIPC 15KB 37KB [ 847.071655] SCTPv6 22KB 37KB [ 847.077087] DCCPv6 17KB 30KB [ 847.082455] DCCP 16KB 28KB [ 847.087919] RXRPC 16KB 32KB [ 847.093279] rxrpc_call_jar 112KB 141KB [ 847.098708] bridge_fdb_cache 14KB 27KB [ 847.104075] fib6_nodes 234KB 264KB [ 847.109476] ip6_dst_cache 789KB 825KB [ 847.114892] RAWv6 111KB 128KB [ 847.120257] UDPv6 37KB 45KB [ 847.125656] TCPv6 24KB 36KB [ 847.131027] nf_conntrack 16KB 18KB [ 847.136510] t10_alua_lu_gp_cache 0KB 3KB [ 847.143817] sd_ext_cdb 0KB 7KB [ 847.149259] scsi_sense_cache 1056KB 1060KB [ 847.154616] virtio_scsi_cmd 16KB 16KB [ 847.160055] sgpool-128 8KB 8KB [ 847.165493] sgpool-64 4KB 12KB [ 847.170860] sgpool-32 2KB 15KB [ 847.176304] sgpool-16 1KB 7KB [ 847.181686] sgpool-8 0KB 7KB [ 847.187218] mqueue_inode_cache 10KB 30KB [ 847.192668] bio_post_read_ctx 14KB 15KB [ 847.198127] bio-2 14KB 15KB [ 847.203481] jfs_mp 7KB 7KB [ 847.208898] cifs_small_rq 15KB 16KB [ 847.214257] cifs_request 67KB 67KB [ 847.219666] cifs_mpx_ids 0KB 7KB [ 847.225074] nfs_commit_data 3KB 14KB [ 847.230428] nfs_write_data 34KB 44KB [ 847.235868] ext4_system_zone 1KB 7KB [ 847.241250] bio-1 1KB 7KB [ 847.248413] pid_namespace 2KB 11KB [ 847.253798] rpc_buffers 17KB 25KB [ 847.259217] rpc_tasks 2KB 7KB [ 847.264578] UNIX 1942KB 2043KB [ 847.270004] tcp_bind_bucket 1KB 4KB [ 847.275448] ip_fib_trie 34KB 43KB [ 847.280814] ip_fib_alias 167KB 193KB [ 847.286222] ip_dst_cache 12KB 20KB [ 847.291581] RAW 66KB 82KB [ 847.297013] UDP 55KB 74KB [ 847.302377] TCP 8KB 22KB [ 847.307778] hugetlbfs_inode_cache 3KB 15KB [ 847.313492] fscache_cookie_jar 1KB 11KB [ 847.319014] eventpoll_pwq 23KB 43KB [ 847.324377] eventpoll_epi 43KB 66KB [ 847.329787] inotify_inode_mark 14KB 39KB [ 847.335296] request_queue 199KB 199KB [ 847.340656] blkdev_requests 1KB 3KB [ 847.347766] blkdev_ioc 22KB 38KB [ 847.353146] bio-0 700KB 701KB [ 847.358565] biovec-max 1542KB 1592KB [ 847.364275] biovec-64 610KB 637KB [ 847.369736] biovec-16 90KB 101KB [ 847.375152] bio_integrity_payload 1KB 8KB [ 847.380859] khugepaged_mm_slot 4KB 34KB [ 847.386363] uid_cache 0KB 4KB [ 847.391723] dmaengine-unmap-2 0KB 3KB [ 847.397202] skbuff_fclone_cache 28KB 45KB [ 847.402830] skbuff_head_cache 8957KB 8958KB [ 847.408277] configfs_dir_cache 3KB 7KB [ 847.413729] file_lock_cache 45KB 91KB [ 847.419159] file_lock_ctx 9KB 11KB [ 847.424528] fsnotify_mark_connector 7KB 23KB [ 847.430474] net_namespace 87KB 87KB [ 847.435885] shmem_inode_cache 8057KB 8255KB [ 847.441243] task_delay_info 255KB 379KB [ 847.446647] taskstats 26KB 53KB [ 847.453783] proc_dir_entry 932KB 1031KB [ 847.459239] pde_opener 14KB 34KB [ 847.464616] seq_file 261KB 496KB [ 847.470040] sigqueue 34KB 63KB [ 847.475459] kernfs_node_cache 18229KB 18537KB [ 847.480821] mnt_cache 178KB 216KB [ 847.486250] filp 6808KB 7620KB [ 847.491614] names_cache 109301KB 109301KB [ 847.497058] iint_cache 28KB 55KB [ 847.502429] key_jar 28KB 135KB [ 847.507867] uts_namespace 2KB 7KB [ 847.513226] nsproxy 1KB 11KB [ 847.514934] Bluetooth: hci2: command 0x0406 tx timeout [ 847.518640] vm_area_struct 3243KB 3836KB [ 847.529261] mm_struct 511KB 637KB [ 847.534622] fs_cache 291KB 380KB [ 847.540073] files_cache 1067KB 1316KB [ 847.553681] signal_cache 1867KB 2400KB [ 847.559205] sighand_cache 534KB 631KB [ 847.564570] task_struct 7884KB 7966KB [ 847.570011] cred_jar 2078KB 2512KB [ 847.575432] anon_vma_chain 999KB 1492KB [ 847.580828] anon_vma 161KB 288KB [ 847.586256] pid 158KB 224KB [ 847.591617] Acpi-Operand 156KB 198KB [ 847.597341] Acpi-ParseExt 9KB 11KB [ 847.602708] Acpi-Parse 41KB 47KB [ 847.608652] Acpi-State 52KB 63KB [ 847.614021] Acpi-Namespace 20KB 27KB [ 847.649814] numa_policy 0KB 3KB [ 847.655980] debug_objects_cache 1519KB 1828KB [ 847.661658] trace_event_file 297KB 298KB [ 847.675292] ftrace_event_field 398KB 401KB [ 847.680766] pool_workqueue 137KB 160KB [ 847.699207] page->ptl 494KB 1008KB [ 847.704634] kmalloc-2097152 2050KB 2050KB [ 847.711143] kmalloc-524288 2056KB 2056KB [ 847.717332] kmalloc-262144 1290KB 1290KB [ 847.723310] kmalloc-131072 650KB 650KB [ 847.729580] kmalloc-65536 2772KB 2970KB [ 847.735969] kmalloc-32768 2178KB 2211KB [ 847.741452] kmalloc-16384 1336KB 1402KB [ 847.747761] kmalloc-8192 5486KB 5601KB [ 847.753128] kmalloc-4096 27850KB 27905KB [ 847.759530] kmalloc-2048 17852KB 18697KB [ 847.765392] kmalloc-1024 13243KB 14482KB [ 847.770771] kmalloc-512 16605KB 16871KB [ 847.777033] kmalloc-256 5610KB 6258KB [ 847.782396] kmalloc-128 1374KB 1472KB [ 847.788692] kmalloc-96 3429KB 4076KB [ 847.794061] kmalloc-64 2760KB 3888KB [ 847.801655] kmalloc-32 2005KB 2543KB [ 847.807571] kmalloc-192 2272KB 2876KB [ 847.812941] kmem_cache 177KB 183KB [ 847.819219] Out of memory (oom_kill_allocating_task): Kill process 7520 (in:imklog) score 0 or sacrifice child [ 847.830037] Killed process 7518 (rsyslogd) total-vm:254332kB, anon-rss:712kB, file-rss:0kB, shmem-rss:0kB [ 847.842327] oom_reaper: reaped process 7518 (rsyslogd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 02:37:01 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) 02:37:01 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x0, 0x0, 0x4, 0x1, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:37:01 executing program 1: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) pipe2$watch_queue(&(0x7f0000000380), 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:01 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:01 executing program 2: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000280)=@multiplanar_overlay={0x35, 0x0, 0x4, 0x0, 0x9, {r2, r3/1000+60000}, {0x1, 0x1, 0x1, 0x3f, 0x6, 0xdb, "f3d35c29"}, 0x8, 0x3, {&(0x7f0000000200)=[{0x2, 0x3, {0xcaa}, 0xa3}, {0x6, 0x4, {0x7}, 0x100}]}, 0x400}) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:37:01 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040), 0x80) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:01 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) 02:37:01 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x0, 0x2, 0x4, 0x0, 0x8, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:37:01 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:01 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) clock_gettime(0x0, &(0x7f00000001c0)) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:37:01 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:01 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:37:01 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:37:01 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) 02:37:01 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:37:01 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) [ 856.154848] oom_reaper: reaped process 7651 (syz-executor.3), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 856.185386] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 856.201405] in:imklog cpuset=/ mems_allowed=0-1 [ 856.206143] CPU: 1 PID: 7637 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 856.213495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 856.222849] Call Trace: [ 856.225471] dump_stack+0x1fc/0x2ef [ 856.229107] dump_header+0x15d/0xc3f [ 856.232830] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 856.238037] ? ___ratelimit+0x319/0x590 [ 856.242020] oom_kill_process.cold+0x10/0x692 [ 856.246521] ? check_preemption_disabled+0x41/0x280 [ 856.251544] ? has_intersects_mems_allowed+0x1d6/0x290 [ 856.256822] out_of_memory+0x1072/0x1390 [ 856.260887] ? oom_killer_disable+0x270/0x270 [ 856.265386] ? mutex_trylock+0x15f/0x1a0 [ 856.269452] __alloc_pages_nodemask+0x23a2/0x2890 [ 856.274299] ? find_get_entry+0x4cd/0x8a0 [ 856.278455] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 856.283420] alloc_pages_current+0x193/0x2a0 [ 856.287936] filemap_fault+0x146e/0x2180 [ 856.293646] ext4_filemap_fault+0x84/0xb0 [ 856.297778] __do_fault+0x10b/0x4b0 [ 856.301409] __handle_mm_fault+0x273b/0x41c0 [ 856.305804] ? vm_insert_page+0x9c0/0x9c0 [ 856.309937] ? lock_downgrade+0x720/0x720 [ 856.314073] ? check_preemption_disabled+0x41/0x280 [ 856.319072] handle_mm_fault+0x436/0xb10 [ 856.323128] __do_page_fault+0x68e/0xd60 [ 856.327174] ? trace_hardirqs_off_caller+0x6e/0x210 [ 856.332172] ? spurious_fault+0x840/0x840 [ 856.336306] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 856.341134] ? page_fault+0x8/0x30 [ 856.344674] page_fault+0x1e/0x30 [ 856.348108] RIP: 0033:0x7f1f0be3f22d [ 856.351806] Code: Bad RIP value. [ 856.355154] RSP: 002b:00007f1f097db580 EFLAGS: 00010293 [ 856.360496] RAX: 0000000000000076 RBX: 0000000000000000 RCX: 00007f1f0be3f22d [ 856.367748] RDX: 0000000000001fa0 RSI: 00007f1f097dbda0 RDI: 0000000000000004 [ 856.374999] RBP: 00005576de6409d0 R08: 0000000000000000 R09: 0000000000000000 [ 856.382251] R10: 2ce33e6c02ce33e7 R11: 0000000000000293 R12: 00007f1f097dbda0 [ 856.389513] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f1f097dd511 [ 856.397463] net_ratelimit: 21 callbacks suppressed [ 856.397467] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 856.409056] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 856.412271] syz-executor.3: vmalloc: allocation failure, allocated 1704706048 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 856.415620] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 856.437373] Mem-Info: [ 856.438659] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 856.439907] active_anon:15118 inactive_anon:33185 isolated_anon:0 [ 856.439907] active_file:15 inactive_file:7 isolated_file:0 [ 856.439907] unevictable:0 dirty:2 writeback:0 unstable:0 [ 856.439907] slab_reclaimable:14022 slab_unreclaimable:116663 [ 856.439907] mapped:22016 shmem:33740 pagetables:577 bounce:0 [ 856.439907] free:13876 free_pcp:197 free_cma:0 [ 856.447960] CPU: 0 PID: 7651 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 856.478892] Node 0 active_anon:58188kB inactive_anon:51192kB active_file:40kB inactive_file:52kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86524kB dirty:8kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 18432kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 856.485966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 856.485971] Call Trace: [ 856.485989] dump_stack+0x1fc/0x2ef [ 856.486007] warn_alloc.cold+0x7b/0x18f [ 856.486028] ? zone_watermark_ok_safe+0x260/0x260 [ 856.513839] Node 1 active_anon:2284kB inactive_anon:81548kB active_file:20kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1540kB dirty:0kB writeback:0kB shmem:82200kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 856.523113] ? retint_kernel+0x2d/0x2d [ 856.523134] ? alloc_pages_current+0x14a/0x2a0 [ 856.523158] __vmalloc_area_node+0x4fd/0x780 [ 856.526012] Node 0 DMA free:10884kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 856.529604] ? __vmalloc_node_range+0x180/0x180 [ 856.533550] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 856.538384] ? _raw_spin_unlock+0x29/0x40 [ 856.538397] ? __get_vm_area_node+0x2e2/0x3a0 [ 856.538415] __vmalloc_node_range+0xed/0x180 [ 856.538435] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 856.566631] Node 0 DMA32 free:17940kB min:35996kB low:44992kB high:53988kB active_anon:58188kB inactive_anon:51192kB active_file:40kB inactive_file:32kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7520kB pagetables:2028kB bounce:0kB free_pcp:280kB local_pcp:32kB free_cma:0kB [ 856.569656] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 856.574301] lowmem_reserve[]: 0 0 1 1 1 [ 856.578751] vmalloc_user+0x70/0xe0 [ 856.604920] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 856.609602] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 856.614639] lowmem_reserve[]: 0 0 0 0 0 [ 856.618738] vb2_vmalloc_alloc+0xb3/0x2f0 [ 856.623205] Node 1 Normal free:26672kB min:53876kB low:67344kB high:80812kB active_anon:2284kB inactive_anon:81548kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:352kB pagetables:280kB bounce:0kB free_pcp:500kB local_pcp:252kB free_cma:0kB [ 856.627604] __vb2_queue_alloc+0x472/0xe60 [ 856.627630] vb2_core_create_bufs+0x273/0x7e0 [ 856.627646] ? __vb2_queue_free+0x870/0x870 [ 856.627662] ? mutex_trylock+0x1a0/0x1a0 [ 856.627681] ? __video_do_ioctl+0x632/0xcd0 [ 856.631985] lowmem_reserve[]: 0 0 0 0 0 [ 856.660780] vb2_create_bufs+0x332/0x620 [ 856.660798] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 856.660812] ? __video_do_ioctl+0x632/0xcd0 [ 856.660825] ? mutex_trylock+0x1a0/0x1a0 [ 856.660838] ? mark_held_locks+0xf0/0xf0 [ 856.660871] vb2_ioctl_create_bufs+0x20d/0x360 [ 856.666754] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10884kB [ 856.670177] ? memset+0x20/0x40 [ 856.673777] Node 0 DMA32: 1067*4kB (UME) 873*8kB (UME) 248*16kB (UME) 39*32kB (UME) 9*64kB (UME) 5*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17940kB [ 856.699615] v4l_create_bufs+0xb2/0x160 [ 856.699632] __video_do_ioctl+0x49a/0xcd0 [ 856.699652] ? v4l_querycap+0x340/0x340 [ 856.699672] ? __might_fault+0x192/0x1d0 [ 856.699686] ? v4l_querycap+0x340/0x340 [ 856.699716] video_usercopy+0x13f/0xfa0 [ 856.704061] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 856.707982] ? v4l_enumstd+0x60/0x60 [ 856.712099] Node 1 Normal: 258*4kB (UME) 237*8kB (M) 184*16kB (UME) 140*32kB (UME) 33*64kB (UME) 15*128kB (UME) 2*256kB (UM) 1*512kB (E) 1*1024kB (E) 1*2048kB (E) 2*4096kB (U) = 26672kB [ 856.740638] ? do_futex+0x171/0x1880 [ 856.740653] ? mark_held_locks+0xf0/0xf0 [ 856.740671] ? debug_check_no_obj_freed+0x201/0x490 [ 856.740692] ? video_usercopy+0xfa0/0xfa0 [ 856.740707] v4l2_ioctl+0x147/0x1a0 [ 856.744964] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 856.749425] ? video_devdata+0xa0/0xa0 [ 856.753726] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 856.757783] do_vfs_ioctl+0xcdb/0x12e0 [ 856.757799] ? lock_downgrade+0x720/0x720 [ 856.757813] ? check_preemption_disabled+0x41/0x280 [ 856.757826] ? ioctl_preallocate+0x200/0x200 [ 856.757844] ? __fget+0x356/0x510 [ 856.762154] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 856.766216] ? do_dup2+0x450/0x450 [ 856.766231] ? __se_sys_futex+0x298/0x3b0 [ 856.766251] ksys_ioctl+0x9b/0xc0 [ 856.766268] __x64_sys_ioctl+0x6f/0xb0 [ 856.766284] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 856.766295] do_syscall_64+0xf9/0x620 [ 856.766313] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 856.766324] RIP: 0033:0x7fb254ef00f9 [ 856.766336] Code: Bad RIP value. [ 856.766343] RSP: 002b:00007fb253462168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 856.766356] RAX: ffffffffffffffda RBX: 00007fb25500ff80 RCX: 00007fb254ef00f9 [ 856.766364] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 856.766372] RBP: 00007fb254f4bae9 R08: 0000000000000000 R09: 0000000000000000 [ 856.766380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 856.766388] R13: 00007ffd8f48045f R14: 00007fb253462300 R15: 0000000000022000 [ 856.784391] Mem-Info: [ 856.784821] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 856.789437] active_anon:15112 inactive_anon:33185 isolated_anon:0 [ 856.789437] active_file:6 inactive_file:22 isolated_file:0 [ 856.789437] unevictable:0 dirty:0 writeback:0 unstable:0 [ 856.789437] slab_reclaimable:14021 slab_unreclaimable:116658 [ 856.789437] mapped:22012 shmem:33740 pagetables:575 bounce:0 [ 856.789437] free:13813 free_pcp:254 free_cma:0 [ 856.793304] 33768 total pagecache pages [ 856.814788] Node 0 active_anon:58168kB inactive_anon:51192kB active_file:36kB inactive_file:36kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 14336kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 856.827876] 0 pages in swap cache [ 856.833040] Node 1 active_anon:2280kB inactive_anon:81548kB active_file:16kB inactive_file:20kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1540kB dirty:0kB writeback:0kB shmem:82200kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 856.836617] Swap cache stats: add 0, delete 0, find 0/0 [ 856.840707] Node 0 DMA free:10884kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 856.861071] Free swap = 0kB [ 856.867902] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 856.884898] Total swap = 0kB [ 856.892348] Node 0 DMA32 free:17920kB min:35996kB low:44992kB high:53988kB active_anon:58168kB inactive_anon:51192kB active_file:36kB inactive_file:36kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7520kB pagetables:2020kB bounce:0kB free_pcp:600kB local_pcp:328kB free_cma:0kB [ 856.893048] 2097051 pages RAM [ 856.897221] lowmem_reserve[]: 0 0 1 1 1 [ 856.897244] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 856.900867] 0 pages HighMem/MovableOnly [ 856.914891] lowmem_reserve[]: 0 0 0 0 0 [ 856.931589] 369649 pages reserved [ 856.940742] Node 1 Normal free:26672kB min:53876kB low:67344kB high:80812kB active_anon:2280kB inactive_anon:81548kB active_file:16kB inactive_file:20kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:352kB pagetables:280kB bounce:0kB free_pcp:500kB local_pcp:248kB free_cma:0kB [ 856.944148] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 856.951930] 0 pages cma reserved [ 856.954208] lowmem_reserve[]: 0 0 0 0 0 [ 856.957178] Unreclaimable slab info: [ 856.961252] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10884kB [ 856.974706] Name Used Total [ 856.985033] Node 0 DMA32: 1066*4kB (ME) 889*8kB (UME) 250*16kB (UME) 35*32kB (UME) 9*64kB (UME) 5*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17968kB [ 856.992587] pid_2 20KB 88KB [ 857.001780] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 857.014019] batadv_tt_change_cache 3KB 7KB [ 857.023379] Node 1 Normal: 258*4kB (UME) 237*8kB (M) 184*16kB (UME) 140*32kB (UME) 33*64kB (UME) 15*128kB (UME) 2*256kB (UM) 1*512kB (E) 1*1024kB (E) 1*2048kB (E) 2*4096kB (U) = 26672kB [ 857.032900] batadv_tl_cache 7KB 16KB [ 857.037285] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 857.050881] TIPC 15KB 37KB [ 857.086885] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 857.113602] SCTPv6 20KB 37KB [ 857.125130] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 857.144308] DCCPv6 17KB 30KB [ 857.157502] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 857.179654] DCCP 16KB 28KB [ 857.188770] 33767 total pagecache pages [ 857.219379] RXRPC 16KB 32KB [ 857.227853] 0 pages in swap cache [ 857.255452] rxrpc_call_jar 112KB 141KB [ 857.261566] Swap cache stats: add 0, delete 0, find 0/0 [ 857.296193] bridge_fdb_cache 13KB 27KB [ 857.305785] Free swap = 0kB [ 857.325828] fib6_nodes 233KB 264KB [ 857.341095] Total swap = 0kB [ 857.350713] ip6_dst_cache 797KB 825KB [ 857.353051] 2097051 pages RAM [ 857.360188] RAWv6 101KB 128KB [ 857.380006] 0 pages HighMem/MovableOnly [ 857.389851] UDPv6 37KB 45KB [ 857.399585] 369649 pages reserved [ 857.403741] TCPv6 24KB 30KB [ 857.409119] 0 pages cma reserved [ 857.517498] nf_conntrack 17KB 18KB [ 857.522924] t10_alua_lu_gp_cache 0KB 3KB [ 857.528704] sd_ext_cdb 0KB 7KB [ 857.537717] scsi_sense_cache 1056KB 1060KB [ 857.543100] virtio_scsi_cmd 16KB 16KB [ 857.548514] sgpool-128 8KB 8KB [ 857.557624] sgpool-64 4KB 12KB [ 857.562994] sgpool-32 2KB 15KB [ 857.568421] sgpool-16 1KB 7KB [ 857.573812] sgpool-8 0KB 7KB [ 857.583983] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 857.592454] mqueue_inode_cache 10KB 30KB [ 857.601443] bio_post_read_ctx 14KB 15KB [ 857.613408] bio-2 14KB 15KB [ 857.622059] jfs_mp 7KB 7KB [ 857.637553] cifs_small_rq 15KB 16KB [ 857.642938] cifs_request 67KB 67KB [ 857.651855] cifs_mpx_ids 0KB 7KB [ 857.667559] nfs_commit_data 3KB 14KB [ 857.672965] nfs_write_data 34KB 44KB [ 857.681814] ext4_system_zone 1KB 7KB [ 857.697840] bio-1 1KB 7KB [ 857.703333] pid_namespace 2KB 11KB [ 857.708806] rpc_buffers 17KB 25KB [ 857.723813] rpc_tasks 2KB 7KB [ 857.729294] UNIX 1860KB 1980KB [ 857.744411] tcp_bind_bucket 1KB 4KB [ 857.749806] ip_fib_trie 34KB 43KB [ 857.760304] ip_fib_alias 165KB 193KB [ 857.765719] ip_dst_cache 11KB 20KB [ 857.771082] RAW 60KB 82KB [ 857.776504] UDP 59KB 74KB [ 857.781903] TCP 8KB 16KB [ 857.787431] hugetlbfs_inode_cache 3KB 15KB [ 857.793653] fscache_cookie_jar 1KB 11KB [ 857.799307] eventpoll_pwq 24KB 43KB [ 857.804721] eventpoll_epi 44KB 66KB [ 857.810090] inotify_inode_mark 16KB 39KB [ 857.815607] request_queue 199KB 199KB [ 857.820965] blkdev_requests 1KB 3KB [ 857.826643] blkdev_ioc 24KB 38KB [ 857.832005] bio-0 894KB 896KB [ 857.837428] biovec-max 1600KB 1600KB [ 857.842791] biovec-64 780KB 787KB [ 857.848240] biovec-16 100KB 101KB [ 857.853599] bio_integrity_payload 1KB 8KB [ 857.859369] khugepaged_mm_slot 5KB 34KB [ 857.865091] uid_cache 0KB 4KB [ 857.870452] dmaengine-unmap-2 0KB 3KB [ 857.876625] skbuff_fclone_cache 33KB 45KB [ 857.882169] skbuff_head_cache 9059KB 9060KB [ 857.890408] configfs_dir_cache 3KB 7KB [ 857.896399] file_lock_cache 53KB 91KB [ 857.901766] file_lock_ctx 9KB 11KB [ 857.907177] fsnotify_mark_connector 8KB 23KB [ 857.913064] net_namespace 78KB 78KB [ 857.918480] shmem_inode_cache 8079KB 8252KB [ 857.923842] task_delay_info 199KB 375KB [ 857.929239] taskstats 32KB 49KB [ 857.934669] proc_dir_entry 899KB 1012KB [ 857.940034] pde_opener 14KB 34KB [ 857.945433] seq_file 281KB 496KB [ 857.950821] sigqueue 39KB 63KB [ 857.957473] kernfs_node_cache 18234KB 18533KB [ 857.963099] mnt_cache 173KB 208KB [ 857.968498] filp 6854KB 7620KB [ 857.973994] names_cache 118133KB 118162KB [ 857.979366] iint_cache 30KB 55KB [ 857.984783] key_jar 28KB 135KB [ 857.990142] uts_namespace 2KB 7KB [ 857.998262] nsproxy 1KB 11KB [ 858.003629] vm_area_struct 3402KB 3836KB [ 858.009431] mm_struct 515KB 637KB [ 858.014869] fs_cache 213KB 380KB [ 858.020228] files_cache 680KB 1068KB [ 858.025641] signal_cache 1210KB 1940KB [ 858.031019] sighand_cache 548KB 631KB [ 858.036501] task_struct 5277KB 5346KB [ 858.041872] cred_jar 1850KB 2504KB [ 858.047357] anon_vma_chain 1054KB 1492KB [ 858.052805] anon_vma 126KB 288KB [ 858.058306] pid 119KB 224KB [ 858.063664] Acpi-Operand 156KB 198KB [ 858.069059] Acpi-ParseExt 9KB 11KB [ 858.074599] Acpi-Parse 41KB 47KB [ 858.080137] Acpi-State 52KB 63KB [ 858.085965] Acpi-Namespace 20KB 27KB [ 858.091331] numa_policy 0KB 3KB [ 858.096763] debug_objects_cache 1516KB 1828KB [ 858.104847] trace_event_file 297KB 298KB [ 858.110249] ftrace_event_field 398KB 401KB [ 858.116770] pool_workqueue 136KB 160KB [ 858.123136] page->ptl 512KB 1008KB [ 858.130697] kmalloc-2097152 2050KB 2050KB [ 858.136709] kmalloc-524288 2056KB 2056KB [ 858.143176] kmalloc-262144 1290KB 1290KB [ 858.149843] kmalloc-131072 650KB 650KB [ 858.155930] kmalloc-65536 2640KB 2706KB [ 858.161408] kmalloc-32768 2145KB 2145KB [ 858.166809] kmalloc-16384 1254KB 1320KB [ 858.172770] kmalloc-8192 5337KB 5436KB [ 858.178836] kmalloc-4096 25296KB 25325KB [ 858.184248] kmalloc-2048 17191KB 18500KB [ 858.189897] kmalloc-1024 13324KB 14482KB [ 858.195794] kmalloc-512 16912KB 16912KB [ 858.203789] kmalloc-256 5542KB 6258KB [ 858.209807] kmalloc-128 1296KB 1472KB [ 858.220772] kmalloc-96 3549KB 4076KB [ 858.227123] kmalloc-64 2726KB 3888KB [ 858.233067] kmalloc-32 2005KB 2543KB [ 858.243579] kmalloc-192 2104KB 2876KB [ 858.249570] kmem_cache 177KB 183KB [ 858.260750] Out of memory (oom_kill_allocating_task): Kill process 7637 (in:imklog) score 0 or sacrifice child [ 858.271415] Killed process 7635 (rsyslogd) total-vm:254332kB, anon-rss:520kB, file-rss:0kB, shmem-rss:0kB [ 858.287762] oom_reaper: reaped process 7635 (rsyslogd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 02:37:11 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:37:11 executing program 3: ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:11 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(0x0, &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) 02:37:11 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:37:11 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:11 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:11 executing program 3: ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:11 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(0x0, &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) 02:37:11 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:37:11 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:11 executing program 2: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:37:11 executing program 3: ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:11 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(0x0, &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) 02:37:11 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) [ 866.433956] oom_reaper: reaped process 7704 (syz-executor.1), now anon-rss:0kB, file-rss:14332kB, shmem-rss:8kB [ 866.469565] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 866.492856] in:imklog cpuset=/ mems_allowed=0-1 [ 866.499786] CPU: 0 PID: 7686 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 866.507193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 866.516547] Call Trace: [ 866.519140] dump_stack+0x1fc/0x2ef [ 866.522789] dump_header+0x15d/0xc3f [ 866.526506] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 866.531609] ? ___ratelimit+0x319/0x590 [ 866.535708] oom_kill_process.cold+0x10/0x692 [ 866.540207] ? check_preemption_disabled+0x41/0x280 [ 866.545251] ? has_intersects_mems_allowed+0x1d6/0x290 [ 866.550667] out_of_memory+0x1072/0x1390 [ 866.554747] ? oom_killer_disable+0x270/0x270 [ 866.559250] ? mutex_trylock+0x15f/0x1a0 [ 866.563309] __alloc_pages_nodemask+0x23a2/0x2890 [ 866.568331] ? find_get_entry+0x4cd/0x8a0 [ 866.572514] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 866.577474] alloc_pages_current+0x193/0x2a0 [ 866.581874] filemap_fault+0x146e/0x2180 [ 866.585936] ext4_filemap_fault+0x84/0xb0 [ 866.590088] __do_fault+0x10b/0x4b0 [ 866.593717] __handle_mm_fault+0x273b/0x41c0 [ 866.598202] ? vm_insert_page+0x9c0/0x9c0 [ 866.602343] ? lock_downgrade+0x720/0x720 [ 866.606484] ? check_preemption_disabled+0x41/0x280 [ 866.611507] handle_mm_fault+0x436/0xb10 [ 866.615569] __do_page_fault+0x68e/0xd60 [ 866.619813] ? trace_hardirqs_off_caller+0x6e/0x210 [ 866.624836] ? spurious_fault+0x840/0x840 [ 866.628973] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 866.633810] ? page_fault+0x8/0x30 [ 866.637341] page_fault+0x1e/0x30 [ 866.640780] RIP: 0033:0x7fac1b2fc22d [ 866.644484] Code: Bad RIP value. [ 866.647836] RSP: 002b:00007fac18c98580 EFLAGS: 00010293 [ 866.653219] RAX: 0000000000000076 RBX: 0000000000000000 RCX: 00007fac1b2fc22d [ 866.660470] RDX: 0000000000001fa0 RSI: 00007fac18c98da0 RDI: 0000000000000004 [ 866.667722] RBP: 00005579aec119d0 R08: 0000000000000000 R09: 0000000000000000 [ 866.674974] R10: 2ce33e6c02ce33e7 R11: 0000000000000293 R12: 00007fac18c98da0 [ 866.682224] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007fac18c9a648 [ 866.695691] syz-executor.1: vmalloc: allocation failure, allocated 1691873280 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 866.697498] Mem-Info: [ 866.711387] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 866.712680] active_anon:14604 inactive_anon:33185 isolated_anon:0 [ 866.712680] active_file:28 inactive_file:18 isolated_file:0 [ 866.712680] unevictable:0 dirty:9 writeback:3 unstable:0 [ 866.712680] slab_reclaimable:14159 slab_unreclaimable:119463 [ 866.712680] mapped:22058 shmem:33740 pagetables:562 bounce:0 [ 866.712680] free:13876 free_pcp:853 free_cma:0 [ 866.725539] CPU: 0 PID: 7704 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 866.750825] Node 0 active_anon:55504kB inactive_anon:51188kB active_file:96kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86528kB dirty:12kB writeback:8kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 14336kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 866.758534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 866.758539] Call Trace: [ 866.758558] dump_stack+0x1fc/0x2ef [ 866.758579] warn_alloc.cold+0x7b/0x18f [ 866.758595] ? zone_watermark_ok_safe+0x260/0x260 [ 866.758611] ? retint_kernel+0x2d/0x2d [ 866.786446] Node 1 active_anon:2912kB inactive_anon:81552kB active_file:16kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1704kB dirty:24kB writeback:4kB shmem:82204kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 866.795746] ? policy_node+0xeb/0x140 [ 866.795773] __vmalloc_area_node+0x4fd/0x780 [ 866.798345] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 866.801999] ? __vmalloc_node_range+0x180/0x180 [ 866.805977] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 866.810789] ? _raw_spin_unlock+0x29/0x40 [ 866.814664] Node 0 DMA32 free:17924kB min:35996kB low:44992kB high:53988kB active_anon:55504kB inactive_anon:51188kB active_file:44kB inactive_file:36kB unevictable:0kB writepending:120kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7392kB pagetables:1912kB bounce:0kB free_pcp:1820kB local_pcp:384kB free_cma:0kB [ 866.842144] ? __get_vm_area_node+0x2e2/0x3a0 [ 866.842162] __vmalloc_node_range+0xed/0x180 [ 866.842179] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 866.852249] lowmem_reserve[]: 0 0 1 1 1 [ 866.876943] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 866.876958] vmalloc_user+0x70/0xe0 [ 866.876972] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 866.876990] vb2_vmalloc_alloc+0xb3/0x2f0 [ 866.882185] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 866.886686] __vb2_queue_alloc+0x472/0xe60 [ 866.886718] vb2_core_create_bufs+0x273/0x7e0 [ 866.890861] lowmem_reserve[]: 0 0 0 0 0 [ 866.920036] ? __vb2_queue_free+0x870/0x870 [ 866.920053] ? mutex_trylock+0x1a0/0x1a0 [ 866.920068] ? __video_do_ioctl+0x632/0xcd0 [ 866.920086] vb2_create_bufs+0x332/0x620 [ 866.920122] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 866.924660] Node 1 Normal free:26700kB min:53876kB low:67344kB high:80812kB active_anon:2912kB inactive_anon:81552kB active_file:96kB inactive_file:8kB unevictable:0kB writepending:128kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:336kB bounce:0kB free_pcp:1592kB local_pcp:1472kB free_cma:0kB [ 866.929015] ? __video_do_ioctl+0x632/0xcd0 [ 866.929031] ? mutex_trylock+0x1a0/0x1a0 [ 866.933488] lowmem_reserve[]: 0 0 0 0 0 [ 866.937444] ? mark_held_locks+0xf0/0xf0 [ 866.942800] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 866.946439] vb2_ioctl_create_bufs+0x20d/0x360 [ 866.946453] ? memset+0x20/0x40 [ 866.946470] v4l_create_bufs+0xb2/0x160 [ 866.946491] __video_do_ioctl+0x49a/0xcd0 [ 866.950787] Node 0 DMA32: 1045*4kB (ME) 890*8kB (UME) 248*16kB (UME) 31*32kB (ME) 6*64kB (UME) 4*128kB (UM) 1*256kB (U) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 17924kB [ 866.955113] ? v4l_querycap+0x340/0x340 [ 866.955131] ? __might_fault+0x192/0x1d0 [ 866.955149] ? v4l_querycap+0x340/0x340 [ 866.981109] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 866.985308] video_usercopy+0x13f/0xfa0 [ 866.985331] ? v4l_enumstd+0x60/0x60 [ 866.989812] Node 1 Normal: 320*4kB (ME) 225*8kB (M) 159*16kB (ME) 71*32kB (UME) 33*64kB (UME) 9*128kB (M) 2*256kB (M) 2*512kB (ME) 2*1024kB (UE) 2*2048kB (UE) 2*4096kB (U) = 27032kB [ 866.993790] ? do_futex+0x171/0x1880 [ 866.993805] ? mark_held_locks+0xf0/0xf0 [ 866.993824] ? debug_check_no_obj_freed+0x201/0x490 [ 866.998210] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 867.002283] ? video_usercopy+0xfa0/0xfa0 [ 867.006627] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 867.010667] v4l2_ioctl+0x147/0x1a0 [ 867.015773] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 867.044708] ? video_devdata+0xa0/0xa0 [ 867.044724] do_vfs_ioctl+0xcdb/0x12e0 [ 867.044741] ? lock_downgrade+0x720/0x720 [ 867.049039] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 867.053083] ? check_preemption_disabled+0x41/0x280 [ 867.053097] ? ioctl_preallocate+0x200/0x200 [ 867.053115] ? __fget+0x356/0x510 [ 867.057059] 33783 total pagecache pages [ 867.061119] ? do_dup2+0x450/0x450 [ 867.074492] 0 pages in swap cache [ 867.079303] ? __se_sys_futex+0x298/0x3b0 [ 867.082582] Swap cache stats: add 0, delete 0, find 0/0 [ 867.086824] ksys_ioctl+0x9b/0xc0 [ 867.086839] __x64_sys_ioctl+0x6f/0xb0 [ 867.086857] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 867.090984] Free swap = 0kB [ 867.106193] do_syscall_64+0xf9/0x620 [ 867.106211] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 867.106228] RIP: 0033:0x7f887ce110f9 [ 867.110194] Total swap = 0kB [ 867.114268] Code: Bad RIP value. [ 867.114276] RSP: 002b:00007f887b383168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 867.114291] RAX: ffffffffffffffda RBX: 00007f887cf30f80 RCX: 00007f887ce110f9 [ 867.118258] 2097051 pages RAM [ 867.129258] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 867.129265] RBP: 00007f887ce6cae9 R08: 0000000000000000 R09: 0000000000000000 [ 867.129273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 867.129279] R13: 00007ffdf6230cbf R14: 00007f887b383300 R15: 0000000000022000 [ 867.143929] Mem-Info: [ 867.168015] 0 pages HighMem/MovableOnly [ 867.189040] active_anon:14581 inactive_anon:33185 isolated_anon:0 [ 867.189040] active_file:13 inactive_file:13 isolated_file:0 [ 867.189040] unevictable:0 dirty:0 writeback:0 unstable:0 [ 867.189040] slab_reclaimable:14156 slab_unreclaimable:119483 [ 867.189040] mapped:22043 shmem:33740 pagetables:561 bounce:0 [ 867.189040] free:13959 free_pcp:860 free_cma:0 [ 867.210863] 369649 pages reserved [ 867.216187] Node 0 active_anon:55416kB inactive_anon:51188kB active_file:40kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 12288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 867.225382] 0 pages cma reserved [ 867.227568] Node 1 active_anon:2908kB inactive_anon:81552kB active_file:12kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1664kB dirty:0kB writeback:0kB shmem:82204kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 867.231877] Unreclaimable slab info: [ 867.239861] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 867.251425] Name Used Total [ 867.256254] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 867.263034] pid_2 22KB 88KB [ 867.263643] Node 0 DMA32 free:17924kB min:35996kB low:44992kB high:53988kB active_anon:55416kB inactive_anon:51188kB active_file:40kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7392kB pagetables:1908kB bounce:0kB free_pcp:1848kB local_pcp:1464kB free_cma:0kB [ 867.268233] batadv_tt_change_cache 2KB 7KB [ 867.271148] lowmem_reserve[]: 0 0 1 1 1 [ 867.288995] batadv_tl_cache 7KB 16KB [ 867.290418] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 867.301625] TIPC 10KB 37KB [ 867.309833] lowmem_reserve[]: 0 0 0 0 0 [ 867.322963] SCTPv6 20KB 37KB [ 867.332851] Node 1 Normal free:27032kB min:53876kB low:67344kB high:80812kB active_anon:2908kB inactive_anon:81552kB active_file:12kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:336kB bounce:0kB free_pcp:1592kB local_pcp:120kB free_cma:0kB [ 867.346213] DCCPv6 17KB 30KB [ 867.346227] DCCP 16KB 28KB [ 867.346268] RXRPC 11KB 26KB [ 867.346276] rxrpc_call_jar 83KB 118KB [ 867.346288] bridge_fdb_cache 13KB 27KB [ 867.346316] fib6_nodes 216KB 264KB [ 867.390168] lowmem_reserve[]: 0 0 0 0 0 [ 867.414276] ip6_dst_cache 716KB 817KB [ 867.448133] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 867.485233] RAWv6 101KB 128KB [ 867.487535] Node 0 DMA32: 1045*4kB (ME) 892*8kB (UME) 250*16kB (UME) 31*32kB (ME) 6*64kB (UME) 4*128kB (UM) 1*256kB (U) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 17972kB [ 867.532192] UDPv6 31KB 45KB [ 867.533603] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 867.566183] TCPv6 27KB 36KB [ 867.577161] Node 1 Normal: 320*4kB (ME) 225*8kB (M) 159*16kB (ME) 71*32kB (UME) 33*64kB (UME) 9*128kB (M) 2*256kB (M) 2*512kB (ME) 2*1024kB (UE) 2*2048kB (UE) 2*4096kB (U) = 27032kB [ 867.614498] nf_conntrack 18KB 18KB [ 867.629667] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 867.633822] t10_alua_lu_gp_cache 0KB 3KB [ 867.635825] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 867.639606] sd_ext_cdb 0KB 7KB [ 867.648463] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 867.668874] scsi_sense_cache 1056KB 1060KB [ 867.682346] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 867.695242] virtio_scsi_cmd 16KB 16KB [ 867.698801] 33766 total pagecache pages [ 867.700858] sgpool-128 8KB 8KB [ 867.720225] 0 pages in swap cache [ 867.732348] sgpool-64 4KB 12KB [ 867.736499] Swap cache stats: add 0, delete 0, find 0/0 [ 867.739319] sgpool-32 2KB 15KB [ 867.752160] Free swap = 0kB [ 867.757218] sgpool-16 1KB 7KB [ 867.765183] Total swap = 0kB [ 867.778189] sgpool-8 0KB 7KB [ 867.780927] 2097051 pages RAM [ 867.789308] mqueue_inode_cache 10KB 30KB [ 867.792426] 0 pages HighMem/MovableOnly [ 867.800219] bio_post_read_ctx 14KB 15KB [ 867.805930] 369649 pages reserved [ 867.813048] bio-2 14KB 15KB [ 867.813151] 0 pages cma reserved [ 867.818465] jfs_mp 7KB 7KB [ 867.875255] cifs_small_rq 15KB 16KB [ 867.880650] cifs_request 67KB 67KB [ 867.897555] cifs_mpx_ids 0KB 7KB [ 867.907899] nfs_commit_data 3KB 14KB [ 867.919970] nfs_write_data 34KB 44KB [ 867.928983] ext4_system_zone 1KB 7KB [ 867.940990] bio-1 1KB 7KB [ 867.946503] pid_namespace 2KB 11KB [ 867.951880] rpc_buffers 17KB 25KB [ 867.963667] rpc_tasks 2KB 7KB [ 867.969041] UNIX 1269KB 1421KB [ 867.977566] tcp_bind_bucket 1KB 4KB [ 867.986378] ip_fib_trie 32KB 43KB [ 867.991745] ip_fib_alias 154KB 193KB [ 868.000454] ip_dst_cache 11KB 20KB [ 868.009136] RAW 60KB 82KB [ 868.017573] UDP 64KB 74KB [ 868.026088] TCP 11KB 22KB [ 868.031467] hugetlbfs_inode_cache 3KB 15KB [ 868.040138] fscache_cookie_jar 1KB 11KB [ 868.052923] eventpoll_pwq 28KB 43KB [ 868.061484] eventpoll_epi 52KB 66KB [ 868.074740] inotify_inode_mark 24KB 39KB [ 868.080216] request_queue 199KB 199KB [ 868.094367] blkdev_requests 1KB 3KB [ 868.099742] blkdev_ioc 25KB 38KB [ 868.112723] bio-0 1092KB 1095KB [ 868.121372] biovec-max 1658KB 1658KB [ 868.133674] biovec-64 936KB 945KB [ 868.139045] biovec-16 107KB 108KB [ 868.151089] bio_integrity_payload 1KB 8KB [ 868.156896] khugepaged_mm_slot 5KB 34KB [ 868.162356] uid_cache 0KB 4KB [ 868.174404] dmaengine-unmap-2 0KB 3KB [ 868.179788] skbuff_fclone_cache 37KB 48KB [ 868.185405] skbuff_head_cache 8278KB 8951KB [ 868.190765] configfs_dir_cache 3KB 7KB [ 868.202326] file_lock_cache 68KB 91KB [ 868.207739] file_lock_ctx 9KB 11KB [ 868.219662] fsnotify_mark_connector 13KB 23KB [ 868.225820] net_namespace 78KB 78KB [ 868.231182] shmem_inode_cache 8102KB 8248KB [ 868.243110] task_delay_info 152KB 371KB [ 868.248574] taskstats 39KB 49KB [ 868.257426] proc_dir_entry 870KB 1001KB [ 868.262818] pde_opener 13KB 34KB [ 868.271529] seq_file 306KB 496KB [ 868.280098] sigqueue 40KB 63KB [ 868.288592] kernfs_node_cache 18234KB 18533KB [ 868.297473] mnt_cache 173KB 208KB [ 868.306530] filp 6874KB 7620KB [ 868.311912] names_cache 129170KB 129208KB [ 868.320566] iint_cache 33KB 55KB [ 868.329162] key_jar 30KB 135KB [ 868.338056] uts_namespace 2KB 7KB [ 868.346483] nsproxy 1KB 11KB [ 868.351992] vm_area_struct 3490KB 3832KB [ 868.360707] mm_struct 528KB 637KB [ 868.369253] fs_cache 147KB 376KB [ 868.380001] files_cache 567KB 967KB [ 868.390764] signal_cache 1027KB 1804KB [ 868.401552] sighand_cache 548KB 631KB [ 868.412178] task_struct 4671KB 4747KB [ 868.422875] cred_jar 1812KB 2504KB [ 868.433765] anon_vma_chain 1115KB 1492KB [ 868.439152] anon_vma 145KB 288KB [ 868.452999] pid 86KB 224KB [ 868.458374] Acpi-Operand 156KB 198KB [ 868.473347] Acpi-ParseExt 9KB 11KB [ 868.478730] Acpi-Parse 41KB 47KB [ 868.494155] Acpi-State 52KB 63KB [ 868.499651] Acpi-Namespace 20KB 27KB [ 868.509443] numa_policy 0KB 3KB [ 868.516551] debug_objects_cache 1516KB 1828KB [ 868.522092] trace_event_file 297KB 298KB [ 868.530748] ftrace_event_field 398KB 401KB [ 868.539663] pool_workqueue 127KB 160KB [ 868.551015] page->ptl 538KB 1008KB [ 868.558172] kmalloc-2097152 2050KB 2050KB [ 868.566764] kmalloc-524288 2056KB 2056KB [ 868.572139] kmalloc-262144 1290KB 1290KB [ 868.579136] kmalloc-131072 650KB 650KB [ 868.588126] kmalloc-65536 2640KB 2706KB [ 868.595778] kmalloc-32768 2046KB 2046KB [ 868.601710] kmalloc-16384 1188KB 1254KB [ 868.610845] kmalloc-8192 4644KB 4760KB [ 868.618822] kmalloc-4096 22865KB 22903KB [ 868.628572] kmalloc-2048 14998KB 17059KB [ 868.636530] kmalloc-1024 11880KB 14285KB [ 868.642272] kmalloc-512 16217KB 16871KB [ 868.651924] kmalloc-256 5143KB 6247KB [ 868.659826] kmalloc-128 1230KB 1472KB [ 868.669112] kmalloc-96 3602KB 4076KB [ 868.677549] kmalloc-64 2654KB 3888KB [ 868.702948] kmalloc-32 2001KB 2543KB [ 868.708533] kmalloc-192 1972KB 2872KB [ 868.733526] kmem_cache 177KB 183KB [ 868.738928] Out of memory (oom_kill_allocating_task): Kill process 7686 (in:imklog) score 0 or sacrifice child [ 868.762977] Killed process 7684 (rsyslogd) total-vm:254332kB, anon-rss:520kB, file-rss:0kB, shmem-rss:0kB [ 868.784688] oom_reaper: reaped process 7684 (rsyslogd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 871.025147] ieee802154 phy0 wpan0: encryption failed: -22 [ 871.030757] ieee802154 phy1 wpan1: encryption failed: -22 02:37:22 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:37:22 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:37:22 executing program 2: semtimedop(0x0, 0x0, 0x0, &(0x7f0000000500)) 02:37:22 executing program 3: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:22 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:22 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), 0x0, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) 02:37:22 executing program 1: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:22 executing program 1: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:22 executing program 2: semtimedop(0x0, 0x0, 0x0, &(0x7f0000000500)) 02:37:22 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), 0x0, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) 02:37:22 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "80454e17"}, 0x0, 0x4, {}, 0xffff}) 02:37:22 executing program 2: semtimedop(0x0, 0x0, 0x0, &(0x7f0000000500)) 02:37:22 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:22 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "80454e17"}}) 02:37:22 executing program 3: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:22 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}], 0x2, &(0x7f0000000500)) 02:37:22 executing program 1: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:22 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), 0x0, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, r1, r1) 02:37:22 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:22 executing program 3: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:22 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}], 0x1, &(0x7f0000000500)) 02:37:22 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) ioctl$vim2m_VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:22 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, 0x0, 0x0, r0) keyctl$unlink(0x9, r1, r1) 02:37:22 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:37:22 executing program 2: semtimedop(0x0, &(0x7f0000000480), 0x0, &(0x7f0000000500)) 02:37:22 executing program 5: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:22 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) ioctl$vim2m_VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:22 executing program 3: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:22 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, 0x0, 0x0, r0) keyctl$unlink(0x9, r1, r1) 02:37:22 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:37:22 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:22 executing program 2: semtimedop(0x0, &(0x7f0000000480), 0x0, &(0x7f0000000500)) 02:37:22 executing program 3: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:22 executing program 4: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) ioctl$vim2m_VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:22 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:37:22 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, 0x0, 0x0, r0) keyctl$unlink(0x9, r1, r1) 02:37:22 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:22 executing program 2: semtimedop(0x0, &(0x7f0000000480), 0x0, &(0x7f0000000500)) 02:37:22 executing program 3: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:22 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:22 executing program 0: add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, 0x0) keyctl$unlink(0x9, r0, r0) 02:37:22 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:22 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{0x0, 0x7}], 0x1, &(0x7f0000000500)) 02:37:22 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:22 executing program 0: add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, 0x0) keyctl$unlink(0x9, r0, r0) 02:37:22 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{}], 0x1, &(0x7f0000000500)) 02:37:22 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:22 executing program 0: add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, 0x0) keyctl$unlink(0x9, r0, r0) [ 877.481749] oom_reaper: reaped process 7829 (syz-executor.5), now anon-rss:0kB, file-rss:14336kB, shmem-rss:12kB [ 877.520282] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 877.531817] in:imklog cpuset=/ mems_allowed=0-1 [ 877.541051] CPU: 0 PID: 7734 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 877.548423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 877.557781] Call Trace: [ 877.560383] dump_stack+0x1fc/0x2ef [ 877.564023] dump_header+0x15d/0xc3f [ 877.567770] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 877.572966] ? ___ratelimit+0x319/0x590 [ 877.576947] oom_kill_process.cold+0x10/0x692 [ 877.581445] ? check_preemption_disabled+0x41/0x280 [ 877.586468] ? has_intersects_mems_allowed+0x1d6/0x290 [ 877.591746] out_of_memory+0x1072/0x1390 [ 877.595848] ? oom_killer_disable+0x270/0x270 [ 877.600357] ? mutex_trylock+0x15f/0x1a0 [ 877.604422] __alloc_pages_nodemask+0x23a2/0x2890 [ 877.609271] ? find_get_entry+0x4cd/0x8a0 [ 877.613455] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 877.618328] alloc_pages_current+0x193/0x2a0 [ 877.622756] filemap_fault+0x146e/0x2180 [ 877.626821] ext4_filemap_fault+0x84/0xb0 [ 877.630953] __do_fault+0x10b/0x4b0 [ 877.635187] __handle_mm_fault+0x273b/0x41c0 [ 877.639584] ? vm_insert_page+0x9c0/0x9c0 [ 877.643833] ? lock_downgrade+0x720/0x720 [ 877.648017] ? check_preemption_disabled+0x41/0x280 [ 877.653029] handle_mm_fault+0x436/0xb10 [ 877.657102] __do_page_fault+0x68e/0xd60 [ 877.661151] ? trace_hardirqs_off_caller+0x6e/0x210 [ 877.667195] ? spurious_fault+0x840/0x840 [ 877.671436] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 877.676303] ? page_fault+0x8/0x30 [ 877.679845] page_fault+0x1e/0x30 [ 877.683283] RIP: 0033:0x7fd21989022d [ 877.686986] Code: Bad RIP value. [ 877.690524] RSP: 002b:00007fd21722c580 EFLAGS: 00010293 [ 877.695886] RAX: 0000000000000077 RBX: 0000000000000000 RCX: 00007fd21989022d [ 877.703159] RDX: 0000000000001fa0 RSI: 00007fd21722cda0 RDI: 0000000000000004 [ 877.710412] RBP: 000055e88a0a49d0 R08: 0000000000000000 R09: 0000000000000000 [ 877.717685] R10: 2ce33e6c02ce33e7 R11: 0000000000000293 R12: 00007fd21722cda0 [ 877.724949] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007fd21722ce20 [ 877.732736] Mem-Info: [ 877.735177] active_anon:16191 inactive_anon:33185 isolated_anon:0 [ 877.735177] active_file:27 inactive_file:28 isolated_file:0 [ 877.735177] unevictable:0 dirty:2 writeback:1 unstable:0 [ 877.735177] slab_reclaimable:14451 slab_unreclaimable:122844 [ 877.735177] mapped:22097 shmem:33740 pagetables:592 bounce:0 [ 877.735177] free:13798 free_pcp:829 free_cma:0 [ 877.745679] syz-executor.5: vmalloc: allocation failure, allocated 1670098944 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 877.770448] Node 0 active_anon:61844kB inactive_anon:51188kB active_file:96kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86576kB dirty:8kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 20480kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 877.796481] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 877.810240] Node 1 active_anon:2920kB inactive_anon:81552kB active_file:12kB inactive_file:68kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1812kB dirty:0kB writeback:4kB shmem:82204kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 877.823651] CPU: 1 PID: 7829 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 877.843107] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 877.850240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 877.880814] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 877.891950] Call Trace: [ 877.891972] dump_stack+0x1fc/0x2ef [ 877.891990] warn_alloc.cold+0x7b/0x18f [ 877.892010] ? zone_watermark_ok_safe+0x260/0x260 [ 877.897046] Node 0 DMA32 free:18680kB min:35996kB low:44992kB high:53988kB active_anon:61752kB inactive_anon:51188kB active_file:36kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7456kB pagetables:2032kB bounce:0kB free_pcp:1976kB local_pcp:1472kB free_cma:0kB [ 877.899591] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 877.903254] lowmem_reserve[]: 0 0 1 1 1 [ 877.907172] ? retint_kernel+0x2d/0x2d [ 877.911990] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 877.941151] __vmalloc_area_node+0x4fd/0x780 [ 877.941172] ? __vmalloc_node_range+0x180/0x180 [ 877.941189] ? _raw_spin_unlock+0x29/0x40 [ 877.946008] lowmem_reserve[]: 0 0 0 0 0 [ 877.949888] ? __get_vm_area_node+0x2e2/0x3a0 [ 877.953804] Node 1 Normal free:27220kB min:53876kB low:67344kB high:80812kB active_anon:2928kB inactive_anon:81552kB active_file:12kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:332kB bounce:0kB free_pcp:1520kB local_pcp:4kB free_cma:0kB [ 877.979614] __vmalloc_node_range+0xed/0x180 [ 877.979632] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 877.979648] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 877.979660] vmalloc_user+0x70/0xe0 [ 877.979672] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 877.979684] vb2_vmalloc_alloc+0xb3/0x2f0 [ 877.979698] __vb2_queue_alloc+0x472/0xe60 [ 877.979725] vb2_core_create_bufs+0x273/0x7e0 [ 877.979740] ? __vb2_queue_free+0x870/0x870 [ 877.979757] ? mutex_trylock+0x1a0/0x1a0 [ 877.979774] ? __video_do_ioctl+0x632/0xcd0 [ 877.979791] vb2_create_bufs+0x332/0x620 [ 877.979809] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 877.979823] ? __video_do_ioctl+0x632/0xcd0 [ 877.979836] ? mutex_trylock+0x1a0/0x1a0 [ 877.979852] ? mark_held_locks+0xf0/0xf0 [ 877.979872] vb2_ioctl_create_bufs+0x20d/0x360 [ 877.979888] ? memset+0x20/0x40 [ 877.979905] v4l_create_bufs+0xb2/0x160 [ 877.979924] __video_do_ioctl+0x49a/0xcd0 [ 877.979945] ? v4l_querycap+0x340/0x340 [ 877.979964] ? __might_fault+0x192/0x1d0 [ 877.979982] ? v4l_querycap+0x340/0x340 [ 877.979998] video_usercopy+0x13f/0xfa0 [ 877.980021] ? v4l_enumstd+0x60/0x60 [ 877.980036] ? do_futex+0x171/0x1880 [ 877.980052] ? mark_held_locks+0xf0/0xf0 [ 877.980071] ? debug_check_no_obj_freed+0x201/0x490 [ 877.980095] ? video_usercopy+0xfa0/0xfa0 [ 877.980107] v4l2_ioctl+0x147/0x1a0 [ 877.980121] ? video_devdata+0xa0/0xa0 [ 877.980137] do_vfs_ioctl+0xcdb/0x12e0 [ 877.980152] ? lock_downgrade+0x720/0x720 [ 877.980168] ? check_preemption_disabled+0x41/0x280 [ 877.980183] ? ioctl_preallocate+0x200/0x200 [ 877.980202] ? __fget+0x356/0x510 [ 877.980218] ? do_dup2+0x450/0x450 [ 877.980234] ? __se_sys_futex+0x298/0x3b0 [ 877.980257] ksys_ioctl+0x9b/0xc0 [ 877.980274] __x64_sys_ioctl+0x6f/0xb0 [ 877.980288] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 877.980302] do_syscall_64+0xf9/0x620 [ 877.980322] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 877.980334] RIP: 0033:0x7fb9b1ecd0f9 [ 877.980348] Code: Bad RIP value. [ 877.980355] RSP: 002b:00007fb9b043f168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 877.980369] RAX: ffffffffffffffda RBX: 00007fb9b1fecf80 RCX: 00007fb9b1ecd0f9 [ 877.980377] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 877.980385] RBP: 00007fb9b1f28ae9 R08: 0000000000000000 R09: 0000000000000000 [ 877.980392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 877.980401] R13: 00007ffd6a14577f R14: 00007fb9b043f300 R15: 0000000000022000 [ 878.005790] Mem-Info: [ 878.033127] lowmem_reserve[]: 0 0 0 0 0 [ 878.047912] active_anon:16170 inactive_anon:33185 isolated_anon:0 [ 878.047912] active_file:12 inactive_file:13 isolated_file:0 [ 878.047912] unevictable:0 dirty:0 writeback:0 unstable:0 [ 878.047912] slab_reclaimable:14448 slab_unreclaimable:122624 [ 878.047912] mapped:22080 shmem:33740 pagetables:591 bounce:0 [ 878.047912] free:14192 free_pcp:875 free_cma:0 [ 878.049595] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 878.058618] Node 0 active_anon:61752kB inactive_anon:51188kB active_file:36kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 18432kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 878.067874] Node 0 DMA32: 896*4kB (ME) 933*8kB (UME) 280*16kB (UME) 41*32kB (UME) 14*64kB (UME) 6*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18760kB [ 878.078679] Node 1 active_anon:2928kB inactive_anon:81552kB active_file:12kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1812kB dirty:0kB writeback:0kB shmem:82204kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 878.079742] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 878.088512] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 878.091034] Node 1 Normal: 315*4kB (ME) 239*8kB (UM) 155*16kB (UM) 68*32kB (M) 33*64kB (UM) 11*128kB (UME) 4*256kB (UME) 1*512kB (M) 2*1024kB (UE) 2*2048kB (UE) 2*4096kB (U) = 27220kB [ 878.099932] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 878.101511] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 878.110767] Node 0 DMA32 free:18680kB min:35996kB low:44992kB high:53988kB active_anon:61752kB inactive_anon:51188kB active_file:36kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7456kB pagetables:2032kB bounce:0kB free_pcp:1980kB local_pcp:508kB free_cma:0kB [ 878.114710] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 878.123180] lowmem_reserve[]: 0 0 1 1 1 [ 878.125640] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 878.129561] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 878.136911] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 878.146597] lowmem_reserve[]: 0 0 0 0 0 [ 878.150381] 33765 total pagecache pages [ 878.159258] Node 1 Normal free:27220kB min:53876kB low:67344kB high:80812kB active_anon:2928kB inactive_anon:81552kB active_file:12kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:332kB bounce:0kB free_pcp:1520kB local_pcp:1516kB free_cma:0kB [ 878.165471] 0 pages in swap cache [ 878.172527] lowmem_reserve[]: 0 0 0 0 0 [ 878.177521] Swap cache stats: add 0, delete 0, find 0/0 [ 878.181931] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 878.191619] Free swap = 0kB [ 878.199870] Node 0 DMA32: 896*4kB (ME) 933*8kB (UME) 280*16kB (UME) 41*32kB (UME) 14*64kB (UME) 6*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18760kB [ 878.200486] Total swap = 0kB [ 878.210022] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 878.214848] 2097051 pages RAM [ 878.223608] Node 1 Normal: 315*4kB (ME) 239*8kB (UM) 155*16kB (UM) 68*32kB (M) 33*64kB (UM) 11*128kB (UME) 4*256kB (UME) 1*512kB (M) 2*1024kB (UE) 2*2048kB (UE) 2*4096kB (U) = 27220kB [ 878.229099] Bluetooth: hci4: command 0x0406 tx timeout [ 878.246035] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 878.252030] 0 pages HighMem/MovableOnly [ 878.265591] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 878.271223] 369649 pages reserved [ 878.284705] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 878.309638] 0 pages cma reserved [ 878.330911] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 878.351392] Unreclaimable slab info: [ 878.374368] 33765 total pagecache pages [ 878.395303] Name Used Total [ 878.413651] 0 pages in swap cache [ 878.432039] pid_2 35KB 88KB [ 878.456407] Swap cache stats: add 0, delete 0, find 0/0 [ 878.462479] batadv_tt_change_cache 0KB 7KB [ 878.492980] Free swap = 0kB [ 878.508148] batadv_tl_cache 4KB 16KB [ 878.516860] Total swap = 0kB [ 878.547153] TIPC 10KB 37KB [ 878.554912] 2097051 pages RAM [ 878.593964] SCTPv6 14KB 24KB [ 878.600881] 0 pages HighMem/MovableOnly [ 878.615648] DCCPv6 17KB 30KB [ 878.635752] 369649 pages reserved [ 878.648332] DCCP 16KB 28KB [ 878.669622] 0 pages cma reserved [ 878.683883] RXRPC 11KB 26KB [ 878.807892] rxrpc_call_jar 78KB 110KB [ 878.813338] bridge_fdb_cache 9KB 23KB [ 878.818710] fib6_nodes 164KB 264KB [ 878.830413] ip6_dst_cache 472KB 723KB [ 878.836863] RAWv6 84KB 128KB [ 878.848625] UDPv6 26KB 37KB [ 878.854072] TCPv6 24KB 30KB [ 878.859723] nf_conntrack 8KB 22KB [ 878.871726] t10_alua_lu_gp_cache 0KB 3KB [ 878.877418] sd_ext_cdb 0KB 7KB [ 878.892936] scsi_sense_cache 1056KB 1060KB [ 878.898756] virtio_scsi_cmd 16KB 16KB [ 878.907480] sgpool-128 8KB 8KB [ 878.916173] sgpool-64 4KB 12KB [ 878.921638] sgpool-32 2KB 15KB [ 878.930490] sgpool-16 1KB 7KB [ 878.941272] sgpool-8 0KB 7KB [ 878.949894] mqueue_inode_cache 10KB 30KB [ 878.958913] bio_post_read_ctx 14KB 15KB [ 878.970714] bio-2 14KB 15KB [ 878.979726] jfs_mp 7KB 7KB [ 878.990086] cifs_small_rq 15KB 16KB [ 878.998800] cifs_request 67KB 67KB [ 879.007812] cifs_mpx_ids 0KB 7KB [ 879.016899] nfs_commit_data 3KB 14KB [ 879.025821] nfs_write_data 34KB 44KB [ 879.031237] ext4_system_zone 1KB 7KB [ 879.039876] bio-1 1KB 7KB [ 879.048609] pid_namespace 2KB 11KB [ 879.057340] rpc_buffers 17KB 25KB [ 879.066336] rpc_tasks 2KB 7KB [ 879.071705] UNIX 682KB 810KB [ 879.080463] tcp_bind_bucket 1KB 4KB [ 879.090924] ip_fib_trie 24KB 43KB [ 879.099856] ip_fib_alias 118KB 193KB [ 879.108560] ip_dst_cache 9KB 20KB [ 879.117331] RAW 60KB 82KB [ 879.126325] UDP 64KB 74KB [ 879.131699] TCP 8KB 16KB [ 879.140310] hugetlbfs_inode_cache 3KB 15KB [ 879.149464] fscache_cookie_jar 1KB 11KB [ 879.159318] eventpoll_pwq 25KB 43KB [ 879.168051] eventpoll_epi 47KB 66KB [ 879.176851] inotify_inode_mark 21KB 39KB [ 879.185927] request_queue 199KB 199KB [ 879.196340] blkdev_requests 1KB 3KB [ 879.201754] blkdev_ioc 28KB 38KB [ 879.210496] bio-0 1276KB 1278KB [ 879.219442] biovec-max 1658KB 1658KB [ 879.228142] biovec-64 1094KB 1102KB [ 879.236966] biovec-16 116KB 120KB [ 879.245806] bio_integrity_payload 1KB 8KB [ 879.251522] khugepaged_mm_slot 8KB 34KB [ 879.260236] uid_cache 0KB 4KB [ 879.269043] dmaengine-unmap-2 0KB 3KB [ 879.277832] skbuff_fclone_cache 63KB 67KB [ 879.286805] skbuff_head_cache 7054KB 7901KB [ 879.297094] configfs_dir_cache 3KB 7KB [ 879.305772] file_lock_cache 82KB 91KB [ 879.311218] file_lock_ctx 9KB 11KB [ 879.319611] fsnotify_mark_connector 11KB 23KB [ 879.328680] net_namespace 78KB 78KB [ 879.337536] shmem_inode_cache 8152KB 8248KB [ 879.346320] task_delay_info 142KB 371KB [ 879.351692] taskstats 55KB 57KB [ 879.360421] proc_dir_entry 817KB 978KB [ 879.369394] pde_opener 10KB 34KB [ 879.378109] seq_file 318KB 496KB [ 879.386865] sigqueue 47KB 63KB [ 879.398974] kernfs_node_cache 18234KB 18533KB [ 879.405514] mnt_cache 173KB 208KB [ 879.411550] filp 6735KB 7605KB [ 879.419479] names_cache 143573KB 143611KB [ 879.428748] iint_cache 36KB 55KB [ 879.436853] key_jar 34KB 135KB [ 879.446594] uts_namespace 2KB 7KB [ 879.455199] nsproxy 1KB 11KB [ 879.461604] vm_area_struct 3573KB 3813KB [ 879.470687] mm_struct 513KB 630KB [ 879.477791] fs_cache 108KB 360KB [ 879.487862] files_cache 429KB 828KB [ 879.495637] signal_cache 932KB 1703KB [ 879.506863] sighand_cache 543KB 631KB [ 879.514075] task_struct 4942KB 5024KB [ 879.519492] cred_jar 1803KB 2504KB [ 879.529234] anon_vma_chain 1164KB 1492KB [ 879.537306] anon_vma 138KB 288KB [ 879.547058] pid 69KB 224KB [ 879.555345] Acpi-Operand 156KB 198KB [ 879.561337] Acpi-ParseExt 9KB 11KB [ 879.570065] Acpi-Parse 41KB 47KB [ 879.577149] Acpi-State 52KB 63KB [ 879.588106] Acpi-Namespace 20KB 27KB [ 879.613502] numa_policy 0KB 3KB [ 879.618901] debug_objects_cache 1421KB 1828KB [ 879.645099] trace_event_file 297KB 298KB [ 879.650496] ftrace_event_field 398KB 401KB [ 879.673498] pool_workqueue 121KB 152KB [ 879.678900] page->ptl 557KB 1008KB [ 879.706884] kmalloc-2097152 2050KB 2050KB [ 879.714440] kmalloc-524288 2056KB 2056KB [ 879.719815] kmalloc-262144 1290KB 1290KB [ 879.742071] kmalloc-131072 650KB 650KB [ 879.747474] kmalloc-65536 1980KB 2442KB [ 879.765391] kmalloc-32768 1782KB 1980KB [ 879.770781] kmalloc-16384 1056KB 1155KB [ 879.791912] kmalloc-8192 4059KB 4174KB [ 879.797344] kmalloc-4096 18984KB 19044KB [ 879.822095] kmalloc-2048 11523KB 14764KB [ 879.827485] kmalloc-1024 8599KB 13206KB [ 879.832905] kmalloc-512 14665KB 16342KB [ 879.838281] kmalloc-256 4258KB 6153KB [ 879.845224] kmalloc-128 978KB 1472KB [ 879.850608] kmalloc-96 3602KB 4076KB [ 879.858448] kmalloc-64 2457KB 3880KB [ 879.868180] kmalloc-32 1900KB 2543KB [ 879.875228] kmalloc-192 1699KB 2836KB [ 879.880606] kmem_cache 177KB 183KB [ 879.890859] Out of memory (oom_kill_allocating_task): Kill process 7734 (in:imklog) score 0 or sacrifice child [ 879.911114] Killed process 7732 (rsyslogd) total-vm:254332kB, anon-rss:516kB, file-rss:0kB, shmem-rss:0kB [ 879.922848] oom_reaper: reaped process 7732 (rsyslogd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 02:37:33 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{}], 0x1, &(0x7f0000000500)) 02:37:33 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:33 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, 0x0, r1) 02:37:33 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:37:33 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:33 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:33 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, 0x0, 0x0) 02:37:33 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:33 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{}], 0x1, &(0x7f0000000500)) 02:37:33 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, 0x0, 0x0) 02:37:33 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{0x0, 0x7}], 0x1, 0x0) 02:37:33 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:33 executing program 0: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000100)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "eacf15d5b4b98c0500e3608752d117e30b34131edbf01c799692a128baa4c8e1f2eab5347a0f40245882c046f3e03492a5786870ac098c6b74ccc13d9e5100"}, 0x48, r0) keyctl$unlink(0x9, 0x0, 0x0) [ 887.851386] oom_reaper: reaped process 7879 (syz-executor.5), now anon-rss:0kB, file-rss:14336kB, shmem-rss:12kB [ 887.955358] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 887.980897] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 887.985795] CPU: 1 PID: 8085 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 887.993249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 888.002609] Call Trace: [ 888.005207] dump_stack+0x1fc/0x2ef [ 888.008843] dump_header+0x15d/0xc3f [ 888.012563] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 888.017666] ? ___ratelimit+0x319/0x590 [ 888.021650] oom_kill_process.cold+0x10/0x692 [ 888.026158] ? check_preemption_disabled+0x41/0x280 [ 888.031183] ? has_intersects_mems_allowed+0x1d6/0x290 [ 888.036470] out_of_memory+0x1072/0x1390 [ 888.040541] ? oom_killer_disable+0x270/0x270 [ 888.045042] ? mutex_trylock+0x15f/0x1a0 [ 888.049127] __alloc_pages_nodemask+0x23a2/0x2890 [ 888.053979] ? find_get_entry+0x4cd/0x8a0 [ 888.058140] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 888.063030] alloc_pages_current+0x193/0x2a0 [ 888.067438] filemap_fault+0x146e/0x2180 [ 888.071518] ext4_filemap_fault+0x84/0xb0 [ 888.075665] __do_fault+0x10b/0x4b0 [ 888.079274] __handle_mm_fault+0x273b/0x41c0 [ 888.083670] ? vm_insert_page+0x9c0/0x9c0 [ 888.087805] ? __fget+0x356/0x510 [ 888.091270] ? check_preemption_disabled+0x41/0x280 [ 888.096275] handle_mm_fault+0x436/0xb10 [ 888.100357] __do_page_fault+0x68e/0xd60 [ 888.104512] ? trace_hardirqs_off_caller+0x6e/0x210 [ 888.109530] ? spurious_fault+0x840/0x840 [ 888.113671] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 888.118535] ? page_fault+0x8/0x30 [ 888.122083] page_fault+0x1e/0x30 [ 888.125540] RIP: 0033:0x467160 [ 888.128728] Code: Bad RIP value. [ 888.132078] RSP: 002b:000000c00005de48 EFLAGS: 00010246 [ 888.137428] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 000000cebcb1705a [ 888.144683] RDX: 0000000001f4f0b0 RSI: 000000c00005d840 RDI: 0000000000000004 [ 888.151939] RBP: 000000c00005df30 R08: 0000000000000000 R09: 000000cebcb1705a [ 888.159278] R10: 00000000000003e7 R11: 0000000000000246 R12: 000000c00005d870 [ 888.166531] R13: 0000000000000004 R14: 000000c000001860 R15: 0000000000000000 [ 888.177921] Mem-Info: [ 888.180372] active_anon:16200 inactive_anon:33185 isolated_anon:0 [ 888.180372] active_file:15 inactive_file:0 isolated_file:0 [ 888.180372] unevictable:0 dirty:3 writeback:0 unstable:0 [ 888.180372] slab_reclaimable:14610 slab_unreclaimable:122951 [ 888.180372] mapped:22142 shmem:33740 pagetables:592 bounce:0 [ 888.180372] free:13819 free_pcp:124 free_cma:0 [ 888.187904] syz-executor.5: vmalloc: allocation failure, allocated 1672159232 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 888.218735] Node 0 active_anon:62468kB inactive_anon:51192kB active_file:32kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:4kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 20480kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 888.246382] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 888.258728] Node 1 active_anon:2332kB inactive_anon:81548kB active_file:28kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2060kB dirty:8kB writeback:0kB shmem:82200kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 888.271002] CPU: 0 PID: 7879 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 888.291220] Node 0 DMA free:10868kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 888.295561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 888.326744] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 888.331040] Call Trace: [ 888.331063] dump_stack+0x1fc/0x2ef [ 888.331080] warn_alloc.cold+0x7b/0x18f [ 888.331097] ? zone_watermark_ok_safe+0x260/0x260 [ 888.331108] ? retint_kernel+0x2d/0x2d [ 888.331127] ? policy_node+0xeb/0x140 [ 888.336130] Node 0 DMA32 free:17960kB min:35996kB low:44992kB high:53988kB active_anon:62468kB inactive_anon:51192kB active_file:32kB inactive_file:36kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7552kB pagetables:2088kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 888.338723] __vmalloc_area_node+0x4fd/0x780 [ 888.345989] lowmem_reserve[]: 0 0 1 1 1 [ 888.346303] ? __vmalloc_node_range+0x180/0x180 [ 888.351192] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 888.355027] ? _raw_spin_unlock+0x29/0x40 [ 888.359106] lowmem_reserve[]: 0 0 0 0 0 [ 888.387965] ? __get_vm_area_node+0x2e2/0x3a0 [ 888.387984] __vmalloc_node_range+0xed/0x180 [ 888.388000] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 888.388014] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 888.388026] vmalloc_user+0x70/0xe0 [ 888.388038] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 888.388051] vb2_vmalloc_alloc+0xb3/0x2f0 [ 888.388066] __vb2_queue_alloc+0x472/0xe60 [ 888.388092] vb2_core_create_bufs+0x273/0x7e0 [ 888.388106] ? __vb2_queue_free+0x870/0x870 [ 888.388123] ? mutex_trylock+0x1a0/0x1a0 [ 888.395949] Node 1 Normal free:26440kB min:53876kB low:67344kB high:80812kB active_anon:2332kB inactive_anon:81548kB active_file:36kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:352kB pagetables:280kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 888.396665] ? __video_do_ioctl+0x632/0xcd0 [ 888.401403] lowmem_reserve[]: 0 0 0 0 0 [ 888.427200] vb2_create_bufs+0x332/0x620 [ 888.427219] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 888.427233] ? __video_do_ioctl+0x632/0xcd0 [ 888.427247] ? mutex_trylock+0x1a0/0x1a0 [ 888.427261] ? mark_held_locks+0xf0/0xf0 [ 888.427275] ? futex_wait_queue_me+0x404/0x5e0 [ 888.427292] vb2_ioctl_create_bufs+0x20d/0x360 [ 888.427308] ? memset+0x20/0x40 [ 888.427324] v4l_create_bufs+0xb2/0x160 [ 888.427342] __video_do_ioctl+0x49a/0xcd0 [ 888.427364] ? v4l_querycap+0x340/0x340 [ 888.427381] ? __might_fault+0x192/0x1d0 [ 888.427398] ? v4l_querycap+0x340/0x340 [ 888.427414] video_usercopy+0x13f/0xfa0 [ 888.427436] ? v4l_enumstd+0x60/0x60 [ 888.427450] ? do_futex+0x171/0x1880 [ 888.427466] ? mark_held_locks+0xf0/0xf0 [ 888.427485] ? debug_check_no_obj_freed+0x201/0x490 [ 888.427516] ? video_usercopy+0xfa0/0xfa0 [ 888.427529] v4l2_ioctl+0x147/0x1a0 [ 888.427542] ? video_devdata+0xa0/0xa0 [ 888.427558] do_vfs_ioctl+0xcdb/0x12e0 [ 888.427574] ? lock_downgrade+0x720/0x720 [ 888.427590] ? check_preemption_disabled+0x41/0x280 [ 888.427605] ? ioctl_preallocate+0x200/0x200 [ 888.427623] ? __fget+0x356/0x510 [ 888.427658] ? do_dup2+0x450/0x450 [ 888.427673] ? __se_sys_futex+0x298/0x3b0 [ 888.427696] ksys_ioctl+0x9b/0xc0 [ 888.427712] __x64_sys_ioctl+0x6f/0xb0 [ 888.427727] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 888.427741] do_syscall_64+0xf9/0x620 [ 888.427759] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 888.427771] RIP: 0033:0x7fb9b1ecd0f9 [ 888.427784] Code: Bad RIP value. [ 888.427791] RSP: 002b:00007fb9b043f168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 888.427804] RAX: ffffffffffffffda RBX: 00007fb9b1fecf80 RCX: 00007fb9b1ecd0f9 [ 888.427812] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 888.427820] RBP: 00007fb9b1f28ae9 R08: 0000000000000000 R09: 0000000000000000 [ 888.427828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 888.427836] R13: 00007ffd6a14577f R14: 00007fb9b043f300 R15: 0000000000022000 [ 888.442238] Mem-Info: [ 888.449515] Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10868kB [ 888.450388] active_anon:16200 inactive_anon:33185 isolated_anon:0 [ 888.450388] active_file:15 inactive_file:0 isolated_file:0 [ 888.450388] unevictable:0 dirty:3 writeback:0 unstable:0 [ 888.450388] slab_reclaimable:14610 slab_unreclaimable:122951 [ 888.450388] mapped:22142 shmem:33740 pagetables:592 bounce:0 [ 888.450388] free:13819 free_pcp:124 free_cma:0 [ 888.455725] Node 0 DMA32: 787*4kB (UME) 882*8kB (UME) 252*16kB (UME) 55*32kB (UME) 13*64kB (UME) 6*128kB (UM) 3*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18364kB [ 888.455790] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 888.455837] Node 1 Normal: 269*4kB (UM) 252*8kB (ME) 177*16kB (ME) 92*32kB (M) 35*64kB (M) 14*128kB (UME) 4*256kB (UM) 1*512kB (M) 2*1024kB (UE) 1*2048kB (E) 2*4096kB (U) = 26724kB [ 888.455919] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 888.470117] Node 0 active_anon:62468kB inactive_anon:51192kB active_file:32kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:4kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 20480kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 888.475505] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 888.477139] Node 1 active_anon:2332kB inactive_anon:81548kB active_file:28kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2060kB dirty:8kB writeback:0kB shmem:82200kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 888.481491] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 888.481508] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 888.481513] 33802 total pagecache pages [ 888.481525] 0 pages in swap cache [ 888.496662] Node 0 DMA free:10868kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 888.519175] Swap cache stats: add 0, delete 0, find 0/0 [ 888.534571] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 888.538082] Free swap = 0kB [ 888.540124] Node 0 DMA32 free:17960kB min:35996kB low:44992kB high:53988kB active_anon:62468kB inactive_anon:51192kB active_file:32kB inactive_file:36kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7552kB pagetables:2088kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 888.545468] Total swap = 0kB [ 888.551090] lowmem_reserve[]: 0 0 1 1 1 [ 888.553811] 2097051 pages RAM [ 888.559527] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 888.560884] 0 pages HighMem/MovableOnly [ 888.573527] lowmem_reserve[]: 0 0 0 0 0 [ 888.580357] 369649 pages reserved [ 888.589074] Node 1 Normal free:26440kB min:53876kB low:67344kB high:80812kB active_anon:2332kB inactive_anon:81548kB active_file:36kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:352kB pagetables:280kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 888.595773] 0 pages cma reserved [ 888.599586] lowmem_reserve[]: 0 0 0 0 0 [ 888.601876] Unreclaimable slab info: [ 888.601881] Name Used Total [ 888.601893] pid_2 39KB 88KB [ 888.601962] batadv_tt_change_cache 0KB 3KB [ 888.614359] Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10868kB [ 888.614440] Node 0 DMA32: 787*4kB (UME) 882*8kB (UME) 252*16kB (UME) 55*32kB (UME) 13*64kB (UME) 6*128kB (UM) 3*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18364kB [ 888.614504] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 888.614553] Node 1 Normal: 269*4kB (UM) 252*8kB (ME) 177*16kB (ME) 92*32kB (M) 35*64kB (M) 14*128kB (UME) 4*256kB (UM) 1*512kB (M) 2*1024kB (UE) 1*2048kB (E) 2*4096kB (U) = 26724kB [ 888.614634] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 888.614643] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 888.614653] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 888.614662] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 888.614667] 33802 total pagecache pages [ 888.614679] 0 pages in swap cache [ 888.614686] Swap cache stats: add 0, delete 0, find 0/0 [ 888.614691] Free swap = 0kB [ 888.614695] Total swap = 0kB [ 888.614702] 2097051 pages RAM [ 888.614707] 0 pages HighMem/MovableOnly [ 888.614711] 369649 pages reserved [ 888.614716] 0 pages cma reserved [ 889.207278] batadv_tl_cache 4KB 16KB [ 889.219926] TIPC 10KB 37KB [ 889.240118] SCTPv6 14KB 24KB [ 889.248960] DCCPv6 17KB 30KB [ 889.281006] DCCP 16KB 28KB [ 889.286422] RXRPC 11KB 26KB [ 889.291846] rxrpc_call_jar 78KB 110KB [ 889.297225] bridge_fdb_cache 9KB 23KB [ 889.302659] fib6_nodes 158KB 264KB [ 889.308151] ip6_dst_cache 409KB 697KB [ 889.313663] RAWv6 70KB 101KB [ 889.319052] UDPv6 26KB 37KB [ 889.324496] TCPv6 24KB 30KB [ 889.331617] nf_conntrack 7KB 22KB [ 889.337042] t10_alua_lu_gp_cache 0KB 3KB [ 889.342754] sd_ext_cdb 0KB 7KB [ 889.348121] scsi_sense_cache 1056KB 1060KB [ 889.353526] virtio_scsi_cmd 16KB 16KB [ 889.358986] sgpool-128 8KB 8KB [ 889.364418] sgpool-64 4KB 12KB [ 889.369784] sgpool-32 2KB 15KB [ 889.375353] sgpool-16 1KB 7KB [ 889.380719] sgpool-8 0KB 7KB [ 889.386199] mqueue_inode_cache 10KB 30KB [ 889.391736] bio_post_read_ctx 14KB 15KB [ 889.397160] bio-2 14KB 15KB [ 889.402597] jfs_mp 7KB 7KB [ 889.408002] cifs_small_rq 15KB 16KB [ 889.413431] cifs_request 67KB 67KB [ 889.418808] cifs_mpx_ids 0KB 7KB [ 889.424279] nfs_commit_data 3KB 14KB [ 889.431422] nfs_write_data 34KB 44KB [ 889.436833] ext4_system_zone 1KB 7KB [ 889.442316] bio-1 1KB 7KB [ 889.447687] pid_namespace 2KB 11KB [ 889.453135] rpc_buffers 17KB 25KB [ 889.458499] rpc_tasks 2KB 7KB [ 889.464040] UNIX 566KB 671KB [ 889.469454] tcp_bind_bucket 1KB 4KB [ 889.474920] ip_fib_trie 23KB 43KB [ 889.480286] ip_fib_alias 113KB 193KB [ 889.500998] ip_dst_cache 7KB 20KB [ 889.506383] RAW 43KB 67KB [ 889.521003] UDP 50KB 74KB [ 889.526384] TCP 8KB 16KB [ 889.550997] hugetlbfs_inode_cache 3KB 15KB [ 889.556856] fscache_cookie_jar 1KB 11KB [ 889.562407] eventpoll_pwq 23KB 43KB [ 889.567780] eventpoll_epi 43KB 66KB [ 889.601058] inotify_inode_mark 22KB 39KB [ 889.606550] request_queue 199KB 199KB [ 889.616919] blkdev_requests 1KB 3KB [ 889.622655] blkdev_ioc 29KB 38KB [ 889.628033] bio-0 1483KB 1485KB [ 889.638995] biovec-max 1716KB 1716KB [ 889.644685] biovec-64 1301KB 1307KB [ 889.650051] biovec-16 129KB 131KB [ 889.660617] bio_integrity_payload 1KB 8KB [ 889.666824] khugepaged_mm_slot 8KB 34KB [ 889.677039] uid_cache 0KB 4KB [ 889.682870] dmaengine-unmap-2 0KB 3KB [ 889.688311] skbuff_fclone_cache 75KB 78KB [ 889.698490] skbuff_head_cache 6725KB 7496KB [ 889.704146] configfs_dir_cache 3KB 7KB [ 889.709657] file_lock_cache 87KB 95KB [ 889.719829] file_lock_ctx 9KB 11KB [ 889.725613] fsnotify_mark_connector 12KB 23KB [ 889.736694] net_namespace 52KB 61KB [ 889.743020] shmem_inode_cache 8170KB 8248KB [ 889.748397] task_delay_info 128KB 367KB [ 889.758570] taskstats 62KB 65KB [ 889.764301] proc_dir_entry 750KB 918KB [ 889.769685] pde_opener 6KB 34KB [ 889.780346] seq_file 306KB 496KB [ 889.786141] sigqueue 41KB 63KB [ 889.796888] kernfs_node_cache 18234KB 18533KB [ 889.802543] mnt_cache 173KB 208KB [ 889.807973] filp 6669KB 7597KB [ 889.818205] names_cache 150934KB 150934KB [ 889.824191] iint_cache 38KB 55KB [ 889.829645] key_jar 36KB 135KB [ 889.840850] uts_namespace 2KB 7KB [ 889.846579] nsproxy 1KB 11KB [ 889.857039] vm_area_struct 3133KB 3801KB [ 889.862774] mm_struct 432KB 611KB [ 889.868162] fs_cache 85KB 360KB [ 889.878490] files_cache 328KB 735KB [ 889.884316] signal_cache 848KB 1631KB [ 889.889697] sighand_cache 550KB 631KB [ 889.900352] task_struct 4349KB 4431KB [ 889.906049] cred_jar 1860KB 2504KB [ 889.916385] anon_vma_chain 1093KB 1492KB [ 889.922037] anon_vma 143KB 288KB [ 889.927466] pid 56KB 224KB [ 889.937927] Acpi-Operand 156KB 198KB [ 889.944359] Acpi-ParseExt 9KB 11KB [ 889.949796] Acpi-Parse 41KB 47KB [ 889.960593] Acpi-State 52KB 63KB [ 889.966266] Acpi-Namespace 20KB 27KB [ 889.976627] numa_policy 0KB 3KB [ 889.982564] debug_objects_cache 1396KB 1828KB [ 889.988110] trace_event_file 297KB 298KB [ 889.998419] ftrace_event_field 398KB 401KB [ 890.004218] pool_workqueue 121KB 152KB [ 890.009596] page->ptl 537KB 1004KB [ 890.019974] kmalloc-2097152 2050KB 2050KB [ 890.025649] kmalloc-524288 2056KB 2056KB [ 890.035890] kmalloc-262144 1290KB 1290KB [ 890.041606] kmalloc-131072 650KB 650KB [ 890.047716] kmalloc-65536 1848KB 2178KB [ 890.058046] kmalloc-32768 1650KB 1848KB [ 890.063658] kmalloc-16384 1006KB 1089KB [ 890.069081] kmalloc-8192 3976KB 4092KB [ 890.078969] kmalloc-4096 17811KB 17871KB [ 890.084772] kmalloc-2048 10801KB 14203KB [ 890.090145] kmalloc-1024 7789KB 12670KB [ 890.100325] kmalloc-512 14361KB 16233KB [ 890.106141] kmalloc-256 4232KB 6153KB [ 890.116161] kmalloc-128 924KB 1472KB [ 890.121811] kmalloc-96 3602KB 4076KB [ 890.127245] kmalloc-64 2438KB 3880KB [ 890.137521] kmalloc-32 1889KB 2543KB [ 890.143145] kmalloc-192 1621KB 2820KB [ 890.149180] kmem_cache 177KB 183KB [ 890.159617] Out of memory (oom_kill_allocating_task): Kill process 8085 (syz-fuzzer) score 0 or sacrifice child [ 890.170266] Killed process 6360 (syz-executor.3) total-vm:48512kB, anon-rss:2476kB, file-rss:0kB, shmem-rss:0kB [ 890.186488] oom_reaper: reaped process 6360 (syz-executor.3), now anon-rss:0kB, file-rss:14336kB, shmem-rss:0kB [ 893.635619] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 893.649051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 893.663523] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 893.670241] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 893.686261] device bridge_slave_1 left promiscuous mode [ 893.694554] bridge0: port 2(bridge_slave_1) entered disabled state [ 893.705057] device bridge_slave_0 left promiscuous mode [ 893.713716] bridge0: port 1(bridge_slave_0) entered disabled state [ 893.727145] device veth1_macvtap left promiscuous mode [ 893.735477] device veth0_macvtap left promiscuous mode [ 893.744913] device veth1_vlan left promiscuous mode [ 893.749994] device veth0_vlan left promiscuous mode 02:37:44 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:44 executing program 0: semtimedop(0x0, &(0x7f0000000480)=[{0x0, 0x7}], 0x1, 0x0) 02:37:44 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:37:44 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{0x0, 0x7}], 0x1, 0x0) 02:37:44 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:37:44 executing program 4: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:37:44 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{0x0, 0x7}], 0x1, 0x0) 02:37:44 executing program 0: semtimedop(0x0, &(0x7f0000000480)=[{0x0, 0x7}], 0x1, 0x0) 02:37:44 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, 0x0) 02:37:44 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, 0x0) 02:37:44 executing program 0: semtimedop(0x0, &(0x7f0000000480)=[{0x0, 0x7}], 0x1, 0x0) 02:37:44 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, 0x0) [ 897.980232] Bluetooth: hci0: command 0x0409 tx timeout [ 900.060005] Bluetooth: hci0: command 0x041b tx timeout [ 902.139797] Bluetooth: hci0: command 0x040f tx timeout [ 902.175627] oom_reaper: reaped process 7932 (syz-executor.5), now anon-rss:0kB, file-rss:14332kB, shmem-rss:12kB [ 902.257251] device hsr_slave_1 left promiscuous mode [ 902.283904] device hsr_slave_0 left promiscuous mode [ 902.316974] team0 (unregistering): Port device team_slave_1 removed [ 902.324338] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 902.340927] team0 (unregistering): Port device team_slave_0 removed [ 902.342995] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 902.351440] syz-executor.5: vmalloc: allocation failure, allocated 1686339584 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 902.352967] CPU: 1 PID: 8081 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 902.373317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 902.376070] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 902.382663] Call Trace: [ 902.382683] dump_stack+0x1fc/0x2ef [ 902.382700] dump_header+0x15d/0xc3f [ 902.382715] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 902.382729] ? ___ratelimit+0x319/0x590 [ 902.406726] oom_kill_process.cold+0x10/0x692 [ 902.411213] ? check_preemption_disabled+0x41/0x280 [ 902.416227] ? has_intersects_mems_allowed+0x1d6/0x290 [ 902.421495] out_of_memory+0x1072/0x1390 [ 902.425549] ? oom_killer_disable+0x270/0x270 [ 902.430042] ? mutex_trylock+0x15f/0x1a0 [ 902.434109] __alloc_pages_nodemask+0x23a2/0x2890 [ 902.438957] ? find_get_entry+0x4cd/0x8a0 [ 902.443104] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 902.447967] alloc_pages_current+0x193/0x2a0 [ 902.452372] filemap_fault+0x146e/0x2180 [ 902.456439] ext4_filemap_fault+0x84/0xb0 [ 902.460580] __do_fault+0x10b/0x4b0 [ 902.464193] ? do_raw_spin_unlock+0x171/0x230 [ 902.468678] __handle_mm_fault+0x273b/0x41c0 [ 902.473088] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 902.478192] ? vm_insert_page+0x9c0/0x9c0 [ 902.482346] ? check_preemption_disabled+0x41/0x280 [ 902.487365] handle_mm_fault+0x436/0xb10 [ 902.491444] __do_page_fault+0x68e/0xd60 [ 902.495513] ? trace_hardirqs_off_caller+0x6e/0x210 [ 902.500531] ? spurious_fault+0x840/0x840 [ 902.504667] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 902.509503] ? page_fault+0x8/0x30 [ 902.513036] page_fault+0x1e/0x30 [ 902.516485] RIP: 0033:0x40b220 [ 902.519669] Code: Bad RIP value. [ 902.523032] RSP: 002b:000000c00005ff28 EFLAGS: 00010246 [ 902.528375] RAX: 0000000001f4f1f8 RBX: 000000c000050000 RCX: 0000000000000046 [ 902.535640] RDX: 0000000000000002 RSI: 000000c00005ff00 RDI: 000000c00005fedc [ 902.542908] RBP: 000000c00005ff88 R08: 00007ffc0a3ee000 R09: 000000e7ea103491 [ 902.550167] R10: 000861528e604fdd R11: 0000000000000001 R12: 000000c00005ff10 [ 902.557432] R13: 000000c0006c8800 R14: 000000c0000004e0 R15: 00007f1ca264e834 [ 902.564716] CPU: 0 PID: 7932 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 902.572524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 902.573474] Mem-Info: [ 902.582139] Call Trace: [ 902.582161] dump_stack+0x1fc/0x2ef [ 902.582188] warn_alloc.cold+0x7b/0x18f [ 902.584600] active_anon:14115 inactive_anon:33183 isolated_anon:0 [ 902.584600] active_file:29 inactive_file:11 isolated_file:0 [ 902.584600] unevictable:0 dirty:12 writeback:0 unstable:0 [ 902.584600] slab_reclaimable:14522 slab_unreclaimable:121276 [ 902.584600] mapped:22172 shmem:33736 pagetables:575 bounce:0 [ 902.584600] free:14006 free_pcp:147 free_cma:0 [ 902.587171] ? zone_watermark_ok_safe+0x260/0x260 [ 902.590809] Node 0 active_anon:54280kB inactive_anon:51184kB active_file:152kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86504kB dirty:28kB writeback:0kB shmem:52744kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 12288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 902.594772] __vmalloc_area_node+0x4fd/0x780 [ 902.628100] Node 1 active_anon:2180kB inactive_anon:81548kB active_file:0kB inactive_file:96kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2184kB dirty:20kB writeback:0kB shmem:82200kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 902.632890] ? __vmalloc_node_range+0x180/0x180 [ 902.632908] ? _raw_spin_unlock+0x29/0x40 [ 902.662723] Node 0 DMA free:10868kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 902.665068] ? __get_vm_area_node+0x2e2/0x3a0 [ 902.692138] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 902.696766] __vmalloc_node_range+0xed/0x180 [ 902.700898] Node 0 DMA32 free:17600kB min:35996kB low:44992kB high:53988kB active_anon:54280kB inactive_anon:51184kB active_file:176kB inactive_file:468kB unevictable:0kB writepending:8kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:2020kB bounce:0kB free_pcp:320kB local_pcp:196kB free_cma:0kB [ 902.726993] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 902.727008] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 902.727020] vmalloc_user+0x70/0xe0 [ 902.727035] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 902.731527] lowmem_reserve[]: 0 0 1 1 1 [ 902.736513] vb2_vmalloc_alloc+0xb3/0x2f0 [ 902.742816] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 902.769954] __vb2_queue_alloc+0x472/0xe60 [ 902.769984] vb2_core_create_bufs+0x273/0x7e0 [ 902.774283] lowmem_reserve[]: 0 0 0 0 0 [ 902.779665] ? __vb2_queue_free+0x870/0x870 [ 902.783318] Node 1 Normal free:27548kB min:53876kB low:67344kB high:80812kB active_anon:2180kB inactive_anon:81548kB active_file:116kB inactive_file:16kB unevictable:0kB writepending:4kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:352kB pagetables:280kB bounce:0kB free_pcp:268kB local_pcp:0kB free_cma:0kB [ 902.787595] ? mutex_trylock+0x1a0/0x1a0 [ 902.791557] lowmem_reserve[]: 0 0 0 0 0 [ 902.795687] ? __video_do_ioctl+0x632/0xcd0 [ 902.821562] Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10868kB [ 902.825757] vb2_create_bufs+0x332/0x620 [ 902.830275] Node 0 DMA32: 859*4kB (UME) 903*8kB (UME) 277*16kB (UME) 53*32kB (UME) 14*64kB (UME) 4*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18452kB [ 902.834206] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 902.838509] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 902.867144] ? __video_do_ioctl+0x632/0xcd0 [ 902.867161] ? mutex_trylock+0x1a0/0x1a0 [ 902.867174] ? mark_held_locks+0xf0/0xf0 [ 902.867195] vb2_ioctl_create_bufs+0x20d/0x360 [ 902.867210] ? memset+0x20/0x40 [ 902.867223] v4l_create_bufs+0xb2/0x160 [ 902.867239] __video_do_ioctl+0x49a/0xcd0 [ 902.867259] ? v4l_querycap+0x340/0x340 [ 902.867277] ? __might_fault+0x192/0x1d0 [ 902.867291] ? v4l_querycap+0x340/0x340 [ 902.867307] video_usercopy+0x13f/0xfa0 [ 902.867328] ? v4l_enumstd+0x60/0x60 [ 902.867341] ? do_futex+0x171/0x1880 [ 902.867355] ? mark_held_locks+0xf0/0xf0 [ 902.867373] ? debug_check_no_obj_freed+0x201/0x490 [ 902.867401] ? video_usercopy+0xfa0/0xfa0 [ 902.867413] v4l2_ioctl+0x147/0x1a0 [ 902.867424] ? video_devdata+0xa0/0xa0 [ 902.867440] do_vfs_ioctl+0xcdb/0x12e0 [ 902.867453] ? lock_downgrade+0x720/0x720 [ 902.867468] ? check_preemption_disabled+0x41/0x280 [ 902.867480] ? ioctl_preallocate+0x200/0x200 [ 902.867498] ? __fget+0x356/0x510 [ 902.867514] ? do_dup2+0x450/0x450 [ 902.867527] ? __se_sys_futex+0x298/0x3b0 [ 902.867547] ksys_ioctl+0x9b/0xc0 [ 902.867564] __x64_sys_ioctl+0x6f/0xb0 [ 902.867578] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 902.867591] do_syscall_64+0xf9/0x620 [ 902.867609] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 902.867621] RIP: 0033:0x7fb9b1ecd0f9 [ 902.867635] Code: Bad RIP value. [ 902.867642] RSP: 002b:00007fb9b043f168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 902.867655] RAX: ffffffffffffffda RBX: 00007fb9b1fecf80 RCX: 00007fb9b1ecd0f9 [ 902.867664] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 902.867672] RBP: 00007fb9b1f28ae9 R08: 0000000000000000 R09: 0000000000000000 [ 902.867690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 902.867697] R13: 00007ffd6a14577f R14: 00007fb9b043f300 R15: 0000000000022000 [ 902.885516] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 902.910600] Node 1 Normal: 274*4kB (M) 254*8kB (UME) 175*16kB (UME) 90*32kB (UM) 44*64kB (UM) 19*128kB (UME) 3*256kB (M) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (E) 2*4096kB (U) = 28136kB [ 902.957180] Mem-Info: [ 902.965923] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 902.983491] active_anon:14091 inactive_anon:33183 isolated_anon:0 [ 902.983491] active_file:17 inactive_file:17 isolated_file:0 [ 902.983491] unevictable:0 dirty:0 writeback:0 unstable:0 [ 902.983491] slab_reclaimable:14522 slab_unreclaimable:120793 [ 902.983491] mapped:22149 shmem:33736 pagetables:574 bounce:0 [ 902.983491] free:14947 free_pcp:4 free_cma:0 [ 902.988496] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 902.997487] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 903.000979] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 903.019427] Node 0 active_anon:54188kB inactive_anon:51184kB active_file:44kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52744kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 903.022403] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 903.059589] Node 1 active_anon:2176kB inactive_anon:81548kB active_file:24kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2088kB dirty:0kB writeback:0kB shmem:82200kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 903.068235] 33770 total pagecache pages [ 903.080962] Node 0 DMA free:10868kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 903.111801] 0 pages in swap cache [ 903.174770] bond0 (unregistering): Released all slaves [ 903.185210] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 903.211072] Swap cache stats: add 0, delete 0, find 0/0 [ 903.237433] Node 0 DMA32 free:18856kB min:35996kB low:44992kB high:53988kB active_anon:54188kB inactive_anon:51184kB active_file:44kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:2016kB bounce:0kB free_pcp:220kB local_pcp:164kB free_cma:0kB [ 903.276983] Free swap = 0kB [ 903.303931] lowmem_reserve[]: 0 0 1 1 1 [ 903.303953] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 903.303985] lowmem_reserve[]: 0 0 0 0 0 [ 903.325507] Total swap = 0kB [ 903.361723] Node 1 Normal free:30156kB min:53876kB low:67344kB high:80812kB active_anon:2176kB inactive_anon:81548kB active_file:24kB inactive_file:24kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:352kB pagetables:280kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 903.387490] 2097051 pages RAM [ 903.424950] lowmem_reserve[]: 0 0 0 0 0 [ 903.428959] Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10868kB [ 903.447952] 0 pages HighMem/MovableOnly [ 903.453366] Node 0 DMA32: 971*4kB (UME) 911*8kB (UME) 277*16kB (UME) 53*32kB (UME) 14*64kB (UME) 4*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18964kB [ 903.454743] 369649 pages reserved [ 903.474740] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 903.484187] 0 pages cma reserved [ 903.497095] Node 1 Normal: 281*4kB (UM) 258*8kB (UME) 177*16kB (UME) 139*32kB (UM) 43*64kB (UM) 19*128kB (UME) 5*256kB (UM) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (E) 2*4096kB (U) = 30244kB [ 903.509583] Unreclaimable slab info: [ 903.517696] Name Used Total [ 903.524722] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 903.540914] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 903.549504] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 903.572043] pid_2 40KB 88KB [ 903.577478] batadv_tt_change_cache 3KB 3KB [ 903.587318] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 903.607230] batadv_tl_cache 4KB 16KB [ 903.612732] TIPC 10KB 37KB [ 903.618240] SCTPv6 14KB 24KB [ 903.634728] DCCPv6 17KB 30KB [ 903.636557] 33770 total pagecache pages [ 903.643302] DCCP 16KB 28KB [ 903.649529] RXRPC 11KB 26KB [ 903.668177] rxrpc_call_jar 78KB 110KB [ 903.678180] 0 pages in swap cache [ 903.678298] bridge_fdb_cache 9KB 23KB [ 903.683864] Swap cache stats: add 0, delete 0, find 0/0 [ 903.693143] fib6_nodes 156KB 264KB [ 903.698510] ip6_dst_cache 280KB 633KB [ 903.710529] Free swap = 0kB [ 903.713546] Total swap = 0kB [ 903.715084] RAWv6 70KB 101KB [ 903.716576] 2097051 pages RAM [ 903.727131] UDPv6 26KB 37KB [ 903.738761] TCPv6 21KB 30KB [ 903.749487] nf_conntrack 8KB 22KB [ 903.768400] 0 pages HighMem/MovableOnly [ 903.775213] t10_alua_lu_gp_cache 0KB 3KB [ 903.792364] 369649 pages reserved [ 903.795837] 0 pages cma reserved [ 903.805220] sd_ext_cdb 0KB 7KB [ 903.816788] scsi_sense_cache 1056KB 1060KB [ 903.819714] Bluetooth: hci5: command 0x0406 tx timeout [ 903.859444] Bluetooth: hci6: command 0x0406 tx timeout [ 903.864819] virtio_scsi_cmd 16KB 16KB [ 903.881456] Bluetooth: hci7: command 0x0406 tx timeout [ 903.886807] sgpool-128 8KB 8KB [ 903.916693] sgpool-64 4KB 12KB [ 903.936767] sgpool-32 2KB 15KB [ 903.960668] sgpool-16 1KB 7KB [ 903.966054] sgpool-8 0KB 7KB [ 904.001927] mqueue_inode_cache 13KB 30KB [ 904.007408] bio_post_read_ctx 14KB 15KB [ 904.033249] bio-2 14KB 15KB [ 904.038636] jfs_mp 7KB 7KB [ 904.072774] cifs_small_rq 15KB 16KB [ 904.078150] cifs_request 67KB 67KB [ 904.103968] cifs_mpx_ids 0KB 7KB [ 904.109371] nfs_commit_data 3KB 14KB [ 904.159074] nfs_write_data 34KB 44KB [ 904.191927] ext4_system_zone 1KB 7KB [ 904.197337] bio-1 1KB 7KB [ 904.219623] Bluetooth: hci0: command 0x0419 tx timeout [ 904.233115] pid_namespace 3KB 11KB [ 904.238499] rpc_buffers 17KB 25KB [ 904.273205] rpc_tasks 2KB 7KB [ 904.278587] UNIX 491KB 536KB [ 904.303032] tcp_bind_bucket 1KB 4KB [ 904.308427] ip_fib_trie 23KB 43KB [ 904.316872] ip_fib_alias 112KB 193KB [ 904.325811] ip_dst_cache 4KB 16KB [ 904.334844] RAW 42KB 60KB [ 904.343670] UDP 50KB 74KB [ 904.349029] TCP 8KB 16KB [ 904.357655] hugetlbfs_inode_cache 3KB 15KB [ 904.366932] fscache_cookie_jar 1KB 11KB [ 904.375547] eventpoll_pwq 26KB 43KB [ 904.384443] eventpoll_epi 49KB 66KB [ 904.393325] inotify_inode_mark 21KB 39KB [ 904.398777] request_queue 199KB 199KB [ 904.407305] blkdev_requests 1KB 3KB [ 904.416100] blkdev_ioc 35KB 38KB [ 904.425006] bio-0 1577KB 1578KB [ 904.433536] biovec-max 1707KB 1757KB [ 904.438909] biovec-64 1422KB 1425KB [ 904.463183] biovec-16 132KB 135KB [ 904.468557] bio_integrity_payload 1KB 8KB [ 904.502873] khugepaged_mm_slot 8KB 34KB [ 904.508341] uid_cache 0KB 4KB [ 904.516812] dmaengine-unmap-2 0KB 3KB [ 904.525495] skbuff_fclone_cache 81KB 90KB [ 904.534680] skbuff_head_cache 7189KB 7192KB [ 904.543416] configfs_dir_cache 3KB 7KB [ 904.548869] file_lock_cache 85KB 95KB [ 904.557828] file_lock_ctx 9KB 11KB [ 904.566960] fsnotify_mark_connector 11KB 23KB [ 904.576475] net_namespace 52KB 52KB [ 904.585316] shmem_inode_cache 8178KB 8244KB [ 904.594321] task_delay_info 138KB 367KB [ 904.603144] taskstats 60KB 68KB [ 904.608510] proc_dir_entry 706KB 866KB [ 904.617016] pde_opener 6KB 34KB [ 904.626005] seq_file 303KB 488KB [ 904.634868] sigqueue 50KB 63KB [ 904.653097] kernfs_node_cache 17024KB 17549KB [ 904.658469] mnt_cache 192KB 208KB [ 904.693002] filp 6476KB 7582KB [ 904.698382] names_cache 143879KB 143939KB [ 904.723149] iint_cache 44KB 55KB [ 904.728529] key_jar 31KB 135KB [ 904.753059] uts_namespace 4KB 7KB [ 904.758444] nsproxy 2KB 11KB [ 904.782941] vm_area_struct 3307KB 3801KB [ 904.788326] mm_struct 422KB 604KB [ 904.823175] fs_cache 85KB 356KB [ 904.828678] files_cache 332KB 708KB [ 904.862874] signal_cache 799KB 1610KB [ 904.868260] sighand_cache 559KB 631KB [ 904.892903] task_struct 4437KB 4519KB [ 904.898289] cred_jar 1821KB 2504KB [ 904.923098] anon_vma_chain 1124KB 1492KB [ 904.928484] anon_vma 168KB 288KB [ 904.963040] pid 54KB 224KB [ 904.968422] Acpi-Operand 156KB 198KB [ 904.977230] Acpi-ParseExt 9KB 11KB [ 904.986080] Acpi-Parse 41KB 47KB [ 904.995214] Acpi-State 52KB 63KB [ 905.004177] Acpi-Namespace 20KB 27KB [ 905.009866] numa_policy 0KB 3KB [ 905.015773] debug_objects_cache 1375KB 1828KB [ 905.022144] trace_event_file 297KB 298KB [ 905.053453] ftrace_event_field 398KB 401KB [ 905.059529] pool_workqueue 124KB 152KB [ 905.064909] page->ptl 522KB 1004KB [ 905.093640] kmalloc-2097152 2050KB 2050KB [ 905.100964] kmalloc-524288 2056KB 2056KB [ 905.106360] kmalloc-262144 1290KB 1290KB [ 905.133374] kmalloc-131072 650KB 650KB [ 905.138757] kmalloc-65536 1848KB 1914KB [ 905.144669] kmalloc-32768 1650KB 1716KB [ 905.161195] IPVS: ftp: loaded support on port[0] = 21 [ 905.182137] kmalloc-16384 973KB 1039KB [ 905.187563] kmalloc-8192 4009KB 4059KB [ 905.193178] kmalloc-4096 18568KB 18568KB [ 905.198606] kmalloc-2048 10933KB 14139KB [ 905.219529] kmalloc-1024 8194KB 12670KB [ 905.224917] kmalloc-512 15169KB 15791KB [ 905.239748] kmalloc-256 4229KB 6153KB [ 905.245129] kmalloc-128 879KB 1472KB [ 905.259499] kmalloc-96 3609KB 4076KB [ 905.264878] kmalloc-64 2411KB 3880KB [ 905.279897] kmalloc-32 1887KB 2543KB [ 905.285288] kmalloc-192 1561KB 2772KB [ 905.307623] kmem_cache 177KB 183KB [ 905.319583] Out of memory (oom_kill_allocating_task): Kill process 8081 (syz-fuzzer) score 0 or sacrifice child [ 905.339567] Killed process 6424 (syz-executor.1) total-vm:48512kB, anon-rss:432kB, file-rss:4kB, shmem-rss:0kB [ 905.707772] chnl_net:caif_netlink_parms(): no params data found [ 905.884474] bridge0: port 1(bridge_slave_0) entered blocking state [ 905.890952] bridge0: port 1(bridge_slave_0) entered disabled state [ 905.907864] device bridge_slave_0 entered promiscuous mode [ 905.923265] bridge0: port 2(bridge_slave_1) entered blocking state [ 905.933219] bridge0: port 2(bridge_slave_1) entered disabled state [ 905.942742] device bridge_slave_1 entered promiscuous mode [ 905.970922] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 905.990953] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 906.022242] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 906.035960] team0: Port device team_slave_0 added [ 906.041719] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 906.049176] team0: Port device team_slave_1 added [ 906.081563] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 906.087827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 906.120090] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 906.136940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 906.143527] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 906.174147] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 906.189318] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 906.201837] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 906.230158] device hsr_slave_0 entered promiscuous mode [ 906.236166] device hsr_slave_1 entered promiscuous mode [ 906.242863] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 906.250644] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 906.366570] bridge0: port 2(bridge_slave_1) entered blocking state [ 906.372980] bridge0: port 2(bridge_slave_1) entered forwarding state [ 906.379669] bridge0: port 1(bridge_slave_0) entered blocking state [ 906.386056] bridge0: port 1(bridge_slave_0) entered forwarding state [ 906.743137] bridge0: port 1(bridge_slave_0) entered disabled state [ 906.755210] bridge0: port 2(bridge_slave_1) entered disabled state [ 906.768827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 906.797481] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 906.807523] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 906.821231] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 906.829189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 906.848543] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 906.857725] 8021q: adding VLAN 0 to HW filter on device team0 [ 907.275342] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 907.287877] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 907.297303] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 907.310671] bridge0: port 1(bridge_slave_0) entered blocking state [ 907.317066] bridge0: port 1(bridge_slave_0) entered forwarding state [ 907.332003] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 907.487711] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 907.495774] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 907.509283] bridge0: port 2(bridge_slave_1) entered blocking state [ 907.515653] bridge0: port 2(bridge_slave_1) entered forwarding state [ 907.531323] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 907.725838] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 907.739770] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 907.749197] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 907.938125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 907.950932] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 907.958954] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 907.977344] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 908.174713] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 908.186669] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 908.195791] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 908.212013] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 908.401425] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 908.409130] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 908.424326] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 908.432920] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 908.445122] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 908.454475] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 908.463639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 908.475599] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 908.669011] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 908.677743] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 908.688941] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 908.699098] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 908.903149] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 909.136478] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 909.152334] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 909.164066] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 909.173979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 909.415026] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 909.427963] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 909.436124] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 909.648922] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 909.656610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 909.672180] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 909.684208] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 909.694114] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 909.707649] device veth0_vlan entered promiscuous mode [ 909.935682] device veth1_vlan entered promiscuous mode [ 909.945201] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 909.954425] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 909.982377] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 909.996852] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 910.012923] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 910.028941] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 910.037765] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 910.051986] device bridge_slave_1 left promiscuous mode [ 910.057560] bridge0: port 2(bridge_slave_1) entered disabled state [ 910.072177] device bridge_slave_0 left promiscuous mode [ 910.077650] bridge0: port 1(bridge_slave_0) entered disabled state [ 910.093915] device veth1_macvtap left promiscuous mode [ 910.102843] device veth0_macvtap left promiscuous mode [ 910.108165] device veth1_vlan left promiscuous mode [ 910.116817] device veth0_vlan left promiscuous mode 02:38:00 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:00 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) [ 913.978749] Bluetooth: hci1: command 0x0409 tx timeout [ 914.494082] device hsr_slave_1 left promiscuous mode [ 914.502284] device hsr_slave_0 left promiscuous mode [ 914.517088] team0 (unregistering): Port device team_slave_1 removed [ 914.529230] team0 (unregistering): Port device team_slave_0 removed [ 914.538063] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 914.550630] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 914.578269] bond0 (unregistering): Released all slaves [ 914.592389] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 914.602743] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 914.610878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 914.624264] IPVS: ftp: loaded support on port[0] = 21 [ 914.645558] device veth0_macvtap entered promiscuous mode [ 914.652087] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 914.663423] device veth1_macvtap entered promiscuous mode [ 914.674079] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 914.687941] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 914.704686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 914.714793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 914.724811] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 914.734936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 914.744407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 914.754473] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 914.764034] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 914.774143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 914.784655] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 914.792472] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 914.802586] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 914.810500] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 914.818230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 914.835065] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 914.844913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 914.859658] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 914.873789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 914.884762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 914.898470] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 914.908956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 914.922519] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 914.934838] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 914.946220] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 914.957130] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 914.969874] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 915.068103] chnl_net:caif_netlink_parms(): no params data found [ 915.157415] bridge0: port 1(bridge_slave_0) entered blocking state [ 915.175778] bridge0: port 1(bridge_slave_0) entered disabled state [ 915.188173] device bridge_slave_0 entered promiscuous mode [ 915.198044] bridge0: port 2(bridge_slave_1) entered blocking state [ 915.216244] bridge0: port 2(bridge_slave_1) entered disabled state [ 915.233663] device bridge_slave_1 entered promiscuous mode [ 915.273959] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 915.286898] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 915.327639] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 915.357369] team0: Port device team_slave_0 added [ 915.367543] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 915.389720] team0: Port device team_slave_1 added [ 915.415217] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 915.424239] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 915.457856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 915.500408] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 915.507591] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 915.544375] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 915.559795] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 915.569510] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 915.576629] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 915.595149] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 915.615191] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 915.636360] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 915.655644] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 915.685727] device hsr_slave_0 entered promiscuous mode [ 915.688522] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 915.698467] device hsr_slave_1 entered promiscuous mode [ 915.698738] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 915.712703] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 915.721888] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 915.731471] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready 02:38:05 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:38:05 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x0, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:38:05 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{}], 0x1, &(0x7f0000000500)) 02:38:05 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:05 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000380)={0xf4, 0x2, 0x1, {0x3, @vbi={0x4, 0xad2a, 0xc00, 0x20363159, [0xfffffffb, 0x200], [0x6, 0xf4a7], 0x1}}, 0x400}) semtimedop(0x0, &(0x7f0000000480)=[{0x1, 0x7}, {0x1, 0x8, 0x800}, {}], 0x3, &(0x7f0000000500)) 02:38:05 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{}], 0x1, &(0x7f0000000500)) 02:38:05 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x0, 0x0, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:38:05 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:06 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x75f4316a, 0x2) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000440)=@fd={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x1, 0x7, 0x8, 0x5, 0x4, 0x0, "80454e17"}, 0xb07f, 0x4, {}, 0xffff}) 02:38:06 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x0, 0x0, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:38:06 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{}], 0x1, &(0x7f0000000500)) [ 915.987422] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 916.069418] Bluetooth: hci1: command 0x041b tx timeout [ 916.086939] 8021q: adding VLAN 0 to HW filter on device bond0 [ 916.096683] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 916.106450] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 916.114389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 916.126303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 916.144387] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 916.155504] 8021q: adding VLAN 0 to HW filter on device team0 [ 916.174914] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 916.184744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 916.197260] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 916.210938] bridge0: port 1(bridge_slave_0) entered blocking state [ 916.217443] bridge0: port 1(bridge_slave_0) entered forwarding state [ 916.230883] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 916.244247] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 916.252349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 916.266863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 916.276012] bridge0: port 2(bridge_slave_1) entered blocking state [ 916.282428] bridge0: port 2(bridge_slave_1) entered forwarding state [ 916.297476] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 916.305688] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 916.321451] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 916.328694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 916.351769] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 916.369786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 916.380032] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 916.397265] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 916.414814] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 916.425111] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 916.443706] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 916.473854] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 916.493361] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 916.508195] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 916.514977] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 916.529053] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 916.542002] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 916.591504] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 916.605388] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 916.612825] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 916.626065] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 916.641718] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 916.715062] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 916.726383] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 916.738782] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 916.747404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 916.821145] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 916.832833] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 916.841601] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 916.855559] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 916.864202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 916.877354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 916.889315] device veth0_vlan entered promiscuous mode [ 916.903639] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 916.911713] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 916.925723] device veth1_vlan entered promiscuous mode [ 916.932419] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 916.947234] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 916.966540] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 916.984244] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 916.991764] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 917.004072] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 917.012669] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 917.025953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 917.037061] device veth0_macvtap entered promiscuous mode [ 917.050480] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 917.065192] device veth1_macvtap entered promiscuous mode [ 917.071896] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 917.090313] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 917.107418] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 917.117064] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 917.132362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 917.143650] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 917.158414] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 917.167532] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 917.187275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 917.197044] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 917.211518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 917.221908] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 917.235821] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 917.247918] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 917.260877] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 917.268078] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 917.282679] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 917.292325] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 917.303617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 917.315971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 917.331360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 917.343463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 917.356812] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 917.368138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 917.384618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 917.394419] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 917.409206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 917.422850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 917.442799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 917.454000] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 917.466566] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 917.474901] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 917.489917] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 917.684797] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 917.698006] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 917.713463] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 917.741448] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 917.762295] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 917.769238] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 917.776347] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 917.787463] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 918.138541] Bluetooth: hci1: command 0x040f tx timeout [ 920.218580] Bluetooth: hci1: command 0x0419 tx timeout [ 921.573803] oom_reaper: reaped process 8461 (syz-executor.5), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 921.607725] systemd-journal invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 921.620157] systemd-journal cpuset=/ mems_allowed=0-1 [ 921.625388] CPU: 0 PID: 7594 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 [ 921.633265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 921.642708] Call Trace: [ 921.645306] dump_stack+0x1fc/0x2ef [ 921.648944] dump_header+0x15d/0xc3f [ 921.652659] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 921.657748] ? ___ratelimit+0x319/0x590 [ 921.661705] oom_kill_process.cold+0x10/0x692 [ 921.666183] ? check_preemption_disabled+0x41/0x280 [ 921.671182] ? has_intersects_mems_allowed+0x1d6/0x290 [ 921.676456] out_of_memory+0x1072/0x1390 [ 921.680521] ? oom_killer_disable+0x270/0x270 [ 921.685012] ? mutex_trylock+0x15f/0x1a0 [ 921.689077] __alloc_pages_nodemask+0x23a2/0x2890 [ 921.693902] ? find_get_entry+0x4cd/0x8a0 [ 921.698030] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 921.702864] alloc_pages_current+0x193/0x2a0 [ 921.707254] filemap_fault+0x146e/0x2180 [ 921.711306] ext4_filemap_fault+0x84/0xb0 [ 921.715450] __do_fault+0x10b/0x4b0 [ 921.719061] __handle_mm_fault+0x273b/0x41c0 [ 921.723554] ? vm_insert_page+0x9c0/0x9c0 [ 921.727688] ? check_preemption_disabled+0x41/0x280 [ 921.732685] handle_mm_fault+0x436/0xb10 [ 921.736742] __do_page_fault+0x68e/0xd60 [ 921.740793] ? trace_hardirqs_off_caller+0x6e/0x210 [ 921.745791] ? spurious_fault+0x840/0x840 [ 921.749924] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 921.754747] ? page_fault+0x8/0x30 [ 921.758294] page_fault+0x1e/0x30 [ 921.761742] RIP: 0033:0x7f293be162e3 [ 921.765440] Code: Bad RIP value. [ 921.768784] RSP: 002b:00007ffcd6e67da8 EFLAGS: 00010246 [ 921.774130] RAX: 0000000000000001 RBX: 0000561a925a11e0 RCX: 00007f293be162e3 [ 921.781401] RDX: 0000000000000014 RSI: 00007ffcd6e67db0 RDI: 000000000000000c [ 921.788655] RBP: 00007ffcd6e67fa0 R08: 00007ffcd6fa0000 R09: 000000ec9e6b7602 [ 921.795916] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcd6e67db0 [ 921.803167] R13: 0000000000000001 R14: ffffffffffffffff R15: 0005f44f6363fedf [ 921.814900] Mem-Info: [ 921.817361] active_anon:14783 inactive_anon:33186 isolated_anon:0 [ 921.817361] active_file:37 inactive_file:0 isolated_file:0 [ 921.817361] unevictable:0 dirty:3 writeback:19 unstable:0 [ 921.817361] slab_reclaimable:14339 slab_unreclaimable:117274 [ 921.817361] mapped:22247 shmem:33741 pagetables:615 bounce:0 [ 921.817361] free:13802 free_pcp:159 free_cma:0 [ 921.826775] syz-executor.5: vmalloc: allocation failure, allocated 1702506496 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 921.867315] Node 0 active_anon:57064kB inactive_anon:51196kB active_file:40kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52764kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 12288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 921.870571] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 921.906477] CPU: 1 PID: 8461 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 921.906945] Node 1 active_anon:1976kB inactive_anon:81548kB active_file:4kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2372kB dirty:0kB writeback:0kB shmem:82200kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 921.914291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 921.914296] Call Trace: [ 921.914315] dump_stack+0x1fc/0x2ef [ 921.914333] warn_alloc.cold+0x7b/0x18f [ 921.914350] ? zone_watermark_ok_safe+0x260/0x260 [ 921.914362] ? retint_kernel+0x2d/0x2d [ 921.914382] ? policy_node+0x116/0x140 [ 921.914407] __vmalloc_area_node+0x4fd/0x780 [ 921.951427] Node 0 DMA free:10868kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 921.953580] ? __vmalloc_node_range+0x180/0x180 [ 921.957174] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 921.961138] ? _raw_spin_unlock+0x29/0x40 [ 921.961150] ? __get_vm_area_node+0x2e2/0x3a0 [ 921.961169] __vmalloc_node_range+0xed/0x180 [ 921.961190] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 921.966002] Node 0 DMA32 free:17616kB min:35996kB low:44992kB high:53988kB active_anon:57064kB inactive_anon:51196kB active_file:40kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7584kB pagetables:2176kB bounce:0kB free_pcp:512kB local_pcp:108kB free_cma:0kB [ 921.969885] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 921.969898] vmalloc_user+0x70/0xe0 [ 921.969911] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 921.969924] vb2_vmalloc_alloc+0xb3/0x2f0 [ 921.969939] __vb2_queue_alloc+0x472/0xe60 [ 921.969965] vb2_core_create_bufs+0x273/0x7e0 [ 921.982447] lowmem_reserve[]: 0 0 1 1 1 [ 922.004415] ? __vb2_queue_free+0x870/0x870 [ 922.004433] ? mutex_trylock+0x1a0/0x1a0 [ 922.004450] ? __video_do_ioctl+0x632/0xcd0 [ 922.004468] vb2_create_bufs+0x332/0x620 [ 922.004482] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 922.004493] ? __video_do_ioctl+0x632/0xcd0 [ 922.004506] ? mutex_trylock+0x1a0/0x1a0 [ 922.004521] ? mark_held_locks+0xf0/0xf0 [ 922.004537] ? futex_wait_queue_me+0x404/0x5e0 [ 922.004551] vb2_ioctl_create_bufs+0x20d/0x360 [ 922.004566] ? memset+0x20/0x40 [ 922.004583] v4l_create_bufs+0xb2/0x160 [ 922.004599] __video_do_ioctl+0x49a/0xcd0 [ 922.004619] ? v4l_querycap+0x340/0x340 [ 922.004638] ? __might_fault+0x192/0x1d0 [ 922.004655] ? v4l_querycap+0x340/0x340 [ 922.004670] video_usercopy+0x13f/0xfa0 [ 922.004691] ? v4l_enumstd+0x60/0x60 [ 922.004705] ? do_futex+0x171/0x1880 [ 922.004720] ? mark_held_locks+0xf0/0xf0 [ 922.004739] ? debug_check_no_obj_freed+0x201/0x490 [ 922.004762] ? video_usercopy+0xfa0/0xfa0 [ 922.004774] v4l2_ioctl+0x147/0x1a0 [ 922.004786] ? video_devdata+0xa0/0xa0 [ 922.004802] do_vfs_ioctl+0xcdb/0x12e0 [ 922.004818] ? lock_downgrade+0x720/0x720 [ 922.004832] ? check_preemption_disabled+0x41/0x280 [ 922.004846] ? ioctl_preallocate+0x200/0x200 [ 922.004865] ? __fget+0x356/0x510 [ 922.004881] ? do_dup2+0x450/0x450 [ 922.004895] ? __se_sys_futex+0x298/0x3b0 [ 922.004917] ksys_ioctl+0x9b/0xc0 [ 922.004933] __x64_sys_ioctl+0x6f/0xb0 [ 922.004946] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 922.004960] do_syscall_64+0xf9/0x620 [ 922.004979] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 922.004990] RIP: 0033:0x7fb9b1ecd0f9 [ 922.005010] Code: Bad RIP value. [ 922.005027] RSP: 002b:00007fb9b043f168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 922.005041] RAX: ffffffffffffffda RBX: 00007fb9b1fecf80 RCX: 00007fb9b1ecd0f9 [ 922.005048] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 922.005056] RBP: 00007fb9b1f28ae9 R08: 0000000000000000 R09: 0000000000000000 [ 922.005064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 922.005072] R13: 00007ffd6a14577f R14: 00007fb9b043f300 R15: 0000000000022000 [ 922.010453] Mem-Info: [ 922.018578] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 922.025511] active_anon:14760 inactive_anon:33186 isolated_anon:0 [ 922.025511] active_file:11 inactive_file:12 isolated_file:0 [ 922.025511] unevictable:0 dirty:0 writeback:0 unstable:0 [ 922.025511] slab_reclaimable:14314 slab_unreclaimable:117268 [ 922.025511] mapped:22220 shmem:33741 pagetables:614 bounce:0 [ 922.025511] free:13830 free_pcp:195 free_cma:0 [ 922.035145] lowmem_reserve[]: 0 0 0 0 0 [ 922.067049] Node 0 active_anon:57064kB inactive_anon:51196kB active_file:40kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52764kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 12288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 922.076319] Node 1 Normal free:26828kB min:53876kB low:67344kB high:80812kB active_anon:1976kB inactive_anon:81548kB active_file:4kB inactive_file:8kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:280kB bounce:0kB free_pcp:268kB local_pcp:20kB free_cma:0kB [ 922.084461] Node 1 active_anon:1976kB inactive_anon:81548kB active_file:4kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2372kB dirty:0kB writeback:0kB shmem:82200kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 922.098295] lowmem_reserve[]: 0 0 0 0 0 [ 922.106224] Node 0 DMA free:10868kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 922.115577] Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10868kB [ 922.123441] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 922.133901] Node 0 DMA32: 1020*4kB (UME) 865*8kB (UME) 281*16kB (UME) 51*32kB (ME) 9*64kB (UME) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17704kB [ 922.136500] Node 0 DMA32 free:17616kB min:35996kB low:44992kB high:53988kB active_anon:57064kB inactive_anon:51196kB active_file:40kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7584kB pagetables:2176kB bounce:0kB free_pcp:512kB local_pcp:404kB free_cma:0kB [ 922.139729] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 922.149148] lowmem_reserve[]: 0 0 1 1 1 [ 922.157241] Node 1 Normal: 271*4kB (UME) 248*8kB (ME) 165*16kB (ME) 88*32kB (UM) 38*64kB (UM) 14*128kB (ME) 5*256kB (M) 1*512kB (M) 2*1024kB (UE) 1*2048kB (E) 2*4096kB (U) = 26828kB [ 922.165164] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 922.167665] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 922.171406] lowmem_reserve[]: 0 0 0 0 0 [ 922.179603] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 922.188146] Node 1 Normal free:26828kB min:53876kB low:67344kB high:80812kB active_anon:1976kB inactive_anon:81548kB active_file:4kB inactive_file:8kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:280kB bounce:0kB free_pcp:268kB local_pcp:248kB free_cma:0kB [ 922.188180] lowmem_reserve[]: 0 0 0 0 0 [ 922.188198] Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10868kB [ 922.192088] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 922.195946] Node 0 DMA32: 1020*4kB (UME) 865*8kB (UME) 281*16kB (UME) 51*32kB (ME) 9*64kB (UME) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17704kB [ 922.196009] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 922.196058] Node 1 Normal: 271*4kB (UME) 248*8kB (ME) 165*16kB (ME) 88*32kB (UM) 38*64kB (UM) 14*128kB (ME) 5*256kB (M) 1*512kB (M) 2*1024kB (UE) 1*2048kB (E) 2*4096kB (U) = 26828kB [ 922.196137] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 922.196147] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 922.196158] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 922.196168] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 922.196173] 33764 total pagecache pages [ 922.196205] 0 pages in swap cache [ 922.196213] Swap cache stats: add 0, delete 0, find 0/0 [ 922.196218] Free swap = 0kB [ 922.196223] Total swap = 0kB [ 922.196230] 2097051 pages RAM [ 922.196235] 0 pages HighMem/MovableOnly [ 922.196241] 369649 pages reserved [ 922.196246] 0 pages cma reserved [ 922.788498] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 922.797181] 33764 total pagecache pages [ 922.801230] 0 pages in swap cache [ 922.804679] Swap cache stats: add 0, delete 0, find 0/0 [ 922.811769] Free swap = 0kB [ 922.814797] Total swap = 0kB [ 922.817873] 2097051 pages RAM [ 922.820978] 0 pages HighMem/MovableOnly [ 922.824944] 369649 pages reserved [ 922.828452] 0 pages cma reserved [ 922.831813] Unreclaimable slab info: [ 922.835517] Name Used Total [ 922.841113] pid_2 34KB 84KB [ 922.846544] batadv_tt_change_cache 2KB 3KB [ 922.852385] batadv_tl_cache 7KB 16KB [ 922.857764] TIPC 13KB 37KB [ 922.863203] SCTPv6 18KB 24KB [ 922.868653] DCCPv6 17KB 30KB [ 922.874028] DCCP 16KB 28KB [ 922.879467] RXRPC 14KB 26KB [ 922.884913] rxrpc_call_jar 101KB 110KB [ 922.890342] bridge_fdb_cache 12KB 23KB [ 922.895707] fib6_nodes 211KB 264KB [ 922.901142] ip6_dst_cache 431KB 618KB [ 922.906503] RAWv6 91KB 101KB [ 922.913664] UDPv6 33KB 41KB [ 922.922544] TCPv6 24KB 30KB [ 922.928114] nf_conntrack 14KB 22KB [ 922.933525] t10_alua_lu_gp_cache 0KB 3KB [ 922.942803] sd_ext_cdb 0KB 7KB [ 922.948221] scsi_sense_cache 1056KB 1060KB [ 922.953618] virtio_scsi_cmd 16KB 16KB [ 922.962243] sgpool-128 8KB 8KB [ 922.967606] sgpool-64 4KB 12KB [ 922.973085] sgpool-32 2KB 15KB [ 922.981654] sgpool-16 1KB 7KB [ 922.987018] sgpool-8 0KB 7KB [ 922.994646] mqueue_inode_cache 13KB 30KB [ 923.003116] bio_post_read_ctx 14KB 15KB [ 923.014588] bio-2 14KB 15KB [ 923.023293] jfs_mp 7KB 7KB [ 923.034761] cifs_small_rq 15KB 16KB [ 923.043767] cifs_request 67KB 67KB [ 923.054001] cifs_mpx_ids 0KB 7KB [ 923.063124] nfs_commit_data 3KB 14KB [ 923.073710] nfs_write_data 34KB 44KB [ 923.082649] ext4_system_zone 1KB 7KB [ 923.092681] bio-1 1KB 7KB [ 923.098254] pid_namespace 2KB 11KB [ 923.103828] rpc_buffers 17KB 25KB [ 923.114314] rpc_tasks 2KB 7KB [ 923.122514] UNIX 1205KB 1211KB [ 923.128174] tcp_bind_bucket 1KB 4KB [ 923.133649] ip_fib_trie 31KB 43KB [ 923.139673] ip_fib_alias 148KB 193KB [ 923.145243] ip_dst_cache 12KB 20KB [ 923.150860] RAW 54KB 60KB [ 923.156226] UDP 59KB 81KB [ 923.162321] TCP 8KB 16KB [ 923.167699] hugetlbfs_inode_cache 3KB 15KB [ 923.173474] fscache_cookie_jar 1KB 11KB [ 923.178954] eventpoll_pwq 22KB 43KB [ 923.184425] eventpoll_epi 41KB 66KB [ 923.189957] inotify_inode_mark 17KB 39KB [ 923.195499] request_queue 199KB 199KB [ 923.200934] blkdev_requests 1KB 3KB [ 923.206294] blkdev_ioc 26KB 38KB [ 923.212317] bio-0 1291KB 1365KB [ 923.220256] biovec-max 1617KB 1683KB [ 923.225717] biovec-64 1246KB 1386KB [ 923.231617] biovec-16 126KB 135KB [ 923.236980] bio_integrity_payload 1KB 8KB [ 923.242772] khugepaged_mm_slot 7KB 34KB [ 923.248395] uid_cache 0KB 4KB [ 923.254481] dmaengine-unmap-2 0KB 3KB [ 923.260879] skbuff_fclone_cache 75KB 90KB [ 923.267602] skbuff_head_cache 8245KB 8246KB [ 923.274454] configfs_dir_cache 3KB 7KB [ 923.280680] file_lock_cache 67KB 95KB [ 923.286455] file_lock_ctx 9KB 11KB [ 923.291960] fsnotify_mark_connector 9KB 23KB [ 923.298560] net_namespace 70KB 70KB [ 923.304138] shmem_inode_cache 8136KB 8236KB [ 923.309635] task_delay_info 205KB 367KB [ 923.315956] taskstats 53KB 68KB [ 923.323901] proc_dir_entry 825KB 866KB [ 923.329445] pde_opener 10KB 34KB [ 923.334885] seq_file 249KB 488KB [ 923.340439] sigqueue 57KB 63KB [ 923.345894] kernfs_node_cache 18241KB 18246KB [ 923.352057] mnt_cache 208KB 212KB [ 923.358100] filp 6571KB 7578KB [ 923.364025] names_cache 125111KB 125171KB [ 923.369560] iint_cache 35KB 55KB [ 923.374927] key_jar 30KB 135KB [ 923.380418] uts_namespace 3KB 7KB [ 923.387587] nsproxy 2KB 11KB [ 923.393049] vm_area_struct 3199KB 3785KB [ 923.398461] mm_struct 479KB 598KB [ 923.403818] fs_cache 202KB 356KB [ 923.409241] files_cache 724KB 735KB [ 923.414601] signal_cache 1426KB 1610KB [ 923.420889] sighand_cache 555KB 624KB [ 923.428459] task_struct 6981KB 7051KB [ 923.434416] cred_jar 1920KB 2504KB [ 923.440556] anon_vma_chain 1064KB 1488KB [ 923.446560] anon_vma 152KB 288KB [ 923.452004] pid 114KB 224KB [ 923.457360] Acpi-Operand 156KB 198KB [ 923.462813] Acpi-ParseExt 9KB 11KB [ 923.468243] Acpi-Parse 41KB 47KB [ 923.473603] Acpi-State 52KB 63KB [ 923.479043] Acpi-Namespace 20KB 27KB [ 923.484407] numa_policy 0KB 3KB [ 923.489836] debug_objects_cache 1480KB 1828KB [ 923.495366] trace_event_file 297KB 298KB [ 923.500773] ftrace_event_field 398KB 401KB [ 923.506224] pool_workqueue 136KB 152KB [ 923.511647] page->ptl 509KB 1004KB [ 923.517782] kmalloc-2097152 2050KB 2050KB [ 923.523200] kmalloc-524288 2056KB 2056KB [ 923.530232] kmalloc-262144 1290KB 1290KB [ 923.535602] kmalloc-131072 650KB 650KB [ 923.541071] kmalloc-65536 2376KB 2442KB [ 923.546434] kmalloc-32768 1980KB 1980KB [ 923.551875] kmalloc-16384 1171KB 1221KB [ 923.557679] kmalloc-8192 4958KB 4958KB [ 923.563807] kmalloc-4096 24624KB 24684KB [ 923.569615] kmalloc-2048 14537KB 14547KB [ 923.574985] kmalloc-1024 10881KB 12670KB [ 923.580421] kmalloc-512 16311KB 16395KB [ 923.586298] kmalloc-256 5047KB 6153KB [ 923.594826] kmalloc-128 1134KB 1472KB [ 923.600672] kmalloc-96 3527KB 4076KB [ 923.606155] kmalloc-64 2617KB 3880KB [ 923.611677] kmalloc-32 1940KB 2543KB [ 923.617044] kmalloc-192 1921KB 2772KB [ 923.626267] kmem_cache 177KB 183KB [ 923.634139] Out of memory (oom_kill_allocating_task): Kill process 7594 (systemd-journal) score 0 or sacrifice child [ 923.645271] Killed process 7594 (systemd-journal) total-vm:46096kB, anon-rss:484kB, file-rss:4kB, shmem-rss:2372kB [ 923.657106] oom_reaper: reaped process 7594 (systemd-journal), now anon-rss:0kB, file-rss:0kB, shmem-rss:2372kB [ 923.711834] systemd[1]: systemd-journald.service: Failed with result 'signal'. [ 923.745628] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 923.770679] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 923.785544] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 923.817004] systemd[1]: Stopped Journal Service. [ 923.858456] systemd[1]: Starting Journal Service... [ 923.996408] systemd-journald[8556]: File /run/log/journal/04d8c135ee6b410280ba31a58c89679d/system.journal corrupted or uncleanly shut down, renaming and replacing. [ 924.503540] systemd[1]: Started Journal Service. 02:38:14 executing program 2: semtimedop(0x0, 0x0, 0x0, &(0x7f0000000500)) 02:38:14 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:14 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x0, 0x0, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:38:14 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) clock_gettime(0x0, &(0x7f0000000000)) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r4, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef, 0x0, r4}) getpid() 02:38:17 executing program 5: ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:17 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:17 executing program 2: semtimedop(0x0, 0x0, 0x0, &(0x7f0000000500)) 02:38:17 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) clock_gettime(0x0, &(0x7f0000000000)) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r4, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef, 0x0, r4}) getpid() 02:38:17 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x0, 0x1, 0x4, 0x0, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:38:17 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:17 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:38:17 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) clock_gettime(0x0, &(0x7f0000000000)) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r4, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef, 0x0, r4}) getpid() 02:38:17 executing program 2: semtimedop(0x0, 0x0, 0x0, &(0x7f0000000500)) 02:38:17 executing program 5: ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:17 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:38:17 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) clock_gettime(0x0, &(0x7f0000000000)) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r4, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x400, 0x1, 0x4, 0x2024, 0x2, {}, {0x2, 0x8, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef, 0x0, r4}) 02:38:17 executing program 2: semtimedop(0x0, &(0x7f0000000480), 0x0, &(0x7f0000000500)) [ 932.402401] oom_reaper: reaped process 8586 (syz-executor.3), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 932.443304] systemd-journal invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 932.459130] systemd-journal cpuset=/ mems_allowed=0-1 [ 932.464345] CPU: 0 PID: 8556 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 [ 932.472225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 932.473019] ieee802154 phy0 wpan0: encryption failed: -22 [ 932.481578] Call Trace: [ 932.481596] dump_stack+0x1fc/0x2ef [ 932.481615] dump_header+0x15d/0xc3f [ 932.493400] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.497011] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 932.497024] ? ___ratelimit+0x319/0x590 [ 932.497040] oom_kill_process.cold+0x10/0x692 [ 932.516091] ? check_preemption_disabled+0x41/0x280 [ 932.521103] ? has_intersects_mems_allowed+0x1d6/0x290 [ 932.526360] out_of_memory+0x1072/0x1390 [ 932.530408] ? oom_killer_disable+0x270/0x270 [ 932.534886] ? mutex_trylock+0x15f/0x1a0 [ 932.538936] __alloc_pages_nodemask+0x23a2/0x2890 [ 932.543762] ? find_get_entry+0x4cd/0x8a0 [ 932.547896] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 932.552735] alloc_pages_current+0x193/0x2a0 [ 932.557129] filemap_fault+0x146e/0x2180 [ 932.561177] ext4_filemap_fault+0x84/0xb0 [ 932.565311] __do_fault+0x10b/0x4b0 [ 932.568923] __handle_mm_fault+0x273b/0x41c0 [ 932.573315] ? vm_insert_page+0x9c0/0x9c0 [ 932.577449] ? check_preemption_disabled+0x41/0x280 [ 932.582445] handle_mm_fault+0x436/0xb10 [ 932.586497] __do_page_fault+0x68e/0xd60 [ 932.590541] ? trace_hardirqs_off_caller+0x6e/0x210 [ 932.595548] ? spurious_fault+0x840/0x840 [ 932.599690] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 932.604533] ? page_fault+0x8/0x30 [ 932.608071] page_fault+0x1e/0x30 [ 932.611539] RIP: 0033:0x7f946e03b2e3 [ 932.615238] Code: Bad RIP value. [ 932.618600] RSP: 002b:00007fffe74f8538 EFLAGS: 00010246 [ 932.623947] RAX: 0000000000000001 RBX: 0000561151dc01e0 RCX: 00007f946e03b2e3 [ 932.631207] RDX: 0000000000000013 RSI: 00007fffe74f8540 RDI: 000000000000000c [ 932.638462] RBP: 00007fffe74f8730 R08: 0000000002faf080 R09: 000000edb50b6948 [ 932.645721] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffe74f8540 [ 932.652970] R13: 0000000000000001 R14: ffffffffffffffff R15: 0005f44f63a4d869 [ 932.663489] Mem-Info: [ 932.665911] active_anon:14155 inactive_anon:35217 isolated_anon:0 [ 932.665911] active_file:23 inactive_file:2 isolated_file:0 [ 932.665911] unevictable:0 dirty:0 writeback:0 unstable:0 [ 932.665911] slab_reclaimable:14198 slab_unreclaimable:117547 [ 932.665911] mapped:21971 shmem:35788 pagetables:576 bounce:0 [ 932.665911] free:13895 free_pcp:149 free_cma:0 [ 932.678312] syz-executor.3: vmalloc: allocation failure, allocated 1696239616 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 932.702280] Node 0 active_anon:54416kB inactive_anon:51192kB active_file:88kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 12288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 932.724025] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 932.745880] Node 1 active_anon:2204kB inactive_anon:89676kB active_file:4kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1376kB dirty:0kB writeback:0kB shmem:90392kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 932.757661] CPU: 1 PID: 8586 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 932.776580] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 932.780898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 932.780903] Call Trace: [ 932.780925] dump_stack+0x1fc/0x2ef [ 932.780947] warn_alloc.cold+0x7b/0x18f [ 932.780965] ? zone_watermark_ok_safe+0x260/0x260 [ 932.780982] ? retint_kernel+0x2d/0x2d [ 932.781002] ? alloc_pages_current+0x164/0x2a0 [ 932.781043] __vmalloc_area_node+0x4fd/0x780 [ 932.810612] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 932.816503] ? __vmalloc_node_range+0x180/0x180 [ 932.819122] Node 0 DMA32 free:17916kB min:35996kB low:44992kB high:53988kB active_anon:54324kB inactive_anon:51192kB active_file:44kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7520kB pagetables:2024kB bounce:0kB free_pcp:344kB local_pcp:96kB free_cma:0kB [ 932.822682] ? _raw_spin_unlock+0x29/0x40 [ 932.826650] lowmem_reserve[]: 0 0 1 1 1 [ 932.831484] ? __get_vm_area_node+0x2e2/0x3a0 [ 932.831506] __vmalloc_node_range+0xed/0x180 [ 932.831522] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 932.831536] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 932.831553] vmalloc_user+0x70/0xe0 [ 932.837660] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 932.840012] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 932.846137] lowmem_reserve[]: 0 0 0 0 0 [ 932.849414] vb2_vmalloc_alloc+0xb3/0x2f0 [ 932.849429] __vb2_queue_alloc+0x472/0xe60 [ 932.849506] vb2_core_create_bufs+0x273/0x7e0 [ 932.849527] ? __vb2_queue_free+0x870/0x870 [ 932.855568] Node 1 Normal free:26784kB min:53876kB low:67344kB high:80812kB active_anon:2200kB inactive_anon:89676kB active_file:0kB inactive_file:32kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:276kB bounce:0kB free_pcp:252kB local_pcp:4kB free_cma:0kB [ 932.883004] ? mutex_trylock+0x1a0/0x1a0 [ 932.883019] ? __video_do_ioctl+0x632/0xcd0 [ 932.883039] vb2_create_bufs+0x332/0x620 [ 932.883056] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 932.883068] ? __video_do_ioctl+0x632/0xcd0 [ 932.883079] ? mutex_trylock+0x1a0/0x1a0 [ 932.883094] ? mark_held_locks+0xf0/0xf0 [ 932.883114] vb2_ioctl_create_bufs+0x20d/0x360 [ 932.883126] ? memset+0x20/0x40 [ 932.883142] v4l_create_bufs+0xb2/0x160 [ 932.890450] lowmem_reserve[]: 0 0 0 0 0 [ 932.891243] __video_do_ioctl+0x49a/0xcd0 [ 932.895709] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 932.900111] ? v4l_querycap+0x340/0x340 [ 932.900128] ? __might_fault+0x192/0x1d0 [ 932.900150] ? v4l_querycap+0x340/0x340 [ 932.904442] Node 0 DMA32: 1021*4kB (UME) 851*8kB (UME) 283*16kB (UME) 52*32kB (UME) 9*64kB (M) 2*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17916kB [ 932.909800] video_usercopy+0x13f/0xfa0 [ 932.909821] ? v4l_enumstd+0x60/0x60 [ 932.909835] ? do_futex+0x171/0x1880 [ 932.909853] ? mark_held_locks+0xf0/0xf0 [ 932.915928] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 932.939423] ? debug_check_no_obj_freed+0x201/0x490 [ 932.939446] ? video_usercopy+0xfa0/0xfa0 [ 932.939457] v4l2_ioctl+0x147/0x1a0 [ 932.939469] ? video_devdata+0xa0/0xa0 [ 932.939484] do_vfs_ioctl+0xcdb/0x12e0 [ 932.939497] ? lock_downgrade+0x720/0x720 [ 932.939510] ? check_preemption_disabled+0x41/0x280 [ 932.939524] ? ioctl_preallocate+0x200/0x200 [ 932.949051] Node 1 Normal: 252*4kB (ME) 238*8kB (ME) 162*16kB (UME) 93*32kB (ME) 18*64kB (M) 12*128kB (UME) 1*256kB (U) 2*512kB (UM) 2*1024kB (ME) 2*2048kB (ME) 2*4096kB (U) = 26784kB [ 932.951959] ? __fget+0x356/0x510 [ 932.956179] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 932.960663] ? do_dup2+0x450/0x450 [ 932.960678] ? __se_sys_futex+0x298/0x3b0 [ 932.960699] ksys_ioctl+0x9b/0xc0 [ 932.960721] __x64_sys_ioctl+0x6f/0xb0 [ 932.965025] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 932.993474] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 932.993488] do_syscall_64+0xf9/0x620 [ 932.993507] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 932.993519] RIP: 0033:0x7f4186d950f9 [ 932.993533] Code: Bad RIP value. [ 932.993540] RSP: 002b:00007f4185307168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 932.993556] RAX: ffffffffffffffda RBX: 00007f4186eb4f80 RCX: 00007f4186d950f9 [ 933.001209] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 933.001919] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 933.005986] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 933.011065] RBP: 00007f4186df0ae9 R08: 0000000000000000 R09: 0000000000000000 [ 933.011073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 933.011080] R13: 00007ffe4ad74e7f R14: 00007f4185307300 R15: 0000000000022000 [ 933.018037] Mem-Info: [ 933.033918] 35813 total pagecache pages [ 933.042317] active_anon:14131 inactive_anon:35217 isolated_anon:0 [ 933.042317] active_file:12 inactive_file:13 isolated_file:0 [ 933.042317] unevictable:0 dirty:0 writeback:0 unstable:0 [ 933.042317] slab_reclaimable:14198 slab_unreclaimable:117547 [ 933.042317] mapped:21971 shmem:35788 pagetables:575 bounce:0 [ 933.042317] free:13895 free_pcp:149 free_cma:0 [ 933.053047] 0 pages in swap cache [ 933.064073] Node 0 active_anon:54324kB inactive_anon:51192kB active_file:44kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 10240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 933.073027] Swap cache stats: add 0, delete 0, find 0/0 [ 933.087103] Node 1 active_anon:2200kB inactive_anon:89676kB active_file:4kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1376kB dirty:0kB writeback:0kB shmem:90392kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 933.098772] Free swap = 0kB [ 933.102549] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 933.124263] Total swap = 0kB [ 933.130821] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 933.135211] 2097051 pages RAM [ 933.135857] Node 0 DMA32 free:17916kB min:35996kB low:44992kB high:53988kB active_anon:54324kB inactive_anon:51192kB active_file:44kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7520kB pagetables:2024kB bounce:0kB free_pcp:344kB local_pcp:248kB free_cma:0kB [ 933.154302] 0 pages HighMem/MovableOnly [ 933.165399] lowmem_reserve[]: 0 0 1 1 1 [ 933.166303] 369649 pages reserved [ 933.174413] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 933.174445] lowmem_reserve[]: 0 0 0 0 0 [ 933.174464] Node 1 Normal free:26784kB min:53876kB low:67344kB high:80812kB active_anon:2200kB inactive_anon:89676kB active_file:4kB inactive_file:8kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:276kB bounce:0kB free_pcp:252kB local_pcp:248kB free_cma:0kB [ 933.174496] lowmem_reserve[]: 0 0 0 0 0 [ 933.189459] 0 pages cma reserved [ 933.192988] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 933.206440] Unreclaimable slab info: [ 933.206593] Node 0 DMA32: 1021*4kB (UME) 851*8kB (UME) 283*16kB (UME) 52*32kB (UME) 9*64kB (M) 2*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17916kB [ 933.215158] Name Used Total [ 933.218214] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 933.230174] pid_2 29KB 80KB [ 933.234736] Node 1 Normal: 252*4kB (ME) 238*8kB (ME) 162*16kB (UME) 93*32kB (ME) 18*64kB (M) 12*128kB (UME) 1*256kB (U) 2*512kB (UM) 2*1024kB (ME) 2*2048kB (ME) 2*4096kB (U) = 26784kB [ 933.263637] batadv_tt_change_cache 1KB 3KB [ 933.269682] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 933.284980] batadv_tl_cache 6KB 16KB [ 933.290644] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 933.332228] TIPC 13KB 37KB [ 933.355174] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 933.370882] SCTPv6 18KB 24KB [ 933.387719] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 933.425470] DCCPv6 17KB 30KB [ 933.457232] 35813 total pagecache pages [ 933.472186] DCCP 16KB 28KB [ 933.494572] 0 pages in swap cache [ 933.506505] RXRPC 14KB 26KB [ 933.527299] Swap cache stats: add 0, delete 0, find 0/0 [ 933.538985] rxrpc_call_jar 101KB 110KB [ 933.548052] Free swap = 0kB [ 933.548059] Total swap = 0kB [ 933.548067] 2097051 pages RAM [ 933.548072] 0 pages HighMem/MovableOnly [ 933.548077] 369649 pages reserved [ 933.548081] 0 pages cma reserved [ 933.720166] bridge_fdb_cache 12KB 23KB [ 933.725546] fib6_nodes 208KB 264KB [ 933.730989] ip6_dst_cache 436KB 618KB [ 933.736379] RAWv6 91KB 101KB [ 933.745342] UDPv6 33KB 41KB [ 933.750792] TCPv6 24KB 36KB [ 933.756163] nf_conntrack 11KB 22KB [ 933.766587] t10_alua_lu_gp_cache 0KB 3KB [ 933.772282] sd_ext_cdb 0KB 7KB [ 933.780964] scsi_sense_cache 1056KB 1060KB [ 933.786323] virtio_scsi_cmd 16KB 16KB [ 933.791733] sgpool-128 8KB 8KB [ 933.800534] sgpool-64 4KB 12KB [ 933.805898] sgpool-32 2KB 15KB [ 933.814660] sgpool-16 1KB 7KB [ 933.823722] sgpool-8 0KB 7KB [ 933.832516] mqueue_inode_cache 13KB 30KB [ 933.841462] bio_post_read_ctx 14KB 15KB [ 933.850134] bio-2 14KB 15KB [ 933.855500] jfs_mp 7KB 7KB [ 933.864429] cifs_small_rq 15KB 16KB [ 933.874899] cifs_request 67KB 67KB [ 933.883635] cifs_mpx_ids 0KB 7KB [ 933.892104] nfs_commit_data 3KB 14KB [ 933.900686] nfs_write_data 34KB 44KB [ 933.906085] ext4_system_zone 1KB 7KB [ 933.914854] bio-1 1KB 7KB [ 933.923406] pid_namespace 2KB 11KB [ 933.932346] rpc_buffers 17KB 25KB [ 933.940985] rpc_tasks 2KB 7KB [ 933.946353] UNIX 1200KB 1218KB [ 933.955171] tcp_bind_bucket 1KB 4KB [ 933.964118] ip_fib_trie 30KB 43KB [ 933.974414] ip_fib_alias 148KB 193KB [ 933.983230] ip_dst_cache 8KB 20KB [ 933.992200] RAW 54KB 60KB [ 934.000957] UDP 48KB 74KB [ 934.006324] TCP 8KB 22KB [ 934.015117] hugetlbfs_inode_cache 3KB 15KB [ 934.024329] fscache_cookie_jar 1KB 11KB [ 934.033282] eventpoll_pwq 26KB 43KB [ 934.042025] eventpoll_epi 47KB 66KB [ 934.050848] inotify_inode_mark 18KB 39KB [ 934.056301] request_queue 199KB 199KB [ 934.065068] blkdev_requests 1KB 3KB [ 934.075210] blkdev_ioc 26KB 38KB [ 934.084099] bio-0 1229KB 1252KB [ 934.092819] biovec-max 1542KB 1625KB [ 934.101548] biovec-64 1202KB 1283KB [ 934.110163] biovec-16 139KB 146KB [ 934.115539] bio_integrity_payload 1KB 8KB [ 934.124677] khugepaged_mm_slot 7KB 34KB [ 934.133222] uid_cache 0KB 4KB [ 934.142268] dmaengine-unmap-2 0KB 3KB [ 934.151071] skbuff_fclone_cache 69KB 86KB [ 934.156612] skbuff_head_cache 7935KB 8122KB [ 934.165111] configfs_dir_cache 3KB 7KB [ 934.175234] file_lock_cache 64KB 95KB [ 934.183694] file_lock_ctx 9KB 11KB [ 934.189340] fsnotify_mark_connector 9KB 23KB [ 934.195215] net_namespace 70KB 70KB [ 934.200761] shmem_inode_cache 8134KB 8232KB [ 934.206121] task_delay_info 200KB 367KB [ 934.211651] taskstats 47KB 68KB [ 934.217197] proc_dir_entry 825KB 866KB [ 934.222566] pde_opener 11KB 34KB [ 934.227995] seq_file 258KB 488KB [ 934.233986] sigqueue 54KB 63KB [ 934.240052] kernfs_node_cache 18231KB 18246KB [ 934.245884] mnt_cache 208KB 212KB [ 934.252108] filp 6696KB 7578KB [ 934.258237] names_cache 125005KB 125064KB [ 934.263656] iint_cache 33KB 55KB [ 934.269313] key_jar 29KB 135KB [ 934.274802] uts_namespace 3KB 7KB [ 934.282609] nsproxy 2KB 11KB [ 934.288062] vm_area_struct 3328KB 3782KB [ 934.293472] mm_struct 482KB 598KB [ 934.299145] fs_cache 193KB 356KB [ 934.304574] files_cache 725KB 735KB [ 934.310036] signal_cache 1411KB 1602KB [ 934.315450] sighand_cache 538KB 624KB [ 934.321739] task_struct 6956KB 6994KB [ 934.327206] cred_jar 1900KB 2504KB [ 934.332832] anon_vma_chain 1085KB 1488KB [ 934.339523] anon_vma 138KB 288KB [ 934.345532] pid 111KB 224KB [ 934.351606] Acpi-Operand 156KB 198KB [ 934.358443] Acpi-ParseExt 9KB 11KB [ 934.365196] Acpi-Parse 41KB 47KB [ 934.371407] Acpi-State 52KB 63KB [ 934.377469] Acpi-Namespace 20KB 27KB [ 934.385126] numa_policy 0KB 3KB [ 934.391183] debug_objects_cache 1476KB 1828KB [ 934.397503] trace_event_file 297KB 298KB [ 934.403472] ftrace_event_field 398KB 401KB [ 934.410410] pool_workqueue 135KB 152KB [ 934.416442] page->ptl 512KB 1004KB [ 934.422887] kmalloc-2097152 2050KB 2050KB [ 934.431818] kmalloc-524288 2056KB 2056KB [ 934.437422] kmalloc-262144 1290KB 1290KB [ 934.442875] kmalloc-131072 650KB 650KB [ 934.448504] kmalloc-65536 2376KB 2442KB [ 934.454508] kmalloc-32768 1980KB 1980KB [ 934.460545] kmalloc-16384 1204KB 1221KB [ 934.466507] kmalloc-8192 4958KB 4958KB [ 934.472605] kmalloc-4096 24828KB 24849KB [ 934.478691] kmalloc-2048 14549KB 14573KB [ 934.486316] kmalloc-1024 10935KB 12655KB [ 934.492544] kmalloc-512 16029KB 16275KB [ 934.498160] kmalloc-256 5045KB 6153KB [ 934.503522] kmalloc-128 1135KB 1472KB [ 934.509062] kmalloc-96 3512KB 4076KB [ 934.515049] kmalloc-64 2617KB 3880KB [ 934.521428] kmalloc-32 1938KB 2543KB [ 934.527534] kmalloc-192 1920KB 2772KB [ 934.533354] kmem_cache 177KB 183KB [ 934.539365] Out of memory (oom_kill_allocating_task): Kill process 8556 (systemd-journal) score 0 or sacrifice child [ 934.550959] Killed process 8556 (systemd-journal) total-vm:46096kB, anon-rss:464kB, file-rss:0kB, shmem-rss:1292kB [ 934.562741] oom_reaper: reaped process 8556 (systemd-journal), now anon-rss:0kB, file-rss:0kB, shmem-rss:1292kB [ 934.676187] systemd[1]: systemd-journald.service: Failed with result 'signal'. [ 934.693559] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 934.704436] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 934.711343] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 934.718297] systemd[1]: Stopped Journal Service. [ 934.736848] systemd[1]: Starting Journal Service... [ 934.882604] systemd-journald[8612]: File /run/log/journal/04d8c135ee6b410280ba31a58c89679d/system.journal corrupted or uncleanly shut down, renaming and replacing. [ 935.352710] systemd[1]: Started Journal Service. 02:38:25 executing program 2: semtimedop(0x0, &(0x7f0000000480), 0x0, &(0x7f0000000500)) 02:38:25 executing program 5: ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:25 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x1f, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:38:25 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) clock_gettime(0x0, &(0x7f0000000000)) r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r4, 0x0, 0x0}, 0x10) 02:38:27 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:27 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:27 executing program 2: semtimedop(0x0, &(0x7f0000000480), 0x0, &(0x7f0000000500)) 02:38:27 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x5b, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:38:27 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:27 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) clock_gettime(0x0, &(0x7f0000000000)) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) 02:38:27 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{}], 0x1, 0x0) 02:38:27 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "339eb40f"}, 0x4, 0x4, {}, 0x74ef}) 02:38:27 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:28 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) clock_gettime(0x0, &(0x7f0000000000)) 02:38:28 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:28 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:28 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "339eb40f"}, 0x0, 0x4, {}, 0x74ef}) 02:38:28 executing program 5: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:28 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) 02:38:28 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:28 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:28 executing program 5: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:28 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{}], 0x1, 0x0) 02:38:28 executing program 4: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)=@fd={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "339eb40f"}}) 02:38:28 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$vim2m_VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000000080)=0x1) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:28 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:28 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:28 executing program 5: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:28 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x0, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:28 executing program 5: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:28 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:28 executing program 4: semtimedop(0x0, &(0x7f0000000480)=[{}], 0x1, 0x0) 02:38:28 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) pipe2$watch_queue(&(0x7f0000000040), 0x80) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:28 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:29 executing program 2: semtimedop(0x0, &(0x7f0000000480)=[{}], 0x1, 0x0) 02:38:29 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x0, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:29 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:29 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:38:29 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:29 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x0, @sliced={0x3, [0x8, 0x9, 0x9, 0xfff9, 0xffff, 0x6, 0x0, 0x81, 0x7f, 0x101, 0x7, 0x20, 0x9, 0x9, 0x8001, 0xe, 0x3, 0x1, 0x5fc8, 0x6, 0x120, 0x8, 0x200, 0xd4d, 0x3f, 0xfffc, 0x6, 0x200, 0x3, 0x4e9d, 0x8, 0x0, 0x81, 0x9, 0x5, 0x6038, 0x8000, 0x9, 0x100, 0x3000, 0x50, 0x8, 0x1, 0x9ab, 0x6, 0xff, 0x2, 0x2], 0x6c}}) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:29 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x0, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:29 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:29 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d00)={r2, 0x0, 0x0}, 0x10) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:29 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x0, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:29 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:38:29 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x0, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:29 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:38:30 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:30 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:30 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:30 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:30 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x0, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:30 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:30 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:30 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:30 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:30 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:30 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:30 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) [ 945.431829] oom_reaper: reaped process 8767 (syz-executor.1), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 945.457581] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 945.473750] in:imklog cpuset=/ mems_allowed=0-1 [ 945.478495] CPU: 0 PID: 7865 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 945.485857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 945.495208] Call Trace: [ 945.497804] dump_stack+0x1fc/0x2ef [ 945.501473] dump_header+0x15d/0xc3f [ 945.505189] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 945.510310] ? ___ratelimit+0x319/0x590 [ 945.514288] oom_kill_process.cold+0x10/0x692 [ 945.518790] ? check_preemption_disabled+0x41/0x280 [ 945.523826] ? has_intersects_mems_allowed+0x1d6/0x290 [ 945.529112] out_of_memory+0x1072/0x1390 [ 945.533184] ? oom_killer_disable+0x270/0x270 [ 945.537689] ? mutex_trylock+0x15f/0x1a0 [ 945.541762] __alloc_pages_nodemask+0x23a2/0x2890 [ 945.546620] ? find_get_entry+0x4cd/0x8a0 [ 945.550782] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 945.555647] alloc_pages_current+0x193/0x2a0 [ 945.560058] filemap_fault+0x146e/0x2180 [ 945.564131] ext4_filemap_fault+0x84/0xb0 [ 945.568279] __do_fault+0x10b/0x4b0 [ 945.571913] __handle_mm_fault+0x273b/0x41c0 [ 945.576319] ? vm_insert_page+0x9c0/0x9c0 [ 945.580450] ? lock_downgrade+0x720/0x720 [ 945.584600] ? check_preemption_disabled+0x41/0x280 [ 945.589622] handle_mm_fault+0x436/0xb10 [ 945.593673] __do_page_fault+0x68e/0xd60 [ 945.597722] ? trace_hardirqs_off_caller+0x6e/0x210 [ 945.602745] ? spurious_fault+0x840/0x840 [ 945.606879] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 945.611707] ? page_fault+0x8/0x30 [ 945.615230] page_fault+0x1e/0x30 [ 945.618669] RIP: 0033:0x7fa46d36f22d [ 945.622367] Code: Bad RIP value. [ 945.625712] RSP: 002b:00007fa46ad0b580 EFLAGS: 00010293 [ 945.631068] RAX: 0000000000000076 RBX: 0000000000000000 RCX: 00007fa46d36f22d [ 945.638324] RDX: 0000000000001fa0 RSI: 00007fa46ad0bda0 RDI: 0000000000000004 [ 945.645586] RBP: 00005579f11249d0 R08: 00007fa46c4e8940 R09: 0000000004000001 [ 945.652838] R10: 0000000000000001 R11: 0000000000000293 R12: 00007fa46ad0bda0 [ 945.660092] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007fa46ad0bdd8 [ 945.670256] Mem-Info: [ 945.672691] active_anon:15791 inactive_anon:37249 isolated_anon:0 [ 945.672691] active_file:39 inactive_file:41 isolated_file:0 [ 945.672691] unevictable:0 dirty:17 writeback:0 unstable:0 [ 945.672691] slab_reclaimable:14053 slab_unreclaimable:119079 [ 945.672691] mapped:21988 shmem:37836 pagetables:624 bounce:0 [ 945.672691] free:13931 free_pcp:962 free_cma:0 [ 945.679344] syz-executor.1: vmalloc: allocation failure, allocated 1671737344 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 945.706119] Node 0 active_anon:60912kB inactive_anon:51192kB active_file:136kB inactive_file:96kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86512kB dirty:52kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 18432kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 945.706139] Node 1 active_anon:2252kB inactive_anon:97804kB active_file:20kB inactive_file:68kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1440kB dirty:16kB writeback:0kB shmem:98584kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 945.706147] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 945.731667] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 945.749506] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 945.787516] CPU: 1 PID: 8767 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 945.801188] Node 0 DMA32 free:17940kB min:35996kB low:44992kB high:53988kB active_anon:60932kB inactive_anon:51192kB active_file:508kB inactive_file:492kB unevictable:0kB writepending:152kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7616kB pagetables:2212kB bounce:0kB free_pcp:1760kB local_pcp:1508kB free_cma:0kB [ 945.806144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 945.806149] Call Trace: [ 945.806168] dump_stack+0x1fc/0x2ef [ 945.806184] warn_alloc.cold+0x7b/0x18f [ 945.806200] ? zone_watermark_ok_safe+0x260/0x260 [ 945.806217] ? rcu_nmi_exit+0xb3/0x180 [ 945.811206] lowmem_reserve[]: 0 0 1 1 1 [ 945.819006] __vmalloc_area_node+0x4fd/0x780 [ 945.819027] ? __vmalloc_node_range+0x180/0x180 [ 945.819042] ? _raw_spin_unlock+0x29/0x40 [ 945.819055] ? __get_vm_area_node+0x2e2/0x3a0 [ 945.819074] __vmalloc_node_range+0xed/0x180 [ 945.819095] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 945.863583] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 945.864016] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 945.868010] lowmem_reserve[]: 0 0 0 0 0 [ 945.872798] vmalloc_user+0x70/0xe0 [ 945.883338] Node 1 Normal free:26916kB min:53876kB low:67344kB high:80812kB active_anon:2268kB inactive_anon:97804kB active_file:32kB inactive_file:36kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:284kB bounce:0kB free_pcp:2120kB local_pcp:560kB free_cma:0kB [ 945.885010] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 945.889685] lowmem_reserve[]: 0 0 0 0 0 [ 945.893782] vb2_vmalloc_alloc+0xb3/0x2f0 [ 945.906072] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 945.906962] __vb2_queue_alloc+0x472/0xe60 [ 945.941142] Node 0 DMA32: 1036*4kB (UME) 862*8kB (UME) 266*16kB (ME) 37*32kB (ME) 3*64kB (UM) 2*128kB (UM) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 18208kB [ 945.942115] vb2_core_create_bufs+0x273/0x7e0 [ 945.945750] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 945.974489] ? __vb2_queue_free+0x870/0x870 [ 945.974505] ? mutex_trylock+0x1a0/0x1a0 [ 945.974519] ? __video_do_ioctl+0x632/0xcd0 [ 945.974537] vb2_create_bufs+0x332/0x620 [ 945.974551] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 945.974562] ? __video_do_ioctl+0x632/0xcd0 [ 945.974574] ? mutex_trylock+0x1a0/0x1a0 [ 945.974587] ? mark_held_locks+0xf0/0xf0 [ 945.974601] ? futex_wait_queue_me+0x404/0x5e0 [ 945.974617] vb2_ioctl_create_bufs+0x20d/0x360 [ 945.974631] ? memset+0x20/0x40 [ 945.974645] v4l_create_bufs+0xb2/0x160 [ 945.974662] __video_do_ioctl+0x49a/0xcd0 [ 945.974681] ? v4l_querycap+0x340/0x340 [ 945.974699] ? __might_fault+0x192/0x1d0 [ 945.974715] ? v4l_querycap+0x340/0x340 [ 945.974730] video_usercopy+0x13f/0xfa0 [ 945.974749] ? v4l_enumstd+0x60/0x60 [ 945.974762] ? do_futex+0x171/0x1880 [ 945.974777] ? mark_held_locks+0xf0/0xf0 [ 945.974794] ? debug_check_no_obj_freed+0x201/0x490 [ 945.974815] ? video_usercopy+0xfa0/0xfa0 [ 945.974827] v4l2_ioctl+0x147/0x1a0 [ 945.974839] ? video_devdata+0xa0/0xa0 [ 945.974853] do_vfs_ioctl+0xcdb/0x12e0 [ 945.974867] ? lock_downgrade+0x720/0x720 [ 945.974882] ? check_preemption_disabled+0x41/0x280 [ 945.974895] ? ioctl_preallocate+0x200/0x200 [ 945.974911] ? __fget+0x356/0x510 [ 945.974932] ? do_dup2+0x450/0x450 [ 945.974946] ? __se_sys_futex+0x298/0x3b0 [ 945.974966] ksys_ioctl+0x9b/0xc0 [ 945.974982] __x64_sys_ioctl+0x6f/0xb0 [ 945.974995] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 945.975007] do_syscall_64+0xf9/0x620 [ 945.975025] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 945.975036] RIP: 0033:0x7f344dd4c0f9 [ 945.975049] Code: Bad RIP value. [ 945.975056] RSP: 002b:00007f344c2be168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 945.975069] RAX: ffffffffffffffda RBX: 00007f344de6bf80 RCX: 00007f344dd4c0f9 [ 945.975076] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 945.975084] RBP: 00007f344dda7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 945.975090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 945.975102] R13: 00007ffd560f77bf R14: 00007f344c2be300 R15: 0000000000022000 [ 945.984639] Mem-Info: [ 945.995299] Node 1 Normal: 331*4kB (UME) 283*8kB (UME) 206*16kB (UME) 108*32kB (UME) 32*64kB (ME) 10*128kB (UME) 0*256kB 0*512kB 1*1024kB (E) 2*2048kB (UE) 2*4096kB (UM) = 26980kB [ 946.009102] active_anon:15777 inactive_anon:37249 isolated_anon:0 [ 946.009102] active_file:16 inactive_file:17 isolated_file:0 [ 946.009102] unevictable:0 dirty:0 writeback:0 unstable:0 [ 946.009102] slab_reclaimable:14044 slab_unreclaimable:119070 [ 946.009102] mapped:21971 shmem:37836 pagetables:623 bounce:0 [ 946.009102] free:13981 free_pcp:910 free_cma:0 [ 946.027371] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 946.044748] Node 0 active_anon:60840kB inactive_anon:51192kB active_file:32kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 946.049102] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 946.049464] Node 1 active_anon:2268kB inactive_anon:97804kB active_file:32kB inactive_file:36kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1376kB dirty:0kB writeback:0kB shmem:98584kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 946.055149] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 946.069025] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 946.081100] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 946.083545] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 946.091001] 37869 total pagecache pages [ 946.099728] Node 0 DMA32 free:18140kB min:35996kB low:44992kB high:53988kB active_anon:60840kB inactive_anon:51192kB active_file:32kB inactive_file:32kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7616kB pagetables:2208kB bounce:0kB free_pcp:1520kB local_pcp:256kB free_cma:0kB [ 946.101901] 0 pages in swap cache [ 946.103799] lowmem_reserve[]: 0 0 1 1 1 [ 946.112577] Swap cache stats: add 0, delete 0, find 0/0 [ 946.115629] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 946.119483] Free swap = 0kB [ 946.125042] lowmem_reserve[]: 0 0 0 0 0 [ 946.135321] Total swap = 0kB [ 946.144140] Node 1 Normal free:26916kB min:53876kB low:67344kB high:80812kB active_anon:2268kB inactive_anon:97804kB active_file:32kB inactive_file:36kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:284kB bounce:0kB free_pcp:2120kB local_pcp:1560kB free_cma:0kB [ 946.144358] 2097051 pages RAM [ 946.149406] lowmem_reserve[]: 0 0 0 0 0 [ 946.162021] 0 pages HighMem/MovableOnly [ 946.169048] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 946.183444] 369649 pages reserved [ 946.192641] Node 0 DMA32: 1036*4kB (UME) 862*8kB (UME) 266*16kB (ME) 37*32kB (ME) 3*64kB (UM) 2*128kB (UM) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 18208kB [ 946.193086] 0 pages cma reserved [ 946.200918] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 946.218873] Unreclaimable slab info: [ 946.226251] Node 1 Normal: 331*4kB (UME) 283*8kB (UME) 206*16kB (UME) 108*32kB (UME) 32*64kB (ME) 10*128kB (UME) 0*256kB 0*512kB 1*1024kB (E) 2*2048kB (UE) 2*4096kB (UM) = 26980kB [ 946.234099] Name Used Total [ 946.240380] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 946.268802] pid_2 29KB 80KB [ 946.296769] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 946.304795] batadv_tt_change_cache 1KB 3KB [ 946.333258] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 946.338840] batadv_tl_cache 6KB 16KB [ 946.369190] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 946.376938] TIPC 13KB 37KB [ 946.406131] 37869 total pagecache pages [ 946.412205] SCTPv6 18KB 24KB [ 946.415246] 0 pages in swap cache [ 946.450507] DCCPv6 17KB 30KB [ 946.459604] Swap cache stats: add 0, delete 0, find 0/0 [ 946.490960] DCCP 16KB 28KB [ 946.502857] Free swap = 0kB [ 946.533264] RXRPC 14KB 26KB [ 946.556681] Total swap = 0kB [ 946.579317] rxrpc_call_jar 101KB 110KB [ 946.584006] 2097051 pages RAM [ 946.584288] bridge_fdb_cache 12KB 23KB [ 946.608114] 0 pages HighMem/MovableOnly [ 946.627737] fib6_nodes 208KB 264KB [ 946.632687] 369649 pages reserved [ 946.635229] ip6_dst_cache 425KB 615KB [ 946.644058] 0 pages cma reserved [ 946.747362] RAWv6 91KB 101KB [ 946.752724] UDPv6 33KB 41KB [ 946.761981] TCPv6 24KB 36KB [ 946.769812] nf_conntrack 11KB 22KB [ 946.775235] t10_alua_lu_gp_cache 0KB 3KB [ 946.785207] sd_ext_cdb 0KB 7KB [ 946.805906] scsi_sense_cache 1056KB 1060KB [ 946.811299] virtio_scsi_cmd 16KB 16KB [ 946.823722] sgpool-128 8KB 8KB [ 946.832712] sgpool-64 4KB 12KB [ 946.844888] sgpool-32 2KB 15KB [ 946.853732] sgpool-16 1KB 7KB [ 946.866358] sgpool-8 0KB 7KB [ 946.871934] mqueue_inode_cache 13KB 30KB [ 946.885404] bio_post_read_ctx 14KB 15KB [ 946.897394] bio-2 14KB 15KB [ 946.902759] jfs_mp 7KB 7KB [ 946.923256] cifs_small_rq 15KB 16KB [ 946.943539] cifs_request 67KB 67KB [ 946.953103] cifs_mpx_ids 0KB 7KB [ 946.974191] nfs_commit_data 3KB 14KB [ 946.980428] nfs_write_data 34KB 44KB [ 947.001125] ext4_system_zone 1KB 7KB [ 947.009636] bio-1 1KB 7KB [ 947.015002] pid_namespace 2KB 11KB [ 947.040054] rpc_buffers 17KB 25KB [ 947.045431] rpc_tasks 2KB 7KB [ 947.054338] UNIX 1158KB 1196KB [ 947.074548] tcp_bind_bucket 1KB 4KB [ 947.084968] ip_fib_trie 30KB 43KB [ 947.100324] ip_fib_alias 148KB 193KB [ 947.110030] ip_dst_cache 8KB 20KB [ 947.115402] RAW 54KB 60KB [ 947.123125] UDP 38KB 67KB [ 947.134323] TCP 8KB 28KB [ 947.139804] hugetlbfs_inode_cache 3KB 15KB [ 947.153157] fscache_cookie_jar 1KB 11KB [ 947.159054] eventpoll_pwq 29KB 43KB [ 947.164805] eventpoll_epi 53KB 66KB [ 947.175512] inotify_inode_mark 21KB 39KB [ 947.181831] request_queue 199KB 199KB [ 947.188530] blkdev_requests 1KB 3KB [ 947.193939] blkdev_ioc 23KB 38KB [ 947.199353] bio-0 1044KB 1091KB [ 947.204762] biovec-max 1493KB 1600KB [ 947.210165] biovec-64 1057KB 1149KB [ 947.215650] biovec-16 133KB 153KB [ 947.226753] bio_integrity_payload 1KB 8KB [ 947.232470] khugepaged_mm_slot 6KB 34KB [ 947.238068] uid_cache 0KB 4KB [ 947.243434] dmaengine-unmap-2 0KB 3KB [ 947.248882] skbuff_fclone_cache 64KB 86KB [ 947.254897] skbuff_head_cache 7193KB 8021KB [ 947.260837] configfs_dir_cache 3KB 7KB [ 947.266383] file_lock_cache 78KB 95KB [ 947.272225] file_lock_ctx 9KB 11KB [ 947.278064] fsnotify_mark_connector 11KB 23KB [ 947.284330] net_namespace 70KB 70KB [ 947.290118] shmem_inode_cache 8188KB 8228KB [ 947.295936] task_delay_info 204KB 367KB [ 947.302057] taskstats 43KB 65KB [ 947.307897] proc_dir_entry 825KB 866KB [ 947.313586] pde_opener 12KB 34KB [ 947.319794] seq_file 272KB 488KB [ 947.325713] sigqueue 61KB 66KB [ 947.331074] kernfs_node_cache 18229KB 18246KB [ 947.336856] mnt_cache 208KB 212KB [ 947.345515] filp 6578KB 7575KB [ 947.350881] names_cache 128086KB 128086KB [ 947.365526] iint_cache 28KB 55KB [ 947.370893] key_jar 23KB 135KB [ 947.395513] uts_namespace 3KB 7KB [ 947.400886] nsproxy 2KB 11KB [ 947.406289] vm_area_struct 3541KB 3770KB [ 947.411651] mm_struct 503KB 598KB [ 947.417509] fs_cache 200KB 356KB [ 947.422878] files_cache 749KB 757KB [ 947.428316] signal_cache 1447KB 1602KB [ 947.433678] sighand_cache 550KB 624KB [ 947.439568] task_struct 7063KB 7120KB [ 947.444925] cred_jar 1889KB 2504KB [ 947.450352] anon_vma_chain 1176KB 1488KB [ 947.455763] anon_vma 162KB 288KB [ 947.461118] pid 113KB 224KB [ 947.466567] Acpi-Operand 156KB 198KB [ 947.471929] Acpi-ParseExt 9KB 11KB [ 947.477346] Acpi-Parse 41KB 47KB [ 947.482704] Acpi-State 52KB 63KB [ 947.488126] Acpi-Namespace 20KB 27KB [ 947.493489] numa_policy 0KB 3KB [ 947.498922] debug_objects_cache 1474KB 1828KB [ 947.504456] trace_event_file 297KB 298KB [ 947.509940] ftrace_event_field 398KB 401KB [ 947.515392] pool_workqueue 135KB 152KB [ 947.520804] page->ptl 535KB 1004KB [ 947.526261] kmalloc-2097152 2050KB 2050KB [ 947.531625] kmalloc-524288 2056KB 2056KB [ 947.537060] kmalloc-262144 1290KB 1290KB [ 947.542418] kmalloc-131072 650KB 650KB [ 947.547838] kmalloc-65536 2376KB 2442KB [ 947.553331] kmalloc-32768 1980KB 1980KB [ 947.558744] kmalloc-16384 1237KB 1237KB [ 947.564108] kmalloc-8192 4958KB 4958KB [ 947.569548] kmalloc-4096 25291KB 25351KB [ 947.574912] kmalloc-2048 14554KB 14592KB [ 947.580330] kmalloc-1024 10314KB 12458KB [ 947.585742] kmalloc-512 14696KB 16211KB [ 947.591127] kmalloc-256 5053KB 6153KB [ 947.598717] kmalloc-128 1114KB 1472KB [ 947.604085] kmalloc-96 3362KB 4076KB [ 947.611812] kmalloc-64 2624KB 3880KB [ 947.621490] kmalloc-32 1923KB 2543KB [ 947.629526] kmalloc-192 1925KB 2772KB [ 947.634994] kmem_cache 177KB 183KB [ 947.644150] Out of memory (oom_kill_allocating_task): Kill process 7865 (in:imklog) score 0 or sacrifice child [ 947.657374] Killed process 7861 (rsyslogd) total-vm:254332kB, anon-rss:748kB, file-rss:0kB, shmem-rss:0kB [ 947.671512] oom_reaper: reaped process 7861 (rsyslogd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 02:38:38 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:40 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:40 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:40 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6], 0x6}}, 0xfffffffa}) 02:38:40 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:40 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:40 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:40 executing program 4: ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:40 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:40 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:40 executing program 4: ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:40 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:40 executing program 4: ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:40 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:40 executing program 4: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) [ 955.452204] oom_reaper: reaped process 8813 (syz-executor.5), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 955.487128] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 955.498569] in:imklog cpuset=/ mems_allowed=0-1 [ 955.503277] CPU: 1 PID: 8798 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 955.510631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 955.519972] Call Trace: [ 955.522566] dump_stack+0x1fc/0x2ef [ 955.526196] dump_header+0x15d/0xc3f [ 955.529926] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 955.535025] ? ___ratelimit+0x319/0x590 [ 955.539001] oom_kill_process.cold+0x10/0x692 [ 955.543499] ? check_preemption_disabled+0x41/0x280 [ 955.548526] ? has_intersects_mems_allowed+0x1d6/0x290 [ 955.553803] out_of_memory+0x1072/0x1390 [ 955.557869] ? oom_killer_disable+0x270/0x270 [ 955.562363] ? mutex_trylock+0x15f/0x1a0 [ 955.566427] __alloc_pages_nodemask+0x23a2/0x2890 [ 955.571314] ? find_get_entry+0x4cd/0x8a0 [ 955.575473] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 955.580339] alloc_pages_current+0x193/0x2a0 [ 955.584746] filemap_fault+0x146e/0x2180 [ 955.588828] ext4_filemap_fault+0x84/0xb0 [ 955.592970] __do_fault+0x10b/0x4b0 [ 955.596592] __handle_mm_fault+0x273b/0x41c0 [ 955.601007] ? vm_insert_page+0x9c0/0x9c0 [ 955.605154] ? lock_downgrade+0x720/0x720 [ 955.609409] ? check_preemption_disabled+0x41/0x280 [ 955.614431] handle_mm_fault+0x436/0xb10 [ 955.618499] __do_page_fault+0x68e/0xd60 [ 955.622566] ? trace_hardirqs_off_caller+0x6e/0x210 [ 955.627677] ? spurious_fault+0x840/0x840 [ 955.631829] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 955.636670] ? page_fault+0x8/0x30 [ 955.640202] page_fault+0x1e/0x30 [ 955.643654] RIP: 0033:0x7f99f6e8b22d [ 955.647357] Code: Bad RIP value. [ 955.650701] RSP: 002b:00007f99f4827580 EFLAGS: 00010293 [ 955.656046] RAX: 0000000000000076 RBX: 0000000000000000 RCX: 00007f99f6e8b22d [ 955.663306] RDX: 0000000000001fa0 RSI: 00007f99f4827da0 RDI: 0000000000000004 [ 955.664751] syz-executor.5: vmalloc: allocation failure, allocated 1667887104 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 955.670559] RBP: 000055b505a6e9d0 R08: 0000000000000000 R09: 0000000000000000 [ 955.670570] R10: 2ce33e6c02ce33e7 R11: 0000000000000293 R12: 00007f99f4827da0 [ 955.692168] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 955.698856] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f99f48294d4 [ 955.701853] Mem-Info: [ 955.712427] CPU: 0 PID: 8813 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 [ 955.713792] active_anon:15765 inactive_anon:37249 isolated_anon:0 [ 955.713792] active_file:48 inactive_file:16 isolated_file:0 [ 955.713792] unevictable:0 dirty:10 writeback:9 unstable:0 [ 955.713792] slab_reclaimable:14068 slab_unreclaimable:119475 [ 955.713792] mapped:22047 shmem:37836 pagetables:610 bounce:0 [ 955.713792] free:13936 free_pcp:1484 free_cma:0 [ 955.721535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 955.721540] Call Trace: [ 955.721559] dump_stack+0x1fc/0x2ef [ 955.721591] warn_alloc.cold+0x7b/0x18f [ 955.754999] Node 0 active_anon:60624kB inactive_anon:51192kB active_file:104kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86600kB dirty:24kB writeback:36kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 18432kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 955.764317] ? zone_watermark_ok_safe+0x260/0x260 [ 955.766953] Node 1 active_anon:2436kB inactive_anon:97804kB active_file:88kB inactive_file:72kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1588kB dirty:16kB writeback:0kB shmem:98584kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 955.770496] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 955.774441] Node 0 DMA free:10864kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 955.802263] ? retint_kernel+0x2d/0x2d [ 955.802290] __vmalloc_area_node+0x4fd/0x780 [ 955.802312] ? __vmalloc_node_range+0x180/0x180 [ 955.802323] ? _raw_spin_unlock+0x29/0x40 [ 955.802335] ? __get_vm_area_node+0x2e2/0x3a0 [ 955.802353] __vmalloc_node_range+0xed/0x180 [ 955.802369] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 955.802383] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 955.802407] vmalloc_user+0x70/0xe0 [ 955.802422] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 955.802436] vb2_vmalloc_alloc+0xb3/0x2f0 [ 955.802451] __vb2_queue_alloc+0x472/0xe60 [ 955.802476] vb2_core_create_bufs+0x273/0x7e0 [ 955.802491] ? __vb2_queue_free+0x870/0x870 [ 955.802508] ? mutex_trylock+0x1a0/0x1a0 [ 955.802524] ? __video_do_ioctl+0x632/0xcd0 [ 955.802545] vb2_create_bufs+0x332/0x620 [ 955.802562] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 955.802576] ? __video_do_ioctl+0x632/0xcd0 [ 955.802589] ? mutex_trylock+0x1a0/0x1a0 [ 955.802604] ? mark_held_locks+0xf0/0xf0 [ 955.802620] ? futex_wait_queue_me+0x404/0x5e0 [ 955.802638] vb2_ioctl_create_bufs+0x20d/0x360 [ 955.802653] ? memset+0x20/0x40 [ 955.802670] v4l_create_bufs+0xb2/0x160 [ 955.802687] __video_do_ioctl+0x49a/0xcd0 [ 955.802707] ? v4l_querycap+0x340/0x340 [ 955.802725] ? __might_fault+0x192/0x1d0 [ 955.802743] ? v4l_querycap+0x340/0x340 [ 955.802758] video_usercopy+0x13f/0xfa0 [ 955.802779] ? v4l_enumstd+0x60/0x60 [ 955.802793] ? do_futex+0x171/0x1880 [ 955.802808] ? mark_held_locks+0xf0/0xf0 [ 955.802826] ? debug_check_no_obj_freed+0x201/0x490 [ 955.802849] ? video_usercopy+0xfa0/0xfa0 [ 955.802861] v4l2_ioctl+0x147/0x1a0 [ 955.802874] ? video_devdata+0xa0/0xa0 [ 955.802889] do_vfs_ioctl+0xcdb/0x12e0 [ 955.802904] ? lock_downgrade+0x720/0x720 [ 955.802920] ? check_preemption_disabled+0x41/0x280 [ 955.802934] ? ioctl_preallocate+0x200/0x200 [ 955.802958] ? __fget+0x356/0x510 [ 955.802975] ? do_dup2+0x450/0x450 [ 955.802987] ? __se_sys_futex+0x298/0x3b0 [ 955.803008] ksys_ioctl+0x9b/0xc0 [ 955.803024] __x64_sys_ioctl+0x6f/0xb0 [ 955.803038] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 955.803053] do_syscall_64+0xf9/0x620 [ 955.803071] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 955.803083] RIP: 0033:0x7fb9b1ecd0f9 [ 955.803098] Code: Bad RIP value. [ 955.803105] RSP: 002b:00007fb9b043f168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 955.803118] RAX: ffffffffffffffda RBX: 00007fb9b1fecf80 RCX: 00007fb9b1ecd0f9 [ 955.803126] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 955.803134] RBP: 00007fb9b1f28ae9 R08: 0000000000000000 R09: 0000000000000000 [ 955.803141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 955.803149] R13: 00007ffd6a14577f R14: 00007fb9b043f300 R15: 0000000000022000 [ 955.806822] Mem-Info: [ 955.815009] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 955.841694] active_anon:15741 inactive_anon:37249 isolated_anon:0 [ 955.841694] active_file:12 inactive_file:12 isolated_file:0 [ 955.841694] unevictable:0 dirty:0 writeback:0 unstable:0 [ 955.841694] slab_reclaimable:14057 slab_unreclaimable:119439 [ 955.841694] mapped:22011 shmem:37836 pagetables:609 bounce:0 [ 955.841694] free:14101 free_pcp:1434 free_cma:0 [ 955.886711] Node 0 DMA32 free:18600kB min:35996kB low:44992kB high:53988kB active_anon:60532kB inactive_anon:51192kB active_file:40kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7584kB pagetables:2136kB bounce:0kB free_pcp:2592kB local_pcp:1280kB free_cma:0kB [ 955.891800] Node 0 active_anon:60532kB inactive_anon:51192kB active_file:40kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 955.892701] lowmem_reserve[]: 0 0 1 1 1 [ 955.897034] Node 1 active_anon:2432kB inactive_anon:97804kB active_file:8kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1536kB dirty:0kB writeback:0kB shmem:98584kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 955.897039] Node 0 DMA free:10864kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 955.907782] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 955.912492] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 955.914571] lowmem_reserve[]: 0 0 0 0 0 [ 955.920070] Node 0 DMA32 free:18600kB min:35996kB low:44992kB high:53988kB active_anon:60532kB inactive_anon:51192kB active_file:40kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7584kB pagetables:2136kB bounce:0kB free_pcp:2592kB local_pcp:1312kB free_cma:0kB [ 955.928084] Node 1 Normal free:26932kB min:53876kB low:67344kB high:80812kB active_anon:2432kB inactive_anon:97804kB active_file:8kB inactive_file:8kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:300kB bounce:0kB free_pcp:3144kB local_pcp:1500kB free_cma:0kB [ 955.931871] lowmem_reserve[]: 0 0 1 1 1 [ 955.943230] lowmem_reserve[]: 0 0 0 0 0 [ 955.949975] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 955.954516] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10864kB [ 955.957843] lowmem_reserve[]: 0 0 0 0 0 [ 955.957863] Node 1 Normal free:26932kB min:53876kB low:67344kB high:80812kB active_anon:2432kB inactive_anon:97804kB active_file:8kB inactive_file:8kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:300kB bounce:0kB free_pcp:3144kB local_pcp:1644kB free_cma:0kB [ 955.957895] lowmem_reserve[]: 0 0 0 0 0 [ 955.967804] Node 0 DMA32: 954*4kB (UME) 822*8kB (UME) 255*16kB (UME) 42*32kB (UME) 2*64kB (UM) 1*128kB (M) 2*256kB (UM) 2*512kB (UM) 1*1024kB (U) 0*2048kB 0*4096kB = 18632kB [ 955.976369] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10864kB [ 955.982180] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 955.982773] Node 0 DMA32: 954*4kB (UME) 822*8kB (UME) 255*16kB (UME) 42*32kB (UME) 2*64kB (UM) 1*128kB (M) 2*256kB (UM) 2*512kB (UM) 1*1024kB (U) 0*2048kB 0*4096kB = 18632kB [ 955.982849] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 955.982903] Node 1 Normal: 357*4kB (UME) 284*8kB (UME) 206*16kB (UME) 75*32kB (UME) 16*64kB (ME) 13*128kB (ME) 0*256kB 1*512kB (U) 2*1024kB (UE) 2*2048kB (UE) 2*4096kB (UM) = 26932kB [ 955.982985] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 955.982995] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 955.983005] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 955.983015] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 955.983021] 37860 total pagecache pages [ 955.983033] 0 pages in swap cache [ 955.983041] Swap cache stats: add 0, delete 0, find 0/0 [ 955.983045] Free swap = 0kB [ 955.983050] Total swap = 0kB [ 955.983058] 2097051 pages RAM [ 955.983063] 0 pages HighMem/MovableOnly [ 955.983068] 369649 pages reserved [ 955.983072] 0 pages cma reserved [ 956.622501] Node 1 Normal: 357*4kB (UME) 284*8kB (UME) 206*16kB (UME) 75*32kB (UME) 16*64kB (ME) 13*128kB (ME) 0*256kB 1*512kB (U) 2*1024kB (UE) 2*2048kB (UE) 2*4096kB (UM) = 26932kB [ 956.653236] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 956.670717] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 956.679501] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 956.697912] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 956.712762] 37860 total pagecache pages [ 956.719190] 0 pages in swap cache [ 956.722640] Swap cache stats: add 0, delete 0, find 0/0 [ 956.733653] Free swap = 0kB [ 956.738914] Total swap = 0kB [ 956.741931] 2097051 pages RAM [ 956.750735] 0 pages HighMem/MovableOnly [ 956.757193] 369649 pages reserved [ 956.760644] 0 pages cma reserved [ 956.763999] Unreclaimable slab info: [ 956.773176] Name Used Total [ 956.781242] pid_2 31KB 80KB [ 956.793368] batadv_tt_change_cache 1KB 3KB [ 956.801610] batadv_tl_cache 6KB 16KB [ 956.813189] TIPC 12KB 37KB [ 956.821024] SCTPv6 18KB 24KB [ 956.832599] DCCPv6 17KB 30KB [ 956.840445] DCCP 16KB 28KB [ 956.851835] RXRPC 13KB 26KB [ 956.860873] rxrpc_call_jar 90KB 110KB [ 956.871749] bridge_fdb_cache 10KB 23KB [ 956.879366] fib6_nodes 190KB 264KB [ 956.890371] ip6_dst_cache 428KB 615KB [ 956.898027] RAWv6 91KB 101KB [ 956.903415] UDPv6 30KB 41KB [ 956.912290] TCPv6 24KB 30KB [ 956.920288] nf_conntrack 12KB 22KB [ 956.928511] t10_alua_lu_gp_cache 0KB 3KB [ 956.937276] sd_ext_cdb 0KB 7KB [ 956.942645] scsi_sense_cache 1056KB 1060KB [ 956.950668] virtio_scsi_cmd 16KB 16KB [ 956.958311] sgpool-128 8KB 8KB [ 956.963735] sgpool-64 4KB 12KB [ 956.971675] sgpool-32 2KB 15KB [ 956.979247] sgpool-16 1KB 7KB [ 956.986783] sgpool-8 0KB 7KB [ 956.992204] mqueue_inode_cache 12KB 30KB [ 957.000093] bio_post_read_ctx 14KB 15KB [ 957.008497] bio-2 14KB 15KB [ 957.013865] jfs_mp 7KB 7KB [ 957.021850] cifs_small_rq 15KB 16KB [ 957.029838] cifs_request 67KB 67KB [ 957.037681] cifs_mpx_ids 0KB 7KB [ 957.043065] nfs_commit_data 3KB 14KB [ 957.051015] nfs_write_data 34KB 44KB [ 957.058673] ext4_system_zone 1KB 7KB [ 957.064050] bio-1 1KB 7KB [ 957.071832] pid_namespace 2KB 11KB [ 957.079559] rpc_buffers 17KB 25KB [ 957.087099] rpc_tasks 2KB 7KB [ 957.092491] UNIX 1175KB 1181KB [ 957.103429] tcp_bind_bucket 1KB 4KB [ 957.111630] ip_fib_trie 30KB 43KB [ 957.119505] ip_fib_alias 137KB 193KB [ 957.127056] ip_dst_cache 8KB 20KB [ 957.132437] RAW 54KB 60KB [ 957.140025] UDP 42KB 67KB [ 957.147943] TCP 8KB 16KB [ 957.153310] hugetlbfs_inode_cache 3KB 15KB [ 957.182562] fscache_cookie_jar 1KB 11KB [ 957.190287] eventpoll_pwq 26KB 43KB [ 957.200260] eventpoll_epi 48KB 66KB [ 957.206144] inotify_inode_mark 18KB 39KB [ 957.213092] request_queue 199KB 199KB [ 957.220014] blkdev_requests 1KB 3KB [ 957.225887] blkdev_ioc 25KB 38KB [ 957.231258] bio-0 1023KB 1076KB [ 957.237894] biovec-max 1542KB 1650KB [ 957.243261] biovec-64 1039KB 1141KB [ 957.249484] biovec-16 130KB 153KB [ 957.256495] bio_integrity_payload 1KB 8KB [ 957.262246] khugepaged_mm_slot 7KB 34KB [ 957.268625] uid_cache 0KB 4KB [ 957.273984] dmaengine-unmap-2 0KB 3KB [ 957.280203] skbuff_fclone_cache 59KB 82KB [ 957.286291] skbuff_head_cache 6805KB 7942KB [ 957.291653] configfs_dir_cache 3KB 7KB [ 957.297951] file_lock_cache 81KB 95KB [ 957.303318] file_lock_ctx 9KB 11KB [ 957.309557] fsnotify_mark_connector 9KB 23KB [ 957.317548] net_namespace 70KB 70KB [ 957.322916] shmem_inode_cache 8167KB 8228KB [ 957.329221] task_delay_info 202KB 367KB [ 957.335123] taskstats 45KB 65KB [ 957.340486] proc_dir_entry 817KB 866KB [ 957.346785] pde_opener 11KB 34KB [ 957.352150] seq_file 275KB 488KB [ 957.358381] sigqueue 53KB 66KB [ 957.363744] kernfs_node_cache 18234KB 18246KB [ 957.370117] mnt_cache 190KB 200KB [ 957.376003] filp 6604KB 7575KB [ 957.381372] names_cache 135009KB 135009KB [ 957.387780] iint_cache 31KB 55KB [ 957.393145] key_jar 23KB 135KB [ 957.399368] uts_namespace 3KB 7KB [ 957.405242] nsproxy 1KB 11KB [ 957.410601] vm_area_struct 3362KB 3766KB [ 957.418637] mm_struct 500KB 598KB [ 957.424007] fs_cache 197KB 352KB [ 957.430254] files_cache 735KB 757KB [ 957.436185] signal_cache 1434KB 1602KB [ 957.441548] sighand_cache 541KB 624KB [ 957.447836] task_struct 7000KB 7063KB [ 957.453221] cred_jar 1936KB 2504KB [ 957.459634] anon_vma_chain 1149KB 1488KB [ 957.465592] anon_vma 132KB 288KB [ 957.470951] pid 111KB 224KB [ 957.478263] Acpi-Operand 156KB 198KB [ 957.483630] Acpi-ParseExt 9KB 11KB [ 957.489905] Acpi-Parse 41KB 47KB [ 957.495726] Acpi-State 52KB 63KB [ 957.501084] Acpi-Namespace 20KB 27KB [ 957.507348] numa_policy 0KB 3KB [ 957.512711] debug_objects_cache 1447KB 1828KB [ 957.520652] trace_event_file 297KB 298KB [ 957.526634] ftrace_event_field 398KB 401KB [ 957.532099] pool_workqueue 129KB 148KB [ 957.538334] page->ptl 538KB 1004KB [ 957.543730] kmalloc-2097152 2050KB 2050KB [ 957.550161] kmalloc-524288 2056KB 2056KB [ 957.556053] kmalloc-262144 1290KB 1290KB [ 957.561418] kmalloc-131072 650KB 650KB [ 957.567792] kmalloc-65536 2376KB 2442KB [ 957.573164] kmalloc-32768 1947KB 1947KB [ 957.579578] kmalloc-16384 1138KB 1171KB [ 957.585479] kmalloc-8192 4628KB 4677KB [ 957.590846] kmalloc-4096 23608KB 23647KB [ 957.597178] kmalloc-2048 13906KB 14458KB [ 957.602549] kmalloc-1024 9436KB 12300KB [ 957.608860] kmalloc-512 13650KB 16087KB [ 957.614237] kmalloc-256 4782KB 6138KB [ 957.620605] kmalloc-128 1096KB 1472KB [ 957.628286] kmalloc-96 3347KB 4076KB [ 957.633662] kmalloc-64 2578KB 3880KB [ 957.640243] kmalloc-32 1878KB 2543KB [ 957.646180] kmalloc-192 1903KB 2772KB [ 957.651581] kmem_cache 177KB 183KB [ 957.658093] Out of memory (oom_kill_allocating_task): Kill process 8798 (in:imklog) score 0 or sacrifice child [ 957.668899] Killed process 8795 (rsyslogd) total-vm:254332kB, anon-rss:2564kB, file-rss:0kB, shmem-rss:0kB [ 957.681602] oom_reaper: reaped process 8795 (rsyslogd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 02:38:48 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6], 0x6}}, 0xfffffffa}) 02:38:50 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:50 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:50 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:50 executing program 4: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:50 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6], 0x6}}, 0xfffffffa}) 02:38:50 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:50 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:50 executing program 4: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:50 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:50 executing program 4: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:38:50 executing program 0: openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:38:50 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, 0x0) [ 965.415300] oom_reaper: reaped process 8866 (syz-executor.3), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 965.450681] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 965.462101] in:imklog cpuset=/ mems_allowed=0-1 [ 965.466841] CPU: 1 PID: 8847 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 965.474221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 965.483567] Call Trace: [ 965.486154] dump_stack+0x1fc/0x2ef [ 965.489780] dump_header+0x15d/0xc3f [ 965.493495] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 965.498599] ? ___ratelimit+0x319/0x590 [ 965.502592] oom_kill_process.cold+0x10/0x692 [ 965.507086] ? check_preemption_disabled+0x41/0x280 [ 965.512103] ? has_intersects_mems_allowed+0x1d6/0x290 [ 965.517493] out_of_memory+0x1072/0x1390 [ 965.521551] ? oom_killer_disable+0x270/0x270 [ 965.526042] ? mutex_trylock+0x15f/0x1a0 [ 965.530096] __alloc_pages_nodemask+0x23a2/0x2890 [ 965.534940] ? find_get_entry+0x4cd/0x8a0 [ 965.537331] syz-executor.3: vmalloc: allocation failure, allocated 1665212416 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 965.539096] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 965.557721] alloc_pages_current+0x193/0x2a0 [ 965.560815] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 965.562142] filemap_fault+0x146e/0x2180 [ 965.571293] ext4_filemap_fault+0x84/0xb0 [ 965.575434] __do_fault+0x10b/0x4b0 [ 965.579057] __handle_mm_fault+0x273b/0x41c0 [ 965.583465] ? vm_insert_page+0x9c0/0x9c0 [ 965.587608] ? lock_downgrade+0x720/0x720 [ 965.591754] ? check_preemption_disabled+0x41/0x280 [ 965.596765] handle_mm_fault+0x436/0xb10 [ 965.600824] __do_page_fault+0x68e/0xd60 [ 965.604882] ? trace_hardirqs_off_caller+0x6e/0x210 [ 965.609893] ? spurious_fault+0x840/0x840 [ 965.614030] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 965.618873] ? page_fault+0x8/0x30 [ 965.622426] page_fault+0x1e/0x30 [ 965.625863] RIP: 0033:0x7fe1d53c522d [ 965.629563] Code: Bad RIP value. [ 965.632930] RSP: 002b:00007fe1d2d61580 EFLAGS: 00010293 [ 965.638276] RAX: 0000000000000076 RBX: 0000000000000000 RCX: 00007fe1d53c522d [ 965.645530] RDX: 0000000000001fa0 RSI: 00007fe1d2d61da0 RDI: 0000000000000004 [ 965.652777] RBP: 0000564c89db89d0 R08: 0000000000000000 R09: 0000000000000000 [ 965.660031] R10: 2ce33e6c02ce33e7 R11: 0000000000000293 R12: 00007fe1d2d61da0 [ 965.667288] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007fe1d2d6360b [ 965.677051] CPU: 0 PID: 8866 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 965.684011] Mem-Info: [ 965.684935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 965.687350] active_anon:15761 inactive_anon:37249 isolated_anon:0 [ 965.687350] active_file:31 inactive_file:9 isolated_file:0 [ 965.687350] unevictable:0 dirty:18 writeback:0 unstable:0 [ 965.687350] slab_reclaimable:14062 slab_unreclaimable:121126 [ 965.687350] mapped:22054 shmem:37836 pagetables:625 bounce:0 [ 965.687350] free:13875 free_pcp:593 free_cma:0 [ 965.696659] Call Trace: [ 965.696677] dump_stack+0x1fc/0x2ef [ 965.696693] warn_alloc.cold+0x7b/0x18f [ 965.696725] ? zone_watermark_ok_safe+0x260/0x260 [ 965.732630] Node 0 active_anon:60688kB inactive_anon:51192kB active_file:100kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86544kB dirty:64kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 18432kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 965.736119] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 965.736138] ? retint_kernel+0x2d/0x2d [ 965.736165] __vmalloc_area_node+0x4fd/0x780 [ 965.740125] Node 1 active_anon:2356kB inactive_anon:97804kB active_file:24kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1672kB dirty:8kB writeback:0kB shmem:98584kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 965.744947] ? __vmalloc_node_range+0x180/0x180 [ 965.744962] ? _raw_spin_unlock+0x29/0x40 [ 965.744978] ? __get_vm_area_node+0x2e2/0x3a0 [ 965.772740] Node 0 DMA free:10876kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 965.777463] __vmalloc_node_range+0xed/0x180 [ 965.777481] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 965.781338] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 965.785737] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 965.785749] vmalloc_user+0x70/0xe0 [ 965.785766] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 965.814938] Node 0 DMA32 free:17812kB min:35996kB low:44992kB high:53988kB active_anon:60688kB inactive_anon:51192kB active_file:36kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7616kB pagetables:2216kB bounce:0kB free_pcp:344kB local_pcp:96kB free_cma:0kB [ 965.817382] vb2_vmalloc_alloc+0xb3/0x2f0 [ 965.821494] lowmem_reserve[]: 0 0 1 1 1 [ 965.826000] __vb2_queue_alloc+0x472/0xe60 [ 965.826032] vb2_core_create_bufs+0x273/0x7e0 [ 965.852154] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 965.856525] ? __vb2_queue_free+0x870/0x870 [ 965.856545] ? mutex_trylock+0x1a0/0x1a0 [ 965.860833] lowmem_reserve[]: 0 0 0 0 0 [ 965.865835] ? __video_do_ioctl+0x632/0xcd0 [ 965.865858] vb2_create_bufs+0x332/0x620 [ 965.871199] Node 1 Normal free:26804kB min:53876kB low:67344kB high:80812kB active_anon:2356kB inactive_anon:97804kB active_file:12kB inactive_file:4kB unevictable:0kB writepending:8kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:284kB bounce:0kB free_pcp:2028kB local_pcp:1372kB free_cma:0kB [ 965.874827] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 965.874841] ? __video_do_ioctl+0x632/0xcd0 [ 965.874857] ? mutex_trylock+0x1a0/0x1a0 [ 965.879149] lowmem_reserve[]: 0 0 0 0 0 [ 965.907863] ? mark_held_locks+0xf0/0xf0 [ 965.907882] vb2_ioctl_create_bufs+0x20d/0x360 [ 965.907898] ? memset+0x20/0x40 [ 965.912027] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10876kB [ 965.916010] v4l_create_bufs+0xb2/0x160 [ 965.916031] __video_do_ioctl+0x49a/0xcd0 [ 965.916061] ? v4l_querycap+0x340/0x340 [ 965.916074] ? __might_fault+0x192/0x1d0 [ 965.916087] ? v4l_querycap+0x340/0x340 [ 965.916116] video_usercopy+0x13f/0xfa0 [ 965.916136] ? v4l_enumstd+0x60/0x60 [ 965.916148] ? do_futex+0x171/0x1880 [ 965.916160] ? mark_held_locks+0xf0/0xf0 [ 965.916177] ? debug_check_no_obj_freed+0x201/0x490 [ 965.916198] ? video_usercopy+0xfa0/0xfa0 [ 965.916207] v4l2_ioctl+0x147/0x1a0 [ 965.916218] ? video_devdata+0xa0/0xa0 [ 965.916232] do_vfs_ioctl+0xcdb/0x12e0 [ 965.916247] ? lock_downgrade+0x720/0x720 [ 965.916262] ? check_preemption_disabled+0x41/0x280 [ 965.916274] ? ioctl_preallocate+0x200/0x200 [ 965.916291] ? __fget+0x356/0x510 [ 965.916307] ? do_dup2+0x450/0x450 [ 965.916320] ? __se_sys_futex+0x298/0x3b0 [ 965.916341] ksys_ioctl+0x9b/0xc0 [ 965.916359] __x64_sys_ioctl+0x6f/0xb0 [ 965.916373] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 965.916386] do_syscall_64+0xf9/0x620 [ 965.916404] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 965.916415] RIP: 0033:0x7f4186d950f9 [ 965.916427] Code: Bad RIP value. [ 965.916434] RSP: 002b:00007f4185307168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 965.916446] RAX: ffffffffffffffda RBX: 00007f4186eb4f80 RCX: 00007f4186d950f9 [ 965.916453] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 965.916461] RBP: 00007f4186df0ae9 R08: 0000000000000000 R09: 0000000000000000 [ 965.916468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 965.916476] R13: 00007ffe4ad74e7f R14: 00007f4185307300 R15: 0000000000022000 [ 965.930177] Mem-Info: [ 965.962377] Node 0 DMA32: 1035*4kB (UME) 882*8kB (UME) 297*16kB (UME) 56*32kB (UME) 4*64kB (UM) 3*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18380kB [ 965.970531] active_anon:15740 inactive_anon:37249 isolated_anon:0 [ 965.970531] active_file:11 inactive_file:10 isolated_file:0 [ 965.970531] unevictable:0 dirty:0 writeback:0 unstable:0 [ 965.970531] slab_reclaimable:14062 slab_unreclaimable:120973 [ 965.970531] mapped:22043 shmem:37836 pagetables:624 bounce:0 [ 965.970531] free:14011 free_pcp:613 free_cma:0 [ 965.973961] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 966.008806] Node 0 active_anon:60596kB inactive_anon:51192kB active_file:36kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 966.021475] Node 1 Normal: 301*4kB (ME) 236*8kB (UME) 168*16kB (UME) 105*32kB (ME) 22*64kB (ME) 17*128kB (ME) 3*256kB (UM) 0*512kB 1*1024kB (E) 2*2048kB (UE) 2*4096kB (UM) = 26804kB [ 966.030491] Node 1 active_anon:2364kB inactive_anon:97804kB active_file:8kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1664kB dirty:0kB writeback:0kB shmem:98584kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 966.036332] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 966.054628] Node 0 DMA free:10876kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 966.062622] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 966.071759] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 966.073659] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 966.080328] Node 0 DMA32 free:18356kB min:35996kB low:44992kB high:53988kB active_anon:60596kB inactive_anon:51192kB active_file:36kB inactive_file:32kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7616kB pagetables:2212kB bounce:0kB free_pcp:424kB local_pcp:324kB free_cma:0kB [ 966.085870] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 966.092430] lowmem_reserve[]: 0 0 1 1 1 [ 966.098383] 37857 total pagecache pages [ 966.110055] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 966.111278] 0 pages in swap cache [ 966.115749] lowmem_reserve[]: 0 0 0 0 0 [ 966.115772] Node 1 Normal free:26804kB min:53876kB low:67344kB high:80812kB active_anon:2364kB inactive_anon:97804kB active_file:8kB inactive_file:8kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:284kB bounce:0kB free_pcp:2028kB local_pcp:656kB free_cma:0kB [ 966.115807] lowmem_reserve[]: 0 0 0 0 0 [ 966.123996] Swap cache stats: add 0, delete 0, find 0/0 [ 966.134981] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10876kB [ 966.143283] Free swap = 0kB [ 966.157711] Node 0 DMA32: 1035*4kB (UME) 882*8kB (UME) 297*16kB (UME) 56*32kB (UME) 4*64kB (UM) 3*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18380kB [ 966.167595] Total swap = 0kB [ 966.173362] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 966.182468] 2097051 pages RAM [ 966.194377] Node 1 Normal: 301*4kB (ME) 236*8kB (UME) 168*16kB (UME) 105*32kB (ME) 22*64kB (ME) 17*128kB (ME) 3*256kB (UM) 0*512kB 1*1024kB (E) 2*2048kB (UE) 2*4096kB (UM) = 26804kB [ 966.204539] 0 pages HighMem/MovableOnly [ 966.225534] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 966.260099] 369649 pages reserved [ 966.269882] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 966.295602] 0 pages cma reserved [ 966.310752] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 966.333307] Unreclaimable slab info: [ 966.357666] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 966.371098] Name Used Total [ 966.385733] 37857 total pagecache pages [ 966.396401] pid_2 32KB 80KB [ 966.428165] 0 pages in swap cache [ 966.428174] Swap cache stats: add 0, delete 0, find 0/0 [ 966.428179] Free swap = 0kB [ 966.428184] Total swap = 0kB [ 966.428192] 2097051 pages RAM [ 966.428197] 0 pages HighMem/MovableOnly [ 966.428202] 369649 pages reserved [ 966.428206] 0 pages cma reserved [ 966.669527] batadv_tt_change_cache 1KB 3KB [ 966.679888] batadv_tl_cache 5KB 16KB [ 966.685316] TIPC 12KB 37KB [ 966.690685] SCTPv6 16KB 24KB [ 966.700611] DCCPv6 17KB 30KB [ 966.706042] DCCP 16KB 28KB [ 966.711427] RXRPC 13KB 26KB [ 966.721126] rxrpc_call_jar 90KB 110KB [ 966.726566] bridge_fdb_cache 10KB 23KB [ 966.731930] fib6_nodes 183KB 264KB [ 966.743579] ip6_dst_cache 419KB 611KB [ 966.749000] RAWv6 81KB 101KB [ 966.758867] UDPv6 30KB 41KB [ 966.764312] TCPv6 24KB 36KB [ 966.769681] nf_conntrack 13KB 22KB [ 966.781567] t10_alua_lu_gp_cache 0KB 3KB [ 966.787342] sd_ext_cdb 0KB 7KB [ 966.792698] scsi_sense_cache 1056KB 1060KB [ 966.802583] virtio_scsi_cmd 16KB 16KB [ 966.807994] sgpool-128 8KB 8KB [ 966.813351] sgpool-64 4KB 12KB [ 966.823468] sgpool-32 2KB 15KB [ 966.828982] sgpool-16 1KB 7KB [ 966.840906] sgpool-8 0KB 7KB [ 966.846340] mqueue_inode_cache 10KB 30KB [ 966.851798] bio_post_read_ctx 14KB 15KB [ 966.861923] bio-2 14KB 15KB [ 966.867346] jfs_mp 7KB 7KB [ 966.872744] cifs_small_rq 15KB 16KB [ 966.882740] cifs_request 67KB 67KB [ 966.888153] cifs_mpx_ids 0KB 7KB [ 966.893530] nfs_commit_data 3KB 14KB [ 966.903512] nfs_write_data 34KB 44KB [ 966.908975] ext4_system_zone 1KB 7KB [ 966.918741] bio-1 1KB 7KB [ 966.927226] pid_namespace 2KB 11KB [ 966.932616] rpc_buffers 17KB 25KB [ 966.947545] rpc_tasks 2KB 7KB [ 966.952918] UNIX 1083KB 1151KB [ 966.962512] tcp_bind_bucket 1KB 4KB [ 966.971800] ip_fib_trie 27KB 43KB [ 966.980866] ip_fib_alias 130KB 193KB [ 966.990021] ip_dst_cache 7KB 20KB [ 966.999258] RAW 48KB 60KB [ 967.008724] UDP 48KB 67KB [ 967.014908] TCP 8KB 22KB [ 967.020272] hugetlbfs_inode_cache 3KB 15KB [ 967.029306] fscache_cookie_jar 1KB 11KB [ 967.034890] eventpoll_pwq 27KB 43KB [ 967.040245] eventpoll_epi 49KB 66KB [ 967.050419] inotify_inode_mark 21KB 39KB [ 967.055968] request_queue 199KB 199KB [ 967.061323] blkdev_requests 1KB 3KB [ 967.069980] blkdev_ioc 24KB 38KB [ 967.075391] bio-0 1110KB 1147KB [ 967.080754] biovec-max 1534KB 1600KB [ 967.089515] biovec-64 1001KB 1078KB [ 967.094932] biovec-16 145KB 153KB [ 967.100309] bio_integrity_payload 1KB 8KB [ 967.109500] khugepaged_mm_slot 8KB 34KB [ 967.115010] uid_cache 0KB 4KB [ 967.120367] dmaengine-unmap-2 0KB 3KB [ 967.129169] skbuff_fclone_cache 64KB 78KB [ 967.134752] skbuff_head_cache 7043KB 7826KB [ 967.140119] configfs_dir_cache 3KB 7KB [ 967.150190] file_lock_cache 92KB 99KB [ 967.155596] file_lock_ctx 9KB 11KB [ 967.160950] fsnotify_mark_connector 12KB 23KB [ 967.170052] net_namespace 61KB 61KB [ 967.175479] shmem_inode_cache 8209KB 8228KB [ 967.180836] task_delay_info 181KB 367KB [ 967.189529] taskstats 53KB 65KB [ 967.194943] proc_dir_entry 775KB 847KB [ 967.200305] pde_opener 11KB 34KB [ 967.209084] seq_file 289KB 488KB [ 967.214502] sigqueue 55KB 66KB [ 967.219865] kernfs_node_cache 18234KB 18246KB [ 967.225328] mnt_cache 179KB 196KB [ 967.230691] filp 6546KB 7563KB [ 967.236108] names_cache 137347KB 137406KB [ 967.241529] iint_cache 28KB 55KB [ 967.248589] key_jar 23KB 135KB [ 967.254057] uts_namespace 2KB 7KB [ 967.259903] nsproxy 1KB 11KB [ 967.265312] vm_area_struct 3550KB 3766KB [ 967.271147] mm_struct 505KB 598KB [ 967.276581] fs_cache 163KB 348KB [ 967.281938] files_cache 645KB 750KB [ 967.287412] signal_cache 1311KB 1595KB [ 967.292769] sighand_cache 543KB 624KB [ 967.298191] task_struct 6022KB 6110KB [ 967.303567] cred_jar 1813KB 2500KB [ 967.308959] anon_vma_chain 1181KB 1488KB [ 967.314347] anon_vma 124KB 288KB [ 967.319706] pid 95KB 224KB [ 967.325108] Acpi-Operand 156KB 198KB [ 967.330472] Acpi-ParseExt 9KB 11KB [ 967.335877] Acpi-Parse 41KB 47KB [ 967.341237] Acpi-State 52KB 63KB [ 967.346641] Acpi-Namespace 20KB 27KB [ 967.353861] numa_policy 0KB 3KB [ 967.359302] debug_objects_cache 1423KB 1828KB [ 967.364929] trace_event_file 297KB 298KB [ 967.370299] ftrace_event_field 398KB 401KB [ 967.375834] pool_workqueue 126KB 148KB [ 967.381197] page->ptl 548KB 1004KB [ 967.386671] kmalloc-2097152 2050KB 2050KB [ 967.392030] kmalloc-524288 2056KB 2056KB [ 967.397432] kmalloc-262144 1290KB 1290KB [ 967.402787] kmalloc-131072 650KB 650KB [ 967.408221] kmalloc-65536 2112KB 2178KB [ 967.413576] kmalloc-32768 1815KB 1815KB [ 967.418978] kmalloc-16384 1122KB 1122KB [ 967.424403] kmalloc-8192 4455KB 4512KB [ 967.429763] kmalloc-4096 22363KB 22423KB [ 967.435183] kmalloc-2048 13340KB 14350KB [ 967.440541] kmalloc-1024 9228KB 12277KB [ 967.445978] kmalloc-512 14223KB 15952KB [ 967.453533] kmalloc-256 4674KB 6116KB [ 967.458960] kmalloc-128 1051KB 1468KB [ 967.468764] kmalloc-96 3392KB 4076KB [ 967.474213] kmalloc-64 2566KB 3880KB [ 967.479572] kmalloc-32 1878KB 2543KB [ 967.489728] kmalloc-192 1855KB 2772KB [ 967.495134] kmem_cache 177KB 183KB [ 967.500515] Out of memory (oom_kill_allocating_task): Kill process 8847 (in:imklog) score 0 or sacrifice child [ 967.515205] Killed process 8845 (rsyslogd) total-vm:254332kB, anon-rss:408kB, file-rss:0kB, shmem-rss:0kB [ 967.550202] oom_reaper: reaped process 8845 (rsyslogd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 02:39:00 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x0, 0x401], 0x6}}, 0xfffffffa}) 02:39:00 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:00 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:00 executing program 4: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:00 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6], 0x6}}, 0xfffffffa}) 02:39:00 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, 0x0) 02:39:00 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, 0x0) 02:39:00 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x0, 0x4a, 0xbc, 0x80000}) 02:39:00 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x0, 0x4a, 0xbc, 0x80000}) 02:39:00 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x0, 0x4a, 0xbc, 0x80000}) 02:39:00 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x0, 0xbc, 0x80000}) 02:39:01 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x0, 0x0, 0x80000}) [ 975.548164] oom_reaper: reaped process 8913 (syz-executor.3), now anon-rss:0kB, file-rss:14332kB, shmem-rss:8kB [ 975.588764] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 975.604702] in:imklog cpuset=/ mems_allowed=0-1 [ 975.609395] CPU: 1 PID: 8895 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 975.616749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 975.626096] Call Trace: [ 975.628691] dump_stack+0x1fc/0x2ef [ 975.632320] dump_header+0x15d/0xc3f [ 975.636037] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 975.641144] ? ___ratelimit+0x319/0x590 [ 975.645127] oom_kill_process.cold+0x10/0x692 [ 975.649680] ? check_preemption_disabled+0x41/0x280 [ 975.654701] ? has_intersects_mems_allowed+0x1d6/0x290 [ 975.659975] out_of_memory+0x1072/0x1390 [ 975.664038] ? oom_killer_disable+0x270/0x270 [ 975.668541] ? mutex_trylock+0x15f/0x1a0 [ 975.672612] __alloc_pages_nodemask+0x23a2/0x2890 [ 975.677477] ? find_get_entry+0x4cd/0x8a0 [ 975.681637] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 975.686488] alloc_pages_current+0x193/0x2a0 [ 975.690875] filemap_fault+0x146e/0x2180 [ 975.694923] ext4_filemap_fault+0x84/0xb0 [ 975.699057] __do_fault+0x10b/0x4b0 [ 975.702665] __handle_mm_fault+0x273b/0x41c0 [ 975.707054] ? vm_insert_page+0x9c0/0x9c0 [ 975.711179] ? lock_downgrade+0x720/0x720 [ 975.715318] ? check_preemption_disabled+0x41/0x280 [ 975.720461] handle_mm_fault+0x436/0xb10 [ 975.724512] __do_page_fault+0x68e/0xd60 [ 975.728565] ? trace_hardirqs_off_caller+0x6e/0x210 [ 975.733564] ? spurious_fault+0x840/0x840 [ 975.737689] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 975.742513] ? page_fault+0x8/0x30 [ 975.746045] page_fault+0x1e/0x30 [ 975.749488] RIP: 0033:0x7f75852b122d [ 975.753183] Code: Bad RIP value. [ 975.756543] RSP: 002b:00007f7582c4d580 EFLAGS: 00010293 [ 975.761892] RAX: 0000000000000076 RBX: 0000000000000000 RCX: 00007f75852b122d [ 975.769147] RDX: 0000000000001fa0 RSI: 00007f7582c4dda0 RDI: 0000000000000004 [ 975.776399] RBP: 0000561900aac9d0 R08: 0000000000000000 R09: 0000000000000000 [ 975.783647] R10: 2ce33e6c02ce33e7 R11: 0000000000000293 R12: 00007f7582c4dda0 [ 975.790901] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f7582c4f4d4 [ 975.798460] Mem-Info: [ 975.800896] active_anon:15776 inactive_anon:37249 isolated_anon:0 [ 975.800896] active_file:9 inactive_file:5 isolated_file:0 [ 975.800896] unevictable:0 dirty:0 writeback:0 unstable:0 [ 975.800896] slab_reclaimable:14145 slab_unreclaimable:122732 [ 975.800896] mapped:22081 shmem:37836 pagetables:624 bounce:0 [ 975.800896] free:13983 free_pcp:149 free_cma:0 [ 975.808385] syz-executor.3: vmalloc: allocation failure, allocated 1659535360 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 975.834076] Node 0 active_anon:60092kB inactive_anon:51188kB active_file:24kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 975.834099] Node 1 active_anon:3012kB inactive_anon:97808kB active_file:12kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1816kB dirty:0kB writeback:0kB shmem:98588kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 975.834104] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 975.834136] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 975.834152] Node 0 DMA32 free:17832kB min:35996kB low:44992kB high:53988kB active_anon:60092kB inactive_anon:51188kB active_file:24kB inactive_file:28kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7520kB pagetables:2156kB bounce:0kB free_pcp:344kB local_pcp:96kB free_cma:0kB [ 975.834180] lowmem_reserve[]: 0 0 1 1 1 [ 975.869414] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 975.877198] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 975.918613] CPU: 0 PID: 8913 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 975.930568] lowmem_reserve[]: 0 0 0 0 0 [ 975.935496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 975.935502] Call Trace: [ 975.935520] dump_stack+0x1fc/0x2ef [ 975.935536] warn_alloc.cold+0x7b/0x18f [ 975.935551] ? zone_watermark_ok_safe+0x260/0x260 [ 975.935567] ? retint_kernel+0x2d/0x2d [ 975.965927] Node 1 Normal free:27220kB min:53876kB low:67344kB high:80812kB active_anon:3012kB inactive_anon:97808kB active_file:12kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:480kB pagetables:340kB bounce:0kB free_pcp:252kB local_pcp:4kB free_cma:0kB [ 975.968327] __vmalloc_area_node+0x4fd/0x780 [ 975.974125] lowmem_reserve[]: 0 0 0 0 0 [ 975.999228] ? __vmalloc_node_range+0x180/0x180 [ 975.999244] ? _raw_spin_unlock+0x29/0x40 [ 975.999257] ? __get_vm_area_node+0x2e2/0x3a0 [ 975.999275] __vmalloc_node_range+0xed/0x180 [ 975.999291] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 976.007088] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 976.011024] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 976.020403] Node 0 DMA32: 946*4kB (ME) 890*8kB (UME) 287*16kB (UME) 57*32kB (UME) 5*64kB (M) 2*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17896kB [ 976.022930] vmalloc_user+0x70/0xe0 [ 976.026562] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 976.030494] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 976.035343] Node 1 Normal: 315*4kB (UME) 277*8kB (ME) 186*16kB (UME) 85*32kB (ME) 30*64kB (UME) 18*128kB (ME) 4*256kB (M) 1*512kB (U) 2*1024kB (UE) 1*2048kB (E) 2*4096kB (UM) = 27220kB [ 976.039186] vb2_vmalloc_alloc+0xb3/0x2f0 [ 976.071516] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 976.072095] __vb2_queue_alloc+0x472/0xe60 [ 976.076095] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 976.080707] vb2_core_create_bufs+0x273/0x7e0 [ 976.084859] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 976.089313] ? __vb2_queue_free+0x870/0x870 [ 976.093723] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 976.098005] ? mutex_trylock+0x1a0/0x1a0 [ 976.111191] 37860 total pagecache pages [ 976.116503] ? __video_do_ioctl+0x632/0xcd0 [ 976.116521] vb2_create_bufs+0x332/0x620 [ 976.116537] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 976.130855] 0 pages in swap cache [ 976.134419] ? __video_do_ioctl+0x632/0xcd0 [ 976.134433] ? mutex_trylock+0x1a0/0x1a0 [ 976.134445] ? mark_held_locks+0xf0/0xf0 [ 976.134462] vb2_ioctl_create_bufs+0x20d/0x360 [ 976.134478] ? memset+0x20/0x40 [ 976.145506] Swap cache stats: add 0, delete 0, find 0/0 [ 976.149764] v4l_create_bufs+0xb2/0x160 [ 976.168681] Free swap = 0kB [ 976.170438] __video_do_ioctl+0x49a/0xcd0 [ 976.179291] Total swap = 0kB [ 976.183479] ? v4l_querycap+0x340/0x340 [ 976.183497] ? __might_fault+0x192/0x1d0 [ 976.183510] ? v4l_querycap+0x340/0x340 [ 976.183526] video_usercopy+0x13f/0xfa0 [ 976.192072] 2097051 pages RAM [ 976.196556] ? v4l_enumstd+0x60/0x60 [ 976.196570] ? do_futex+0x171/0x1880 [ 976.196587] ? mark_held_locks+0xf0/0xf0 [ 976.205467] 0 pages HighMem/MovableOnly [ 976.209722] ? debug_check_no_obj_freed+0x201/0x490 [ 976.218308] 369649 pages reserved [ 976.222336] ? video_usercopy+0xfa0/0xfa0 [ 976.226309] 0 pages cma reserved [ 976.230590] v4l2_ioctl+0x147/0x1a0 [ 976.234658] Unreclaimable slab info: [ 976.239738] ? video_devdata+0xa0/0xa0 [ 976.243163] Name Used Total [ 976.247467] do_vfs_ioctl+0xcdb/0x12e0 [ 976.247482] ? lock_downgrade+0x720/0x720 [ 976.247496] ? check_preemption_disabled+0x41/0x280 [ 976.247513] ? ioctl_preallocate+0x200/0x200 [ 976.251550] pid_2 37KB 80KB [ 976.255599] ? __fget+0x356/0x510 [ 976.255614] ? do_dup2+0x450/0x450 [ 976.255631] ? __se_sys_futex+0x298/0x3b0 [ 976.262566] batadv_tt_change_cache 0KB 3KB [ 976.263462] ksys_ioctl+0x9b/0xc0 [ 976.263479] __x64_sys_ioctl+0x6f/0xb0 [ 976.263493] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 976.263510] do_syscall_64+0xf9/0x620 [ 976.268853] batadv_tl_cache 4KB 16KB [ 976.272813] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 976.275926] TIPC 10KB 37KB [ 976.279935] RIP: 0033:0x7f4186d950f9 [ 976.282949] SCTPv6 14KB 24KB [ 976.286903] Code: Bad RIP value. [ 976.286910] RSP: 002b:00007f4185307168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 976.286923] RAX: ffffffffffffffda RBX: 00007f4186eb4f80 RCX: 00007f4186d950f9 [ 976.286931] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 976.286937] RBP: 00007f4186df0ae9 R08: 0000000000000000 R09: 0000000000000000 [ 976.286947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 976.290991] DCCPv6 17KB 30KB [ 976.294935] R13: 00007ffe4ad74e7f R14: 00007f4185307300 R15: 0000000000022000 [ 976.313646] Mem-Info: [ 976.317561] DCCP 16KB 28KB [ 976.322549] active_anon:15776 inactive_anon:37249 isolated_anon:0 [ 976.322549] active_file:12 inactive_file:12 isolated_file:0 [ 976.322549] unevictable:0 dirty:0 writeback:0 unstable:0 [ 976.322549] slab_reclaimable:14145 slab_unreclaimable:122732 [ 976.322549] mapped:22081 shmem:37836 pagetables:624 bounce:0 [ 976.322549] free:13983 free_pcp:150 free_cma:0 [ 976.326439] RXRPC 11KB 26KB [ 976.351353] Node 0 active_anon:60092kB inactive_anon:51188kB active_file:36kB inactive_file:36kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 976.354319] rxrpc_call_jar 78KB 102KB [ 976.354333] bridge_fdb_cache 9KB 23KB [ 976.354349] fib6_nodes 159KB 264KB [ 976.367943] Node 1 active_anon:3012kB inactive_anon:97808kB active_file:12kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1816kB dirty:0kB writeback:0kB shmem:98588kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 976.369624] ip6_dst_cache 396KB 600KB [ 976.376254] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 976.383092] RAWv6 81KB 101KB [ 976.392474] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 976.399775] UDPv6 26KB 37KB [ 976.414175] Node 0 DMA32 free:17832kB min:35996kB low:44992kB high:53988kB active_anon:60092kB inactive_anon:51188kB active_file:36kB inactive_file:36kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7520kB pagetables:2156kB bounce:0kB free_pcp:348kB local_pcp:252kB free_cma:0kB [ 976.422610] TCPv6 30KB 42KB [ 976.432855] lowmem_reserve[]: 0 0 1 1 1 [ 976.440613] nf_conntrack 15KB 22KB [ 976.452850] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 976.464831] t10_alua_lu_gp_cache 0KB 3KB [ 976.475046] lowmem_reserve[]: 0 0 0 0 0 [ 976.478429] sd_ext_cdb 0KB 7KB [ 976.498699] Node 1 Normal free:27220kB min:53876kB low:67344kB high:80812kB active_anon:3012kB inactive_anon:97808kB active_file:12kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:480kB pagetables:340kB bounce:0kB free_pcp:252kB local_pcp:248kB free_cma:0kB [ 976.526846] scsi_sense_cache 1056KB 1060KB [ 976.526857] virtio_scsi_cmd 16KB 16KB [ 976.526870] sgpool-128 8KB 8KB [ 976.526879] sgpool-64 4KB 12KB [ 976.526887] sgpool-32 2KB 15KB [ 976.526898] sgpool-16 1KB 7KB [ 976.544726] lowmem_reserve[]: 0 0 0 0 0 [ 976.560152] sgpool-8 0KB 7KB [ 976.579368] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 976.609450] mqueue_inode_cache 10KB 30KB [ 976.618781] Node 0 DMA32: 946*4kB (ME) 890*8kB (UME) 287*16kB (UME) 57*32kB (UME) 5*64kB (M) 2*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17896kB [ 976.637064] bio_post_read_ctx 14KB 15KB [ 976.637133] bio-2 14KB 15KB [ 976.637142] jfs_mp 7KB 7KB [ 976.637178] cifs_small_rq 15KB 16KB [ 976.637187] cifs_request 67KB 67KB [ 976.637196] cifs_mpx_ids 0KB 7KB [ 976.637222] nfs_commit_data 3KB 14KB [ 976.637230] nfs_write_data 34KB 44KB [ 976.637269] ext4_system_zone 1KB 7KB [ 976.637296] bio-1 1KB 7KB [ 976.657919] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 976.683730] pid_namespace 2KB 11KB [ 976.700751] Node 1 Normal: 315*4kB (UME) 277*8kB (ME) 186*16kB (UME) 85*32kB (ME) 30*64kB (UME) 18*128kB (ME) 4*256kB (M) 1*512kB (U) 2*1024kB (UE) 1*2048kB (E) 2*4096kB (UM) = 27220kB [ 976.727013] rpc_buffers 17KB 25KB [ 976.737294] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 976.737977] rpc_tasks 2KB 7KB [ 976.781146] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 976.784693] UNIX 935KB 1008KB [ 976.793386] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 976.795135] tcp_bind_bucket 1KB 4KB [ 976.800402] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 976.804409] ip_fib_trie 23KB 43KB [ 976.804419] ip_fib_alias 114KB 193KB [ 976.804443] ip_dst_cache 6KB 20KB [ 976.804464] RAW 48KB 60KB [ 976.804472] UDP 50KB 67KB [ 976.804484] TCP 11KB 22KB [ 976.823370] 37860 total pagecache pages [ 976.828558] hugetlbfs_inode_cache 3KB 15KB [ 976.862739] 0 pages in swap cache [ 976.864371] fscache_cookie_jar 1KB 11KB [ 976.871751] Swap cache stats: add 0, delete 0, find 0/0 [ 976.876682] eventpoll_pwq 29KB 43KB [ 976.882353] Free swap = 0kB [ 976.890286] eventpoll_epi 54KB 66KB [ 976.896324] Total swap = 0kB [ 976.896649] inotify_inode_mark 25KB 39KB [ 976.919583] 2097051 pages RAM [ 976.929742] request_queue 199KB 199KB [ 976.929754] blkdev_requests 1KB 3KB [ 976.949328] 0 pages HighMem/MovableOnly [ 976.949374] blkdev_ioc 26KB 38KB [ 976.966625] 369649 pages reserved [ 976.972169] bio-0 1156KB 1170KB [ 976.992607] 0 pages cma reserved [ 976.993237] biovec-max 1592KB 1658KB [ 977.113734] biovec-64 1030KB 1102KB [ 977.119103] biovec-16 146KB 157KB [ 977.128418] bio_integrity_payload 1KB 8KB [ 977.134945] khugepaged_mm_slot 10KB 34KB [ 977.140398] uid_cache 0KB 4KB [ 977.149759] dmaengine-unmap-2 0KB 3KB [ 977.155988] skbuff_fclone_cache 69KB 78KB [ 977.161529] skbuff_head_cache 6478KB 7132KB [ 977.170727] configfs_dir_cache 3KB 7KB [ 977.177029] file_lock_cache 105KB 110KB [ 977.188377] file_lock_ctx 9KB 11KB [ 977.193834] fsnotify_mark_connector 15KB 23KB [ 977.199715] net_namespace 61KB 61KB [ 977.205168] shmem_inode_cache 8235KB 8244KB [ 977.210525] task_delay_info 159KB 367KB [ 977.215942] taskstats 56KB 65KB [ 977.221301] proc_dir_entry 740KB 840KB [ 977.226849] pde_opener 11KB 34KB [ 977.232207] seq_file 303KB 488KB [ 977.237636] sigqueue 48KB 66KB [ 977.242993] kernfs_node_cache 18234KB 18246KB [ 977.248388] mnt_cache 173KB 184KB [ 977.254773] filp 6532KB 7552KB [ 977.260147] names_cache 146807KB 146846KB [ 977.265571] iint_cache 31KB 55KB [ 977.271031] key_jar 23KB 135KB [ 977.276449] uts_namespace 2KB 7KB [ 977.284171] nsproxy 1KB 11KB [ 977.289540] vm_area_struct 3541KB 3766KB [ 977.295087] mm_struct 492KB 598KB [ 977.300458] fs_cache 136KB 340KB [ 977.305948] files_cache 522KB 723KB [ 977.311309] signal_cache 1086KB 1574KB [ 977.316728] sighand_cache 568KB 624KB [ 977.322088] task_struct 5068KB 5157KB [ 977.327635] cred_jar 1795KB 2500KB [ 977.333017] anon_vma_chain 1188KB 1488KB [ 977.338458] anon_vma 142KB 288KB [ 977.343865] pid 81KB 224KB [ 977.349224] Acpi-Operand 156KB 198KB [ 977.354640] Acpi-ParseExt 9KB 11KB [ 977.359997] Acpi-Parse 41KB 47KB [ 977.365403] Acpi-State 52KB 63KB [ 977.370762] Acpi-Namespace 20KB 27KB [ 977.376169] numa_policy 0KB 3KB [ 977.381527] debug_objects_cache 1412KB 1828KB [ 977.388725] trace_event_file 297KB 298KB [ 977.394174] ftrace_event_field 398KB 401KB [ 977.399617] pool_workqueue 121KB 144KB [ 977.405042] page->ptl 547KB 1004KB [ 977.410431] kmalloc-2097152 2050KB 2050KB [ 977.416266] kmalloc-524288 2056KB 2056KB [ 977.421646] kmalloc-262144 1290KB 1290KB [ 977.427079] kmalloc-131072 650KB 650KB [ 977.432441] kmalloc-65536 1980KB 2046KB [ 977.437862] kmalloc-32768 1683KB 1683KB [ 977.443223] kmalloc-16384 1023KB 1056KB [ 977.448623] kmalloc-8192 4042KB 4100KB [ 977.454055] kmalloc-4096 20264KB 20302KB [ 977.459415] kmalloc-2048 11912KB 13801KB [ 977.471000] kmalloc-1024 8202KB 12088KB [ 977.476433] kmalloc-512 13751KB 15345KB [ 977.481796] kmalloc-256 4289KB 6041KB [ 977.489668] kmalloc-128 1002KB 1468KB [ 977.495090] kmalloc-96 3392KB 4076KB [ 977.500446] kmalloc-64 2444KB 3880KB [ 977.505890] kmalloc-32 1845KB 2543KB [ 977.511254] kmalloc-192 1708KB 2760KB [ 977.516730] kmem_cache 177KB 183KB [ 977.522097] Out of memory (oom_kill_allocating_task): Kill process 8895 (in:imklog) score 0 or sacrifice child [ 977.532473] Killed process 8893 (rsyslogd) total-vm:254332kB, anon-rss:520kB, file-rss:0kB, shmem-rss:0kB [ 977.543896] oom_reaper: reaped process 8893 (rsyslogd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 977.556196] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 977.619573] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 977.625930] CPU: 1 PID: 8081 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 977.633395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 977.642743] Call Trace: [ 977.645333] dump_stack+0x1fc/0x2ef [ 977.648961] dump_header+0x15d/0xc3f [ 977.652675] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 977.657800] ? ___ratelimit+0x319/0x590 [ 977.661792] oom_kill_process.cold+0x10/0x692 [ 977.666287] ? check_preemption_disabled+0x41/0x280 [ 977.671294] ? has_intersects_mems_allowed+0x1d6/0x290 [ 977.676574] out_of_memory+0x1072/0x1390 [ 977.680633] ? oom_killer_disable+0x270/0x270 [ 977.685114] ? mutex_trylock+0x15f/0x1a0 [ 977.689169] __alloc_pages_nodemask+0x23a2/0x2890 [ 977.693997] ? find_get_entry+0x4cd/0x8a0 [ 977.698134] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 977.702975] alloc_pages_current+0x193/0x2a0 [ 977.707367] filemap_fault+0x146e/0x2180 [ 977.711418] ext4_filemap_fault+0x84/0xb0 [ 977.715551] __do_fault+0x10b/0x4b0 [ 977.719170] __handle_mm_fault+0x273b/0x41c0 [ 977.723574] ? vm_insert_page+0x9c0/0x9c0 [ 977.727715] ? check_preemption_disabled+0x41/0x280 [ 977.732719] handle_mm_fault+0x436/0xb10 [ 977.736766] __do_page_fault+0x68e/0xd60 [ 977.740822] ? trace_hardirqs_off_caller+0x6e/0x210 [ 977.745910] ? spurious_fault+0x840/0x840 [ 977.750042] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 977.754872] ? page_fault+0x8/0x30 [ 977.758395] page_fault+0x1e/0x30 [ 977.761837] RIP: 0033:0x4675e3 [ 977.765016] Code: Bad RIP value. [ 977.768362] RSP: 002b:000000c00005fe78 EFLAGS: 00010202 [ 977.774146] RAX: ffffffffffffff92 RBX: 0000000000000000 RCX: 00000000004675e3 [ 977.781405] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000001f4f1b8 [ 977.788667] RBP: 000000c00005fec0 R08: 0000000000000000 R09: 0000000000000000 [ 977.795930] R10: 000000c00005feb0 R11: 0000000000000202 R12: 000000c00005feb0 [ 977.803182] R13: 000000c0006c8800 R14: 000000c0000004e0 R15: 00007f1ca264e834 [ 977.817034] Mem-Info: [ 977.819471] active_anon:15576 inactive_anon:37249 isolated_anon:0 [ 977.819471] active_file:12 inactive_file:12 isolated_file:0 [ 977.819471] unevictable:0 dirty:0 writeback:0 unstable:0 [ 977.819471] slab_reclaimable:14144 slab_unreclaimable:122716 [ 977.819471] mapped:22081 shmem:37836 pagetables:587 bounce:0 [ 977.819471] free:14905 free_pcp:355 free_cma:0 [ 977.861405] Node 0 active_anon:60092kB inactive_anon:51188kB active_file:36kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 977.896713] Node 1 active_anon:2160kB inactive_anon:97808kB active_file:12kB inactive_file:212kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1816kB dirty:0kB writeback:0kB shmem:98588kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 977.924848] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 977.952350] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 977.961537] Node 0 DMA32 free:19260kB min:35996kB low:44992kB high:53988kB active_anon:60092kB inactive_anon:51188kB active_file:36kB inactive_file:32kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7520kB pagetables:2156kB bounce:0kB free_pcp:8kB local_pcp:4kB free_cma:0kB [ 977.991083] lowmem_reserve[]: 0 0 1 1 1 [ 978.001228] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 978.029065] lowmem_reserve[]: 0 0 0 0 0 [ 978.043352] Node 1 Normal free:229684kB min:53876kB low:67344kB high:80812kB active_anon:2160kB inactive_anon:97808kB active_file:212kB inactive_file:4612kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:216kB bounce:0kB free_pcp:1404kB local_pcp:1260kB free_cma:0kB [ 978.078587] lowmem_reserve[]: 0 0 0 0 0 [ 978.082597] Node 0 DMA: 0*4kB 2*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10880kB [ 978.100293] Node 0 DMA32: 961*4kB (UME) 1636*8kB (UME) 293*16kB (UME) 57*32kB (UME) 5*64kB (M) 2*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24276kB [ 978.132022] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 978.143505] Node 1 Normal: 15*4kB (UE) 18*8kB (E) 15*16kB (UE) 117*32kB (UME) 44*64kB (UME) 34*128kB (UME) 31*256kB (UM) 17*512kB (U) 17*1024kB (UE) 107*2048kB (UE) 2*4096kB (UM) = 272732kB [ 978.160776] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 978.169852] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 978.178509] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 978.187421] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 978.213341] 39302 total pagecache pages [ 978.217328] 0 pages in swap cache [ 978.220778] Swap cache stats: add 0, delete 0, find 0/0 [ 978.233279] Free swap = 0kB [ 978.236356] Total swap = 0kB [ 978.239375] 2097051 pages RAM [ 978.242638] 0 pages HighMem/MovableOnly [ 978.263285] 369649 pages reserved [ 978.266890] 0 pages cma reserved [ 978.270346] Unreclaimable slab info: [ 978.282138] Name Used Total [ 978.301553] pid_2 37KB 80KB [ 978.321906] batadv_tt_change_cache 0KB 3KB [ 978.331784] batadv_tl_cache 4KB 16KB [ 978.349564] TIPC 10KB 37KB [ 978.358915] SCTPv6 14KB 24KB [ 978.365267] DCCPv6 17KB 30KB [ 978.370740] DCCP 16KB 28KB [ 978.383976] RXRPC 11KB 26KB [ 978.389587] rxrpc_call_jar 78KB 102KB [ 978.399695] bridge_fdb_cache 9KB 23KB [ 978.414020] fib6_nodes 158KB 264KB [ 978.419386] ip6_dst_cache 396KB 600KB [ 978.434622] RAWv6 81KB 101KB [ 978.440699] UDPv6 26KB 37KB [ 978.453326] TCPv6 27KB 42KB [ 978.459079] nf_conntrack 15KB 22KB [ 978.473778] t10_alua_lu_gp_cache 0KB 3KB [ 978.484415] sd_ext_cdb 0KB 7KB [ 978.489783] scsi_sense_cache 1056KB 1060KB [ 978.498192] virtio_scsi_cmd 16KB 16KB [ 978.505144] sgpool-128 8KB 8KB [ 978.511167] sgpool-64 4KB 12KB [ 978.521106] sgpool-32 2KB 15KB [ 978.530412] sgpool-16 1KB 7KB [ 978.536545] sgpool-8 0KB 7KB [ 978.542707] mqueue_inode_cache 10KB 30KB [ 978.549234] bio_post_read_ctx 14KB 15KB [ 978.554980] bio-2 14KB 15KB [ 978.560676] jfs_mp 7KB 7KB [ 978.567664] cifs_small_rq 15KB 16KB [ 978.574655] cifs_request 67KB 67KB [ 978.580653] cifs_mpx_ids 0KB 7KB [ 978.591732] nfs_commit_data 3KB 14KB [ 978.597331] nfs_write_data 34KB 44KB [ 978.602731] ext4_system_zone 1KB 7KB [ 978.609136] bio-1 1KB 7KB [ 978.614625] pid_namespace 2KB 11KB [ 978.620105] rpc_buffers 17KB 25KB [ 978.626609] rpc_tasks 2KB 7KB [ 978.632803] UNIX 845KB 926KB [ 978.639202] tcp_bind_bucket 1KB 4KB [ 978.645433] ip_fib_trie 23KB 43KB [ 978.650803] ip_fib_alias 114KB 193KB [ 978.656255] ip_dst_cache 6KB 20KB [ 978.661635] RAW 48KB 60KB [ 978.668125] UDP 50KB 67KB [ 978.673918] TCP 11KB 22KB [ 978.680493] hugetlbfs_inode_cache 3KB 15KB [ 978.687295] fscache_cookie_jar 1KB 11KB [ 978.694960] eventpoll_pwq 35KB 43KB [ 978.700337] eventpoll_epi 57KB 66KB [ 978.706451] inotify_inode_mark 25KB 39KB [ 978.712316] request_queue 199KB 199KB [ 978.717763] blkdev_requests 1KB 3KB [ 978.723132] blkdev_ioc 34KB 38KB [ 978.728592] bio-0 1297KB 1301KB [ 978.734077] biovec-max 1592KB 1658KB [ 978.739444] biovec-64 1057KB 1102KB [ 978.746040] biovec-16 154KB 157KB [ 978.752178] bio_integrity_payload 1KB 8KB [ 978.758353] khugepaged_mm_slot 10KB 34KB [ 978.765538] uid_cache 0KB 4KB [ 978.771210] dmaengine-unmap-2 0KB 3KB [ 978.779050] skbuff_fclone_cache 69KB 78KB [ 978.785397] skbuff_head_cache 6360KB 7125KB [ 978.791310] configfs_dir_cache 3KB 7KB [ 978.797865] file_lock_cache 105KB 110KB [ 978.804191] file_lock_ctx 9KB 11KB [ 978.810278] fsnotify_mark_connector 15KB 23KB [ 978.817074] net_namespace 61KB 61KB [ 978.824807] shmem_inode_cache 8235KB 8244KB [ 978.830181] task_delay_info 159KB 367KB [ 978.838632] taskstats 56KB 65KB [ 978.845558] proc_dir_entry 739KB 840KB [ 978.850951] pde_opener 11KB 34KB [ 978.863666] seq_file 318KB 488KB [ 978.869520] sigqueue 51KB 66KB [ 978.884227] kernfs_node_cache 18234KB 18246KB [ 978.889629] mnt_cache 173KB 184KB [ 978.904318] filp 6660KB 7552KB [ 978.909697] names_cache 150254KB 150254KB [ 978.921387] iint_cache 39KB 55KB [ 978.927066] key_jar 23KB 135KB [ 978.932436] uts_namespace 2KB 7KB [ 978.942636] nsproxy 1KB 11KB [ 978.948445] vm_area_struct 3392KB 3762KB [ 978.958572] mm_struct 484KB 598KB [ 978.964089] fs_cache 135KB 340KB [ 978.969455] files_cache 511KB 723KB [ 978.979476] signal_cache 980KB 1574KB [ 978.984981] sighand_cache 594KB 624KB [ 978.990347] task_struct 4488KB 4576KB [ 979.000606] cred_jar 1819KB 2500KB [ 979.006124] anon_vma_chain 1179KB 1488KB [ 979.011492] anon_vma 137KB 288KB [ 979.021599] pid 80KB 224KB [ 979.027699] Acpi-Operand 156KB 198KB [ 979.033066] Acpi-ParseExt 9KB 11KB [ 979.043172] Acpi-Parse 41KB 47KB [ 979.048700] Acpi-State 52KB 63KB [ 979.059442] Acpi-Namespace 20KB 27KB [ 979.065021] numa_policy 0KB 3KB [ 979.070383] debug_objects_cache 1412KB 1828KB [ 979.080559] trace_event_file 297KB 298KB [ 979.086130] ftrace_event_field 398KB 401KB [ 979.091588] pool_workqueue 121KB 144KB [ 979.101664] page->ptl 545KB 1004KB [ 979.107202] kmalloc-2097152 2050KB 2050KB [ 979.112582] kmalloc-524288 2056KB 2056KB [ 979.122598] kmalloc-262144 1290KB 1290KB [ 979.128841] kmalloc-131072 650KB 650KB [ 979.139143] kmalloc-65536 1980KB 2046KB [ 979.144666] kmalloc-32768 1683KB 1683KB [ 979.150032] kmalloc-16384 1023KB 1056KB [ 979.160055] kmalloc-8192 4042KB 4100KB [ 979.165672] kmalloc-4096 19044KB 19082KB [ 979.171036] kmalloc-2048 11300KB 13559KB [ 979.181688] kmalloc-1024 7932KB 12009KB [ 979.187192] kmalloc-512 13548KB 15337KB [ 979.192645] kmalloc-256 4230KB 6033KB [ 979.202722] kmalloc-128 975KB 1468KB [ 979.208401] kmalloc-96 3452KB 4076KB [ 979.218507] kmalloc-64 2399KB 3880KB [ 979.224264] kmalloc-32 1815KB 2543KB [ 979.229948] kmalloc-192 1693KB 2760KB [ 979.235626] kmem_cache 177KB 183KB [ 979.240996] Out of memory (oom_kill_allocating_task): Kill process 8081 (syz-fuzzer) score 0 or sacrifice child [ 979.251546] Killed process 6361 (syz-executor.4) total-vm:48512kB, anon-rss:436kB, file-rss:4kB, shmem-rss:0kB 02:39:09 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:09 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2}) 02:39:09 executing program 4: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:09 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) [ 981.141365] IPVS: ftp: loaded support on port[0] = 21 [ 982.007268] chnl_net:caif_netlink_parms(): no params data found [ 982.212652] bridge0: port 1(bridge_slave_0) entered blocking state [ 982.221629] bridge0: port 1(bridge_slave_0) entered disabled state [ 982.232096] device bridge_slave_0 entered promiscuous mode [ 982.242068] bridge0: port 2(bridge_slave_1) entered blocking state [ 982.251999] bridge0: port 2(bridge_slave_1) entered disabled state [ 982.266819] device bridge_slave_1 entered promiscuous mode [ 982.455016] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 982.470196] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 982.659498] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 982.668729] team0: Port device team_slave_0 added [ 982.675294] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 982.682715] team0: Port device team_slave_1 added [ 982.701729] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 982.712432] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 982.729210] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 982.736717] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 982.750739] device bridge_slave_1 left promiscuous mode [ 982.757213] bridge0: port 2(bridge_slave_1) entered disabled state [ 982.770340] device bridge_slave_0 left promiscuous mode [ 982.778286] bridge0: port 1(bridge_slave_0) entered disabled state [ 982.794579] device veth1_macvtap left promiscuous mode [ 982.799884] device veth0_macvtap left promiscuous mode [ 982.812303] device veth1_vlan left promiscuous mode [ 982.818324] device veth0_vlan left promiscuous mode [ 983.178690] Bluetooth: hci3: command 0x0409 tx timeout 02:39:13 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x0, 0x401], 0x6}}, 0xfffffffa}) 02:39:13 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, 0x0) 02:39:13 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e], 0x6}}, 0xfffffffa}) 02:39:13 executing program 2: pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:13 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:13 executing program 2: pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:14 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:14 executing program 2: pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:14 executing program 2: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:14 executing program 2: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) [ 985.253033] Bluetooth: hci3: command 0x041b tx timeout [ 987.332867] Bluetooth: hci3: command 0x040f tx timeout [ 989.412672] Bluetooth: hci3: command 0x0419 tx timeout [ 989.869441] device hsr_slave_1 left promiscuous mode [ 989.879181] device hsr_slave_0 left promiscuous mode [ 989.897527] team0 (unregistering): Port device team_slave_1 removed [ 989.909864] team0 (unregistering): Port device team_slave_0 removed [ 989.920232] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 989.932493] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 989.970046] bond0 (unregistering): Released all slaves [ 989.995714] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 990.001990] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 990.028116] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 990.041357] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 990.047921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 990.074329] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 990.096192] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 990.103912] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 990.136036] device hsr_slave_0 entered promiscuous mode [ 990.153049] device hsr_slave_1 entered promiscuous mode [ 990.163566] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 990.170670] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 990.296434] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 990.351881] 8021q: adding VLAN 0 to HW filter on device bond0 [ 990.361484] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 990.376697] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 990.407400] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 990.415256] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 990.446131] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 990.452229] 8021q: adding VLAN 0 to HW filter on device team0 [ 990.462188] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 990.483198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 990.492368] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 990.513292] bridge0: port 1(bridge_slave_0) entered blocking state [ 990.519662] bridge0: port 1(bridge_slave_0) entered forwarding state [ 990.535439] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 990.543017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 990.550301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 990.574354] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 990.582038] bridge0: port 2(bridge_slave_1) entered blocking state [ 990.588449] bridge0: port 2(bridge_slave_1) entered forwarding state [ 990.599436] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 990.607752] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 990.620433] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 990.631688] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 990.648368] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 990.658222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 990.667304] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 990.677993] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 990.686785] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 990.696155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 990.707414] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 990.729191] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 990.739239] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 990.756176] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 990.765459] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 990.776425] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 990.790148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 990.842265] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 990.865149] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 990.871418] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 990.880852] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 990.904964] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 991.027722] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 991.044268] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 991.051315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 991.066974] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 991.127488] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 991.139700] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 991.148594] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 991.164284] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 991.170865] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 991.185385] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 991.199138] device veth0_vlan entered promiscuous mode [ 991.207662] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 991.219815] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 991.231787] device veth1_vlan entered promiscuous mode [ 991.244541] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 991.259661] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 991.279542] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 991.290314] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 991.303375] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 991.310661] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 991.331512] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 991.347116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 991.359860] device veth0_macvtap entered promiscuous mode [ 991.371311] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 991.396814] device veth1_macvtap entered promiscuous mode [ 991.416219] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 991.448194] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 991.465894] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 991.489342] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 991.513393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 991.542487] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 991.552220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 991.587208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 991.612665] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 991.632530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 991.642245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 991.651420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 991.661740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 991.672270] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 991.679329] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 991.687361] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 991.703117] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 991.710350] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 991.734629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 991.754665] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 991.772517] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 991.781636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 991.805204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 991.815243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 991.827109] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 991.836728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 991.846701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 991.856076] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 991.866019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 991.876808] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 991.884112] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 991.902584] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 991.910473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 992.145114] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 992.151434] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 992.167284] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 992.183575] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 992.203962] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 992.210272] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 992.224365] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 992.231697] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 992.911252] oom_reaper: reaped process 9133 (syz-executor.1), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 992.976701] syz-executor.4 invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 993.016701] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 993.021860] CPU: 1 PID: 8969 Comm: syz-executor.4 Not tainted 4.19.211-syzkaller #0 [ 993.029648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 993.038993] Call Trace: [ 993.041592] dump_stack+0x1fc/0x2ef [ 993.045218] dump_header+0x15d/0xc3f [ 993.048946] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 993.054040] ? ___ratelimit+0x319/0x590 [ 993.058011] oom_kill_process.cold+0x10/0x692 [ 993.062515] ? check_preemption_disabled+0x41/0x280 [ 993.067527] ? has_intersects_mems_allowed+0x1d6/0x290 [ 993.072796] out_of_memory+0x1072/0x1390 [ 993.076835] ? oom_killer_disable+0x270/0x270 [ 993.081312] ? mutex_trylock+0x15f/0x1a0 [ 993.085355] __alloc_pages_nodemask+0x23a2/0x2890 [ 993.090178] ? find_get_entry+0x4cd/0x8a0 [ 993.094320] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 993.099169] alloc_pages_current+0x193/0x2a0 [ 993.103554] filemap_fault+0x146e/0x2180 [ 993.107610] ext4_filemap_fault+0x84/0xb0 [ 993.111742] __do_fault+0x10b/0x4b0 [ 993.115366] __handle_mm_fault+0x273b/0x41c0 [ 993.119757] ? debug_object_free+0x1cc/0x380 [ 993.124176] ? vm_insert_page+0x9c0/0x9c0 [ 993.128316] ? check_preemption_disabled+0x41/0x280 [ 993.133313] handle_mm_fault+0x436/0xb10 [ 993.137365] __do_page_fault+0x68e/0xd60 [ 993.141422] ? trace_hardirqs_off_caller+0x6e/0x210 [ 993.146430] ? spurious_fault+0x840/0x840 [ 993.150554] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 993.155373] ? page_fault+0x8/0x30 [ 993.158891] page_fault+0x1e/0x30 [ 993.162321] RIP: 0033:0x7fc24d083db3 [ 993.166015] Code: Bad RIP value. [ 993.169354] RSP: 002b:00007ffc1c845c30 EFLAGS: 00010206 [ 993.174693] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00007fc24d0aae21 [ 993.181941] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 993.189188] RBP: 00007ffc1c845ccc R08: 0000000000000000 R09: 000000ff2010a136 [ 993.196437] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000032 [ 993.203684] R13: 00000000000f2484 R14: 0000000000000002 R15: 00007ffc1c845d30 [ 993.219041] Mem-Info: [ 993.221483] active_anon:15336 inactive_anon:37249 isolated_anon:0 [ 993.221483] active_file:1 inactive_file:0 isolated_file:0 [ 993.221483] unevictable:0 dirty:0 writeback:0 unstable:0 [ 993.221483] slab_reclaimable:14142 slab_unreclaimable:120922 [ 993.221483] mapped:22188 shmem:37837 pagetables:647 bounce:0 [ 993.221483] free:13816 free_pcp:0 free_cma:0 [ 993.230077] syz-executor.1: vmalloc: allocation failure, allocated 1669537792 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 993.259172] Node 0 active_anon:57760kB inactive_anon:51172kB active_file:0kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86544kB dirty:0kB writeback:0kB shmem:52736kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 993.283494] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 993.299059] Node 1 active_anon:3584kB inactive_anon:97824kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2208kB dirty:0kB writeback:0kB shmem:98612kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 993.311644] CPU: 0 PID: 9133 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 993.331575] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 993.335638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 993.335643] Call Trace: [ 993.335661] dump_stack+0x1fc/0x2ef [ 993.335677] warn_alloc.cold+0x7b/0x18f [ 993.335694] ? zone_watermark_ok_safe+0x260/0x260 [ 993.335708] ? retint_kernel+0x2d/0x2d [ 993.335736] __vmalloc_area_node+0x4fd/0x780 [ 993.335752] ? __vmalloc_node_range+0x180/0x180 [ 993.335763] ? _raw_spin_unlock+0x29/0x40 [ 993.335777] ? __get_vm_area_node+0x2e2/0x3a0 [ 993.371725] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 993.373787] __vmalloc_node_range+0xed/0x180 [ 993.373802] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 993.373817] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 993.373829] vmalloc_user+0x70/0xe0 [ 993.373842] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 993.373855] vb2_vmalloc_alloc+0xb3/0x2f0 [ 993.373868] __vb2_queue_alloc+0x472/0xe60 [ 993.373893] vb2_core_create_bufs+0x273/0x7e0 [ 993.373906] ? __vb2_queue_free+0x870/0x870 [ 993.373921] ? mutex_trylock+0x1a0/0x1a0 [ 993.373936] ? __video_do_ioctl+0x632/0xcd0 [ 993.373954] vb2_create_bufs+0x332/0x620 [ 993.373968] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 993.373980] ? __video_do_ioctl+0x632/0xcd0 [ 993.373991] ? mutex_trylock+0x1a0/0x1a0 [ 993.374005] ? mark_held_locks+0xf0/0xf0 [ 993.374023] vb2_ioctl_create_bufs+0x20d/0x360 [ 993.374038] ? memset+0x20/0x40 [ 993.377642] Node 0 DMA32 free:17820kB min:35996kB low:44992kB high:53988kB active_anon:57760kB inactive_anon:51172kB active_file:108kB inactive_file:36kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:2100kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 993.381611] v4l_create_bufs+0xb2/0x160 [ 993.393686] lowmem_reserve[]: 0 0 1 1 1 [ 993.394708] __video_do_ioctl+0x49a/0xcd0 [ 993.399345] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 993.403489] ? v4l_querycap+0x340/0x340 [ 993.403506] ? __might_fault+0x192/0x1d0 [ 993.403522] ? v4l_querycap+0x340/0x340 [ 993.403536] video_usercopy+0x13f/0xfa0 [ 993.403554] ? v4l_enumstd+0x60/0x60 [ 993.403566] ? do_futex+0x171/0x1880 [ 993.403578] ? mark_held_locks+0xf0/0xf0 [ 993.403596] ? debug_check_no_obj_freed+0x201/0x490 [ 993.411817] lowmem_reserve[]: 0 0 0 0 0 [ 993.413082] ? video_usercopy+0xfa0/0xfa0 [ 993.413094] v4l2_ioctl+0x147/0x1a0 [ 993.413106] ? video_devdata+0xa0/0xa0 [ 993.413125] do_vfs_ioctl+0xcdb/0x12e0 [ 993.419540] Node 1 Normal free:26564kB min:53876kB low:67344kB high:80812kB active_anon:3584kB inactive_anon:97824kB active_file:4kB inactive_file:8kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:576kB pagetables:488kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 993.421819] ? lock_downgrade+0x720/0x720 [ 993.432600] lowmem_reserve[]: 0 0 0 0 0 [ 993.435076] ? check_preemption_disabled+0x41/0x280 [ 993.439188] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 993.443406] ? ioctl_preallocate+0x200/0x200 [ 993.443423] ? __fget+0x356/0x510 [ 993.443438] ? do_dup2+0x450/0x450 [ 993.443452] ? __se_sys_futex+0x298/0x3b0 [ 993.443472] ksys_ioctl+0x9b/0xc0 [ 993.443488] __x64_sys_ioctl+0x6f/0xb0 [ 993.451424] Node 0 DMA32: 887*4kB (UME) 842*8kB (UME) 274*16kB (UME) 47*32kB (UME) 5*64kB (UE) 2*128kB (U) 0*256kB 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 18284kB [ 993.452272] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 993.461445] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 993.464692] do_syscall_64+0xf9/0x620 [ 993.464710] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 993.464721] RIP: 0033:0x7f344dd4c0f9 [ 993.464734] Code: Bad RIP value. [ 993.464741] RSP: 002b:00007f344c2be168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 993.464754] RAX: ffffffffffffffda RBX: 00007f344de6bf80 RCX: 00007f344dd4c0f9 [ 993.464764] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 993.475409] Node 1 Normal: 321*4kB (ME) 256*8kB (UME) 211*16kB (UME) 96*32kB (UME) 14*64kB (UME) 18*128kB (UME) 4*256kB (M) 1*512kB (U) 2*1024kB (UE) 1*2048kB (E) 2*4096kB (UM) = 26804kB [ 993.478206] RBP: 00007f344dda7ae9 R08: 0000000000000000 R09: 0000000000000000 [ 993.482244] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 993.482256] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 993.486813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 993.486821] R13: 00007ffd560f77bf R14: 00007f344c2be300 R15: 0000000000022000 [ 993.497813] Mem-Info: [ 993.529198] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 993.541032] active_anon:15336 inactive_anon:37249 isolated_anon:0 [ 993.541032] active_file:1 inactive_file:0 isolated_file:0 [ 993.541032] unevictable:0 dirty:0 writeback:0 unstable:0 [ 993.541032] slab_reclaimable:14142 slab_unreclaimable:120922 [ 993.541032] mapped:22188 shmem:37837 pagetables:647 bounce:0 [ 993.541032] free:13816 free_pcp:0 free_cma:0 [ 993.565658] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 993.582746] Node 0 active_anon:57760kB inactive_anon:51172kB active_file:0kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86544kB dirty:0kB writeback:0kB shmem:52736kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 993.591143] 37908 total pagecache pages [ 993.600177] Node 1 active_anon:3584kB inactive_anon:97824kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2208kB dirty:0kB writeback:0kB shmem:98612kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 993.608431] 0 pages in swap cache [ 993.609694] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 993.644618] Swap cache stats: add 0, delete 0, find 0/0 [ 993.656884] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 993.673360] Free swap = 0kB [ 993.688059] Node 0 DMA32 free:17820kB min:35996kB low:44992kB high:53988kB active_anon:57760kB inactive_anon:51172kB active_file:108kB inactive_file:36kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:2100kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 993.708592] Total swap = 0kB [ 993.728802] lowmem_reserve[]: 0 0 1 1 1 [ 993.737939] 2097051 pages RAM [ 993.749386] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 993.749649] 0 pages HighMem/MovableOnly [ 993.767887] lowmem_reserve[]: 0 0 0 0 0 [ 993.781778] 369649 pages reserved [ 993.801220] Node 1 Normal free:26812kB min:53876kB low:67344kB high:80812kB active_anon:3584kB inactive_anon:97824kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:576kB pagetables:488kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 993.812096] 0 pages cma reserved [ 993.824052] lowmem_reserve[]: 0 0 0 0 0 [ 993.830485] Unreclaimable slab info: [ 993.868534] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 993.905883] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.938383] Node 0 DMA32: 887*4kB (UME) 842*8kB (UME) 274*16kB (UME) 47*32kB (UME) 5*64kB (UE) 2*128kB (U) 0*256kB 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 18284kB [ 993.968786] ieee802154 phy1 wpan1: encryption failed: -22 [ 994.009614] Name Used Total [ 994.141625] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 994.144990] pid_2 32KB 80KB [ 994.158189] batadv_tt_change_cache 1KB 3KB [ 994.159170] Node 1 Normal: 321*4kB (ME) 258*8kB (UME) 214*16kB (UME) 96*32kB (UME) 14*64kB (UME) 18*128kB (UME) 4*256kB (M) 1*512kB (U) 2*1024kB (UE) 1*2048kB (E) 2*4096kB (UM) = 26868kB [ 994.174176] batadv_tl_cache 7KB 16KB [ 994.191227] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 994.195530] TIPC 12KB 37KB [ 994.200355] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 994.216036] SCTPv6 16KB 24KB [ 994.221010] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 994.221404] DCCPv6 17KB 30KB [ 994.230293] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 994.230300] 37862 total pagecache pages [ 994.230313] 0 pages in swap cache [ 994.230321] Swap cache stats: add 0, delete 0, find 0/0 [ 994.230326] Free swap = 0kB [ 994.230331] Total swap = 0kB [ 994.230339] 2097051 pages RAM [ 994.230344] 0 pages HighMem/MovableOnly [ 994.230348] 369649 pages reserved [ 994.230353] 0 pages cma reserved [ 994.289377] DCCP 16KB 28KB [ 994.299113] RXRPC 13KB 26KB [ 994.312153] rxrpc_call_jar 90KB 102KB [ 994.321577] bridge_fdb_cache 16KB 23KB [ 994.338222] fib6_nodes 190KB 264KB [ 994.347020] ip6_dst_cache 276KB 562KB [ 994.361019] RAWv6 81KB 101KB [ 994.369831] UDPv6 35KB 37KB [ 994.382215] TCPv6 36KB 36KB [ 994.391091] nf_conntrack 22KB 22KB [ 994.406836] t10_alua_lu_gp_cache 0KB 3KB [ 994.415698] sd_ext_cdb 0KB 7KB [ 994.421064] scsi_sense_cache 1056KB 1060KB [ 994.438327] virtio_scsi_cmd 16KB 16KB [ 994.445308] sgpool-128 8KB 8KB [ 994.450680] sgpool-64 4KB 12KB [ 994.468023] sgpool-32 2KB 15KB [ 994.477022] sgpool-16 1KB 7KB [ 994.490758] sgpool-8 0KB 7KB [ 994.499743] mqueue_inode_cache 12KB 30KB [ 994.513593] bio_post_read_ctx 14KB 15KB [ 994.519027] bio-2 14KB 15KB [ 994.538596] jfs_mp 7KB 7KB [ 994.548757] cifs_small_rq 15KB 16KB [ 994.561054] cifs_request 67KB 67KB [ 994.571558] cifs_mpx_ids 0KB 7KB [ 994.589099] nfs_commit_data 3KB 14KB [ 994.594560] nfs_write_data 34KB 44KB [ 994.599956] ext4_system_zone 1KB 7KB [ 994.617619] bio-1 1KB 7KB [ 994.627830] pid_namespace 2KB 11KB [ 994.640016] rpc_buffers 17KB 25KB [ 994.649938] rpc_tasks 2KB 7KB [ 994.662107] UNIX 826KB 840KB [ 994.672028] tcp_bind_bucket 1KB 4KB [ 994.688083] ip_fib_trie 30KB 43KB [ 994.697646] ip_fib_alias 133KB 189KB [ 994.706540] ip_dst_cache 20KB 20KB [ 994.711920] RAW 48KB 60KB [ 994.720907] UDP 62KB 67KB [ 994.729413] TCP 16KB 16KB [ 994.738107] hugetlbfs_inode_cache 3KB 15KB [ 994.746945] fscache_cookie_jar 1KB 11KB [ 994.755682] eventpoll_pwq 32KB 43KB [ 994.761043] eventpoll_epi 60KB 66KB [ 994.769517] inotify_inode_mark 22KB 39KB [ 994.778080] request_queue 199KB 199KB [ 994.786540] blkdev_requests 1KB 3KB [ 994.791913] blkdev_ioc 28KB 38KB [ 994.800374] bio-0 1150KB 1271KB [ 994.817239] biovec-max 1551KB 1633KB [ 994.826952] biovec-64 1026KB 1173KB [ 994.838679] biovec-16 134KB 168KB [ 994.848113] bio_integrity_payload 1KB 8KB [ 994.860351] khugepaged_mm_slot 7KB 34KB [ 994.869976] uid_cache 0KB 4KB [ 994.881227] dmaengine-unmap-2 0KB 3KB [ 994.890667] skbuff_fclone_cache 68KB 78KB [ 994.897266] skbuff_head_cache 6781KB 6963KB [ 994.907632] configfs_dir_cache 3KB 7KB [ 994.913116] file_lock_cache 97KB 110KB [ 994.918487] file_lock_ctx 9KB 11KB [ 994.929576] fsnotify_mark_connector 11KB 23KB [ 994.935881] net_namespace 61KB 61KB [ 994.941855] shmem_inode_cache 8244KB 8252KB [ 994.952031] task_delay_info 168KB 367KB [ 994.958002] taskstats 49KB 65KB [ 994.967763] proc_dir_entry 763KB 832KB [ 994.973935] pde_opener 10KB 34KB [ 994.979778] seq_file 294KB 480KB [ 994.989479] sigqueue 52KB 66KB [ 994.994880] kernfs_node_cache 18241KB 18242KB [ 995.000673] mnt_cache 190KB 192KB [ 995.011061] filp 6485KB 7545KB [ 995.018774] names_cache 139455KB 139514KB [ 995.029840] iint_cache 34KB 55KB [ 995.036284] key_jar 23KB 135KB [ 995.042172] uts_namespace 3KB 7KB [ 995.052731] nsproxy 1KB 11KB [ 995.058195] vm_area_struct 3300KB 3758KB [ 995.067377] mm_struct 451KB 585KB [ 995.073656] fs_cache 153KB 340KB [ 995.079018] files_cache 552KB 712KB [ 995.088949] signal_cache 1108KB 1566KB [ 995.096651] sighand_cache 619KB 624KB [ 995.107333] task_struct 5693KB 5706KB [ 995.114097] cred_jar 1858KB 2500KB [ 995.119543] anon_vma_chain 1138KB 1488KB [ 995.129348] anon_vma 161KB 288KB [ 995.141858] pid 96KB 224KB [ 995.154249] Acpi-Operand 156KB 198KB [ 995.160799] Acpi-ParseExt 9KB 11KB [ 995.170230] Acpi-Parse 41KB 47KB [ 995.180395] Acpi-State 52KB 63KB [ 995.190060] Acpi-Namespace 20KB 27KB [ 995.196560] numa_policy 0KB 3KB [ 995.206844] debug_objects_cache 1445KB 1828KB [ 995.213607] trace_event_file 297KB 298KB [ 995.219043] ftrace_event_field 398KB 401KB [ 995.229459] pool_workqueue 142KB 144KB [ 995.235946] page->ptl 526KB 1004KB [ 995.241424] kmalloc-2097152 2050KB 2050KB [ 995.251214] kmalloc-524288 2056KB 2056KB [ 995.276683] kmalloc-262144 1290KB 1290KB [ 995.282058] kmalloc-131072 650KB 650KB [ 995.287676] kmalloc-65536 2112KB 2178KB [ 995.303618] kmalloc-32768 1815KB 1815KB [ 995.308986] kmalloc-16384 1056KB 1122KB [ 995.332237] kmalloc-8192 4463KB 4463KB [ 995.337659] kmalloc-4096 22206KB 22248KB [ 995.343548] kmalloc-2048 12514KB 13432KB [ 995.348912] kmalloc-1024 9174KB 11954KB [ 995.354567] kmalloc-512 14250KB 15296KB [ 995.359930] kmalloc-256 4567KB 6033KB [ 995.366102] kmalloc-128 975KB 1468KB [ 995.371483] kmalloc-96 3369KB 4076KB [ 995.377112] kmalloc-64 2437KB 3880KB [ 995.382729] kmalloc-32 1845KB 2543KB [ 995.388089] kmalloc-192 1726KB 2752KB [ 995.393835] kmem_cache 177KB 183KB [ 995.399198] Out of memory (oom_kill_allocating_task): Kill process 8969 (syz-executor.4) score 0 or sacrifice child [ 995.410098] Killed process 9264 (syz-executor.4) total-vm:60680kB, anon-rss:460kB, file-rss:13588kB, shmem-rss:0kB [ 995.425787] oom_reaper: reaped process 9264 (syz-executor.4), now anon-rss:0kB, file-rss:13584kB, shmem-rss:0kB 02:39:26 executing program 2: r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:26 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:28 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x0, 0x0, 0x401], 0x6}}, 0xfffffffa}) 02:39:28 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e], 0x6}}, 0xfffffffa}) 02:39:28 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:28 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:39:28 executing program 2: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:28 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) [ 1003.891731] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1003.905364] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1003.910137] CPU: 1 PID: 8087 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 1003.917575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1003.926939] Call Trace: [ 1003.929511] dump_stack+0x1fc/0x2ef [ 1003.933154] dump_header+0x15d/0xc3f [ 1003.936873] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1003.941982] ? ___ratelimit+0x319/0x590 [ 1003.945961] oom_kill_process.cold+0x10/0x692 [ 1003.950458] ? check_preemption_disabled+0x41/0x280 [ 1003.955473] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1003.960764] out_of_memory+0x1072/0x1390 [ 1003.964827] ? oom_killer_disable+0x270/0x270 [ 1003.969322] ? mutex_trylock+0x15f/0x1a0 [ 1003.973384] __alloc_pages_nodemask+0x23a2/0x2890 [ 1003.978226] ? find_get_entry+0x4cd/0x8a0 [ 1003.982375] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1003.987234] alloc_pages_current+0x193/0x2a0 [ 1003.991728] filemap_fault+0x146e/0x2180 [ 1003.995800] ext4_filemap_fault+0x84/0xb0 [ 1003.999939] __do_fault+0x10b/0x4b0 [ 1004.003558] __handle_mm_fault+0x273b/0x41c0 [ 1004.007973] ? vm_insert_page+0x9c0/0x9c0 [ 1004.012112] ? __fget+0x356/0x510 [ 1004.015575] ? check_preemption_disabled+0x41/0x280 [ 1004.020589] handle_mm_fault+0x436/0xb10 [ 1004.024649] __do_page_fault+0x68e/0xd60 [ 1004.028710] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1004.033720] ? spurious_fault+0x840/0x840 [ 1004.037880] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1004.042725] ? page_fault+0x8/0x30 [ 1004.046260] page_fault+0x1e/0x30 [ 1004.049703] RIP: 0033:0x467800 [ 1004.052888] Code: Bad RIP value. [ 1004.056242] RSP: 002b:000000c00065b7e8 EFLAGS: 00010246 [ 1004.061597] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000467800 [ 1004.068861] RDX: 0000000000000080 RSI: 000000c00065b840 RDI: 0000000000000004 [ 1004.076122] RBP: 000000c00065be40 R08: 0000000000000000 R09: 000000e9beb31a15 [ 1004.083385] R10: 00000000000003e5 R11: 0000000000000246 R12: 000000c00065b870 [ 1004.090637] R13: 0000000000000000 R14: 000000c000450d00 R15: 0000000000000000 [ 1004.138085] Mem-Info: [ 1004.140532] active_anon:16811 inactive_anon:37248 isolated_anon:0 [ 1004.140532] active_file:37 inactive_file:0 isolated_file:0 [ 1004.140532] unevictable:0 dirty:1 writeback:0 unstable:0 [ 1004.140532] slab_reclaimable:14113 slab_unreclaimable:120060 [ 1004.140532] mapped:22212 shmem:37836 pagetables:641 bounce:0 [ 1004.140532] free:25106 free_pcp:62 free_cma:0 [ 1004.237854] Node 0 active_anon:64184kB inactive_anon:51176kB active_file:120kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86608kB dirty:0kB writeback:0kB shmem:52740kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 20480kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1004.280975] Node 1 active_anon:3060kB inactive_anon:97816kB active_file:4kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2240kB dirty:4kB writeback:0kB shmem:98604kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1004.338358] Node 0 DMA free:10984kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1004.419891] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1004.435118] Node 0 DMA32 free:35988kB min:35996kB low:44992kB high:53988kB active_anon:64184kB inactive_anon:51176kB active_file:24kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7552kB pagetables:2224kB bounce:0kB free_pcp:220kB local_pcp:220kB free_cma:0kB [ 1004.502734] lowmem_reserve[]: 0 0 1 1 1 [ 1004.506738] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1004.585541] lowmem_reserve[]: 0 0 0 0 0 [ 1004.589549] Node 1 Normal free:53444kB min:53876kB low:67344kB high:80812kB active_anon:3060kB inactive_anon:97816kB active_file:4kB inactive_file:4kB unevictable:0kB writepending:4kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:480kB pagetables:340kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1004.679730] lowmem_reserve[]: 0 0 0 0 0 [ 1004.683780] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10984kB [ 1004.712661] Node 0 DMA32: 904*4kB (UME) 921*8kB (UME) 304*16kB (UME) 55*32kB (ME) 11*64kB (ME) 4*128kB (M) 6*256kB (UM) 1*512kB (M) 1*1024kB (M) 7*2048kB (U) 0*4096kB = 36232kB [ 1004.738308] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1004.749437] Node 1 Normal: 309*4kB (ME) 263*8kB (ME) 207*16kB (UME) 98*32kB (UME) 24*64kB (UME) 17*128kB (UME) 5*256kB (UM) 0*512kB 2*1024kB (UE) 2*2048kB (UE) 8*4096kB (UM) = 53692kB [ 1004.774982] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1004.783880] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1004.792499] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1004.801667] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1004.828404] 37897 total pagecache pages [ 1004.840103] 0 pages in swap cache [ 1004.843614] Swap cache stats: add 0, delete 0, find 0/0 [ 1004.848963] Free swap = 0kB [ 1004.884544] Total swap = 0kB [ 1004.887566] 2097051 pages RAM [ 1004.890661] 0 pages HighMem/MovableOnly [ 1004.905029] 369649 pages reserved [ 1004.908473] 0 pages cma reserved [ 1004.918427] Unreclaimable slab info: [ 1004.922186] Name Used Total [ 1004.950040] pid_2 30KB 80KB [ 1004.955503] batadv_tt_change_cache 0KB 3KB [ 1004.961300] batadv_tl_cache 5KB 16KB [ 1004.979732] TIPC 12KB 37KB [ 1004.990212] SCTPv6 16KB 24KB [ 1005.006770] DCCPv6 17KB 30KB [ 1005.017946] DCCP 16KB 28KB [ 1005.023422] RXRPC 13KB 26KB [ 1005.028780] rxrpc_call_jar 90KB 102KB [ 1005.036002] bridge_fdb_cache 10KB 23KB [ 1005.041439] fib6_nodes 183KB 264KB [ 1005.076224] ip6_dst_cache 299KB 562KB [ 1005.081698] RAWv6 81KB 101KB [ 1005.087061] UDPv6 30KB 37KB [ 1005.116514] TCPv6 24KB 30KB [ 1005.121995] nf_conntrack 6KB 15KB [ 1005.127417] t10_alua_lu_gp_cache 0KB 3KB [ 1005.147257] sd_ext_cdb 0KB 7KB [ 1005.157266] scsi_sense_cache 1056KB 1060KB [ 1005.163289] virtio_scsi_cmd 16KB 16KB [ 1005.168682] sgpool-128 8KB 8KB [ 1005.184509] sgpool-64 4KB 12KB [ 1005.189870] sgpool-32 2KB 15KB [ 1005.210339] sgpool-16 1KB 7KB [ 1005.227537] sgpool-8 0KB 7KB [ 1005.240417] mqueue_inode_cache 12KB 30KB [ 1005.245969] bio_post_read_ctx 14KB 15KB [ 1005.251364] bio-2 14KB 15KB [ 1005.268081] jfs_mp 7KB 7KB [ 1005.273657] cifs_small_rq 15KB 16KB [ 1005.279017] cifs_request 67KB 67KB [ 1005.310018] cifs_mpx_ids 0KB 7KB [ 1005.315438] nfs_commit_data 3KB 14KB [ 1005.320796] nfs_write_data 34KB 44KB [ 1005.355252] ext4_system_zone 1KB 7KB [ 1005.360653] bio-1 1KB 7KB [ 1005.388548] pid_namespace 2KB 11KB [ 1005.405393] rpc_buffers 17KB 25KB [ 1005.410759] rpc_tasks 2KB 7KB [ 1005.418259] UNIX 811KB 832KB [ 1005.426031] tcp_bind_bucket 1KB 4KB [ 1005.431403] ip_fib_trie 27KB 43KB [ 1005.446486] ip_fib_alias 130KB 189KB [ 1005.451925] ip_dst_cache 7KB 20KB [ 1005.457282] RAW 48KB 60KB [ 1005.466112] UDP 54KB 67KB [ 1005.471487] TCP 8KB 16KB [ 1005.476892] hugetlbfs_inode_cache 3KB 15KB [ 1005.484939] fscache_cookie_jar 1KB 11KB [ 1005.490385] eventpoll_pwq 23KB 43KB [ 1005.504994] eventpoll_epi 43KB 66KB [ 1005.510351] inotify_inode_mark 23KB 39KB [ 1005.515800] request_queue 199KB 199KB [ 1005.521146] blkdev_requests 1KB 3KB [ 1005.529291] blkdev_ioc 23KB 38KB [ 1005.539319] bio-0 1208KB 1271KB [ 1005.547215] biovec-max 1584KB 1650KB [ 1005.555952] biovec-64 1077KB 1173KB [ 1005.561314] biovec-16 136KB 168KB [ 1005.566744] bio_integrity_payload 1KB 8KB [ 1005.575911] khugepaged_mm_slot 7KB 34KB [ 1005.581380] uid_cache 0KB 4KB [ 1005.586953] dmaengine-unmap-2 0KB 3KB [ 1005.595523] skbuff_fclone_cache 61KB 78KB [ 1005.601053] skbuff_head_cache 7293KB 7301KB [ 1005.606438] configfs_dir_cache 3KB 7KB [ 1005.615485] file_lock_cache 94KB 110KB [ 1005.620849] file_lock_ctx 9KB 11KB [ 1005.626286] fsnotify_mark_connector 12KB 23KB [ 1005.635738] net_namespace 61KB 61KB [ 1005.641098] shmem_inode_cache 8220KB 8252KB [ 1005.647063] task_delay_info 162KB 367KB [ 1005.655988] taskstats 51KB 65KB [ 1005.661381] proc_dir_entry 759KB 832KB [ 1005.666769] pde_opener 8KB 34KB [ 1005.675678] seq_file 275KB 476KB [ 1005.681036] sigqueue 58KB 66KB [ 1005.686605] kernfs_node_cache 18234KB 18242KB [ 1005.695575] mnt_cache 190KB 192KB [ 1005.700943] filp 6368KB 7545KB [ 1005.706340] names_cache 138775KB 138834KB [ 1005.715189] iint_cache 34KB 55KB [ 1005.720574] key_jar 23KB 135KB [ 1005.725967] uts_namespace 3KB 7KB [ 1005.731336] nsproxy 1KB 11KB [ 1005.739289] vm_area_struct 3215KB 3758KB [ 1005.748914] mm_struct 429KB 585KB [ 1005.755545] fs_cache 140KB 340KB [ 1005.760940] files_cache 520KB 705KB [ 1005.768061] signal_cache 1091KB 1559KB [ 1005.776063] sighand_cache 550KB 617KB [ 1005.781439] task_struct 5567KB 5624KB [ 1005.791259] cred_jar 1801KB 2500KB [ 1005.798164] anon_vma_chain 1119KB 1488KB [ 1005.805023] anon_vma 118KB 288KB [ 1005.810391] pid 83KB 224KB [ 1005.817735] Acpi-Operand 156KB 198KB [ 1005.824709] Acpi-ParseExt 9KB 11KB [ 1005.830070] Acpi-Parse 41KB 47KB [ 1005.840607] Acpi-State 52KB 63KB [ 1005.847011] Acpi-Namespace 20KB 27KB [ 1005.858287] numa_policy 0KB 3KB [ 1005.865426] debug_objects_cache 1441KB 1828KB [ 1005.870959] trace_event_file 297KB 298KB [ 1005.879573] ftrace_event_field 398KB 401KB [ 1005.889150] pool_workqueue 128KB 144KB [ 1005.896443] page->ptl 499KB 1000KB [ 1005.903442] kmalloc-2097152 2050KB 2050KB [ 1005.908815] kmalloc-524288 2056KB 2056KB [ 1005.916226] kmalloc-262144 1290KB 1290KB [ 1005.923171] kmalloc-131072 650KB 650KB [ 1005.928708] kmalloc-65536 2112KB 2178KB [ 1005.934754] kmalloc-32768 1815KB 1815KB [ 1005.940131] kmalloc-16384 1056KB 1122KB [ 1005.950344] kmalloc-8192 4463KB 4463KB [ 1005.957280] kmalloc-4096 21972KB 22023KB [ 1005.964629] kmalloc-2048 12448KB 13419KB [ 1005.969993] kmalloc-1024 9255KB 11946KB [ 1005.977732] kmalloc-512 15290KB 15360KB [ 1005.985381] kmalloc-256 4576KB 6030KB [ 1005.990745] kmalloc-128 966KB 1468KB [ 1005.998133] kmalloc-96 3429KB 4076KB [ 1006.006998] kmalloc-64 2413KB 3876KB [ 1006.013849] kmalloc-32 1845KB 2543KB [ 1006.019207] kmalloc-192 1707KB 2752KB [ 1006.027658] kmem_cache 177KB 183KB [ 1006.034609] Out of memory (oom_kill_allocating_task): Kill process 8087 (syz-fuzzer) score 0 or sacrifice child [ 1006.047924] Killed process 6425 (syz-executor.5) total-vm:48512kB, anon-rss:440kB, file-rss:0kB, shmem-rss:0kB [ 1006.069013] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1006.085404] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1006.090178] CPU: 1 PID: 8087 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 1006.097611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1006.106947] Call Trace: [ 1006.109530] dump_stack+0x1fc/0x2ef [ 1006.113154] dump_header+0x15d/0xc3f [ 1006.116867] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1006.121976] ? ___ratelimit+0x319/0x590 [ 1006.125945] oom_kill_process.cold+0x10/0x692 [ 1006.130423] ? check_preemption_disabled+0x41/0x280 [ 1006.135432] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1006.140707] out_of_memory+0x1072/0x1390 [ 1006.144772] ? oom_killer_disable+0x270/0x270 [ 1006.149259] ? mutex_trylock+0x15f/0x1a0 [ 1006.153314] __alloc_pages_nodemask+0x23a2/0x2890 [ 1006.158156] ? find_get_entry+0x4cd/0x8a0 [ 1006.162306] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1006.167178] alloc_pages_current+0x193/0x2a0 [ 1006.171613] filemap_fault+0x146e/0x2180 [ 1006.175706] ext4_filemap_fault+0x84/0xb0 [ 1006.179977] __do_fault+0x10b/0x4b0 [ 1006.183602] __handle_mm_fault+0x273b/0x41c0 [ 1006.188357] ? vm_insert_page+0x9c0/0x9c0 [ 1006.192500] ? __fget+0x356/0x510 [ 1006.195975] ? check_preemption_disabled+0x41/0x280 [ 1006.201002] handle_mm_fault+0x436/0xb10 [ 1006.205070] __do_page_fault+0x68e/0xd60 [ 1006.209128] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1006.214133] ? spurious_fault+0x840/0x840 [ 1006.218436] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1006.223270] ? page_fault+0x8/0x30 [ 1006.226809] page_fault+0x1e/0x30 [ 1006.230268] RIP: 0033:0x467800 [ 1006.233461] Code: Bad RIP value. [ 1006.236818] RSP: 002b:000000c00065b7e8 EFLAGS: 00010246 [ 1006.242174] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000467800 [ 1006.249423] RDX: 0000000000000080 RSI: 000000c00065b840 RDI: 0000000000000004 [ 1006.256678] RBP: 000000c00065be40 R08: 0000000000000000 R09: 000000e9beb31a15 [ 1006.263947] R10: 00000000000003e5 R11: 0000000000000246 R12: 000000c00065b870 [ 1006.271205] R13: 0000000000000000 R14: 000000c000450d00 R15: 0000000000000000 [ 1006.279743] Mem-Info: [ 1006.282247] active_anon:16786 inactive_anon:37248 isolated_anon:0 [ 1006.282247] active_file:12 inactive_file:12 isolated_file:0 [ 1006.282247] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1006.282247] slab_reclaimable:14100 slab_unreclaimable:120080 [ 1006.282247] mapped:22187 shmem:37836 pagetables:604 bounce:0 [ 1006.282247] free:25114 free_pcp:135 free_cma:0 [ 1006.315674] Node 0 active_anon:64084kB inactive_anon:51176kB active_file:44kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52740kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 20480kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1006.343351] Node 1 active_anon:3060kB inactive_anon:97816kB active_file:4kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2240kB dirty:0kB writeback:0kB shmem:98604kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1006.371731] Node 0 DMA free:10984kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1006.397964] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1006.403106] Node 0 DMA32 free:35772kB min:35996kB low:44992kB high:53988kB active_anon:64084kB inactive_anon:51176kB active_file:44kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7520kB pagetables:2076kB bounce:0kB free_pcp:512kB local_pcp:120kB free_cma:0kB [ 1006.432084] lowmem_reserve[]: 0 0 1 1 1 [ 1006.436061] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1006.462037] lowmem_reserve[]: 0 0 0 0 0 [ 1006.467640] Node 1 Normal free:53692kB min:53876kB low:67344kB high:80812kB active_anon:3060kB inactive_anon:97816kB active_file:4kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:480kB pagetables:340kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 1006.495927] lowmem_reserve[]: 0 0 0 0 0 [ 1006.499905] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10984kB [ 1006.513197] Node 0 DMA32: 913*4kB (ME) 881*8kB (UME) 305*16kB (UME) 56*32kB (UME) 12*64kB (UME) 4*128kB (M) 5*256kB (M) 1*512kB (M) 1*1024kB (M) 7*2048kB (U) 0*4096kB = 35804kB [ 1006.529186] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1006.540535] Node 1 Normal: 309*4kB (ME) 263*8kB (ME) 207*16kB (UME) 98*32kB (UME) 24*64kB (UME) 17*128kB (UME) 5*256kB (UM) 0*512kB 2*1024kB (UE) 2*2048kB (UE) 8*4096kB (UM) = 53692kB [ 1006.557218] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1006.567924] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1006.576571] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1006.585487] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1006.594133] 37860 total pagecache pages [ 1006.598104] 0 pages in swap cache [ 1006.601592] Swap cache stats: add 0, delete 0, find 0/0 [ 1006.606946] Free swap = 0kB [ 1006.609951] Total swap = 0kB [ 1006.613004] 2097051 pages RAM [ 1006.616104] 0 pages HighMem/MovableOnly [ 1006.620069] 369649 pages reserved [ 1006.623540] 0 pages cma reserved [ 1006.626900] Unreclaimable slab info: [ 1006.630608] Name Used Total [ 1006.636211] pid_2 30KB 80KB [ 1006.641674] batadv_tt_change_cache 0KB 3KB [ 1006.647474] batadv_tl_cache 5KB 16KB [ 1006.652894] TIPC 12KB 37KB [ 1006.658258] SCTPv6 16KB 24KB [ 1006.663665] DCCPv6 17KB 30KB [ 1006.670627] DCCP 16KB 28KB [ 1006.676069] RXRPC 13KB 26KB [ 1006.681432] rxrpc_call_jar 90KB 102KB [ 1006.686823] bridge_fdb_cache 10KB 23KB [ 1006.692723] fib6_nodes 183KB 264KB [ 1006.698085] ip6_dst_cache 299KB 562KB [ 1006.706693] RAWv6 81KB 101KB [ 1006.712110] UDPv6 30KB 37KB [ 1006.717473] TCPv6 24KB 30KB [ 1006.726136] nf_conntrack 6KB 15KB [ 1006.731634] t10_alua_lu_gp_cache 0KB 3KB [ 1006.737264] sd_ext_cdb 0KB 7KB [ 1006.746258] scsi_sense_cache 1056KB 1060KB [ 1006.751659] virtio_scsi_cmd 16KB 16KB [ 1006.757019] sgpool-128 8KB 8KB [ 1006.765716] sgpool-64 4KB 12KB [ 1006.775729] sgpool-32 2KB 15KB [ 1006.781092] sgpool-16 1KB 7KB [ 1006.789696] sgpool-8 0KB 7KB [ 1006.797190] mqueue_inode_cache 12KB 30KB [ 1006.807353] bio_post_read_ctx 14KB 15KB [ 1006.815076] bio-2 14KB 15KB [ 1006.820439] jfs_mp 7KB 7KB [ 1006.829489] cifs_small_rq 15KB 16KB [ 1006.837250] cifs_request 67KB 67KB [ 1006.847278] cifs_mpx_ids 0KB 7KB [ 1006.854980] nfs_commit_data 3KB 14KB [ 1006.860341] nfs_write_data 34KB 44KB [ 1006.869269] ext4_system_zone 1KB 7KB [ 1006.878571] bio-1 1KB 7KB [ 1006.887393] pid_namespace 2KB 11KB [ 1006.896294] rpc_buffers 17KB 25KB [ 1006.905284] rpc_tasks 2KB 7KB [ 1006.910639] UNIX 811KB 832KB [ 1006.917661] tcp_bind_bucket 1KB 4KB [ 1006.927651] ip_fib_trie 27KB 43KB [ 1006.934826] ip_fib_alias 130KB 189KB [ 1006.940187] ip_dst_cache 7KB 20KB [ 1006.949049] RAW 48KB 60KB [ 1006.957552] UDP 54KB 67KB [ 1006.967514] TCP 8KB 16KB [ 1006.976417] hugetlbfs_inode_cache 3KB 15KB [ 1006.985635] fscache_cookie_jar 1KB 11KB [ 1006.991080] eventpoll_pwq 23KB 43KB [ 1006.998328] eventpoll_epi 43KB 66KB [ 1007.007012] inotify_inode_mark 23KB 39KB [ 1007.016139] request_queue 199KB 199KB [ 1007.024868] blkdev_requests 1KB 3KB [ 1007.030223] blkdev_ioc 23KB 38KB [ 1007.037452] bio-0 1208KB 1271KB [ 1007.047406] biovec-max 1584KB 1650KB [ 1007.054715] biovec-64 1077KB 1173KB [ 1007.060077] biovec-16 136KB 168KB [ 1007.069086] bio_integrity_payload 1KB 8KB [ 1007.077242] khugepaged_mm_slot 7KB 34KB [ 1007.085113] uid_cache 0KB 4KB [ 1007.090508] dmaengine-unmap-2 0KB 3KB [ 1007.098939] skbuff_fclone_cache 61KB 78KB [ 1007.107674] skbuff_head_cache 7428KB 7436KB [ 1007.116194] configfs_dir_cache 3KB 7KB [ 1007.128564] file_lock_cache 94KB 110KB [ 1007.135845] file_lock_ctx 9KB 11KB [ 1007.141192] fsnotify_mark_connector 12KB 23KB [ 1007.150354] net_namespace 61KB 61KB [ 1007.158971] shmem_inode_cache 8220KB 8252KB [ 1007.167823] task_delay_info 162KB 367KB [ 1007.174925] taskstats 51KB 65KB [ 1007.180278] proc_dir_entry 759KB 832KB [ 1007.189007] pde_opener 8KB 34KB [ 1007.195828] seq_file 275KB 476KB [ 1007.201184] sigqueue 58KB 66KB [ 1007.206568] kernfs_node_cache 18234KB 18242KB [ 1007.218735] mnt_cache 190KB 192KB [ 1007.226468] filp 6368KB 7545KB [ 1007.235235] names_cache 138775KB 138834KB [ 1007.240582] iint_cache 34KB 55KB [ 1007.250662] key_jar 23KB 135KB [ 1007.259329] uts_namespace 3KB 7KB [ 1007.264774] nsproxy 1KB 11KB [ 1007.270131] vm_area_struct 3215KB 3758KB [ 1007.276331] mm_struct 429KB 585KB [ 1007.283733] fs_cache 140KB 340KB [ 1007.289102] files_cache 520KB 705KB [ 1007.299447] signal_cache 1091KB 1559KB [ 1007.304875] sighand_cache 550KB 617KB [ 1007.310237] task_struct 5567KB 5624KB [ 1007.325881] cred_jar 1801KB 2500KB [ 1007.331262] anon_vma_chain 1119KB 1488KB [ 1007.336962] anon_vma 118KB 288KB [ 1007.346201] pid 83KB 224KB [ 1007.352285] Acpi-Operand 156KB 198KB [ 1007.357646] Acpi-ParseExt 9KB 11KB [ 1007.366420] Acpi-Parse 41KB 47KB [ 1007.374791] Acpi-State 52KB 63KB [ 1007.380146] Acpi-Namespace 20KB 27KB [ 1007.390739] numa_policy 0KB 3KB [ 1007.397612] debug_objects_cache 1441KB 1828KB [ 1007.407420] trace_event_file 297KB 298KB [ 1007.416105] ftrace_event_field 398KB 401KB [ 1007.426309] pool_workqueue 128KB 144KB [ 1007.434986] page->ptl 499KB 1000KB [ 1007.440377] kmalloc-2097152 2050KB 2050KB [ 1007.447746] kmalloc-524288 2056KB 2056KB [ 1007.456341] kmalloc-262144 1290KB 1290KB [ 1007.465046] kmalloc-131072 650KB 650KB [ 1007.470410] kmalloc-65536 2112KB 2178KB [ 1007.478406] kmalloc-32768 1815KB 1815KB [ 1007.487745] kmalloc-16384 1056KB 1122KB [ 1007.496629] kmalloc-8192 4463KB 4463KB [ 1007.502025] kmalloc-4096 21972KB 22023KB [ 1007.507379] kmalloc-2048 12448KB 13419KB [ 1007.516403] kmalloc-1024 9282KB 11946KB [ 1007.521811] kmalloc-512 15523KB 15592KB [ 1007.527172] kmalloc-256 4584KB 6030KB [ 1007.536234] kmalloc-128 966KB 1468KB [ 1007.541680] kmalloc-96 3452KB 4076KB [ 1007.547142] kmalloc-64 2413KB 3876KB [ 1007.555053] kmalloc-32 1845KB 2543KB [ 1007.560439] kmalloc-192 1707KB 2752KB [ 1007.575549] kmem_cache 177KB 183KB [ 1007.580914] Out of memory (oom_kill_allocating_task): Kill process 8087 (syz-fuzzer) score 0 or sacrifice child [ 1007.591214] Killed process 7957 (syz-executor.3) total-vm:48512kB, anon-rss:428kB, file-rss:0kB, shmem-rss:0kB [ 1007.601766] oom_reaper: reaped process 7957 (syz-executor.3), now anon-rss:0kB, file-rss:14336kB, shmem-rss:0kB [ 1007.615603] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1007.627124] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1007.631944] CPU: 1 PID: 8087 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 1007.639391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1007.648736] Call Trace: [ 1007.651324] dump_stack+0x1fc/0x2ef [ 1007.654952] dump_header+0x15d/0xc3f [ 1007.658668] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1007.663769] ? ___ratelimit+0x319/0x590 [ 1007.667748] oom_kill_process.cold+0x10/0x692 [ 1007.672246] ? check_preemption_disabled+0x41/0x280 [ 1007.677285] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1007.682576] out_of_memory+0x1072/0x1390 [ 1007.686656] ? oom_killer_disable+0x270/0x270 [ 1007.691152] ? mutex_trylock+0x15f/0x1a0 [ 1007.695217] __alloc_pages_nodemask+0x23a2/0x2890 [ 1007.700066] ? find_get_entry+0x4cd/0x8a0 [ 1007.704220] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1007.709081] alloc_pages_current+0x193/0x2a0 [ 1007.713484] filemap_fault+0x146e/0x2180 [ 1007.717553] ext4_filemap_fault+0x84/0xb0 [ 1007.721698] __do_fault+0x10b/0x4b0 [ 1007.725328] __handle_mm_fault+0x273b/0x41c0 [ 1007.729764] ? vm_insert_page+0x9c0/0x9c0 [ 1007.733911] ? __fget+0x356/0x510 [ 1007.737374] ? check_preemption_disabled+0x41/0x280 [ 1007.742399] handle_mm_fault+0x436/0xb10 [ 1007.746463] __do_page_fault+0x68e/0xd60 [ 1007.750541] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1007.755564] ? spurious_fault+0x840/0x840 [ 1007.759716] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1007.764562] ? page_fault+0x8/0x30 [ 1007.768114] page_fault+0x1e/0x30 [ 1007.771581] RIP: 0033:0x467800 [ 1007.774775] Code: Bad RIP value. [ 1007.778129] RSP: 002b:000000c00065b7e8 EFLAGS: 00010246 [ 1007.783486] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000467800 [ 1007.790755] RDX: 0000000000000080 RSI: 000000c00065b840 RDI: 0000000000000004 [ 1007.798022] RBP: 000000c00065be40 R08: 0000000000000000 R09: 000000e9beb31a15 [ 1007.805316] R10: 00000000000003e5 R11: 0000000000000246 R12: 000000c00065b870 [ 1007.812604] R13: 0000000000000000 R14: 000000c000450d00 R15: 0000000000000000 [ 1007.820347] Mem-Info: [ 1007.822807] active_anon:16751 inactive_anon:37248 isolated_anon:0 [ 1007.822807] active_file:12 inactive_file:12 isolated_file:0 [ 1007.822807] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1007.822807] slab_reclaimable:14100 slab_unreclaimable:120209 [ 1007.822807] mapped:22187 shmem:37836 pagetables:589 bounce:0 [ 1007.822807] free:25067 free_pcp:177 free_cma:0 [ 1007.856125] Node 0 active_anon:63952kB inactive_anon:51176kB active_file:44kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52740kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 20480kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1007.903805] Node 1 active_anon:3052kB inactive_anon:97816kB active_file:4kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2240kB dirty:0kB writeback:0kB shmem:98604kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1007.942059] Node 0 DMA free:10984kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1008.086308] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1008.111501] Node 0 DMA32 free:35980kB min:35996kB low:44992kB high:53988kB active_anon:63952kB inactive_anon:51176kB active_file:44kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:2016kB bounce:0kB free_pcp:196kB local_pcp:0kB free_cma:0kB [ 1008.221985] lowmem_reserve[]: 0 0 1 1 1 [ 1008.225998] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1008.263352] lowmem_reserve[]: 0 0 0 0 0 [ 1008.267352] Node 1 Normal free:53692kB min:53876kB low:67344kB high:80812kB active_anon:3052kB inactive_anon:97816kB active_file:4kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:480kB pagetables:340kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1008.326740] lowmem_reserve[]: 0 0 0 0 0 [ 1008.330738] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10984kB [ 1008.418155] Node 0 DMA32: 916*4kB (ME) 886*8kB (UME) 306*16kB (UME) 59*32kB (UME) 13*64kB (UME) 4*128kB (M) 5*256kB (M) 1*512kB (M) 1*1024kB (M) 7*2048kB (U) 0*4096kB = 36032kB [ 1008.455771] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1008.469396] Node 1 Normal: 311*4kB (ME) 263*8kB (ME) 207*16kB (UME) 98*32kB (UME) 24*64kB (UME) 17*128kB (UME) 5*256kB (UM) 0*512kB 2*1024kB (UE) 2*2048kB (UE) 8*4096kB (UM) = 53700kB [ 1008.493075] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1008.501959] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1008.518523] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1008.527587] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1008.543353] 37860 total pagecache pages [ 1008.547347] 0 pages in swap cache [ 1008.550792] Swap cache stats: add 0, delete 0, find 0/0 [ 1008.556217] Free swap = 0kB [ 1008.559236] Total swap = 0kB [ 1008.565869] 2097051 pages RAM [ 1008.568962] 0 pages HighMem/MovableOnly [ 1008.572966] 369649 pages reserved [ 1008.576420] 0 pages cma reserved [ 1008.579776] Unreclaimable slab info: [ 1008.590293] Name Used Total [ 1008.595860] pid_2 27KB 80KB [ 1008.601242] batadv_tt_change_cache 0KB 3KB [ 1008.610428] batadv_tl_cache 5KB 16KB [ 1008.617582] TIPC 12KB 37KB [ 1008.630560] SCTPv6 16KB 24KB [ 1008.635986] DCCPv6 17KB 30KB [ 1008.644990] DCCP 16KB 28KB [ 1008.650406] RXRPC 13KB 26KB [ 1008.655807] rxrpc_call_jar 90KB 102KB [ 1008.661168] bridge_fdb_cache 10KB 23KB [ 1008.668344] fib6_nodes 183KB 264KB [ 1008.673767] ip6_dst_cache 299KB 562KB [ 1008.679111] RAWv6 81KB 101KB [ 1008.687894] UDPv6 30KB 37KB [ 1008.697801] TCPv6 24KB 30KB [ 1008.707595] nf_conntrack 6KB 15KB [ 1008.716214] t10_alua_lu_gp_cache 0KB 3KB [ 1008.724849] sd_ext_cdb 0KB 7KB [ 1008.730215] scsi_sense_cache 1056KB 1060KB [ 1008.737760] virtio_scsi_cmd 16KB 16KB [ 1008.746918] sgpool-128 8KB 8KB [ 1008.755004] sgpool-64 4KB 12KB [ 1008.760355] sgpool-32 2KB 15KB [ 1008.768170] sgpool-16 1KB 7KB [ 1008.777875] sgpool-8 0KB 7KB [ 1008.786448] mqueue_inode_cache 12KB 30KB [ 1008.799835] bio_post_read_ctx 14KB 15KB [ 1008.805953] bio-2 14KB 15KB [ 1008.811310] jfs_mp 7KB 7KB [ 1008.821327] cifs_small_rq 15KB 16KB [ 1008.828488] cifs_request 67KB 67KB [ 1008.837271] cifs_mpx_ids 0KB 7KB [ 1008.846364] nfs_commit_data 3KB 14KB [ 1008.855256] nfs_write_data 34KB 44KB [ 1008.860641] ext4_system_zone 1KB 7KB [ 1008.869176] bio-1 1KB 7KB [ 1008.878064] pid_namespace 2KB 11KB [ 1008.887062] rpc_buffers 17KB 25KB [ 1008.895342] rpc_tasks 2KB 7KB [ 1008.900700] UNIX 811KB 832KB [ 1008.915358] tcp_bind_bucket 1KB 4KB [ 1008.920746] ip_fib_trie 27KB 43KB [ 1008.930959] ip_fib_alias 130KB 189KB [ 1008.939880] ip_dst_cache 7KB 20KB [ 1008.948003] RAW 48KB 60KB [ 1008.960751] UDP 54KB 67KB [ 1008.968844] TCP 8KB 16KB [ 1008.979543] hugetlbfs_inode_cache 3KB 15KB [ 1008.990592] fscache_cookie_jar 1KB 11KB [ 1008.997689] eventpoll_pwq 23KB 43KB [ 1009.014805] eventpoll_epi 43KB 66KB [ 1009.020166] inotify_inode_mark 21KB 39KB [ 1009.030338] request_queue 199KB 199KB [ 1009.040056] blkdev_requests 1KB 3KB [ 1009.048299] blkdev_ioc 23KB 38KB [ 1009.057262] bio-0 1208KB 1271KB [ 1009.067805] biovec-max 1584KB 1650KB [ 1009.076372] biovec-64 1077KB 1173KB [ 1009.088617] biovec-16 136KB 168KB [ 1009.099344] bio_integrity_payload 1KB 8KB [ 1009.109639] khugepaged_mm_slot 7KB 34KB [ 1009.117588] uid_cache 0KB 4KB [ 1009.130461] dmaengine-unmap-2 0KB 3KB [ 1009.138774] skbuff_fclone_cache 60KB 78KB [ 1009.146828] skbuff_head_cache 7597KB 7605KB [ 1009.157151] configfs_dir_cache 3KB 7KB [ 1009.166048] file_lock_cache 90KB 110KB [ 1009.174878] file_lock_ctx 9KB 11KB [ 1009.180254] fsnotify_mark_connector 11KB 23KB [ 1009.189741] net_namespace 61KB 61KB [ 1009.196744] shmem_inode_cache 8219KB 8252KB [ 1009.205575] task_delay_info 158KB 367KB [ 1009.210945] taskstats 47KB 65KB [ 1009.219793] proc_dir_entry 759KB 832KB [ 1009.226918] pde_opener 8KB 34KB [ 1009.235643] seq_file 272KB 472KB [ 1009.241001] sigqueue 58KB 66KB [ 1009.249899] kernfs_node_cache 18234KB 18242KB [ 1009.257357] mnt_cache 190KB 192KB [ 1009.266115] filp 6361KB 7545KB [ 1009.274976] names_cache 138766KB 138826KB [ 1009.280336] iint_cache 34KB 55KB [ 1009.287230] key_jar 23KB 135KB [ 1009.295659] uts_namespace 3KB 7KB [ 1009.301020] nsproxy 1KB 11KB [ 1009.309784] vm_area_struct 3213KB 3758KB [ 1009.316884] mm_struct 420KB 585KB [ 1009.325607] fs_cache 139KB 340KB [ 1009.335788] files_cache 510KB 701KB [ 1009.341156] signal_cache 1083KB 1559KB [ 1009.348231] sighand_cache 548KB 610KB [ 1009.356793] task_struct 5555KB 5624KB [ 1009.365676] cred_jar 1795KB 2500KB [ 1009.371033] anon_vma_chain 1116KB 1488KB [ 1009.378038] anon_vma 118KB 288KB [ 1009.386991] pid 83KB 224KB [ 1009.395918] Acpi-Operand 156KB 198KB [ 1009.401279] Acpi-ParseExt 9KB 11KB [ 1009.408347] Acpi-Parse 41KB 47KB [ 1009.417243] Acpi-State 52KB 63KB [ 1009.426164] Acpi-Namespace 20KB 27KB [ 1009.436249] numa_policy 0KB 3KB [ 1009.444666] debug_objects_cache 1441KB 1828KB [ 1009.450202] trace_event_file 297KB 298KB [ 1009.457200] ftrace_event_field 398KB 401KB [ 1009.466024] pool_workqueue 128KB 144KB [ 1009.474762] page->ptl 497KB 1000KB [ 1009.480155] kmalloc-2097152 2050KB 2050KB [ 1009.487297] kmalloc-524288 2056KB 2056KB [ 1009.496141] kmalloc-262144 1290KB 1290KB [ 1009.504690] kmalloc-131072 650KB 650KB [ 1009.510045] kmalloc-65536 2112KB 2178KB [ 1009.517183] kmalloc-32768 1815KB 1815KB [ 1009.526349] kmalloc-16384 1056KB 1122KB [ 1009.537075] kmalloc-8192 4463KB 4463KB [ 1009.545979] kmalloc-4096 21964KB 22023KB [ 1009.554863] kmalloc-2048 12437KB 13419KB [ 1009.560230] kmalloc-1024 9336KB 11946KB [ 1009.568303] kmalloc-512 15834KB 15903KB [ 1009.574853] kmalloc-256 4584KB 6030KB [ 1009.580217] kmalloc-128 965KB 1468KB [ 1009.587072] kmalloc-96 3482KB 4076KB [ 1009.594642] kmalloc-64 2413KB 3876KB [ 1009.600025] kmalloc-32 1845KB 2543KB [ 1009.607562] kmalloc-192 1707KB 2752KB [ 1009.614530] kmem_cache 177KB 183KB [ 1009.619893] Out of memory (oom_kill_allocating_task): Kill process 8087 (syz-fuzzer) score 0 or sacrifice child [ 1009.632920] Killed process 8221 (syz-executor.1) total-vm:48512kB, anon-rss:428kB, file-rss:0kB, shmem-rss:0kB [ 1009.666846] systemd-journal invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1009.679028] systemd-journal cpuset=/ mems_allowed=0-1 [ 1009.691195] CPU: 0 PID: 8612 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 [ 1009.699077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1009.708419] Call Trace: [ 1009.711075] dump_stack+0x1fc/0x2ef [ 1009.714686] dump_header+0x15d/0xc3f [ 1009.718383] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1009.723468] ? ___ratelimit+0x319/0x590 [ 1009.727429] oom_kill_process.cold+0x10/0x692 [ 1009.731911] ? check_preemption_disabled+0x41/0x280 [ 1009.736925] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1009.742201] out_of_memory+0x1072/0x1390 [ 1009.746247] ? oom_killer_disable+0x270/0x270 [ 1009.750741] ? mutex_trylock+0x15f/0x1a0 [ 1009.754796] __alloc_pages_nodemask+0x23a2/0x2890 [ 1009.761099] ? find_get_entry+0x4cd/0x8a0 [ 1009.765234] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1009.770072] alloc_pages_current+0x193/0x2a0 [ 1009.774991] filemap_fault+0x146e/0x2180 [ 1009.779040] ext4_filemap_fault+0x84/0xb0 [ 1009.783169] __do_fault+0x10b/0x4b0 [ 1009.786776] __handle_mm_fault+0x273b/0x41c0 [ 1009.791162] ? vm_insert_page+0x9c0/0x9c0 [ 1009.795292] ? check_preemption_disabled+0x41/0x280 [ 1009.800293] handle_mm_fault+0x436/0xb10 [ 1009.804340] __do_page_fault+0x68e/0xd60 [ 1009.808470] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1009.813466] ? spurious_fault+0x840/0x840 [ 1009.817595] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1009.822419] ? page_fault+0x8/0x30 [ 1009.825940] page_fault+0x1e/0x30 [ 1009.829376] RIP: 0033:0x7f862480421d [ 1009.833073] Code: Bad RIP value. [ 1009.836516] RSP: 002b:00007ffc344c8e60 EFLAGS: 00010207 [ 1009.841860] RAX: 0000000000000001 RBX: 0000564fd4cfe1e0 RCX: 00007f8623e292e3 [ 1009.849117] RDX: 0000000000000013 RSI: 00007ffc344c8e60 RDI: 000000000000000c [ 1009.856366] RBP: 00007ffc344c9050 R08: 00007ffc345f2000 R09: 0000010049df0237 [ 1009.863611] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc344c8e60 [ 1009.870866] R13: 0000000000000001 R14: ffffffffffffffff R15: 0005f44f67f7f931 [ 1009.896482] Mem-Info: [ 1009.898936] active_anon:16721 inactive_anon:37248 isolated_anon:0 [ 1009.898936] active_file:12 inactive_file:12 isolated_file:0 [ 1009.898936] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1009.898936] slab_reclaimable:14074 slab_unreclaimable:120304 [ 1009.898936] mapped:22187 shmem:37836 pagetables:562 bounce:0 [ 1009.898936] free:25063 free_pcp:170 free_cma:0 [ 1009.937136] Node 0 active_anon:63836kB inactive_anon:51176kB active_file:44kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52740kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 20480kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1009.975773] Node 1 active_anon:3048kB inactive_anon:97816kB active_file:4kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2240kB dirty:0kB writeback:0kB shmem:98604kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1010.009855] Node 0 DMA free:10984kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1010.042569] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1010.047594] Node 0 DMA32 free:35560kB min:35996kB low:44992kB high:53988kB active_anon:63836kB inactive_anon:51176kB active_file:44kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7456kB pagetables:1908kB bounce:0kB free_pcp:624kB local_pcp:496kB free_cma:0kB [ 1010.080127] lowmem_reserve[]: 0 0 1 1 1 [ 1010.097492] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1010.125023] lowmem_reserve[]: 0 0 0 0 0 [ 1010.128988] Node 1 Normal free:53700kB min:53876kB low:67344kB high:80812kB active_anon:3048kB inactive_anon:97816kB active_file:4kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:480kB pagetables:340kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 1010.160739] lowmem_reserve[]: 0 0 0 0 0 [ 1010.167019] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10984kB [ 1010.182693] Node 0 DMA32: 916*4kB (ME) 891*8kB (UME) 302*16kB (ME) 56*32kB (UME) 13*64kB (UME) 4*128kB (M) 6*256kB (UM) 2*512kB (UM) 2*1024kB (UM) 6*2048kB (U) 0*4096kB = 35656kB [ 1010.198847] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1010.212042] Node 1 Normal: 311*4kB (ME) 263*8kB (ME) 207*16kB (UME) 98*32kB (UME) 24*64kB (UME) 17*128kB (UME) 5*256kB (UM) 0*512kB 2*1024kB (UE) 2*2048kB (UE) 8*4096kB (UM) = 53700kB [ 1010.228634] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1010.238723] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1010.250759] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1010.266183] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1010.274813] 37860 total pagecache pages [ 1010.278786] 0 pages in swap cache [ 1010.288893] Swap cache stats: add 0, delete 0, find 0/0 [ 1010.294482] Free swap = 0kB [ 1010.297489] Total swap = 0kB [ 1010.300495] 2097051 pages RAM [ 1010.310971] 0 pages HighMem/MovableOnly [ 1010.316782] 369649 pages reserved [ 1010.320234] 0 pages cma reserved [ 1010.330801] Unreclaimable slab info: [ 1010.337974] Name Used Total [ 1010.344296] pid_2 27KB 80KB [ 1010.349725] batadv_tt_change_cache 0KB 3KB [ 1010.367129] batadv_tl_cache 5KB 16KB [ 1010.376267] TIPC 12KB 37KB [ 1010.384643] SCTPv6 16KB 24KB [ 1010.390015] DCCPv6 17KB 30KB [ 1010.399265] DCCP 16KB 28KB [ 1010.405689] RXRPC 13KB 26KB [ 1010.411048] rxrpc_call_jar 90KB 102KB [ 1010.421132] bridge_fdb_cache 10KB 23KB [ 1010.429740] fib6_nodes 183KB 264KB [ 1010.440454] ip6_dst_cache 308KB 562KB [ 1010.448473] RAWv6 81KB 101KB [ 1010.467971] UDPv6 30KB 37KB [ 1010.476904] TCPv6 24KB 30KB [ 1010.488130] nf_conntrack 12KB 15KB [ 1010.498895] t10_alua_lu_gp_cache 0KB 3KB [ 1010.508194] sd_ext_cdb 0KB 7KB [ 1010.518098] scsi_sense_cache 1056KB 1060KB [ 1010.528669] virtio_scsi_cmd 16KB 16KB [ 1010.536406] sgpool-128 8KB 8KB [ 1010.548791] sgpool-64 4KB 12KB [ 1010.557630] sgpool-32 2KB 15KB [ 1010.567816] sgpool-16 1KB 7KB [ 1010.576815] sgpool-8 0KB 7KB [ 1010.586570] mqueue_inode_cache 12KB 30KB [ 1010.594686] bio_post_read_ctx 14KB 15KB [ 1010.600115] bio-2 14KB 15KB [ 1010.608898] jfs_mp 7KB 7KB [ 1010.617674] cifs_small_rq 15KB 16KB [ 1010.626406] cifs_request 67KB 67KB [ 1010.635241] cifs_mpx_ids 0KB 7KB [ 1010.640606] nfs_commit_data 3KB 14KB [ 1010.648221] nfs_write_data 34KB 44KB [ 1010.654589] ext4_system_zone 1KB 7KB [ 1010.659977] bio-1 1KB 7KB [ 1010.670463] pid_namespace 2KB 11KB [ 1010.678116] rpc_buffers 17KB 25KB [ 1010.684382] rpc_tasks 2KB 7KB [ 1010.689746] UNIX 811KB 832KB [ 1010.698935] tcp_bind_bucket 1KB 4KB [ 1010.707779] ip_fib_trie 27KB 43KB [ 1010.716716] ip_fib_alias 130KB 189KB [ 1010.725565] ip_dst_cache 7KB 20KB [ 1010.730945] RAW 48KB 60KB [ 1010.738749] UDP 54KB 67KB [ 1010.754905] TCP 8KB 16KB [ 1010.760277] hugetlbfs_inode_cache 3KB 15KB [ 1010.778177] fscache_cookie_jar 1KB 11KB [ 1010.785948] eventpoll_pwq 23KB 43KB [ 1010.798215] eventpoll_epi 43KB 66KB [ 1010.805344] inotify_inode_mark 21KB 39KB [ 1010.810780] request_queue 199KB 199KB [ 1010.821103] blkdev_requests 1KB 3KB [ 1010.831299] blkdev_ioc 23KB 38KB [ 1010.836676] bio-0 1208KB 1271KB [ 1010.851192] biovec-max 1584KB 1650KB [ 1010.860198] biovec-64 1072KB 1173KB [ 1010.866914] biovec-16 136KB 168KB [ 1010.885866] bio_integrity_payload 1KB 8KB [ 1010.894932] khugepaged_mm_slot 6KB 34KB [ 1010.900403] uid_cache 0KB 4KB [ 1010.908880] dmaengine-unmap-2 0KB 3KB [ 1010.919322] skbuff_fclone_cache 60KB 78KB [ 1010.924944] skbuff_head_cache 7747KB 7755KB [ 1010.930301] configfs_dir_cache 3KB 7KB [ 1010.940171] file_lock_cache 90KB 106KB [ 1010.948748] file_lock_ctx 9KB 11KB [ 1010.957536] fsnotify_mark_connector 11KB 23KB [ 1010.969124] net_namespace 61KB 61KB [ 1010.979149] shmem_inode_cache 8218KB 8252KB [ 1010.987512] task_delay_info 158KB 367KB [ 1010.997897] taskstats 45KB 65KB [ 1011.003335] proc_dir_entry 759KB 832KB [ 1011.008691] pde_opener 8KB 34KB [ 1011.021051] seq_file 272KB 472KB [ 1011.026501] sigqueue 58KB 66KB [ 1011.037952] kernfs_node_cache 18234KB 18242KB [ 1011.054286] mnt_cache 190KB 192KB [ 1011.059647] filp 6342KB 7545KB [ 1011.065048] names_cache 138758KB 138809KB [ 1011.071489] iint_cache 34KB 55KB [ 1011.076861] key_jar 23KB 135KB [ 1011.082632] uts_namespace 3KB 7KB [ 1011.087993] nsproxy 1KB 11KB [ 1011.093413] vm_area_struct 3198KB 3758KB [ 1011.098776] mm_struct 419KB 585KB [ 1011.104203] fs_cache 138KB 336KB [ 1011.109554] files_cache 510KB 701KB [ 1011.114952] signal_cache 1082KB 1559KB [ 1011.120314] sighand_cache 548KB 610KB [ 1011.132669] task_struct 5542KB 5599KB [ 1011.138029] cred_jar 1793KB 2500KB [ 1011.146860] anon_vma_chain 1103KB 1488KB [ 1011.168050] anon_vma 116KB 288KB [ 1011.180558] pid 83KB 224KB [ 1011.190487] Acpi-Operand 156KB 198KB [ 1011.199371] Acpi-ParseExt 9KB 11KB [ 1011.204797] Acpi-Parse 41KB 47KB [ 1011.210151] Acpi-State 52KB 63KB [ 1011.219005] Acpi-Namespace 20KB 27KB [ 1011.225859] numa_policy 0KB 3KB [ 1011.234600] debug_objects_cache 1441KB 1828KB [ 1011.240164] trace_event_file 297KB 298KB [ 1011.249194] ftrace_event_field 398KB 401KB [ 1011.255322] pool_workqueue 128KB 144KB [ 1011.260687] page->ptl 487KB 1000KB [ 1011.268223] kmalloc-2097152 2050KB 2050KB [ 1011.278970] kmalloc-524288 2056KB 2056KB [ 1011.288511] kmalloc-262144 1290KB 1290KB [ 1011.295691] kmalloc-131072 650KB 650KB [ 1011.301060] kmalloc-65536 2112KB 2178KB [ 1011.310221] kmalloc-32768 1815KB 1815KB [ 1011.319294] kmalloc-16384 1056KB 1122KB [ 1011.335463] kmalloc-8192 4463KB 4463KB [ 1011.340884] kmalloc-4096 21955KB 22006KB [ 1011.347045] kmalloc-2048 12429KB 13419KB [ 1011.354923] kmalloc-1024 9390KB 11946KB [ 1011.360295] kmalloc-512 16096KB 16166KB [ 1011.369016] kmalloc-256 4601KB 6030KB [ 1011.377656] kmalloc-128 965KB 1468KB [ 1011.389217] kmalloc-96 3504KB 4076KB [ 1011.395822] kmalloc-64 2410KB 3876KB [ 1011.407659] kmalloc-32 1852KB 2543KB [ 1011.416265] kmalloc-192 1707KB 2752KB [ 1011.428726] kmem_cache 177KB 183KB [ 1011.437932] Out of memory (oom_kill_allocating_task): Kill process 8612 (systemd-journal) score 0 or sacrifice child [ 1011.453117] Killed process 8612 (systemd-journal) total-vm:46096kB, anon-rss:492kB, file-rss:0kB, shmem-rss:2200kB [ 1011.470229] oom_reaper: reaped process 8612 (systemd-journal), now anon-rss:0kB, file-rss:0kB, shmem-rss:2200kB [ 1011.789260] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1011.806824] in:imklog cpuset=/ mems_allowed=0-1 [ 1011.815641] CPU: 0 PID: 8946 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 1011.823006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1011.832358] Call Trace: [ 1011.834947] dump_stack+0x1fc/0x2ef [ 1011.838577] dump_header+0x15d/0xc3f [ 1011.842312] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1011.847408] ? ___ratelimit+0x319/0x590 [ 1011.851396] oom_kill_process.cold+0x10/0x692 [ 1011.855892] ? check_preemption_disabled+0x41/0x280 [ 1011.860910] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1011.866187] out_of_memory+0x1072/0x1390 [ 1011.870264] ? oom_killer_disable+0x270/0x270 [ 1011.874792] ? mutex_trylock+0x15f/0x1a0 [ 1011.878857] __alloc_pages_nodemask+0x23a2/0x2890 [ 1011.883704] ? find_get_entry+0x4cd/0x8a0 [ 1011.887858] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1011.892812] alloc_pages_current+0x193/0x2a0 [ 1011.897221] filemap_fault+0x146e/0x2180 [ 1011.901300] ext4_filemap_fault+0x84/0xb0 [ 1011.905429] __do_fault+0x10b/0x4b0 [ 1011.909061] ? do_raw_spin_unlock+0x171/0x230 [ 1011.913556] __handle_mm_fault+0x273b/0x41c0 [ 1011.917964] ? vm_insert_page+0x9c0/0x9c0 [ 1011.922123] ? check_preemption_disabled+0x41/0x280 [ 1011.927133] handle_mm_fault+0x436/0xb10 [ 1011.931182] __do_page_fault+0x68e/0xd60 [ 1011.935249] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1011.940245] ? spurious_fault+0x840/0x840 [ 1011.944389] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1011.949233] ? page_fault+0x8/0x30 [ 1011.952769] page_fault+0x1e/0x30 [ 1011.956206] RIP: 0033:0x7f86f5782ca0 [ 1011.959898] Code: Bad RIP value. [ 1011.963247] RSP: 002b:00007f86f4079438 EFLAGS: 00010246 [ 1011.968584] RAX: 0000000000000000 RBX: 00007f86e8000020 RCX: 0000000000000004 [ 1011.975837] RDX: 000000000000003e RSI: 0000000000000260 RDI: 00007f86e8000020 [ 1011.983097] RBP: 0000000000000260 R08: 00007f86f5856940 R09: 0000000004000001 [ 1011.990356] R10: 0000000000000001 R11: 0000000000000000 R12: 00007f86f4079da0 [ 1011.997611] R13: 00007f86f4079da3 R14: 0000000000001f9f R15: 00007f86f4079e24 [ 1012.102643] Mem-Info: [ 1012.105093] active_anon:16599 inactive_anon:37247 isolated_anon:0 [ 1012.105093] active_file:19 inactive_file:0 isolated_file:0 [ 1012.105093] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1012.105093] slab_reclaimable:14069 slab_unreclaimable:119522 [ 1012.105093] mapped:21644 shmem:37836 pagetables:537 bounce:0 [ 1012.105093] free:25015 free_pcp:60 free_cma:0 [ 1012.140033] Node 0 active_anon:63840kB inactive_anon:51176kB active_file:80kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86536kB dirty:0kB writeback:0kB shmem:52740kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 20480kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1012.180642] Node 1 active_anon:2556kB inactive_anon:97812kB active_file:0kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:40kB dirty:0kB writeback:0kB shmem:98604kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1012.214577] Node 0 DMA free:10984kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1012.250754] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1012.255829] Node 0 DMA32 free:35444kB min:35996kB low:44992kB high:53988kB active_anon:63840kB inactive_anon:51176kB active_file:60kB inactive_file:8kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1908kB bounce:0kB free_pcp:216kB local_pcp:0kB free_cma:0kB [ 1012.289549] lowmem_reserve[]: 0 0 1 1 1 [ 1012.293568] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1012.328619] lowmem_reserve[]: 0 0 0 0 0 [ 1012.332672] Node 1 Normal free:53412kB min:53876kB low:67344kB high:80812kB active_anon:2556kB inactive_anon:97812kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:240kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1012.371662] lowmem_reserve[]: 0 0 0 0 0 [ 1012.375652] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10984kB [ 1012.390585] Node 0 DMA32: 934*4kB (ME) 875*8kB (ME) 315*16kB (UME) 57*32kB (UME) 14*64kB (UME) 5*128kB (UM) 5*256kB (M) 2*512kB (UM) 2*1024kB (UM) 6*2048kB (U) 0*4096kB = 35776kB [ 1012.412889] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1012.434804] Node 1 Normal: 264*4kB (ME) 230*8kB (UME) 180*16kB (ME) 98*32kB (ME) 34*64kB (ME) 18*128kB (UME) 4*256kB (M) 1*512kB (M) 2*1024kB (UE) 2*2048kB (UE) 8*4096kB (UM) = 53840kB [ 1012.455477] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1012.480269] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1012.501017] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1012.521882] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1012.530471] 37881 total pagecache pages [ 1012.537186] 0 pages in swap cache [ 1012.540652] Swap cache stats: add 0, delete 0, find 0/0 [ 1012.551961] Free swap = 0kB [ 1012.554979] Total swap = 0kB [ 1012.557994] 2097051 pages RAM [ 1012.561077] 0 pages HighMem/MovableOnly [ 1012.567948] 369649 pages reserved [ 1012.574815] 0 pages cma reserved [ 1012.578178] Unreclaimable slab info: [ 1012.588588] Name Used Total [ 1012.596157] pid_2 27KB 80KB [ 1012.610179] batadv_tt_change_cache 0KB 3KB [ 1012.619613] batadv_tl_cache 5KB 16KB [ 1012.627001] TIPC 12KB 37KB [ 1012.634915] SCTPv6 16KB 24KB [ 1012.640375] DCCPv6 17KB 30KB [ 1012.645788] DCCP 16KB 28KB [ 1012.654715] RXRPC 13KB 26KB [ 1012.660079] rxrpc_call_jar 90KB 102KB [ 1012.665481] bridge_fdb_cache 10KB 23KB [ 1012.670842] fib6_nodes 183KB 264KB [ 1012.679684] ip6_dst_cache 306KB 562KB [ 1012.685107] RAWv6 81KB 101KB [ 1012.690470] UDPv6 30KB 37KB [ 1012.699220] TCPv6 24KB 30KB [ 1012.704687] nf_conntrack 7KB 15KB [ 1012.715508] t10_alua_lu_gp_cache 0KB 3KB [ 1012.721187] sd_ext_cdb 0KB 7KB [ 1012.726548] scsi_sense_cache 1056KB 1060KB [ 1012.735614] virtio_scsi_cmd 16KB 16KB [ 1012.740984] sgpool-128 8KB 8KB [ 1012.746383] sgpool-64 4KB 12KB [ 1012.755287] sgpool-32 2KB 15KB [ 1012.760650] sgpool-16 1KB 7KB [ 1012.766151] sgpool-8 0KB 7KB [ 1012.776975] mqueue_inode_cache 12KB 30KB [ 1012.783374] bio_post_read_ctx 14KB 15KB [ 1012.788890] bio-2 14KB 15KB [ 1012.800102] jfs_mp 7KB 7KB [ 1012.805531] cifs_small_rq 15KB 16KB [ 1012.824869] cifs_request 67KB 67KB [ 1012.830244] cifs_mpx_ids 0KB 7KB [ 1012.839399] nfs_commit_data 3KB 14KB [ 1012.848821] nfs_write_data 34KB 44KB [ 1012.866143] ext4_system_zone 1KB 7KB [ 1012.874729] bio-1 1KB 7KB [ 1012.880080] pid_namespace 2KB 11KB [ 1012.889843] rpc_buffers 17KB 25KB [ 1012.910774] rpc_tasks 2KB 7KB [ 1012.917444] UNIX 811KB 832KB [ 1012.930324] tcp_bind_bucket 1KB 4KB [ 1012.935765] ip_fib_trie 27KB 43KB [ 1012.951257] ip_fib_alias 130KB 189KB [ 1012.956625] ip_dst_cache 7KB 20KB [ 1012.965979] RAW 48KB 60KB [ 1012.977570] UDP 54KB 67KB [ 1012.985607] TCP 8KB 16KB [ 1012.990970] hugetlbfs_inode_cache 3KB 15KB [ 1013.002016] fscache_cookie_jar 1KB 11KB [ 1013.007484] eventpoll_pwq 23KB 43KB [ 1013.025557] eventpoll_epi 42KB 66KB [ 1013.031015] inotify_inode_mark 20KB 39KB [ 1013.038171] request_queue 199KB 199KB [ 1013.046841] blkdev_requests 1KB 3KB [ 1013.067935] blkdev_ioc 28KB 38KB [ 1013.076544] bio-0 1225KB 1271KB [ 1013.088204] biovec-max 1584KB 1650KB [ 1013.107790] biovec-64 1126KB 1173KB [ 1013.113198] biovec-16 150KB 168KB [ 1013.118556] bio_integrity_payload 1KB 8KB [ 1013.127623] khugepaged_mm_slot 6KB 34KB [ 1013.136711] uid_cache 0KB 4KB [ 1013.148571] dmaengine-unmap-2 0KB 3KB [ 1013.158441] skbuff_fclone_cache 60KB 78KB [ 1013.169480] skbuff_head_cache 7942KB 7950KB [ 1013.177750] configfs_dir_cache 3KB 7KB [ 1013.197642] file_lock_cache 89KB 106KB [ 1013.203041] file_lock_ctx 9KB 11KB [ 1013.208385] fsnotify_mark_connector 10KB 23KB [ 1013.228502] net_namespace 61KB 61KB [ 1013.233944] shmem_inode_cache 8217KB 8252KB [ 1013.239300] task_delay_info 157KB 367KB [ 1013.258945] taskstats 44KB 65KB [ 1013.264364] proc_dir_entry 759KB 832KB [ 1013.269720] pde_opener 8KB 34KB [ 1013.289183] seq_file 269KB 472KB [ 1013.294583] sigqueue 58KB 66KB [ 1013.299926] kernfs_node_cache 18234KB 18242KB [ 1013.319561] mnt_cache 190KB 192KB [ 1013.324969] filp 6335KB 7545KB [ 1013.330322] names_cache 136947KB 136998KB [ 1013.349713] iint_cache 34KB 55KB [ 1013.358715] key_jar 23KB 135KB [ 1013.377862] uts_namespace 3KB 7KB [ 1013.383296] nsproxy 1KB 11KB [ 1013.388650] vm_area_struct 3196KB 3758KB [ 1013.407846] mm_struct 417KB 585KB [ 1013.413229] fs_cache 137KB 336KB [ 1013.418574] files_cache 509KB 701KB [ 1013.440774] signal_cache 1081KB 1559KB [ 1013.449640] sighand_cache 548KB 610KB [ 1013.457640] task_struct 5542KB 5599KB [ 1013.468851] cred_jar 1787KB 2500KB [ 1013.474333] anon_vma_chain 1102KB 1488KB [ 1013.479696] anon_vma 110KB 288KB [ 1013.487818] pid 83KB 224KB [ 1013.498816] Acpi-Operand 156KB 198KB [ 1013.507563] Acpi-ParseExt 9KB 11KB [ 1013.507574] Acpi-Parse 41KB 47KB [ 1013.507584] Acpi-State 52KB 63KB [ 1013.507593] Acpi-Namespace 20KB 27KB [ 1013.507604] numa_policy 0KB 3KB [ 1013.507618] debug_objects_cache 1441KB 1828KB [ 1013.507626] trace_event_file 297KB 298KB [ 1013.507634] ftrace_event_field 398KB 401KB [ 1013.553140] pool_workqueue 128KB 144KB [ 1013.558512] page->ptl 485KB 1000KB [ 1013.568773] kmalloc-2097152 2050KB 2050KB [ 1013.574252] kmalloc-524288 2056KB 2056KB [ 1013.579613] kmalloc-262144 1290KB 1290KB [ 1013.585040] kmalloc-131072 650KB 650KB [ 1013.590397] kmalloc-65536 2112KB 2178KB [ 1013.595812] kmalloc-32768 1815KB 1815KB [ 1013.601227] kmalloc-16384 1056KB 1122KB [ 1013.606583] kmalloc-8192 4463KB 4463KB [ 1013.611991] kmalloc-4096 21853KB 21913KB [ 1013.617351] kmalloc-2048 12427KB 13419KB [ 1013.622751] kmalloc-1024 9444KB 11946KB [ 1013.628113] kmalloc-512 16430KB 16500KB [ 1013.634531] kmalloc-256 4601KB 6030KB [ 1013.639896] kmalloc-128 965KB 1468KB [ 1013.645311] kmalloc-96 3542KB 4076KB [ 1013.650664] kmalloc-64 2410KB 3876KB [ 1013.656063] kmalloc-32 1856KB 2543KB [ 1013.661480] kmalloc-192 1707KB 2752KB [ 1013.666837] kmem_cache 177KB 183KB [ 1013.672246] Out of memory (oom_kill_allocating_task): Kill process 8946 (in:imklog) score 0 or sacrifice child [ 1013.682465] Killed process 8944 (rsyslogd) total-vm:254332kB, anon-rss:720kB, file-rss:0kB, shmem-rss:0kB [ 1013.693918] oom_reaper: reaped process 8944 (rsyslogd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1013.752296] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1013.811969] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1013.816772] CPU: 1 PID: 8081 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 1013.824312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1013.833667] Call Trace: [ 1013.836248] dump_stack+0x1fc/0x2ef [ 1013.839863] dump_header+0x15d/0xc3f [ 1013.843562] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1013.848644] ? ___ratelimit+0x319/0x590 [ 1013.852601] oom_kill_process.cold+0x10/0x692 [ 1013.857098] ? check_preemption_disabled+0x41/0x280 [ 1013.862106] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1013.867381] out_of_memory+0x1072/0x1390 [ 1013.871456] ? oom_killer_disable+0x270/0x270 [ 1013.875938] ? mutex_trylock+0x15f/0x1a0 [ 1013.879989] __alloc_pages_nodemask+0x23a2/0x2890 [ 1013.884852] ? find_get_entry+0x4cd/0x8a0 [ 1013.888999] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1013.893842] alloc_pages_current+0x193/0x2a0 [ 1013.898236] filemap_fault+0x146e/0x2180 [ 1013.902291] ext4_filemap_fault+0x84/0xb0 [ 1013.906446] __do_fault+0x10b/0x4b0 [ 1013.910057] ? do_raw_spin_unlock+0x171/0x230 [ 1013.914622] __handle_mm_fault+0x273b/0x41c0 [ 1013.919017] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1013.924109] ? vm_insert_page+0x9c0/0x9c0 [ 1013.928248] ? check_preemption_disabled+0x41/0x280 [ 1013.933250] handle_mm_fault+0x436/0xb10 [ 1013.937297] __do_page_fault+0x68e/0xd60 [ 1013.941341] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1013.946336] ? spurious_fault+0x840/0x840 [ 1013.950469] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1013.955297] ? page_fault+0x8/0x30 [ 1013.958818] page_fault+0x1e/0x30 [ 1013.962257] RIP: 0033:0x43ad40 [ 1013.965431] Code: Bad RIP value. [ 1013.968784] RSP: 002b:000000c00005ff28 EFLAGS: 00010206 [ 1013.974144] RAX: 0000000000000000 RBX: 0000000000002710 RCX: 000000000046703d [ 1013.981427] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000c00005ff10 [ 1013.988676] RBP: 000000c00005ff88 R08: 0000000000031ef3 R09: 00000103f5afee4a [ 1013.995925] R10: 0017a65a64e1844c R11: 0000000000000202 R12: 000000c00005fe48 [ 1014.003172] R13: 000000c0006c8800 R14: 000000c0000004e0 R15: 00007f1ca264e834 [ 1014.032187] Mem-Info: [ 1014.040658] active_anon:16380 inactive_anon:37247 isolated_anon:0 [ 1014.040658] active_file:14 inactive_file:35 isolated_file:0 [ 1014.040658] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1014.040658] slab_reclaimable:14067 slab_unreclaimable:119644 [ 1014.040658] mapped:21647 shmem:37836 pagetables:507 bounce:0 [ 1014.040658] free:24978 free_pcp:62 free_cma:0 [ 1014.079795] Node 0 active_anon:63832kB inactive_anon:51176kB active_file:56kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86504kB dirty:0kB writeback:0kB shmem:52740kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 20480kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1014.111932] Node 1 active_anon:1688kB inactive_anon:97812kB active_file:0kB inactive_file:112kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:84kB dirty:0kB writeback:0kB shmem:98604kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1014.183627] Node 0 DMA free:10984kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1014.333885] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1014.338937] Node 0 DMA32 free:35020kB min:35996kB low:44992kB high:53988kB active_anon:63832kB inactive_anon:51176kB active_file:44kB inactive_file:24kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:1908kB bounce:0kB free_pcp:476kB local_pcp:248kB free_cma:0kB [ 1014.400345] lowmem_reserve[]: 0 0 1 1 1 [ 1014.432173] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1014.560938] lowmem_reserve[]: 0 0 0 0 0 [ 1014.565018] Node 1 Normal free:53536kB min:53876kB low:67344kB high:80812kB active_anon:1688kB inactive_anon:97812kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:120kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 1014.682346] lowmem_reserve[]: 0 0 0 0 0 [ 1014.686351] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10984kB [ 1014.706123] Node 0 DMA32: 939*4kB (UME) 876*8kB (UME) 306*16kB (UME) 57*32kB (UME) 12*64kB (ME) 5*128kB (UM) 5*256kB (M) 1*512kB (M) 2*1024kB (UM) 6*2048kB (U) 0*4096kB = 35020kB [ 1014.781309] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 1014.795328] Node 1 Normal: 84*4kB (ME) 199*8kB (UME) 170*16kB (UME) 110*32kB (UME) 40*64kB (UME) 18*128kB (ME) 7*256kB (M) 2*512kB (UM) 1*1024kB (E) 2*2048kB (UE) 8*4096kB (UM) = 53736kB [ 1014.818038] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1014.829428] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1014.838055] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1014.846931] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1014.855534] 38043 total pagecache pages [ 1014.859514] 0 pages in swap cache [ 1014.863027] Swap cache stats: add 0, delete 0, find 0/0 [ 1014.868380] Free swap = 0kB [ 1014.875165] Total swap = 0kB [ 1014.878195] 2097051 pages RAM [ 1014.885508] 0 pages HighMem/MovableOnly [ 1014.889488] 369649 pages reserved [ 1014.893911] 0 pages cma reserved [ 1014.897270] Unreclaimable slab info: [ 1014.904953] Name Used Total [ 1014.910579] pid_2 27KB 80KB [ 1014.916905] batadv_tt_change_cache 0KB 3KB [ 1014.926777] batadv_tl_cache 5KB 16KB [ 1014.932934] TIPC 12KB 37KB [ 1014.938301] SCTPv6 16KB 24KB [ 1014.948397] DCCPv6 17KB 30KB [ 1014.954500] DCCP 16KB 28KB [ 1014.959896] RXRPC 13KB 26KB [ 1014.972291] rxrpc_call_jar 90KB 102KB [ 1014.977660] bridge_fdb_cache 10KB 23KB [ 1014.984578] fib6_nodes 183KB 264KB [ 1014.989922] ip6_dst_cache 314KB 562KB [ 1014.996222] RAWv6 81KB 101KB [ 1015.001781] UDPv6 30KB 37KB [ 1015.007133] TCPv6 24KB 30KB [ 1015.012576] nf_conntrack 6KB 15KB [ 1015.017968] t10_alua_lu_gp_cache 0KB 3KB [ 1015.023629] sd_ext_cdb 0KB 7KB [ 1015.028982] scsi_sense_cache 1056KB 1060KB [ 1015.034346] virtio_scsi_cmd 16KB 16KB [ 1015.039688] sgpool-128 8KB 8KB [ 1015.045080] sgpool-64 4KB 12KB [ 1015.050420] sgpool-32 2KB 15KB [ 1015.055783] sgpool-16 1KB 7KB [ 1015.061478] sgpool-8 0KB 7KB [ 1015.067867] mqueue_inode_cache 12KB 30KB [ 1015.073360] bio_post_read_ctx 14KB 15KB [ 1015.078746] bio-2 14KB 15KB [ 1015.084201] jfs_mp 7KB 7KB [ 1015.090155] cifs_small_rq 15KB 16KB [ 1015.102607] cifs_request 67KB 67KB [ 1015.107983] cifs_mpx_ids 0KB 7KB [ 1015.121063] nfs_commit_data 3KB 14KB [ 1015.126433] nfs_write_data 34KB 44KB [ 1015.131883] ext4_system_zone 1KB 7KB [ 1015.137258] bio-1 1KB 7KB [ 1015.142695] pid_namespace 2KB 11KB [ 1015.148069] rpc_buffers 17KB 25KB [ 1015.153466] rpc_tasks 2KB 7KB [ 1015.158825] UNIX 811KB 832KB [ 1015.164265] tcp_bind_bucket 1KB 4KB [ 1015.171606] ip_fib_trie 27KB 43KB [ 1015.176984] ip_fib_alias 130KB 189KB [ 1015.182580] ip_dst_cache 6KB 20KB [ 1015.187938] RAW 48KB 60KB [ 1015.193328] UDP 54KB 67KB [ 1015.198679] TCP 8KB 16KB [ 1015.220973] hugetlbfs_inode_cache 3KB 15KB [ 1015.226693] fscache_cookie_jar 1KB 11KB [ 1015.240966] eventpoll_pwq 23KB 43KB [ 1015.246326] eventpoll_epi 42KB 66KB [ 1015.253048] inotify_inode_mark 20KB 39KB [ 1015.258497] request_queue 199KB 199KB [ 1015.263895] blkdev_requests 1KB 3KB [ 1015.271047] blkdev_ioc 28KB 38KB [ 1015.276494] bio-0 1245KB 1271KB [ 1015.281879] biovec-max 1584KB 1650KB [ 1015.287229] biovec-64 1147KB 1181KB [ 1015.292622] biovec-16 158KB 168KB [ 1015.297971] bio_integrity_payload 1KB 8KB [ 1015.304007] khugepaged_mm_slot 6KB 34KB [ 1015.309461] uid_cache 0KB 4KB [ 1015.314884] dmaengine-unmap-2 0KB 3KB [ 1015.320332] skbuff_fclone_cache 59KB 78KB [ 1015.325910] skbuff_head_cache 8122KB 8130KB [ 1015.331720] configfs_dir_cache 3KB 7KB [ 1015.350979] file_lock_cache 88KB 106KB [ 1015.356348] file_lock_ctx 9KB 11KB [ 1015.372081] fsnotify_mark_connector 10KB 23KB [ 1015.377968] net_namespace 61KB 61KB [ 1015.383356] shmem_inode_cache 8214KB 8252KB [ 1015.388707] task_delay_info 157KB 367KB [ 1015.394105] taskstats 44KB 65KB [ 1015.399468] proc_dir_entry 759KB 832KB [ 1015.404875] pde_opener 8KB 34KB [ 1015.410234] seq_file 269KB 472KB [ 1015.415651] sigqueue 52KB 66KB [ 1015.423546] kernfs_node_cache 18234KB 18242KB [ 1015.428910] mnt_cache 190KB 192KB [ 1015.434375] filp 6330KB 7545KB [ 1015.439737] names_cache 136114KB 136174KB [ 1015.445145] iint_cache 34KB 55KB [ 1015.450500] key_jar 23KB 135KB [ 1015.455890] uts_namespace 3KB 7KB [ 1015.461290] nsproxy 1KB 11KB [ 1015.466645] vm_area_struct 3181KB 3758KB [ 1015.476844] mm_struct 417KB 585KB [ 1015.482264] fs_cache 137KB 336KB [ 1015.487620] files_cache 524KB 701KB [ 1015.493022] signal_cache 1098KB 1559KB [ 1015.498379] sighand_cache 575KB 610KB [ 1015.503778] task_struct 5542KB 5586KB [ 1015.509137] cred_jar 1787KB 2500KB [ 1015.514554] anon_vma_chain 1092KB 1488KB [ 1015.519915] anon_vma 103KB 288KB [ 1015.525386] pid 85KB 224KB [ 1015.530745] Acpi-Operand 156KB 198KB [ 1015.536187] Acpi-ParseExt 9KB 11KB [ 1015.541920] Acpi-Parse 41KB 47KB [ 1015.547381] Acpi-State 52KB 63KB [ 1015.552775] Acpi-Namespace 20KB 27KB [ 1015.558137] numa_policy 0KB 3KB [ 1015.563516] debug_objects_cache 1441KB 1828KB [ 1015.569041] trace_event_file 297KB 298KB [ 1015.574452] ftrace_event_field 398KB 401KB [ 1015.581080] pool_workqueue 128KB 144KB [ 1015.586450] page->ptl 480KB 1000KB [ 1015.594867] kmalloc-2097152 2050KB 2050KB [ 1015.600262] kmalloc-524288 2056KB 2056KB [ 1015.605703] kmalloc-262144 1290KB 1290KB [ 1015.611139] kmalloc-131072 650KB 650KB [ 1015.616499] kmalloc-65536 2112KB 2178KB [ 1015.621932] kmalloc-32768 1815KB 1815KB [ 1015.627291] kmalloc-16384 1056KB 1122KB [ 1015.632719] kmalloc-8192 4463KB 4463KB [ 1015.638078] kmalloc-4096 21794KB 21853KB [ 1015.643498] kmalloc-2048 12418KB 13419KB [ 1015.648854] kmalloc-1024 9511KB 11946KB [ 1015.654334] kmalloc-512 16741KB 16811KB [ 1015.659696] kmalloc-256 4601KB 6030KB [ 1015.665411] kmalloc-128 965KB 1468KB [ 1015.670769] kmalloc-96 3572KB 4076KB [ 1015.676162] kmalloc-64 2408KB 3876KB [ 1015.683204] kmalloc-32 1863KB 2543KB [ 1015.688588] kmalloc-192 1707KB 2752KB [ 1015.693966] kmem_cache 177KB 183KB [ 1015.699306] Out of memory (oom_kill_allocating_task): Kill process 8081 (syz-fuzzer) score 0 or sacrifice child [ 1015.709640] Killed process 5797 (syz-executor.2) total-vm:48512kB, anon-rss:428kB, file-rss:0kB, shmem-rss:0kB [ 1016.111665] oom_reaper: reaped process 9287 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:12kB [ 1016.221810] systemd invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1016.248323] systemd cpuset=/ mems_allowed=0-1 [ 1016.259357] CPU: 1 PID: 1 Comm: systemd Not tainted 4.19.211-syzkaller #0 [ 1016.266291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1016.275634] Call Trace: [ 1016.278237] dump_stack+0x1fc/0x2ef [ 1016.281863] dump_header+0x15d/0xc3f [ 1016.285558] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1016.290639] ? ___ratelimit+0x319/0x590 [ 1016.294596] oom_kill_process.cold+0x10/0x692 [ 1016.299072] ? oom_badness.part.0+0x135/0x6e0 [ 1016.303548] ? lock_downgrade+0x720/0x720 [ 1016.307679] ? check_preemption_disabled+0x41/0x280 [ 1016.312696] out_of_memory+0x34d/0x1390 [ 1016.316674] ? oom_killer_disable+0x270/0x270 [ 1016.321151] ? mutex_trylock+0x15f/0x1a0 [ 1016.325203] __alloc_pages_nodemask+0x23a2/0x2890 [ 1016.330026] ? find_get_entry+0x4cd/0x8a0 [ 1016.334160] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1016.338998] alloc_pages_current+0x193/0x2a0 [ 1016.343385] filemap_fault+0x146e/0x2180 [ 1016.347433] ext4_filemap_fault+0x84/0xb0 [ 1016.351559] __do_fault+0x10b/0x4b0 [ 1016.355167] __handle_mm_fault+0x273b/0x41c0 [ 1016.359557] ? vm_insert_page+0x9c0/0x9c0 [ 1016.363689] ? fsnotify+0x84e/0xe10 [ 1016.367299] ? check_preemption_disabled+0x41/0x280 [ 1016.372297] handle_mm_fault+0x436/0xb10 [ 1016.376357] __do_page_fault+0x68e/0xd60 [ 1016.380411] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1016.385423] ? spurious_fault+0x840/0x840 [ 1016.389582] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1016.394407] ? page_fault+0x8/0x30 [ 1016.397933] page_fault+0x1e/0x30 [ 1016.401371] RIP: 0033:0x7fd193543050 [ 1016.405069] Code: Bad RIP value. [ 1016.408433] RSP: 002b:00007ffdeda37e08 EFLAGS: 00010246 [ 1016.413791] RAX: 00007ffdeda37f60 RBX: 0000000000000018 RCX: 0000000000000000 [ 1016.421046] RDX: 00000000ffffffff RSI: 0000000000008000 RDI: 00007ffdeda37e10 [ 1016.428297] RBP: 00007ffdeda38020 R08: 0000000000000000 R09: 000055958e06f578 [ 1016.435546] R10: 000055958e06f540 R11: 0000000000000000 R12: 00007ffdeda37e10 [ 1016.442811] R13: 00007fd194ce7ea9 R14: 00007ffdeda37f48 R15: 0000000000000001 [ 1016.461255] syz-executor.0: vmalloc: allocation failure, allocated 1676599296 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 1016.469414] Mem-Info: [ 1016.479899] active_anon:15839 inactive_anon:37247 isolated_anon:0 [ 1016.479899] active_file:30 inactive_file:0 isolated_file:0 [ 1016.479899] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1016.479899] slab_reclaimable:14056 slab_unreclaimable:118967 [ 1016.479899] mapped:21626 shmem:37836 pagetables:481 bounce:0 [ 1016.479899] free:13885 free_pcp:176 free_cma:0 [ 1016.481650] syz-executor.0 cpuset=/ mems_allowed=0-1 [ 1016.524027] Node 0 active_anon:61672kB inactive_anon:51176kB active_file:124kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86496kB dirty:0kB writeback:0kB shmem:52740kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 20480kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1016.530885] CPU: 0 PID: 9287 Comm: syz-executor.0 Not tainted 4.19.211-syzkaller #0 [ 1016.555416] Node 1 active_anon:1684kB inactive_anon:97812kB active_file:0kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:0kB writeback:0kB shmem:98604kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1016.559404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1016.559413] Call Trace: [ 1016.590001] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1016.595502] dump_stack+0x1fc/0x2ef [ 1016.595519] warn_alloc.cold+0x7b/0x18f [ 1016.595538] ? zone_watermark_ok_safe+0x260/0x260 [ 1016.598097] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1016.624197] ? retint_kernel+0x2d/0x2d [ 1016.624231] __vmalloc_area_node+0x4fd/0x780 [ 1016.624251] ? __vmalloc_node_range+0x180/0x180 [ 1016.624262] ? _raw_spin_unlock+0x29/0x40 [ 1016.624274] ? __get_vm_area_node+0x2e2/0x3a0 [ 1016.624291] __vmalloc_node_range+0xed/0x180 [ 1016.624306] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 1016.624322] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 1016.624332] vmalloc_user+0x70/0xe0 [ 1016.624346] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 1016.624360] vb2_vmalloc_alloc+0xb3/0x2f0 [ 1016.624375] __vb2_queue_alloc+0x472/0xe60 [ 1016.624399] vb2_core_create_bufs+0x273/0x7e0 [ 1016.624413] ? __vb2_queue_free+0x870/0x870 [ 1016.624429] ? mutex_trylock+0x1a0/0x1a0 [ 1016.624445] ? __video_do_ioctl+0x632/0xcd0 [ 1016.624466] vb2_create_bufs+0x332/0x620 [ 1016.624483] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 1016.624497] ? __video_do_ioctl+0x632/0xcd0 [ 1016.624509] ? mutex_trylock+0x1a0/0x1a0 [ 1016.624524] ? mark_held_locks+0xf0/0xf0 [ 1016.624545] vb2_ioctl_create_bufs+0x20d/0x360 [ 1016.624560] ? memset+0x20/0x40 [ 1016.624578] v4l_create_bufs+0xb2/0x160 [ 1016.624596] __video_do_ioctl+0x49a/0xcd0 [ 1016.624617] ? v4l_querycap+0x340/0x340 [ 1016.624636] ? __might_fault+0x192/0x1d0 [ 1016.624657] ? v4l_querycap+0x340/0x340 [ 1016.624672] video_usercopy+0x13f/0xfa0 [ 1016.624694] ? v4l_enumstd+0x60/0x60 [ 1016.624708] ? do_futex+0x171/0x1880 [ 1016.624724] ? mark_held_locks+0xf0/0xf0 [ 1016.624742] ? debug_check_no_obj_freed+0x201/0x490 [ 1016.624766] ? video_usercopy+0xfa0/0xfa0 [ 1016.624778] v4l2_ioctl+0x147/0x1a0 [ 1016.624790] ? video_devdata+0xa0/0xa0 [ 1016.624806] do_vfs_ioctl+0xcdb/0x12e0 [ 1016.624821] ? lock_downgrade+0x720/0x720 [ 1016.624836] ? check_preemption_disabled+0x41/0x280 [ 1016.624850] ? ioctl_preallocate+0x200/0x200 [ 1016.624868] ? __fget+0x356/0x510 [ 1016.624884] ? do_dup2+0x450/0x450 [ 1016.624897] ? __se_sys_futex+0x298/0x3b0 [ 1016.624919] ksys_ioctl+0x9b/0xc0 [ 1016.624935] __x64_sys_ioctl+0x6f/0xb0 [ 1016.624949] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 1016.624963] do_syscall_64+0xf9/0x620 [ 1016.624981] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1016.624992] RIP: 0033:0x7feb515cd0f9 [ 1016.625005] Code: Bad RIP value. [ 1016.625012] RSP: 002b:00007feb4fb3f168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1016.625025] RAX: ffffffffffffffda RBX: 00007feb516ecf80 RCX: 00007feb515cd0f9 [ 1016.625033] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 1016.625041] RBP: 00007feb51628ae9 R08: 0000000000000000 R09: 0000000000000000 [ 1016.625049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1016.625057] R13: 00007ffcce05e16f R14: 00007feb4fb3f300 R15: 0000000000022000 [ 1016.640721] Mem-Info: [ 1016.652099] Node 0 DMA32 free:17964kB min:35996kB low:44992kB high:53988kB active_anon:61672kB inactive_anon:51176kB active_file:116kB inactive_file:4kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7456kB pagetables:1804kB bounce:0kB free_pcp:440kB local_pcp:192kB free_cma:0kB [ 1016.670439] active_anon:15839 inactive_anon:37247 isolated_anon:0 [ 1016.670439] active_file:30 inactive_file:0 isolated_file:0 [ 1016.670439] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1016.670439] slab_reclaimable:14056 slab_unreclaimable:118967 [ 1016.670439] mapped:21626 shmem:37836 pagetables:481 bounce:0 [ 1016.670439] free:13885 free_pcp:172 free_cma:0 [ 1016.680422] lowmem_reserve[]: 0 0 1 1 1 [ 1016.692773] Node 0 active_anon:61672kB inactive_anon:51176kB active_file:124kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86496kB dirty:0kB writeback:0kB shmem:52740kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 20480kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1016.710403] Node 0 Normal free:4kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1016.727149] Node 1 active_anon:1684kB inactive_anon:97812kB active_file:0kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:0kB writeback:0kB shmem:98604kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1016.741333] lowmem_reserve[]: 0 0 0 0 0 [ 1016.756493] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1016.772036] Node 1 Normal free:26764kB min:53876kB low:67344kB high:80812kB active_anon:1684kB inactive_anon:97812kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:352kB pagetables:124kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 1016.781853] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1016.795774] lowmem_reserve[]: 0 0 0 0 0 [ 1016.805011] Node 0 DMA32 free:17724kB min:35996kB low:44992kB high:53988kB active_anon:61580kB inactive_anon:51176kB active_file:64kB inactive_file:60kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7456kB pagetables:1800kB bounce:0kB free_pcp:440kB local_pcp:248kB free_cma:0kB [ 1016.820049] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 1016.829598] lowmem_reserve[]: 0 0 1 1 1 [ 1016.837473] Node 0 DMA32: 919*4kB (ME) 848*8kB (UME) 285*16kB (UME) 49*32kB (UME) 6*64kB (UE) 2*128kB (U) 2*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17740kB [ 1016.841089] Node 0 Normal free:4kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1016.844792] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 1016.848426] lowmem_reserve[]: 0 0 0 0 0 [ 1016.860056] Node 1 Normal: 209*4kB (UME) 197*8kB (UME) 170*16kB (UME) 108*32kB (ME) 40*64kB (UME) 18*128kB (ME) 8*256kB (UM) 2*512kB (UM) 2*1024kB (UE) 2*2048kB (UE) 1*4096kB (M) = 26764kB [ 1016.876800] Node 1 Normal free:26764kB min:53876kB low:67344kB high:80812kB active_anon:1684kB inactive_anon:97812kB active_file:4kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:352kB pagetables:124kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 1016.890963] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1016.906736] lowmem_reserve[]: 0 0 0 0 0 [ 1016.930892] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1017.289712] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1017.291734] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 1017.298725] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1017.315857] Node 0 DMA32: 919*4kB (ME) 848*8kB (UME) 285*16kB (UME) 49*32kB (UME) 6*64kB (UE) 2*128kB (U) 2*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17740kB [ 1017.333416] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1017.340880] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 1017.355748] 37870 total pagecache pages [ 1017.359056] Node 1 Normal: 209*4kB (UME) 197*8kB (UME) 170*16kB (UME) 108*32kB (ME) 40*64kB (UME) 18*128kB (ME) 8*256kB (UM) 2*512kB (UM) 2*1024kB (UE) 2*2048kB (UE) 1*4096kB (M) = 26764kB [ 1017.359723] 0 pages in swap cache [ 1017.380762] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1017.389623] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1017.391879] Swap cache stats: add 0, delete 0, find 0/0 [ 1017.402484] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1017.413144] Free swap = 0kB [ 1017.416155] Total swap = 0kB [ 1017.416853] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1017.419637] 2097051 pages RAM [ 1017.427764] 37870 total pagecache pages [ 1017.439493] 0 pages in swap cache [ 1017.442971] Swap cache stats: add 0, delete 0, find 0/0 [ 1017.443441] 0 pages HighMem/MovableOnly [ 1017.448323] Free swap = 0kB [ 1017.459886] Total swap = 0kB [ 1017.462971] 2097051 pages RAM [ 1017.464618] 369649 pages reserved [ 1017.466087] 0 pages HighMem/MovableOnly [ 1017.466094] 369649 pages reserved [ 1017.469520] 0 pages cma reserved [ 1017.469526] Unreclaimable slab info: [ 1017.477575] 0 pages cma reserved [ 1017.489577] Name Used Total [ 1017.498304] pid_2 27KB 80KB [ 1017.516918] batadv_tt_change_cache 0KB 3KB [ 1017.526422] batadv_tl_cache 5KB 16KB [ 1017.545529] TIPC 12KB 37KB [ 1017.554280] SCTPv6 16KB 24KB [ 1017.559659] DCCPv6 17KB 30KB [ 1017.570878] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1017.577423] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1017.583982] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1017.590675] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1017.605130] DCCP 16KB 28KB [ 1017.610531] RXRPC 13KB 26KB [ 1017.619442] rxrpc_call_jar 90KB 102KB [ 1017.638855] bridge_fdb_cache 10KB 23KB [ 1017.647683] fib6_nodes 183KB 264KB [ 1017.666698] ip6_dst_cache 314KB 562KB [ 1017.672161] RAWv6 81KB 101KB [ 1017.677526] UDPv6 30KB 37KB [ 1017.697020] TCPv6 24KB 30KB [ 1017.702452] nf_conntrack 6KB 15KB [ 1017.707882] t10_alua_lu_gp_cache 0KB 3KB [ 1017.728493] sd_ext_cdb 0KB 7KB [ 1017.734029] scsi_sense_cache 1056KB 1060KB [ 1017.739401] virtio_scsi_cmd 16KB 16KB [ 1017.759360] sgpool-128 8KB 8KB [ 1017.764774] sgpool-64 4KB 12KB [ 1017.770236] sgpool-32 2KB 15KB [ 1017.784284] sgpool-16 1KB 7KB [ 1017.789663] sgpool-8 0KB 7KB [ 1017.797749] mqueue_inode_cache 12KB 30KB [ 1017.809429] bio_post_read_ctx 14KB 15KB [ 1017.817306] bio-2 14KB 15KB [ 1017.828278] jfs_mp 7KB 7KB [ 1017.836331] cifs_small_rq 15KB 16KB [ 1017.847519] cifs_request 67KB 67KB [ 1017.855185] cifs_mpx_ids 0KB 7KB [ 1017.860568] nfs_commit_data 3KB 14KB [ 1017.874456] nfs_write_data 34KB 44KB [ 1017.879856] ext4_system_zone 1KB 7KB [ 1017.887611] bio-1 1KB 7KB [ 1017.900927] pid_namespace 2KB 11KB [ 1017.906306] rpc_buffers 17KB 25KB [ 1017.916558] rpc_tasks 2KB 7KB [ 1017.925534] UNIX 811KB 832KB [ 1017.936117] tcp_bind_bucket 1KB 4KB [ 1017.944942] ip_fib_trie 27KB 43KB [ 1017.950308] ip_fib_alias 130KB 189KB [ 1017.965034] ip_dst_cache 6KB 20KB [ 1017.970530] RAW 48KB 60KB [ 1017.975957] UDP 54KB 67KB [ 1017.995077] TCP 8KB 16KB [ 1018.000454] hugetlbfs_inode_cache 3KB 15KB [ 1018.009578] fscache_cookie_jar 1KB 11KB [ 1018.027358] eventpoll_pwq 22KB 43KB [ 1018.036571] eventpoll_epi 42KB 66KB [ 1018.048796] inotify_inode_mark 20KB 39KB [ 1018.057590] request_queue 199KB 199KB [ 1018.069146] blkdev_requests 1KB 3KB [ 1018.077693] blkdev_ioc 28KB 38KB [ 1018.089788] bio-0 1275KB 1301KB [ 1018.098208] biovec-max 1584KB 1650KB [ 1018.109699] biovec-64 1194KB 1228KB [ 1018.118501] biovec-16 158KB 168KB [ 1018.130267] bio_integrity_payload 1KB 8KB [ 1018.148048] khugepaged_mm_slot 6KB 34KB [ 1018.153596] uid_cache 0KB 4KB [ 1018.158952] dmaengine-unmap-2 0KB 3KB [ 1018.164889] skbuff_fclone_cache 59KB 78KB [ 1018.171734] skbuff_head_cache 8302KB 8310KB [ 1018.177516] configfs_dir_cache 3KB 7KB [ 1018.183108] file_lock_cache 86KB 106KB [ 1018.188472] file_lock_ctx 9KB 11KB [ 1018.194863] fsnotify_mark_connector 10KB 23KB [ 1018.201260] net_namespace 61KB 61KB [ 1018.206625] shmem_inode_cache 8211KB 8252KB [ 1018.214405] task_delay_info 157KB 367KB [ 1018.219777] taskstats 44KB 65KB [ 1018.225236] proc_dir_entry 759KB 832KB [ 1018.230595] pde_opener 8KB 34KB [ 1018.236481] seq_file 267KB 472KB [ 1018.246089] sigqueue 59KB 66KB [ 1018.257695] kernfs_node_cache 18234KB 18242KB [ 1018.263540] mnt_cache 190KB 192KB [ 1018.269309] filp 6323KB 7541KB [ 1018.279456] names_cache 135337KB 135337KB [ 1018.284922] iint_cache 45KB 55KB [ 1018.290287] key_jar 23KB 135KB [ 1018.300584] uts_namespace 3KB 7KB [ 1018.308287] nsproxy 1KB 11KB [ 1018.319706] vm_area_struct 3195KB 3758KB [ 1018.326150] mm_struct 456KB 585KB [ 1018.338470] fs_cache 136KB 336KB [ 1018.347784] files_cache 513KB 701KB [ 1018.359283] signal_cache 1091KB 1559KB [ 1018.365181] sighand_cache 561KB 610KB [ 1018.379031] task_struct 5529KB 5586KB [ 1018.385157] cred_jar 1778KB 2500KB [ 1018.395566] anon_vma_chain 1092KB 1488KB [ 1018.401368] anon_vma 117KB 288KB [ 1018.407228] pid 84KB 224KB [ 1018.417781] Acpi-Operand 156KB 198KB [ 1018.423199] Acpi-ParseExt 9KB 11KB [ 1018.428564] Acpi-Parse 41KB 47KB [ 1018.439580] Acpi-State 52KB 63KB [ 1018.448300] Acpi-Namespace 20KB 27KB [ 1018.459283] numa_policy 0KB 3KB [ 1018.465370] debug_objects_cache 1441KB 1828KB [ 1018.475344] trace_event_file 297KB 298KB [ 1018.481277] ftrace_event_field 398KB 401KB [ 1018.488179] pool_workqueue 128KB 144KB [ 1018.498679] page->ptl 485KB 1000KB [ 1018.504575] kmalloc-2097152 2050KB 2050KB [ 1018.510459] kmalloc-524288 2056KB 2056KB [ 1018.521068] kmalloc-262144 1290KB 1290KB [ 1018.526858] kmalloc-131072 650KB 650KB [ 1018.538086] kmalloc-65536 2112KB 2178KB [ 1018.549511] kmalloc-32768 1815KB 1815KB [ 1018.559581] kmalloc-16384 1056KB 1122KB [ 1018.565027] kmalloc-8192 4463KB 4463KB [ 1018.570402] kmalloc-4096 21717KB 21777KB [ 1018.580674] kmalloc-2048 12416KB 13419KB [ 1018.586117] kmalloc-1024 9606KB 11946KB [ 1018.596152] kmalloc-512 16976KB 16980KB [ 1018.601577] kmalloc-256 4618KB 6030KB [ 1018.607058] kmalloc-128 956KB 1468KB [ 1018.617047] kmalloc-96 3594KB 4076KB [ 1018.622472] kmalloc-64 2408KB 3876KB [ 1018.627867] kmalloc-32 1871KB 2543KB [ 1018.637556] kmalloc-192 1707KB 2752KB [ 1018.642970] kmem_cache 177KB 183KB [ 1018.650608] Out of memory: Kill process 9281 (syz-executor.3) score 1002 or sacrifice child [ 1018.663622] Killed process 9290 (syz-executor.3) total-vm:60680kB, anon-rss:2548kB, file-rss:14340kB, shmem-rss:36kB [ 1018.676109] oom_reaper: reaped process 9290 (syz-executor.3), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 1018.785815] systemd[1]: systemd-journald.service: Failed with result 'signal'. [ 1018.796434] systemd[1]: rsyslog.service: Main process exited, code=killed, status=9/KILL [ 1018.817026] systemd[1]: rsyslog.service: Unit entered failed state. [ 1018.826713] systemd[1]: rsyslog.service: Failed with result 'signal'. [ 1018.839975] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 1018.866796] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 1018.877438] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 1018.885898] systemd[1]: Stopped Journal Service. [ 1018.906574] systemd[1]: Starting Journal Service... [ 1019.055879] systemd[1]: rsyslog.service: Service hold-off time over, scheduling restart. [ 1019.071791] systemd-journald[9298]: File /run/log/journal/04d8c135ee6b410280ba31a58c89679d/system.journal corrupted or uncleanly shut down, renaming and replacing. 02:39:49 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:39:50 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x0, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:50 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e], 0x6}}, 0xfffffffa}) 02:39:50 executing program 2: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:50 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x0, 0x0, 0x401], 0x6}}, 0xfffffffa}) [ 1021.817766] IPVS: ftp: loaded support on port[0] = 21 [ 1022.085504] IPVS: ftp: loaded support on port[0] = 21 [ 1022.085818] IPVS: ftp: loaded support on port[0] = 21 [ 1022.284608] IPVS: ftp: loaded support on port[0] = 21 [ 1023.484560] chnl_net:caif_netlink_parms(): no params data found [ 1023.520199] chnl_net:caif_netlink_parms(): no params data found [ 1023.555086] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1023.574191] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1023.584294] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1023.592166] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1023.601176] device bridge_slave_1 left promiscuous mode [ 1023.606652] bridge0: port 2(bridge_slave_1) entered disabled state [ 1023.615139] device bridge_slave_0 left promiscuous mode [ 1023.621414] bridge0: port 1(bridge_slave_0) entered disabled state [ 1023.632305] device veth1_macvtap left promiscuous mode [ 1023.637605] device veth0_macvtap left promiscuous mode [ 1023.644002] device veth1_vlan left promiscuous mode [ 1023.649050] device veth0_vlan left promiscuous mode [ 1023.810522] Bluetooth: hci0: command 0x0409 tx timeout [ 1023.890637] Bluetooth: hci4: command 0x0409 tx timeout [ 1023.896012] Bluetooth: hci1: command 0x0409 tx timeout [ 1024.130504] Bluetooth: hci5: command 0x0409 tx timeout 02:39:54 executing program 0: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:54 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:39:54 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:54 executing program 0: setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000380), 0x4) r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1ff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) syz_open_dev$vim2m(&(0x7f0000000340), 0x100000000, 0x2) openat$vcsa(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000200)={0x2, 0x4a, 0xbc, 0x80000}) 02:39:54 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x0, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:54 executing program 0: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:39:54 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x8) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:39:54 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x0, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) [ 1025.890276] Bluetooth: hci0: command 0x041b tx timeout [ 1025.970359] Bluetooth: hci1: command 0x041b tx timeout [ 1025.975762] Bluetooth: hci4: command 0x041b tx timeout [ 1026.220365] Bluetooth: hci5: command 0x041b tx timeout [ 1027.980209] Bluetooth: hci0: command 0x040f tx timeout [ 1028.060201] Bluetooth: hci4: command 0x040f tx timeout [ 1028.065589] Bluetooth: hci1: command 0x040f tx timeout [ 1028.290182] Bluetooth: hci5: command 0x040f tx timeout [ 1028.437640] device hsr_slave_1 left promiscuous mode [ 1028.445161] device hsr_slave_0 left promiscuous mode [ 1028.462870] team0 (unregistering): Port device team_slave_1 removed [ 1028.472982] team0 (unregistering): Port device team_slave_0 removed [ 1028.483502] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 1028.495460] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 1028.524322] bond0 (unregistering): Released all slaves [ 1028.537986] chnl_net:caif_netlink_parms(): no params data found [ 1028.556760] chnl_net:caif_netlink_parms(): no params data found [ 1028.679385] bridge0: port 1(bridge_slave_0) entered blocking state [ 1028.700208] bridge0: port 1(bridge_slave_0) entered disabled state [ 1028.707468] device bridge_slave_0 entered promiscuous mode [ 1028.734576] bridge0: port 2(bridge_slave_1) entered blocking state [ 1028.748142] bridge0: port 2(bridge_slave_1) entered disabled state [ 1028.756973] device bridge_slave_1 entered promiscuous mode [ 1028.771687] bridge0: port 1(bridge_slave_0) entered blocking state [ 1028.778058] bridge0: port 1(bridge_slave_0) entered disabled state [ 1028.801303] device bridge_slave_0 entered promiscuous mode [ 1028.848696] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 1028.866138] bridge0: port 2(bridge_slave_1) entered blocking state [ 1028.874235] bridge0: port 2(bridge_slave_1) entered disabled state [ 1028.889107] device bridge_slave_1 entered promiscuous mode [ 1028.920919] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 1028.934697] bridge0: port 1(bridge_slave_0) entered blocking state [ 1028.951924] bridge0: port 1(bridge_slave_0) entered disabled state [ 1028.967099] device bridge_slave_0 entered promiscuous mode [ 1028.974019] bridge0: port 1(bridge_slave_0) entered blocking state [ 1028.988779] bridge0: port 1(bridge_slave_0) entered disabled state [ 1028.997551] device bridge_slave_0 entered promiscuous mode [ 1029.018645] bridge0: port 2(bridge_slave_1) entered blocking state [ 1029.033298] bridge0: port 2(bridge_slave_1) entered disabled state [ 1029.045635] device bridge_slave_1 entered promiscuous mode [ 1029.067695] bridge0: port 2(bridge_slave_1) entered blocking state [ 1029.078076] bridge0: port 2(bridge_slave_1) entered disabled state [ 1029.094983] device bridge_slave_1 entered promiscuous mode [ 1029.128267] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 1029.161655] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 1029.169197] team0: Port device team_slave_0 added [ 1029.185268] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 1029.199912] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 1029.208878] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 1029.224972] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 1029.236455] team0: Port device team_slave_1 added [ 1029.253816] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 1029.263377] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 1029.308965] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 1029.317072] team0: Port device team_slave_0 added [ 1029.324635] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 1029.332847] team0: Port device team_slave_1 added [ 1029.364405] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 1029.380767] team0: Port device team_slave_0 added [ 1029.386674] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1029.402890] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1029.437281] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1029.448958] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 1029.456711] team0: Port device team_slave_0 added [ 1029.468503] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 1029.476127] team0: Port device team_slave_1 added [ 1029.482296] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1029.488531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1029.513748] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1029.524954] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1029.531639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1029.557271] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1029.567793] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 1029.575529] team0: Port device team_slave_1 added [ 1029.611023] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1029.617279] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1029.647319] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1029.664048] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1029.670422] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1029.696247] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1029.713791] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 1029.724793] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1029.733749] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1029.759301] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1029.770885] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1029.777144] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1029.802516] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1029.813824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1029.820719] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1029.847081] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1029.858521] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 1029.873327] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 1029.889094] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 1029.912175] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 1029.928841] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 1029.946480] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 1029.958157] device hsr_slave_0 entered promiscuous mode [ 1029.964687] device hsr_slave_1 entered promiscuous mode [ 1029.973724] device hsr_slave_0 entered promiscuous mode [ 1029.979762] device hsr_slave_1 entered promiscuous mode [ 1029.990542] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 1030.004515] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 1030.011845] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 1030.035117] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 1030.050468] Bluetooth: hci0: command 0x0419 tx timeout [ 1030.056044] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 1030.065999] device hsr_slave_0 entered promiscuous mode [ 1030.079362] device hsr_slave_1 entered promiscuous mode [ 1030.088044] device hsr_slave_0 entered promiscuous mode [ 1030.102681] device hsr_slave_1 entered promiscuous mode [ 1030.113962] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 1030.123399] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 1030.130050] Bluetooth: hci1: command 0x0419 tx timeout [ 1030.130074] Bluetooth: hci4: command 0x0419 tx timeout [ 1030.141158] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 1030.148351] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 1030.370224] Bluetooth: hci5: command 0x0419 tx timeout [ 1030.569402] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 1030.582024] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 1030.732559] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 1030.881993] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 1030.896985] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1031.028876] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 1031.042260] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1031.159559] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 1031.169813] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1031.177421] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 1031.188012] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 1031.195404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1031.202339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1031.225223] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 1031.231749] 8021q: adding VLAN 0 to HW filter on device team0 [ 1031.238630] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 1031.247648] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 1031.257343] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1031.264225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1031.271389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1031.278222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1031.285485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1031.298615] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 1031.305561] 8021q: adding VLAN 0 to HW filter on device team0 [ 1031.314410] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 1031.324401] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 1031.331799] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1031.339526] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1031.347550] bridge0: port 1(bridge_slave_0) entered blocking state [ 1031.353949] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1031.363009] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 1031.369067] 8021q: adding VLAN 0 to HW filter on device team0 [ 1031.377658] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 1031.386916] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 1031.489259] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1031.496322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1031.504357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1031.512109] bridge0: port 2(bridge_slave_1) entered blocking state [ 1031.518440] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1031.526463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1031.534597] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1031.542388] bridge0: port 1(bridge_slave_0) entered blocking state [ 1031.548797] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1031.557298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1031.566921] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 1031.688180] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 1031.695097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1031.702134] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1031.708883] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1031.718570] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 1031.727864] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 1031.734383] 8021q: adding VLAN 0 to HW filter on device team0 [ 1031.743298] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 1031.751466] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 1031.858329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1031.866231] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1031.874993] bridge0: port 1(bridge_slave_0) entered blocking state [ 1031.881356] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1031.888536] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1031.897543] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1031.905764] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1031.913935] bridge0: port 2(bridge_slave_1) entered blocking state [ 1031.920323] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1031.929204] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 1031.936990] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1031.944020] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1031.952095] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1031.959665] bridge0: port 2(bridge_slave_1) entered blocking state [ 1031.966051] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1031.975311] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 1032.079846] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 1032.086890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1032.097930] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1032.105806] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1032.115010] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 1032.124309] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 1032.136207] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 1032.238117] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1032.245255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1032.254200] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1032.262336] bridge0: port 1(bridge_slave_0) entered blocking state [ 1032.268674] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1032.275880] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1032.285176] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1032.294147] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 1032.303768] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 1032.313745] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 1032.322842] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1032.330049] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1032.338934] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1032.346971] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1032.355217] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1032.363218] bridge0: port 2(bridge_slave_1) entered blocking state [ 1032.369583] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1032.377634] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1032.387676] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 1032.399347] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 1032.407443] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 1032.416695] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 1032.425105] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1032.433132] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1032.440856] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1032.448521] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1032.457394] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1032.465345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1032.473372] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1032.481758] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1032.488641] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1032.498210] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 1032.507636] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 1032.617447] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 1032.625317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1032.633035] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1032.642536] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1032.651019] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1032.658617] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1032.668906] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 1032.678440] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 1032.687264] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 1032.696433] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 1032.704760] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 1032.712930] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1032.720667] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1032.728095] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1032.735647] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1032.743541] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1032.751383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1032.758847] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1032.766867] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1032.779197] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 1032.788586] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 1032.795018] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1032.811665] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 1032.822535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 1032.833423] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1032.855917] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1032.869200] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1032.878851] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 1032.994662] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 1033.001023] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1033.008090] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1033.016536] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1033.025639] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 1033.033855] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 1033.045456] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1033.053532] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1033.066827] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1033.078343] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1033.087902] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 1033.094492] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1033.104398] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 1033.114331] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1033.157677] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 1033.192017] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 1033.208785] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 1033.217349] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1033.225245] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1033.234000] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 1033.248893] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1033.256515] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1033.264318] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1033.276691] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 1033.283941] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 1033.299324] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 1033.310496] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1033.317885] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1033.326469] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1033.335949] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 1033.347525] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1033.354990] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1033.368438] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1033.393566] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1033.448737] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 1033.464210] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 1033.474359] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 1033.484161] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 1033.497628] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 1033.510924] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 1033.518462] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1033.530746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1033.539076] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1033.547182] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1033.556054] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1033.565868] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1033.576300] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1033.583584] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1033.591582] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1033.598728] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1033.607714] device bridge_slave_1 left promiscuous mode [ 1033.613861] bridge0: port 2(bridge_slave_1) entered disabled state [ 1033.621545] device bridge_slave_0 left promiscuous mode [ 1033.627021] bridge0: port 1(bridge_slave_0) entered disabled state [ 1033.635982] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1033.642974] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1033.651144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1033.657822] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1033.666456] device bridge_slave_1 left promiscuous mode [ 1033.672037] bridge0: port 2(bridge_slave_1) entered disabled state [ 1033.679021] device bridge_slave_0 left promiscuous mode [ 1033.685165] bridge0: port 1(bridge_slave_0) entered disabled state [ 1033.694022] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1033.701398] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1033.708739] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1033.715565] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1033.724999] device bridge_slave_1 left promiscuous mode [ 1033.731346] bridge0: port 2(bridge_slave_1) entered disabled state [ 1033.738470] device bridge_slave_0 left promiscuous mode [ 1033.744242] bridge0: port 1(bridge_slave_0) entered disabled state [ 1033.755371] device veth1_macvtap left promiscuous mode [ 1033.760807] device veth0_macvtap left promiscuous mode [ 1033.766128] device veth1_vlan left promiscuous mode [ 1033.771424] device veth0_vlan left promiscuous mode [ 1033.776668] device veth1_macvtap left promiscuous mode [ 1033.782338] device veth0_macvtap left promiscuous mode [ 1033.787671] device veth1_vlan left promiscuous mode [ 1033.793096] device veth0_vlan left promiscuous mode [ 1033.798364] device veth1_macvtap left promiscuous mode [ 1033.804223] device veth0_macvtap left promiscuous mode [ 1033.809520] device veth1_vlan left promiscuous mode [ 1033.815534] device veth0_vlan left promiscuous mode [ 1038.137931] device hsr_slave_1 left promiscuous mode [ 1038.147131] device hsr_slave_0 left promiscuous mode [ 1038.161431] team0 (unregistering): Port device team_slave_1 removed [ 1038.171413] team0 (unregistering): Port device team_slave_0 removed [ 1038.182795] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 1038.194255] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 1038.222811] bond0 (unregistering): Released all slaves [ 1038.258461] device hsr_slave_1 left promiscuous mode [ 1038.265885] device hsr_slave_0 left promiscuous mode [ 1038.282431] team0 (unregistering): Port device team_slave_1 removed [ 1038.293441] team0 (unregistering): Port device team_slave_0 removed [ 1038.302207] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 1038.314522] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 1038.342705] bond0 (unregistering): Released all slaves [ 1038.382810] device hsr_slave_1 left promiscuous mode [ 1038.395772] device hsr_slave_0 left promiscuous mode [ 1038.407439] team0 (unregistering): Port device team_slave_1 removed [ 1038.418058] team0 (unregistering): Port device team_slave_0 removed [ 1038.427807] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 1038.438900] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 1038.467559] bond0 (unregistering): Released all slaves [ 1038.505906] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 1038.556786] IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready [ 1038.572053] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1038.581969] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1038.601847] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 1038.610749] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 1038.618472] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 1038.630335] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 1038.641505] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 1038.648483] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 1038.657490] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 1038.664675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1038.672421] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1038.680360] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1038.687321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1038.696752] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 1038.704277] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 1038.712048] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 1038.718212] device veth0_vlan entered promiscuous mode [ 1038.731032] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 1038.740547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1038.747812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1038.758007] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 1038.765820] device veth0_vlan entered promiscuous mode [ 1038.775475] device veth1_vlan entered promiscuous mode [ 1038.781484] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 1038.787880] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1038.795657] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1038.802814] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1038.809827] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1038.817124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1038.825436] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1038.832629] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1038.843111] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 1038.850973] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 1038.857526] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 1038.866763] device veth1_vlan entered promiscuous mode [ 1038.873098] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 1038.882444] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 1038.888938] device veth0_vlan entered promiscuous mode [ 1038.903834] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 1038.913367] IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready [ 1038.923562] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1038.932580] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1038.940596] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1038.947653] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1038.955576] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1038.964881] device veth1_vlan entered promiscuous mode [ 1038.971345] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 1038.979010] device veth0_vlan entered promiscuous mode [ 1038.988882] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 1038.997363] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1039.005458] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1039.013151] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1039.025458] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 1039.036354] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 1039.045911] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 1039.055433] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1039.063768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1039.072823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1039.085485] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 1039.096170] device veth1_vlan entered promiscuous mode [ 1039.105818] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 1039.116702] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 1039.126664] device veth0_macvtap entered promiscuous mode [ 1039.134239] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 1039.143698] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 1039.155141] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 1039.162678] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1039.170999] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1039.178224] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1039.186724] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1039.195247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1039.203913] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1039.212584] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1039.223101] device veth0_macvtap entered promiscuous mode [ 1039.230897] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 1039.240270] device veth1_macvtap entered promiscuous mode [ 1039.246536] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 1039.256675] device veth0_macvtap entered promiscuous mode [ 1039.265871] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 1039.278828] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 1039.290001] device veth1_macvtap entered promiscuous mode [ 1039.296397] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 1039.306541] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 1039.317187] device veth1_macvtap entered promiscuous mode [ 1039.324739] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 1039.337165] IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready [ 1039.347375] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 1039.358064] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 1039.366692] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1039.375292] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1039.383230] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1039.391355] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1039.398600] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1039.406989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1039.416557] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1039.428578] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 1039.439059] device veth0_macvtap entered promiscuous mode [ 1039.446587] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 1039.456681] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 1039.466090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1039.477244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1039.487148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1039.498158] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1039.509877] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 1039.516861] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1039.532536] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 1039.542641] device veth1_macvtap entered promiscuous mode [ 1039.549113] IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready [ 1039.561727] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1039.573455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1039.583346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1039.594305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1039.604156] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1039.614790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1039.626947] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 1039.634765] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1039.643078] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1039.651697] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1039.658911] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1039.668373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1039.677244] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1039.686041] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1039.696677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1039.707657] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1039.717597] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1039.728218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1039.740214] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 1039.747626] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1039.757286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1039.768308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1039.778434] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1039.788839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1039.798517] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1039.808840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1039.819275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1039.828979] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1039.840874] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 1039.848354] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1039.858388] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 1039.867167] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1039.875942] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1039.883964] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1039.892775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1039.917035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1039.933715] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1039.949568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1039.960135] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1039.969752] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1039.979531] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1039.989821] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 1039.996673] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1040.004863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1040.014681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1040.024059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1040.033824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1040.042991] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1040.053693] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1040.062850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1040.072787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1040.082860] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 1040.089840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1040.099567] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1040.107283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1040.115477] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1040.123497] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1040.140605] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 1040.173491] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1040.196619] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1040.206920] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1040.217864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1040.232826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1040.245585] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1040.258334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1040.269285] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1040.278382] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1040.288106] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1040.306145] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 1040.314345] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1040.327804] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1040.337224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1040.360538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1040.376936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1040.387596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1040.403140] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1040.413842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1040.428305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1040.438976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1040.453461] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1040.465126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1040.479357] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1040.494988] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 1040.502787] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1040.517430] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1040.526377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1040.826651] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 1040.850004] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 1040.856662] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1040.874106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1040.891599] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1040.901164] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1040.911674] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1040.918837] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1040.940728] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 1040.954338] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 1040.965026] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 1040.973351] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1040.980931] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1040.980940] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1040.984707] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1040.992558] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1040.998313] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1041.019692] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1041.024341] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1041.049411] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1041.070072] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready 02:40:11 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x0, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) [ 1041.100660] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1041.110231] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1041.125618] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 1041.144992] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1041.178375] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1041.207745] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 1041.211540] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1041.238877] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1041.262189] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1041.271441] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1041.285027] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1045.982876] oom_reaper: reaped process 10418 (syz-executor.1), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 1046.008192] systemd-journal invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1046.048413] systemd-journal cpuset=/ mems_allowed=0-1 [ 1046.054147] CPU: 0 PID: 9298 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 [ 1046.062020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1046.071374] Call Trace: [ 1046.073942] dump_stack+0x1fc/0x2ef [ 1046.077562] dump_header+0x15d/0xc3f [ 1046.081257] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1046.086345] ? ___ratelimit+0x319/0x590 [ 1046.090308] oom_kill_process.cold+0x10/0x692 [ 1046.094783] ? check_preemption_disabled+0x41/0x280 [ 1046.099780] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1046.105035] out_of_memory+0x1072/0x1390 [ 1046.109077] ? oom_killer_disable+0x270/0x270 [ 1046.113575] ? mutex_trylock+0x15f/0x1a0 [ 1046.117617] __alloc_pages_nodemask+0x23a2/0x2890 [ 1046.122455] ? find_get_entry+0x4cd/0x8a0 [ 1046.126601] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1046.131465] alloc_pages_current+0x193/0x2a0 [ 1046.135857] filemap_fault+0x146e/0x2180 [ 1046.139907] ext4_filemap_fault+0x84/0xb0 [ 1046.144064] __do_fault+0x10b/0x4b0 [ 1046.147676] __handle_mm_fault+0x273b/0x41c0 [ 1046.152077] ? vm_insert_page+0x9c0/0x9c0 [ 1046.156229] ? check_preemption_disabled+0x41/0x280 [ 1046.161237] handle_mm_fault+0x436/0xb10 [ 1046.165293] __do_page_fault+0x68e/0xd60 [ 1046.169340] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1046.174331] ? spurious_fault+0x840/0x840 [ 1046.178469] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1046.183295] ? page_fault+0x8/0x30 [ 1046.186818] page_fault+0x1e/0x30 [ 1046.190249] RIP: 0033:0x7f6d6f1a92e3 [ 1046.193955] Code: Bad RIP value. [ 1046.197299] RSP: 002b:00007ffc1d15c758 EFLAGS: 00010246 [ 1046.202640] RAX: 0000000000000001 RBX: 000055d1443871e0 RCX: 00007f6d6f1a92e3 [ 1046.209906] RDX: 0000000000000014 RSI: 00007ffc1d15c760 RDI: 000000000000000c [ 1046.217176] RBP: 00007ffc1d15c950 R08: 00007ffc1d16e000 R09: 0000010b8ad13217 [ 1046.224439] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc1d15c760 [ 1046.231701] R13: 0000000000000001 R14: ffffffffffffffff R15: 0005f44f6a967e5f [ 1046.244134] Mem-Info: [ 1046.245914] syz-executor.1: vmalloc: allocation failure, allocated 1682817024 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 1046.246574] active_anon:15360 inactive_anon:39281 isolated_anon:0 [ 1046.246574] active_file:8 inactive_file:2 isolated_file:0 [ 1046.246574] unevictable:0 dirty:0 writeback:5 unstable:0 [ 1046.246574] slab_reclaimable:13374 slab_unreclaimable:115344 [ 1046.246574] mapped:22200 shmem:39885 pagetables:635 bounce:0 [ 1046.246574] free:13774 free_pcp:1233 free_cma:0 [ 1046.263570] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 1046.303421] Node 0 active_anon:59448kB inactive_anon:51192kB active_file:24kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86520kB dirty:0kB writeback:12kB shmem:52764kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1046.304113] CPU: 0 PID: 10418 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 1046.331074] Node 1 active_anon:1992kB inactive_anon:105932kB active_file:8kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2280kB dirty:0kB writeback:8kB shmem:106776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1046.338957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1046.338962] Call Trace: [ 1046.338981] dump_stack+0x1fc/0x2ef [ 1046.338999] warn_alloc.cold+0x7b/0x18f [ 1046.366052] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1046.375400] ? zone_watermark_ok_safe+0x260/0x260 [ 1046.375413] ? retint_kernel+0x2d/0x2d [ 1046.375449] __vmalloc_area_node+0x4fd/0x780 [ 1046.377987] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1046.381623] ? __vmalloc_node_range+0x180/0x180 [ 1046.381656] ? _raw_spin_unlock+0x29/0x40 [ 1046.385597] Node 0 DMA32 free:17532kB min:35996kB low:44992kB high:53988kB active_anon:59448kB inactive_anon:51192kB active_file:52kB inactive_file:0kB unevictable:0kB writepending:12kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7648kB pagetables:2292kB bounce:0kB free_pcp:1924kB local_pcp:1260kB free_cma:0kB [ 1046.411694] ? __get_vm_area_node+0x2e2/0x3a0 [ 1046.411712] __vmalloc_node_range+0xed/0x180 [ 1046.411730] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 1046.416561] lowmem_reserve[]: 0 0 1 1 1 [ 1046.420442] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 1046.420455] vmalloc_user+0x70/0xe0 [ 1046.420470] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 1046.424848] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1046.429863] vb2_vmalloc_alloc+0xb3/0x2f0 [ 1046.429878] __vb2_queue_alloc+0x472/0xe60 [ 1046.429905] vb2_core_create_bufs+0x273/0x7e0 [ 1046.434533] lowmem_reserve[]: 0 0 0 0 0 [ 1046.438669] ? __vb2_queue_free+0x870/0x870 [ 1046.467734] Node 1 Normal free:26696kB min:53876kB low:67344kB high:80812kB active_anon:1992kB inactive_anon:105932kB active_file:12kB inactive_file:8kB unevictable:0kB writepending:8kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:352kB pagetables:248kB bounce:0kB free_pcp:3008kB local_pcp:1272kB free_cma:0kB [ 1046.472373] ? mutex_trylock+0x1a0/0x1a0 [ 1046.472397] ? __video_do_ioctl+0x632/0xcd0 [ 1046.472416] vb2_create_bufs+0x332/0x620 [ 1046.476795] lowmem_reserve[]: 0 0 0 0 0 [ 1046.481105] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 1046.481116] ? __video_do_ioctl+0x632/0xcd0 [ 1046.481134] ? mutex_trylock+0x1a0/0x1a0 [ 1046.485167] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 1046.490531] ? mark_held_locks+0xf0/0xf0 [ 1046.490553] vb2_ioctl_create_bufs+0x20d/0x360 [ 1046.494163] Node 0 DMA32: 1029*4kB (ME) 773*8kB (ME) 257*16kB (UME) 42*32kB (UME) 2*64kB (ME) 1*128kB (H) 0*256kB 1*512kB (H) 1*1024kB (H) 0*2048kB 0*4096kB = 17548kB [ 1046.498472] ? memset+0x20/0x40 [ 1046.524324] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1046.528440] v4l_create_bufs+0xb2/0x160 [ 1046.532669] Node 1 Normal: 282*4kB (ME) 216*8kB (UME) 182*16kB (UME) 118*32kB (ME) 34*64kB (ME) 7*128kB (ME) 3*256kB (UM) 2*512kB (UM) 2*1024kB (ME) 3*2048kB (UME) 1*4096kB (U) = 26696kB [ 1046.537147] __video_do_ioctl+0x49a/0xcd0 [ 1046.541122] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1046.545398] ? v4l_querycap+0x340/0x340 [ 1046.545412] ? __might_fault+0x192/0x1d0 [ 1046.545430] ? v4l_querycap+0x340/0x340 [ 1046.574542] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1046.578468] video_usercopy+0x13f/0xfa0 [ 1046.582781] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1046.586812] ? v4l_enumstd+0x60/0x60 [ 1046.590786] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1046.595856] ? do_futex+0x171/0x1880 [ 1046.600172] 39914 total pagecache pages [ 1046.604207] ? mark_held_locks+0xf0/0xf0 [ 1046.617418] 0 pages in swap cache [ 1046.621452] ? debug_check_no_obj_freed+0x201/0x490 [ 1046.621474] ? video_usercopy+0xfa0/0xfa0 [ 1046.621489] v4l2_ioctl+0x147/0x1a0 [ 1046.626059] Swap cache stats: add 0, delete 0, find 0/0 [ 1046.641072] ? video_devdata+0xa0/0xa0 [ 1046.641089] do_vfs_ioctl+0xcdb/0x12e0 [ 1046.641104] ? lock_downgrade+0x720/0x720 [ 1046.641118] ? check_preemption_disabled+0x41/0x280 [ 1046.641133] ? ioctl_preallocate+0x200/0x200 [ 1046.644398] Free swap = 0kB [ 1046.655410] ? __fget+0x356/0x510 [ 1046.655423] ? do_dup2+0x450/0x450 [ 1046.655439] ? __se_sys_futex+0x298/0x3b0 [ 1046.659403] Total swap = 0kB [ 1046.676210] ksys_ioctl+0x9b/0xc0 [ 1046.676225] __x64_sys_ioctl+0x6f/0xb0 [ 1046.676243] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 1046.680386] 2097051 pages RAM [ 1046.689189] do_syscall_64+0xf9/0x620 [ 1046.689218] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1046.693161] 0 pages HighMem/MovableOnly [ 1046.697239] RIP: 0033:0x7f2ed42610f9 [ 1046.701310] 369649 pages reserved [ 1046.709854] Code: Bad RIP value. [ 1046.709862] RSP: 002b:00007f2ed27d3168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1046.709879] RAX: ffffffffffffffda RBX: 00007f2ed4380f80 RCX: 00007f2ed42610f9 [ 1046.713842] 0 pages cma reserved [ 1046.722660] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 1046.722667] RBP: 00007f2ed42bcae9 R08: 0000000000000000 R09: 0000000000000000 [ 1046.722674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1046.722681] R13: 00007ffda798718f R14: 00007f2ed27d3300 R15: 0000000000022000 [ 1046.747992] Mem-Info: [ 1046.752081] Unreclaimable slab info: [ 1046.758862] active_anon:15360 inactive_anon:39281 isolated_anon:0 [ 1046.758862] active_file:8 inactive_file:2 isolated_file:0 [ 1046.758862] unevictable:0 dirty:0 writeback:5 unstable:0 [ 1046.758862] slab_reclaimable:13374 slab_unreclaimable:115344 [ 1046.758862] mapped:22200 shmem:39885 pagetables:635 bounce:0 [ 1046.758862] free:13774 free_pcp:1233 free_cma:0 [ 1046.769425] Name Used Total [ 1046.772399] Node 0 active_anon:59448kB inactive_anon:51192kB active_file:48kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52764kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1046.773909] pid_2 12KB 76KB [ 1046.777800] Node 1 active_anon:1992kB inactive_anon:105932kB active_file:8kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:2188kB dirty:0kB writeback:0kB shmem:106776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1046.789903] batadv_tt_change_cache 3KB 7KB [ 1046.795086] Node 0 DMA free:10860kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1046.797891] batadv_tl_cache 8KB 16KB [ 1046.801449] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1046.801476] Node 0 DMA32 free:17548kB min:35996kB low:44992kB high:53988kB active_anon:59356kB inactive_anon:51192kB active_file:52kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7648kB pagetables:2288kB bounce:0kB free_pcp:1924kB local_pcp:664kB free_cma:0kB [ 1046.812191] TIPC 16KB 37KB [ 1046.817394] lowmem_reserve[]: 0 0 1 1 1 [ 1046.817911] SCTPv6 22KB 30KB [ 1046.822526] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1046.830241] DCCPv6 17KB 30KB [ 1046.850536] lowmem_reserve[]: 0 0 0 0 0 [ 1046.865791] DCCP 16KB 35KB [ 1046.877259] Node 1 Normal free:26696kB min:53876kB low:67344kB high:80812kB active_anon:1992kB inactive_anon:105932kB active_file:8kB inactive_file:8kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:352kB pagetables:248kB bounce:0kB free_pcp:3008kB local_pcp:1736kB free_cma:0kB [ 1046.890396] RXRPC 17KB 32KB [ 1046.903949] lowmem_reserve[]: 0 0 0 0 0 [ 1046.945095] rxrpc_call_jar 123KB 141KB [ 1046.986184] Node 0 DMA: 1*4kB (U) 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10860kB [ 1047.012609] bridge_fdb_cache 15KB 27KB [ 1047.012625] fib6_nodes 265KB 268KB [ 1047.012634] ip6_dst_cache 686KB 686KB [ 1047.012647] RAWv6 111KB 128KB [ 1047.012658] UDPv6 41KB 48KB [ 1047.012671] TCPv6 27KB 36KB [ 1047.012689] nf_conntrack 18KB 18KB [ 1047.012752] t10_alua_lu_gp_cache 0KB 3KB [ 1047.012767] sd_ext_cdb 0KB 7KB [ 1047.012776] scsi_sense_cache 1056KB 1060KB [ 1047.012786] virtio_scsi_cmd 16KB 16KB [ 1047.012798] sgpool-128 8KB 8KB [ 1047.012807] sgpool-64 4KB 12KB [ 1047.012816] sgpool-32 2KB 15KB [ 1047.012825] sgpool-16 1KB 7KB [ 1047.012834] sgpool-8 0KB 7KB [ 1047.012851] mqueue_inode_cache 16KB 37KB [ 1047.012865] bio_post_read_ctx 14KB 15KB [ 1047.012936] bio-2 14KB 15KB [ 1047.012945] jfs_mp 7KB 7KB [ 1047.012986] cifs_small_rq 15KB 16KB [ 1047.053522] Node 0 DMA32: 992*4kB (ME) 766*8kB (UME) 257*16kB (UMEH) 42*32kB (UMEH) 3*64kB (UMH) 0*128kB 0*256kB 1*512kB (H) 1*1024kB (H) 0*2048kB 0*4096kB = 17280kB [ 1047.087110] cifs_request 67KB 67KB [ 1047.097734] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1047.123880] cifs_mpx_ids 0KB 7KB [ 1047.142961] Node 1 Normal: 282*4kB (ME) 216*8kB (UME) 182*16kB (UME) 118*32kB (ME) 34*64kB (ME) 7*128kB (ME) 3*256kB (UM) 2*512kB (UM) 2*1024kB (ME) 3*2048kB (UME) 1*4096kB (U) = 26696kB [ 1047.168865] nfs_commit_data 3KB 14KB [ 1047.185443] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1047.193816] nfs_write_data 34KB 44KB [ 1047.211087] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1047.221849] ext4_system_zone 1KB 7KB [ 1047.234175] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1047.245087] bio-1 1KB 7KB [ 1047.263205] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1047.272104] pid_namespace 3KB 11KB [ 1047.284560] 39912 total pagecache pages [ 1047.288733] rpc_buffers 17KB 25KB [ 1047.296810] 0 pages in swap cache [ 1047.303988] rpc_tasks 2KB 7KB [ 1047.320968] Swap cache stats: add 0, delete 0, find 0/0 [ 1047.332766] UNIX 2083KB 2103KB [ 1047.350788] Free swap = 0kB [ 1047.372919] tcp_bind_bucket 1KB 4KB [ 1047.382920] Total swap = 0kB [ 1047.394089] ip_fib_trie 39KB 43KB [ 1047.408640] 2097051 pages RAM [ 1047.414338] ip_fib_alias 187KB 193KB [ 1047.433615] 0 pages HighMem/MovableOnly [ 1047.437189] ip_dst_cache 13KB 20KB [ 1047.437451] 369649 pages reserved [ 1047.442837] RAW 66KB 75KB [ 1047.442847] UDP 60KB 74KB [ 1047.442860] TCP 11KB 22KB [ 1047.442871] hugetlbfs_inode_cache 3KB 15KB [ 1047.461482] 0 pages cma reserved [ 1047.465013] fscache_cookie_jar 1KB 11KB [ 1047.525208] eventpoll_pwq 26KB 43KB [ 1047.530612] eventpoll_epi 47KB 66KB [ 1047.536090] inotify_inode_mark 9KB 39KB [ 1047.544997] request_queue 199KB 199KB [ 1047.550430] blkdev_requests 1KB 3KB [ 1047.555812] blkdev_ioc 18KB 38KB [ 1047.564319] bio-0 571KB 828KB [ 1047.569748] biovec-max 1394KB 1476KB [ 1047.575104] biovec-64 652KB 945KB [ 1047.583658] biovec-16 101KB 153KB [ 1047.589042] bio_integrity_payload 1KB 8KB [ 1047.594862] khugepaged_mm_slot 4KB 31KB [ 1047.603398] uid_cache 0KB 4KB [ 1047.608812] dmaengine-unmap-2 0KB 3KB [ 1047.614184] skbuff_fclone_cache 16KB 60KB [ 1047.625794] skbuff_head_cache 8853KB 8861KB [ 1047.631222] configfs_dir_cache 3KB 7KB [ 1047.636688] file_lock_cache 20KB 75KB [ 1047.647618] file_lock_ctx 9KB 11KB [ 1047.653687] fsnotify_mark_connector 4KB 23KB [ 1047.665772] net_namespace 87KB 87KB [ 1047.671219] shmem_inode_cache 8031KB 8209KB [ 1047.676572] task_delay_info 266KB 367KB [ 1047.687815] taskstats 18KB 65KB [ 1047.693220] proc_dir_entry 995KB 1016KB [ 1047.698573] pde_opener 16KB 34KB [ 1047.710017] seq_file 234KB 468KB [ 1047.715381] sigqueue 40KB 66KB [ 1047.724175] kernfs_node_cache 18240KB 18616KB [ 1047.732995] mnt_cache 243KB 256KB [ 1047.738366] filp 7406KB 7541KB [ 1047.746912] names_cache 106730KB 106789KB [ 1047.755519] iint_cache 26KB 55KB [ 1047.764073] key_jar 23KB 135KB [ 1047.772694] uts_namespace 4KB 11KB [ 1047.778058] nsproxy 3KB 11KB [ 1047.786889] vm_area_struct 2919KB 3669KB [ 1047.795693] mm_struct 466KB 578KB [ 1047.804235] fs_cache 296KB 336KB [ 1047.813238] files_cache 1132KB 1192KB [ 1047.818606] signal_cache 1993KB 2134KB [ 1047.827303] sighand_cache 561KB 631KB [ 1047.836260] task_struct 8919KB 9001KB [ 1047.845146] cred_jar 2436KB 2548KB [ 1047.854100] anon_vma_chain 895KB 1488KB [ 1047.863165] anon_vma 155KB 288KB [ 1047.868545] pid 174KB 224KB [ 1047.877306] Acpi-Operand 156KB 198KB [ 1047.886335] Acpi-ParseExt 9KB 11KB [ 1047.893472] Acpi-Parse 41KB 47KB [ 1047.906040] Acpi-State 52KB 63KB [ 1047.916734] Acpi-Namespace 20KB 27KB [ 1047.935626] numa_policy 0KB 3KB [ 1047.944433] debug_objects_cache 1664KB 1828KB [ 1047.958219] trace_event_file 297KB 298KB [ 1047.967157] ftrace_event_field 398KB 401KB [ 1047.984896] pool_workqueue 150KB 156KB [ 1047.996188] page->ptl 437KB 1000KB [ 1048.007557] kmalloc-2097152 2050KB 2050KB [ 1048.024622] kmalloc-524288 2056KB 2056KB [ 1048.032506] kmalloc-262144 1290KB 1290KB [ 1048.051545] kmalloc-131072 650KB 650KB [ 1048.056926] kmalloc-65536 2904KB 3102KB [ 1048.068054] kmalloc-32768 2310KB 2376KB [ 1048.085514] kmalloc-16384 1435KB 1468KB [ 1048.093279] kmalloc-8192 5948KB 5948KB [ 1048.107904] kmalloc-4096 30693KB 30753KB [ 1048.115610] kmalloc-2048 18542KB 18557KB [ 1048.132254] kmalloc-1024 13918KB 13930KB [ 1048.147441] kmalloc-512 16651KB 17040KB [ 1048.156638] kmalloc-256 5951KB 6030KB [ 1048.173387] kmalloc-128 1396KB 1468KB [ 1048.183136] kmalloc-96 3354KB 4076KB [ 1048.188509] kmalloc-64 2745KB 3872KB [ 1048.205353] kmalloc-32 1952KB 2543KB [ 1048.215270] kmalloc-192 2388KB 2752KB [ 1048.226384] kmem_cache 177KB 183KB [ 1048.236326] Out of memory (oom_kill_allocating_task): Kill process 9298 (systemd-journal) score 0 or sacrifice child [ 1048.253961] Killed process 9298 (systemd-journal) total-vm:46096kB, anon-rss:472kB, file-rss:4kB, shmem-rss:2076kB [ 1048.265699] oom_reaper: reaped process 9298 (systemd-journal), now anon-rss:0kB, file-rss:0kB, shmem-rss:2196kB [ 1048.475091] systemd[1]: systemd-journald.service: Failed with result 'signal'. [ 1048.489349] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 1048.515623] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 1048.535600] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 1048.568914] systemd[1]: Stopped Journal Service. [ 1048.611806] systemd[1]: Starting Journal Service... [ 1048.788756] systemd-journald[10444]: File /run/log/journal/04d8c135ee6b410280ba31a58c89679d/system.journal corrupted or uncleanly shut down, renaming and replacing. [ 1049.226520] systemd[1]: Started Journal Service. 02:40:19 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x8) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:40:19 executing program 2: syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:40:21 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x0, 0x0, 0x0, 0x401], 0x6}}, 0xfffffffa}) 02:40:21 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x0, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:40:21 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x0, 0x0, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:40:21 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x0, 0x6], 0x6}}, 0xfffffffa}) 02:40:21 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x8) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x0, 0x2, 0x4}) 02:40:21 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:40:21 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x8) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) 02:40:21 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:40:21 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x8) 02:40:21 executing program 0: setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x8) 02:40:22 executing program 0: setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x8) 02:40:22 executing program 0: setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x8) [ 1055.331592] ieee802154 phy0 wpan0: encryption failed: -22 [ 1055.337182] ieee802154 phy1 wpan1: encryption failed: -22 [ 1056.599522] oom_reaper: reaped process 10468 (syz-executor.3), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 1056.640039] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1056.657829] in:imklog cpuset=/ mems_allowed=0-1 [ 1056.662610] CPU: 0 PID: 9325 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 1056.669965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1056.679316] Call Trace: [ 1056.681908] dump_stack+0x1fc/0x2ef [ 1056.685543] dump_header+0x15d/0xc3f [ 1056.689267] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1056.694364] ? ___ratelimit+0x319/0x590 [ 1056.698344] oom_kill_process.cold+0x10/0x692 [ 1056.702840] ? check_preemption_disabled+0x41/0x280 [ 1056.707854] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1056.713131] out_of_memory+0x1072/0x1390 [ 1056.717212] ? oom_killer_disable+0x270/0x270 [ 1056.721709] ? mutex_trylock+0x15f/0x1a0 [ 1056.725776] __alloc_pages_nodemask+0x23a2/0x2890 [ 1056.730632] ? find_get_entry+0x4cd/0x8a0 [ 1056.734781] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1056.739622] alloc_pages_current+0x193/0x2a0 [ 1056.744012] filemap_fault+0x146e/0x2180 [ 1056.748062] ext4_filemap_fault+0x84/0xb0 [ 1056.752195] __do_fault+0x10b/0x4b0 [ 1056.755806] __handle_mm_fault+0x273b/0x41c0 [ 1056.760198] ? vm_insert_page+0x9c0/0x9c0 [ 1056.764337] ? lock_downgrade+0x720/0x720 [ 1056.768470] ? check_preemption_disabled+0x41/0x280 [ 1056.773485] handle_mm_fault+0x436/0xb10 [ 1056.777528] __do_page_fault+0x68e/0xd60 [ 1056.781575] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1056.786580] ? spurious_fault+0x840/0x840 [ 1056.790712] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1056.795537] ? page_fault+0x8/0x30 [ 1056.799058] page_fault+0x1e/0x30 [ 1056.802497] RIP: 0033:0x7f5cdfb7322d [ 1056.806192] Code: Bad RIP value. [ 1056.809554] RSP: 002b:00007f5cdd50f580 EFLAGS: 00010293 [ 1056.814912] RAX: 0000000000000077 RBX: 0000000000000000 RCX: 00007f5cdfb7322d [ 1056.822170] RDX: 0000000000001fa0 RSI: 00007f5cdd50fda0 RDI: 0000000000000004 [ 1056.829431] RBP: 000055b48807a9d0 R08: 0000000000000000 R09: 0000000000000000 [ 1056.836685] R10: 2ce33e6c02ce33e7 R11: 0000000000000293 R12: 00007f5cdd50fda0 [ 1056.843939] R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f5cdd50fe20 [ 1056.858865] syz-executor.3: vmalloc: allocation failure, allocated 1670144000 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 1056.872747] Mem-Info: [ 1056.874870] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 1056.875171] active_anon:15793 inactive_anon:41312 isolated_anon:0 [ 1056.875171] active_file:11 inactive_file:11 isolated_file:0 [ 1056.875171] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1056.875171] slab_reclaimable:13314 slab_unreclaimable:115537 [ 1056.875171] mapped:21971 shmem:41932 pagetables:628 bounce:0 [ 1056.875171] free:14013 free_pcp:1479 free_cma:0 [ 1056.884796] CPU: 0 PID: 10468 Comm: syz-executor.3 Not tainted 4.19.211-syzkaller #0 [ 1056.913663] Node 0 active_anon:61000kB inactive_anon:51188kB active_file:36kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1056.921488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1056.921493] Call Trace: [ 1056.921512] dump_stack+0x1fc/0x2ef [ 1056.921531] warn_alloc.cold+0x7b/0x18f [ 1056.949121] Node 1 active_anon:2172kB inactive_anon:114060kB active_file:8kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1376kB dirty:0kB writeback:0kB shmem:114968kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1056.958430] ? zone_watermark_ok_safe+0x260/0x260 [ 1056.958447] ? retint_kernel+0x2d/0x2d [ 1056.961000] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1056.964616] ? policy_node+0x116/0x140 [ 1056.968572] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1056.995614] __vmalloc_area_node+0x4fd/0x780 [ 1056.995637] ? __vmalloc_node_range+0x180/0x180 [ 1057.000469] Node 0 DMA32 free:18124kB min:35996kB low:44992kB high:53988kB active_anon:61000kB inactive_anon:51188kB active_file:36kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7648kB pagetables:2256kB bounce:0kB free_pcp:3048kB local_pcp:1360kB free_cma:0kB [ 1057.004325] ? _raw_spin_unlock+0x29/0x40 [ 1057.030422] lowmem_reserve[]: 0 0 1 1 1 [ 1057.034280] ? __get_vm_area_node+0x2e2/0x3a0 [ 1057.039277] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1057.043657] __vmalloc_node_range+0xed/0x180 [ 1057.048310] lowmem_reserve[]: 0 0 0 0 0 [ 1057.077335] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 1057.077348] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 1057.077384] vmalloc_user+0x70/0xe0 [ 1057.081497] Node 1 Normal free:27048kB min:53876kB low:67344kB high:80812kB active_anon:2172kB inactive_anon:114060kB active_file:8kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:352kB pagetables:256kB bounce:0kB free_pcp:2868kB local_pcp:1564kB free_cma:0kB [ 1057.085444] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 1057.089925] lowmem_reserve[]: 0 0 0 0 0 [ 1057.115753] vb2_vmalloc_alloc+0xb3/0x2f0 [ 1057.115768] __vb2_queue_alloc+0x472/0xe60 [ 1057.115794] vb2_core_create_bufs+0x273/0x7e0 [ 1057.120191] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 1057.124134] ? __vb2_queue_free+0x870/0x870 [ 1057.128443] Node 0 DMA32: 971*4kB (UME) 730*8kB (UME) 249*16kB (UME) 50*32kB (UME) 12*64kB (UM) 6*128kB (M) 3*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 18124kB [ 1057.133773] ? mutex_trylock+0x1a0/0x1a0 [ 1057.137376] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1057.166158] ? __video_do_ioctl+0x632/0xcd0 [ 1057.166180] vb2_create_bufs+0x332/0x620 [ 1057.170485] Node 1 Normal: 266*4kB (UME) 182*8kB (UME) 145*16kB (ME) 66*32kB (UME) 10*64kB (UME) 4*128kB (ME) 0*256kB 1*512kB (M) 2*1024kB (UE) 2*2048kB (UE) 3*4096kB (U) = 27048kB [ 1057.174538] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 1057.178680] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1057.182874] ? __video_do_ioctl+0x632/0xcd0 [ 1057.187339] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1057.200490] ? mutex_trylock+0x1a0/0x1a0 [ 1057.200504] ? mark_held_locks+0xf0/0xf0 [ 1057.200524] vb2_ioctl_create_bufs+0x20d/0x360 [ 1057.204825] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1057.219980] ? memset+0x20/0x40 [ 1057.219995] v4l_create_bufs+0xb2/0x160 [ 1057.220012] __video_do_ioctl+0x49a/0xcd0 [ 1057.224047] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1057.235036] ? v4l_querycap+0x340/0x340 [ 1057.235055] ? __might_fault+0x192/0x1d0 [ 1057.239378] 41954 total pagecache pages [ 1057.243403] ? v4l_querycap+0x340/0x340 [ 1057.259624] 0 pages in swap cache [ 1057.264688] video_usercopy+0x13f/0xfa0 [ 1057.273510] Swap cache stats: add 0, delete 0, find 0/0 [ 1057.277801] ? v4l_enumstd+0x60/0x60 [ 1057.286361] Free swap = 0kB [ 1057.290387] ? do_futex+0x171/0x1880 [ 1057.290401] ? mark_held_locks+0xf0/0xf0 [ 1057.290418] ? debug_check_no_obj_freed+0x201/0x490 [ 1057.294447] Total swap = 0kB [ 1057.299020] ? video_usercopy+0xfa0/0xfa0 [ 1057.299034] v4l2_ioctl+0x147/0x1a0 [ 1057.307846] 2097051 pages RAM [ 1057.311111] ? video_devdata+0xa0/0xa0 [ 1057.311126] do_vfs_ioctl+0xcdb/0x12e0 [ 1057.311142] ? lock_downgrade+0x720/0x720 [ 1057.315086] 0 pages HighMem/MovableOnly [ 1057.319220] ? check_preemption_disabled+0x41/0x280 [ 1057.319232] ? ioctl_preallocate+0x200/0x200 [ 1057.319248] ? __fget+0x356/0x510 [ 1057.327792] 369649 pages reserved [ 1057.331752] ? do_dup2+0x450/0x450 [ 1057.331765] ? __se_sys_futex+0x298/0x3b0 [ 1057.331786] ksys_ioctl+0x9b/0xc0 [ 1057.335900] 0 pages cma reserved [ 1057.339859] __x64_sys_ioctl+0x6f/0xb0 [ 1057.339875] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 1057.343814] Unreclaimable slab info: [ 1057.347248] do_syscall_64+0xf9/0x620 [ 1057.351212] Name Used Total [ 1057.356556] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1057.360291] pid_2 13KB 76KB [ 1057.363281] RIP: 0033:0x7efd715130f9 [ 1057.367029] batadv_tt_change_cache 3KB 7KB [ 1057.371015] Code: Bad RIP value. [ 1057.371023] RSP: 002b:00007efd6fa85168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1057.371040] RAX: ffffffffffffffda RBX: 00007efd71632f80 RCX: 00007efd715130f9 [ 1057.376032] batadv_tl_cache 8KB 16KB [ 1057.379024] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 1057.379031] RBP: 00007efd7156eae9 R08: 0000000000000000 R09: 0000000000000000 [ 1057.379038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1057.379044] R13: 00007ffd6a1b3f0f R14: 00007efd6fa85300 R15: 0000000000022000 [ 1057.397080] Mem-Info: [ 1057.412105] TIPC 16KB 37KB [ 1057.429930] active_anon:15793 inactive_anon:41312 isolated_anon:0 [ 1057.429930] active_file:11 inactive_file:11 isolated_file:0 [ 1057.429930] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1057.429930] slab_reclaimable:13314 slab_unreclaimable:115537 [ 1057.429930] mapped:21971 shmem:41932 pagetables:628 bounce:0 [ 1057.429930] free:14013 free_pcp:1466 free_cma:0 [ 1057.430620] SCTPv6 22KB 30KB [ 1057.433984] Node 0 active_anon:61000kB inactive_anon:51188kB active_file:36kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52760kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1057.437316] DCCPv6 17KB 30KB [ 1057.444451] Node 1 active_anon:2172kB inactive_anon:114060kB active_file:8kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1376kB dirty:0kB writeback:0kB shmem:114968kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1057.447976] DCCP 16KB 35KB [ 1057.461621] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1057.467534] RXRPC 17KB 32KB [ 1057.472487] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1057.473739] rxrpc_call_jar 123KB 141KB [ 1057.485295] Node 0 DMA32 free:18124kB min:35996kB low:44992kB high:53988kB active_anon:61000kB inactive_anon:51188kB active_file:36kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7648kB pagetables:2256kB bounce:0kB free_pcp:2988kB local_pcp:1636kB free_cma:0kB [ 1057.495064] bridge_fdb_cache 15KB 27KB [ 1057.507524] lowmem_reserve[]: 0 0 1 1 1 [ 1057.515222] fib6_nodes 261KB 268KB [ 1057.517912] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1057.536913] ip6_dst_cache 708KB 708KB [ 1057.550355] lowmem_reserve[]: 0 0 0 0 0 [ 1057.579959] RAWv6 111KB 128KB [ 1057.591289] Node 1 Normal free:27048kB min:53876kB low:67344kB high:80812kB active_anon:2172kB inactive_anon:114060kB active_file:8kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:352kB pagetables:256kB bounce:0kB free_pcp:2868kB local_pcp:1304kB free_cma:0kB [ 1057.613157] UDPv6 41KB 48KB [ 1057.622411] lowmem_reserve[]: 0 0 0 0 0 [ 1057.641077] TCPv6 30KB 36KB [ 1057.665909] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 1057.674698] nf_conntrack 16KB 18KB [ 1057.691281] Node 0 DMA32: 971*4kB (UME) 731*8kB (UME) 249*16kB (UME) 50*32kB (UME) 12*64kB (UM) 6*128kB (M) 3*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 18132kB [ 1057.721758] t10_alua_lu_gp_cache 0KB 3KB [ 1057.731759] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1057.732637] sd_ext_cdb 0KB 7KB [ 1057.767306] Node 1 Normal: 266*4kB (UME) 182*8kB (UME) 145*16kB (ME) 66*32kB (UME) 10*64kB (UME) 4*128kB (ME) 0*256kB 1*512kB (M) 2*1024kB (UE) 2*2048kB (UE) 3*4096kB (U) = 27048kB [ 1057.773404] scsi_sense_cache 1056KB 1060KB [ 1057.809655] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1057.817657] virtio_scsi_cmd 16KB 16KB [ 1057.837688] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1057.853274] sgpool-128 8KB 8KB [ 1057.867463] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1057.875687] sgpool-64 4KB 12KB [ 1057.900829] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1057.906847] sgpool-32 2KB 15KB [ 1057.913827] 41954 total pagecache pages [ 1057.917646] sgpool-16 1KB 7KB [ 1057.934763] 0 pages in swap cache [ 1057.940721] sgpool-8 0KB 7KB [ 1057.945901] Swap cache stats: add 0, delete 0, find 0/0 [ 1057.954778] mqueue_inode_cache 10KB 30KB [ 1057.968910] Free swap = 0kB [ 1057.972853] bio_post_read_ctx 14KB 15KB [ 1057.974834] Total swap = 0kB [ 1057.980376] bio-2 14KB 15KB [ 1057.994224] 2097051 pages RAM [ 1057.997954] jfs_mp 7KB 7KB [ 1058.002557] 0 pages HighMem/MovableOnly [ 1058.005603] cifs_small_rq 15KB 16KB [ 1058.017556] cifs_request 67KB 67KB [ 1058.020825] 369649 pages reserved [ 1058.022950] cifs_mpx_ids 0KB 7KB [ 1058.026351] 0 pages cma reserved [ 1058.035278] nfs_commit_data 3KB 14KB [ 1058.040730] nfs_write_data 34KB 44KB [ 1058.046118] ext4_system_zone 1KB 7KB [ 1058.054618] bio-1 1KB 7KB [ 1058.060023] pid_namespace 3KB 11KB [ 1058.065392] rpc_buffers 17KB 25KB [ 1058.073959] rpc_tasks 2KB 7KB [ 1058.079378] UNIX 1974KB 2058KB [ 1058.084754] tcp_bind_bucket 1KB 4KB [ 1058.093501] ip_fib_trie 38KB 43KB [ 1058.098930] ip_fib_alias 184KB 193KB [ 1058.104293] ip_dst_cache 11KB 20KB [ 1058.112973] RAW 66KB 75KB [ 1058.118379] UDP 57KB 74KB [ 1058.123745] TCP 11KB 16KB [ 1058.132449] hugetlbfs_inode_cache 3KB 15KB [ 1058.138194] fscache_cookie_jar 1KB 11KB [ 1058.143639] eventpoll_pwq 27KB 43KB [ 1058.152104] eventpoll_epi 51KB 66KB [ 1058.157468] inotify_inode_mark 17KB 39KB [ 1058.166283] request_queue 199KB 199KB [ 1058.175111] blkdev_requests 1KB 3KB [ 1058.184061] blkdev_ioc 20KB 38KB [ 1058.192608] bio-0 420KB 697KB [ 1058.201474] biovec-max 1402KB 1452KB [ 1058.206858] biovec-64 414KB 756KB [ 1058.215794] biovec-16 95KB 146KB [ 1058.224596] bio_integrity_payload 1KB 8KB [ 1058.233799] khugepaged_mm_slot 4KB 31KB [ 1058.242719] uid_cache 0KB 4KB [ 1058.251398] dmaengine-unmap-2 0KB 3KB [ 1058.256783] skbuff_fclone_cache 30KB 52KB [ 1058.265525] skbuff_head_cache 7998KB 8006KB [ 1058.273997] configfs_dir_cache 3KB 7KB [ 1058.282828] file_lock_cache 31KB 75KB [ 1058.291190] file_lock_ctx 9KB 11KB [ 1058.296568] fsnotify_mark_connector 7KB 19KB [ 1058.305510] net_namespace 87KB 87KB [ 1058.313831] shmem_inode_cache 8031KB 8197KB [ 1058.322486] task_delay_info 257KB 367KB [ 1058.327845] taskstats 20KB 65KB [ 1058.336341] proc_dir_entry 958KB 993KB [ 1058.344994] pde_opener 15KB 34KB [ 1058.353512] seq_file 226KB 468KB [ 1058.365956] sigqueue 52KB 66KB [ 1058.374806] kernfs_node_cache 18230KB 18616KB [ 1058.386243] mnt_cache 184KB 232KB [ 1058.394972] filp 7350KB 7612KB [ 1058.406606] names_cache 108817KB 108876KB [ 1058.415263] iint_cache 24KB 55KB [ 1058.426697] key_jar 23KB 135KB [ 1058.435532] uts_namespace 2KB 7KB [ 1058.447000] nsproxy 2KB 11KB [ 1058.456274] vm_area_struct 2915KB 3642KB [ 1058.467700] mm_struct 468KB 578KB [ 1058.476549] fs_cache 289KB 336KB [ 1058.488928] files_cache 1087KB 1181KB [ 1058.494305] signal_cache 1975KB 2134KB [ 1058.502990] sighand_cache 555KB 624KB [ 1058.515290] task_struct 8957KB 8989KB [ 1058.524075] cred_jar 2346KB 2548KB [ 1058.537941] anon_vma_chain 885KB 1488KB [ 1058.543425] anon_vma 139KB 288KB [ 1058.558629] pid 172KB 224KB [ 1058.564010] Acpi-Operand 156KB 198KB [ 1058.575926] Acpi-ParseExt 9KB 11KB [ 1058.584926] Acpi-Parse 41KB 47KB [ 1058.596997] Acpi-State 52KB 63KB [ 1058.605671] Acpi-Namespace 20KB 27KB [ 1058.617706] numa_policy 0KB 3KB [ 1058.626320] debug_objects_cache 1661KB 1828KB [ 1058.638248] trace_event_file 297KB 298KB [ 1058.643704] ftrace_event_field 398KB 401KB [ 1058.655287] pool_workqueue 141KB 152KB [ 1058.664000] page->ptl 433KB 1000KB [ 1058.675671] kmalloc-2097152 2050KB 2050KB [ 1058.684094] kmalloc-524288 2056KB 2056KB [ 1058.696638] kmalloc-262144 1290KB 1290KB [ 1058.702838] kmalloc-131072 650KB 650KB [ 1058.708785] kmalloc-65536 2904KB 2970KB [ 1058.714249] kmalloc-32768 2310KB 2310KB [ 1058.719643] kmalloc-16384 1435KB 1468KB [ 1058.725053] kmalloc-8192 5915KB 5915KB [ 1058.730498] kmalloc-4096 31012KB 31033KB [ 1058.736489] kmalloc-2048 18557KB 18589KB [ 1058.741917] kmalloc-1024 13822KB 13946KB [ 1058.747344] kmalloc-512 15161KB 15378KB [ 1058.752757] kmalloc-256 5956KB 6030KB [ 1058.758693] kmalloc-128 1386KB 1468KB [ 1058.764504] kmalloc-96 3212KB 4076KB [ 1058.770570] kmalloc-64 2749KB 3872KB [ 1058.776275] kmalloc-32 1922KB 2543KB [ 1058.782089] kmalloc-192 2338KB 2748KB [ 1058.788051] kmem_cache 177KB 183KB [ 1058.793890] Out of memory (oom_kill_allocating_task): Kill process 9325 (in:imklog) score 0 or sacrifice child [ 1058.804675] Killed process 9299 (rsyslogd) total-vm:254332kB, anon-rss:756kB, file-rss:0kB, shmem-rss:0kB [ 1058.816404] oom_reaper: reaped process 9299 (rsyslogd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 02:40:29 executing program 0: socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x8) 02:40:29 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x0, {0x0, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:40:29 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:40:32 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x0, 0x0, 0x0, 0x401], 0x6}}, 0xfffffffa}) 02:40:32 executing program 0: socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x8) 02:40:32 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:40:32 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0) 02:40:32 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x0, 0x0, 0x6], 0x6}}, 0xfffffffa}) 02:40:32 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x0, {0x0, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:40:32 executing program 0: socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x1, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x8) 02:40:32 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 02:40:32 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 02:40:32 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 02:40:32 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000), 0x0) 02:40:32 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000), 0x0) [ 1067.147927] oom_reaper: reaped process 10519 (syz-executor.1), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 1067.222679] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1067.245090] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1067.256200] CPU: 1 PID: 8081 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 1067.263660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1067.273009] Call Trace: [ 1067.275603] dump_stack+0x1fc/0x2ef [ 1067.279244] dump_header+0x15d/0xc3f [ 1067.282943] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1067.288039] ? ___ratelimit+0x319/0x590 [ 1067.292024] oom_kill_process.cold+0x10/0x692 [ 1067.293491] syz-executor.1: vmalloc: allocation failure, allocated 1680011264 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 1067.296533] ? check_preemption_disabled+0x41/0x280 [ 1067.315468] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1067.316669] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 1067.320740] out_of_memory+0x1072/0x1390 [ 1067.320759] ? oom_killer_disable+0x270/0x270 [ 1067.320775] ? mutex_trylock+0x15f/0x1a0 [ 1067.320791] __alloc_pages_nodemask+0x23a2/0x2890 [ 1067.320809] ? find_get_entry+0x4cd/0x8a0 [ 1067.347404] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1067.352270] alloc_pages_current+0x193/0x2a0 [ 1067.356688] filemap_fault+0x146e/0x2180 [ 1067.360743] ext4_filemap_fault+0x84/0xb0 [ 1067.364875] __do_fault+0x10b/0x4b0 [ 1067.368494] __handle_mm_fault+0x273b/0x41c0 [ 1067.372908] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1067.378000] ? vm_insert_page+0x9c0/0x9c0 [ 1067.382254] ? check_preemption_disabled+0x41/0x280 [ 1067.387263] handle_mm_fault+0x436/0xb10 [ 1067.391337] __do_page_fault+0x68e/0xd60 [ 1067.395397] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1067.400406] ? spurious_fault+0x840/0x840 [ 1067.404543] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1067.409380] ? page_fault+0x8/0x30 [ 1067.412917] page_fault+0x1e/0x30 [ 1067.416362] RIP: 0033:0x46703d [ 1067.419541] Code: Bad RIP value. [ 1067.422890] RSP: 002b:000000c00005ff10 EFLAGS: 00010202 [ 1067.428252] RAX: 0000000000000000 RBX: 0000000000002710 RCX: 000000000046703d [ 1067.435509] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000c00005ff10 [ 1067.442863] RBP: 000000c00005ff20 R08: 00000000000329d1 R09: 00000112238c070b [ 1067.450121] R10: 0004c6117729c3ae R11: 0000000000000202 R12: 000000c00005ff10 [ 1067.457378] R13: 000000c0006c8800 R14: 000000c0000004e0 R15: 00007f1ca264e834 [ 1067.464645] CPU: 0 PID: 10519 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 1067.469700] Mem-Info: [ 1067.472528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1067.474939] active_anon:15796 inactive_anon:41312 isolated_anon:0 [ 1067.474939] active_file:29 inactive_file:0 isolated_file:0 [ 1067.474939] unevictable:0 dirty:20 writeback:0 unstable:0 [ 1067.474939] slab_reclaimable:13457 slab_unreclaimable:114422 [ 1067.474939] mapped:22001 shmem:41932 pagetables:628 bounce:0 [ 1067.474939] free:13820 free_pcp:182 free_cma:0 [ 1067.484249] Call Trace: [ 1067.484266] dump_stack+0x1fc/0x2ef [ 1067.484297] warn_alloc.cold+0x7b/0x18f [ 1067.519329] Node 0 active_anon:60080kB inactive_anon:51184kB active_file:76kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86528kB dirty:64kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 18432kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1067.520104] ? zone_watermark_ok_safe+0x260/0x260 [ 1067.523720] Node 1 active_anon:3104kB inactive_anon:114064kB active_file:40kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1476kB dirty:16kB writeback:0kB shmem:114972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1067.527681] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1067.527698] ? retint_kernel+0x2d/0x2d [ 1067.527725] __vmalloc_area_node+0x4fd/0x780 [ 1067.555505] Node 0 DMA free:10884kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1067.560196] ? __vmalloc_node_range+0x180/0x180 [ 1067.560214] ? _raw_spin_unlock+0x29/0x40 [ 1067.587438] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1067.592164] ? __get_vm_area_node+0x2e2/0x3a0 [ 1067.592182] __vmalloc_node_range+0xed/0x180 [ 1067.592197] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 1067.592209] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 1067.592220] vmalloc_user+0x70/0xe0 [ 1067.592231] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 1067.592244] vb2_vmalloc_alloc+0xb3/0x2f0 [ 1067.592258] __vb2_queue_alloc+0x472/0xe60 [ 1067.592281] vb2_core_create_bufs+0x273/0x7e0 [ 1067.592296] ? __vb2_queue_free+0x870/0x870 [ 1067.592311] ? mutex_trylock+0x1a0/0x1a0 [ 1067.592324] ? __video_do_ioctl+0x632/0xcd0 [ 1067.592343] vb2_create_bufs+0x332/0x620 [ 1067.592359] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 1067.592372] ? __video_do_ioctl+0x632/0xcd0 [ 1067.592383] ? mutex_trylock+0x1a0/0x1a0 [ 1067.592398] ? mark_held_locks+0xf0/0xf0 [ 1067.592417] vb2_ioctl_create_bufs+0x20d/0x360 [ 1067.592430] ? memset+0x20/0x40 [ 1067.592447] v4l_create_bufs+0xb2/0x160 [ 1067.592464] __video_do_ioctl+0x49a/0xcd0 [ 1067.592484] ? v4l_querycap+0x340/0x340 [ 1067.592501] ? __might_fault+0x192/0x1d0 [ 1067.592517] ? v4l_querycap+0x340/0x340 [ 1067.592543] video_usercopy+0x13f/0xfa0 [ 1067.592561] ? v4l_enumstd+0x60/0x60 [ 1067.592574] ? do_futex+0x171/0x1880 [ 1067.592587] ? mark_held_locks+0xf0/0xf0 [ 1067.592604] ? debug_check_no_obj_freed+0x201/0x490 [ 1067.592623] ? video_usercopy+0xfa0/0xfa0 [ 1067.592634] v4l2_ioctl+0x147/0x1a0 [ 1067.592645] ? video_devdata+0xa0/0xa0 [ 1067.592658] do_vfs_ioctl+0xcdb/0x12e0 [ 1067.592677] ? lock_downgrade+0x720/0x720 [ 1067.592691] ? check_preemption_disabled+0x41/0x280 [ 1067.592703] ? ioctl_preallocate+0x200/0x200 [ 1067.592719] ? __fget+0x356/0x510 [ 1067.592733] ? do_dup2+0x450/0x450 [ 1067.592746] ? __se_sys_futex+0x298/0x3b0 [ 1067.592765] ksys_ioctl+0x9b/0xc0 [ 1067.592779] __x64_sys_ioctl+0x6f/0xb0 [ 1067.592792] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 1067.592805] do_syscall_64+0xf9/0x620 [ 1067.592820] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1067.592831] RIP: 0033:0x7f2ed42610f9 [ 1067.592843] Code: Bad RIP value. [ 1067.592849] RSP: 002b:00007f2ed27d3168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1067.592860] RAX: ffffffffffffffda RBX: 00007f2ed4380f80 RCX: 00007f2ed42610f9 [ 1067.592867] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 1067.592875] RBP: 00007f2ed42bcae9 R08: 0000000000000000 R09: 0000000000000000 [ 1067.592881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1067.592888] R13: 00007ffda798718f R14: 00007f2ed27d3300 R15: 0000000000022000 [ 1067.601312] Mem-Info: [ 1067.612659] Node 0 DMA32 free:17844kB min:35996kB low:44992kB high:53988kB active_anon:60080kB inactive_anon:51184kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:164kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7552kB pagetables:2176kB bounce:0kB free_pcp:452kB local_pcp:216kB free_cma:0kB [ 1067.632782] active_anon:15796 inactive_anon:41312 isolated_anon:0 [ 1067.632782] active_file:29 inactive_file:0 isolated_file:0 [ 1067.632782] unevictable:0 dirty:20 writeback:0 unstable:0 [ 1067.632782] slab_reclaimable:13457 slab_unreclaimable:114422 [ 1067.632782] mapped:22001 shmem:41932 pagetables:628 bounce:0 [ 1067.632782] free:13820 free_pcp:175 free_cma:0 [ 1067.642860] lowmem_reserve[]: 0 0 1 1 1 [ 1067.643609] Node 0 active_anon:60080kB inactive_anon:51184kB active_file:76kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86528kB dirty:64kB writeback:0kB shmem:52756kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 18432kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1067.648410] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1067.655112] Node 1 active_anon:3104kB inactive_anon:114064kB active_file:40kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1476kB dirty:16kB writeback:0kB shmem:114972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1067.657022] lowmem_reserve[]: 0 0 0 0 0 [ 1067.663414] Node 0 DMA free:10884kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1067.677260] Node 1 Normal free:26544kB min:53876kB low:67344kB high:80812kB active_anon:3104kB inactive_anon:114064kB active_file:0kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:336kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 1067.681670] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1067.683206] lowmem_reserve[]: 0 0 0 0 0 [ 1067.687549] Node 0 DMA32 free:17844kB min:35996kB low:44992kB high:53988kB active_anon:60080kB inactive_anon:51184kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:164kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7552kB pagetables:2176kB bounce:0kB free_pcp:452kB local_pcp:236kB free_cma:0kB [ 1067.687579] lowmem_reserve[]: 0 0 1 1 1 [ 1067.687597] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1067.687643] lowmem_reserve[]: 0 0 0 0 0 [ 1067.702902] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10884kB [ 1067.708262] Node 1 Normal free:26544kB min:53876kB low:67344kB high:80812kB active_anon:3104kB inactive_anon:114064kB active_file:0kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:448kB pagetables:336kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 1067.712688] Node 0 DMA32: 1163*4kB (UME) 789*8kB (ME) 274*16kB (ME) 46*32kB (UME) 4*64kB (UME) 4*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17844kB [ 1067.717271] lowmem_reserve[]: 0 0 0 0 0 [ 1067.720557] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1067.722195] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10884kB [ 1067.725425] Node 1 Normal: 248*4kB (ME) 215*8kB (UME) 171*16kB (ME) 91*32kB (UME) 24*64kB (UME) 8*128kB (UME) 2*256kB (M) 0*512kB 3*1024kB (UME) 2*2048kB (ME) 2*4096kB (U) = 26792kB [ 1067.737952] Node 0 DMA32: 1163*4kB (UME) 789*8kB (ME) 274*16kB (ME) 46*32kB (UME) 4*64kB (UME) 4*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17844kB [ 1067.747573] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1067.753054] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1067.756796] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1067.757146] Node 1 Normal: 248*4kB (ME) 215*8kB (UME) 171*16kB (ME) 91*32kB (UME) 24*64kB (UME) 8*128kB (UME) 2*256kB (M) 0*512kB 3*1024kB (UME) 2*2048kB (ME) 2*4096kB (U) = 26792kB [ 1067.767779] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1067.773226] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1067.774048] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1067.777938] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1067.777947] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1067.777955] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1067.777960] 41947 total pagecache pages [ 1067.777972] 0 pages in swap cache [ 1067.777979] Swap cache stats: add 0, delete 0, find 0/0 [ 1067.777983] Free swap = 0kB [ 1067.777988] Total swap = 0kB [ 1067.777995] 2097051 pages RAM [ 1067.777999] 0 pages HighMem/MovableOnly [ 1067.778003] 369649 pages reserved [ 1067.778007] 0 pages cma reserved [ 1068.127224] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1068.127269] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1068.127283] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1068.127310] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1068.127329] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1068.127352] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1068.127371] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1068.127409] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1068.127449] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1068.127492] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1068.474613] 41955 total pagecache pages [ 1068.495840] 0 pages in swap cache [ 1068.503246] Swap cache stats: add 0, delete 0, find 0/0 [ 1068.527170] Free swap = 0kB [ 1068.530210] Total swap = 0kB [ 1068.533227] 2097051 pages RAM [ 1068.536322] 0 pages HighMem/MovableOnly [ 1068.559109] 369649 pages reserved [ 1068.562575] 0 pages cma reserved [ 1068.565945] Unreclaimable slab info: [ 1068.574445] Name Used Total [ 1068.598341] pid_2 15KB 76KB [ 1068.603782] batadv_tt_change_cache 3KB 7KB [ 1068.626585] batadv_tl_cache 8KB 16KB [ 1068.636517] TIPC 15KB 37KB [ 1068.663438] SCTPv6 22KB 30KB [ 1068.679598] DCCPv6 17KB 30KB [ 1068.686013] DCCP 16KB 35KB [ 1068.699736] RXRPC 16KB 32KB [ 1068.706173] rxrpc_call_jar 112KB 141KB [ 1068.717026] bridge_fdb_cache 15KB 27KB [ 1068.724786] fib6_nodes 258KB 268KB [ 1068.736515] ip6_dst_cache 746KB 746KB [ 1068.743508] RAWv6 111KB 128KB [ 1068.753868] UDPv6 39KB 48KB [ 1068.760614] TCPv6 24KB 36KB [ 1068.775273] nf_conntrack 17KB 18KB [ 1068.782945] t10_alua_lu_gp_cache 0KB 3KB [ 1068.793532] sd_ext_cdb 0KB 7KB [ 1068.800991] scsi_sense_cache 1056KB 1060KB [ 1068.819695] virtio_scsi_cmd 16KB 16KB [ 1068.830945] sgpool-128 8KB 8KB [ 1068.836315] sgpool-64 4KB 12KB [ 1068.871204] sgpool-32 2KB 15KB [ 1068.876577] sgpool-16 1KB 7KB [ 1068.912398] sgpool-8 0KB 7KB [ 1068.917950] mqueue_inode_cache 10KB 30KB [ 1068.923401] bio_post_read_ctx 14KB 15KB [ 1068.934520] bio-2 14KB 15KB [ 1068.940155] jfs_mp 7KB 7KB [ 1068.945613] cifs_small_rq 15KB 16KB [ 1068.955738] cifs_request 67KB 67KB [ 1068.961470] cifs_mpx_ids 0KB 7KB [ 1068.966859] nfs_commit_data 3KB 14KB [ 1068.988339] nfs_write_data 34KB 44KB [ 1068.993751] ext4_system_zone 1KB 7KB [ 1069.001059] bio-1 1KB 7KB [ 1069.006434] pid_namespace 2KB 7KB [ 1069.012700] rpc_buffers 17KB 25KB [ 1069.018776] rpc_tasks 2KB 7KB [ 1069.024142] UNIX 1974KB 2043KB [ 1069.032314] tcp_bind_bucket 1KB 4KB [ 1069.038213] ip_fib_trie 37KB 43KB [ 1069.043579] ip_fib_alias 182KB 193KB [ 1069.049797] ip_dst_cache 11KB 20KB [ 1069.055161] RAW 66KB 75KB [ 1069.062475] UDP 57KB 74KB [ 1069.068285] TCP 8KB 22KB [ 1069.073649] hugetlbfs_inode_cache 3KB 15KB [ 1069.080265] fscache_cookie_jar 1KB 11KB [ 1069.085718] eventpoll_pwq 25KB 43KB [ 1069.091937] eventpoll_epi 45KB 66KB [ 1069.097837] inotify_inode_mark 14KB 39KB [ 1069.103290] request_queue 199KB 199KB [ 1069.109510] blkdev_requests 1KB 3KB [ 1069.114874] blkdev_ioc 19KB 38KB [ 1069.121210] bio-0 587KB 686KB [ 1069.126660] biovec-max 1460KB 1501KB [ 1069.134605] biovec-64 583KB 748KB [ 1069.140577] biovec-16 114KB 146KB [ 1069.145951] bio_integrity_payload 1KB 8KB [ 1069.152551] khugepaged_mm_slot 3KB 31KB [ 1069.158718] uid_cache 0KB 4KB [ 1069.164090] dmaengine-unmap-2 0KB 3KB [ 1069.170273] skbuff_fclone_cache 40KB 45KB [ 1069.175813] skbuff_head_cache 8745KB 8857KB [ 1069.182242] configfs_dir_cache 3KB 7KB [ 1069.188447] file_lock_cache 44KB 75KB [ 1069.193817] file_lock_ctx 9KB 11KB [ 1069.200380] fsnotify_mark_connector 7KB 19KB [ 1069.206268] net_namespace 87KB 87KB [ 1069.212866] shmem_inode_cache 8071KB 8197KB [ 1069.219250] task_delay_info 262KB 367KB [ 1069.224769] taskstats 25KB 65KB [ 1069.233558] proc_dir_entry 951KB 993KB [ 1069.240148] pde_opener 16KB 34KB [ 1069.245752] seq_file 262KB 468KB [ 1069.252880] sigqueue 59KB 66KB [ 1069.259335] kernfs_node_cache 18234KB 18612KB [ 1069.264721] mnt_cache 176KB 224KB [ 1069.271247] filp 6796KB 7608KB [ 1069.276624] names_cache 105723KB 105723KB [ 1069.284221] iint_cache 27KB 55KB [ 1069.290327] key_jar 23KB 135KB [ 1069.295700] uts_namespace 2KB 7KB [ 1069.302233] nsproxy 2KB 11KB [ 1069.308617] vm_area_struct 3219KB 3642KB [ 1069.314080] mm_struct 508KB 578KB [ 1069.321235] fs_cache 299KB 336KB [ 1069.326608] files_cache 1116KB 1181KB [ 1069.335120] signal_cache 2008KB 2134KB [ 1069.341378] sighand_cache 564KB 624KB [ 1069.346791] task_struct 9140KB 9216KB [ 1069.353441] cred_jar 2073KB 2544KB [ 1069.359877] anon_vma_chain 1020KB 1488KB [ 1069.365255] anon_vma 131KB 288KB [ 1069.371934] pid 169KB 224KB [ 1069.378397] Acpi-Operand 156KB 198KB [ 1069.383854] Acpi-ParseExt 9KB 11KB [ 1069.390403] Acpi-Parse 41KB 47KB [ 1069.395773] Acpi-State 52KB 63KB [ 1069.402362] Acpi-Namespace 20KB 27KB [ 1069.409857] numa_policy 0KB 3KB [ 1069.415239] debug_objects_cache 1652KB 1828KB [ 1069.422022] trace_event_file 297KB 298KB [ 1069.428151] ftrace_event_field 398KB 401KB [ 1069.433606] pool_workqueue 139KB 152KB [ 1069.441932] page->ptl 485KB 1000KB [ 1069.448102] kmalloc-2097152 2050KB 2050KB [ 1069.453508] kmalloc-524288 2056KB 2056KB [ 1069.460061] kmalloc-262144 1290KB 1290KB [ 1069.465428] kmalloc-131072 650KB 650KB [ 1069.471905] kmalloc-65536 2904KB 2970KB [ 1069.478076] kmalloc-32768 2310KB 2310KB [ 1069.483441] kmalloc-16384 1369KB 1435KB [ 1069.490016] kmalloc-8192 5783KB 5882KB [ 1069.495382] kmalloc-4096 31173KB 31233KB [ 1069.502896] kmalloc-2048 18595KB 18634KB [ 1069.508971] kmalloc-1024 14068KB 14088KB [ 1069.514334] kmalloc-512 16348KB 16500KB [ 1069.520869] kmalloc-256 5942KB 6030KB [ 1069.526240] kmalloc-128 1387KB 1468KB [ 1069.532792] kmalloc-96 3302KB 4076KB [ 1069.540585] kmalloc-64 2794KB 3872KB [ 1069.546224] kmalloc-32 1992KB 2543KB [ 1069.552853] kmalloc-192 2330KB 2748KB [ 1069.559035] kmem_cache 177KB 183KB [ 1069.564411] Out of memory (oom_kill_allocating_task): Kill process 8081 (syz-fuzzer) score 0 or sacrifice child [ 1069.576144] Killed process 9339 (syz-executor.2) total-vm:48512kB, anon-rss:444kB, file-rss:14340kB, shmem-rss:0kB [ 1073.205713] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1073.213470] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1073.227326] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1073.234022] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1073.251931] device bridge_slave_1 left promiscuous mode [ 1073.262384] bridge0: port 2(bridge_slave_1) entered disabled state [ 1073.269796] device bridge_slave_0 left promiscuous mode [ 1073.275274] bridge0: port 1(bridge_slave_0) entered disabled state [ 1073.290097] device veth1_macvtap left promiscuous mode [ 1073.295400] device veth0_macvtap left promiscuous mode [ 1073.304999] device veth1_vlan left promiscuous mode [ 1073.310336] device veth0_vlan left promiscuous mode 02:40:43 executing program 1: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0xffffffff, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x0, 0x0, 0x0, 0x0, 0x401], 0x6}}, 0xfffffffa}) 02:40:43 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000), 0x0) 02:40:43 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x0, {0x0, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:40:43 executing program 3: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x0, 0x0, 0x6], 0x6}}, 0xfffffffa}) 02:40:43 executing program 2: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) pipe2$watch_queue(0x0, 0x80) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x0, 0x1, {0x1, @sliced={0x6, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:40:43 executing program 5: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x1, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) 02:40:43 executing program 4: r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000440)={0x0, 0x7, 0x0, {0x1, @sliced={0x0, [0x3f, 0x9, 0xfff, 0x3, 0x0, 0x81, 0x3f, 0x9, 0x1, 0x7f, 0x8000, 0x7fff, 0xffa3, 0xffff, 0x9f, 0x8, 0x2, 0x2, 0x8, 0x1, 0x6, 0x8001, 0x6, 0x5, 0x7f0, 0x40, 0x401, 0x1, 0x8, 0x18, 0x8, 0x3, 0x7ff, 0x412, 0x0, 0x2, 0xcb9, 0x8, 0x80, 0x7, 0x3ff, 0x40, 0x3b84, 0x7f, 0x7, 0x3e, 0x6, 0x401], 0x6}}, 0xfffffffa}) [ 1076.926689] Bluetooth: hci4: command 0x0409 tx timeout [ 1079.006669] Bluetooth: hci4: command 0x041b tx timeout [ 1080.907193] device hsr_slave_1 left promiscuous mode [ 1080.922220] device hsr_slave_0 left promiscuous mode [ 1080.944341] team0 (unregistering): Port device team_slave_1 removed [ 1080.955175] team0 (unregistering): Port device team_slave_0 removed [ 1080.970587] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 1080.987668] bond0 (unregistering): Releasing backup interface bond_slave_0 02:40:51 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{0x0, 0x0, 0x0, 0x1}, {0x4, 0x0, 0x1, 0x1}}], 0x8) [ 1081.041137] bond0 (unregistering): Released all slaves [ 1081.063872] IPVS: ftp: loaded support on port[0] = 21 02:40:51 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{}, {0x4, 0x0, 0x1, 0x1}}], 0x8) [ 1081.086340] Bluetooth: hci4: command 0x040f tx timeout 02:40:51 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{}, {0x0, 0x0, 0x1, 0x1}}], 0x8) 02:40:51 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{{}, {0x0, 0x0, 0x0, 0x1}}], 0x8) 02:40:51 executing program 0: r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{}], 0x8) [ 1081.959699] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1081.976242] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1081.981022] CPU: 1 PID: 8111 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 1081.988482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1081.997826] Call Trace: [ 1082.000416] dump_stack+0x1fc/0x2ef [ 1082.004052] dump_header+0x15d/0xc3f [ 1082.007764] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1082.012865] ? ___ratelimit+0x319/0x590 [ 1082.016850] oom_kill_process.cold+0x10/0x692 [ 1082.021348] ? check_preemption_disabled+0x41/0x280 [ 1082.026372] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1082.031647] out_of_memory+0x1072/0x1390 [ 1082.035724] ? oom_killer_disable+0x270/0x270 [ 1082.040220] ? mutex_trylock+0x15f/0x1a0 [ 1082.044280] __alloc_pages_nodemask+0x23a2/0x2890 [ 1082.049129] ? find_get_entry+0x4cd/0x8a0 [ 1082.053283] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1082.058146] alloc_pages_current+0x193/0x2a0 [ 1082.062554] filemap_fault+0x146e/0x2180 [ 1082.066635] ext4_filemap_fault+0x84/0xb0 [ 1082.070779] __do_fault+0x10b/0x4b0 [ 1082.074407] __handle_mm_fault+0x273b/0x41c0 [ 1082.078813] ? vm_insert_page+0x9c0/0x9c0 [ 1082.082959] ? __fget+0x356/0x510 [ 1082.086418] ? check_preemption_disabled+0x41/0x280 [ 1082.091475] handle_mm_fault+0x436/0xb10 [ 1082.095536] __do_page_fault+0x68e/0xd60 [ 1082.099594] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1082.104623] ? spurious_fault+0x840/0x840 [ 1082.108766] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1082.113611] ? page_fault+0x8/0x30 [ 1082.117152] page_fault+0x1e/0x30 [ 1082.120605] RIP: 0033:0x43047c [ 1082.123815] Code: Bad RIP value. [ 1082.127179] RSP: 002b:000000c0008e77f0 EFLAGS: 00010246 [ 1082.132537] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000467800 [ 1082.139811] RDX: 0000000000000080 RSI: 000000c0008e7840 RDI: 0000000000000004 [ 1082.147082] RBP: 000000c0008e7e40 R08: 0000000000000000 R09: 000000fbe7dca615 [ 1082.154370] R10: 00000000000001e7 R11: 0000000000000246 R12: 000000c0008e7870 [ 1082.161634] R13: 0000000000000000 R14: 000000c0009501a0 R15: 000000000000007f [ 1082.297250] Mem-Info: [ 1082.299718] active_anon:15782 inactive_anon:41310 isolated_anon:0 [ 1082.299718] active_file:21 inactive_file:6 isolated_file:0 [ 1082.299718] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1082.299718] slab_reclaimable:13535 slab_unreclaimable:113782 [ 1082.299718] mapped:22070 shmem:41928 pagetables:619 bounce:0 [ 1082.299718] free:25035 free_pcp:0 free_cma:0 [ 1082.347499] Node 0 active_anon:60044kB inactive_anon:51172kB active_file:60kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86608kB dirty:0kB writeback:0kB shmem:52736kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1082.455223] Node 1 active_anon:3084kB inactive_anon:114068kB active_file:24kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1672kB dirty:0kB writeback:0kB shmem:114976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1082.570644] Node 0 DMA free:10984kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1082.682464] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1082.698379] Node 0 DMA32 free:35768kB min:35996kB low:44992kB high:53988kB active_anon:60044kB inactive_anon:51172kB active_file:60kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7520kB pagetables:2140kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1082.770355] lowmem_reserve[]: 0 0 1 1 1 [ 1082.774357] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1082.863113] lowmem_reserve[]: 0 0 0 0 0 [ 1082.894026] Node 1 Normal free:53824kB min:53876kB low:67344kB high:80812kB active_anon:3084kB inactive_anon:114068kB active_file:24kB inactive_file:24kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:480kB pagetables:336kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1082.999129] lowmem_reserve[]: 0 0 0 0 0 [ 1083.003133] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10984kB [ 1083.048365] Node 0 DMA32: 1127*4kB (UME) 818*8kB (UME) 312*16kB (UME) 79*32kB (UME) 28*64kB (UME) 15*128kB (UM) 12*256kB (M) 6*512kB (UM) 4*1024kB (UM) 2*2048kB (M) 0*4096kB = 36620kB [ 1083.136693] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1083.166089] Bluetooth: hci4: command 0x0419 tx timeout [ 1083.193401] Node 1 Normal: 270*4kB (UME) 237*8kB (UME) 180*16kB (UME) 89*32kB (ME) 19*64kB (ME) 7*128kB (ME) 2*256kB (M) 1*512kB (U) 3*1024kB (UME) 3*2048kB (UME) 8*4096kB (U) = 53824kB [ 1083.260212] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1083.278046] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1083.316062] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1083.324910] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1083.386739] 41956 total pagecache pages [ 1083.390732] 0 pages in swap cache [ 1083.394180] Swap cache stats: add 0, delete 0, find 0/0 [ 1083.433270] Free swap = 0kB [ 1083.443007] Total swap = 0kB [ 1083.456063] 2097051 pages RAM [ 1083.459163] 0 pages HighMem/MovableOnly [ 1083.463127] 369649 pages reserved [ 1083.485191] 0 pages cma reserved [ 1083.512621] Unreclaimable slab info: [ 1083.529982] Name Used Total [ 1083.535532] pid_2 15KB 72KB [ 1083.575278] batadv_tt_change_cache 7KB 7KB [ 1083.594727] batadv_tl_cache 8KB 16KB [ 1083.617463] TIPC 31KB 37KB [ 1083.630187] SCTPv6 26KB 30KB [ 1083.635583] DCCPv6 27KB 30KB [ 1083.670005] DCCP 30KB 35KB [ 1083.675437] RXRPC 27KB 32KB [ 1083.719383] rxrpc_call_jar 126KB 141KB [ 1083.724771] bridge_fdb_cache 17KB 27KB [ 1083.754981] fib6_nodes 250KB 268KB [ 1083.776981] ip6_dst_cache 751KB 761KB [ 1083.810100] RAWv6 123KB 128KB [ 1083.815488] UDPv6 43KB 45KB [ 1083.845864] TCPv6 42KB 42KB [ 1083.857298] nf_conntrack 17KB 18KB [ 1083.862715] t10_alua_lu_gp_cache 0KB 3KB [ 1083.880776] sd_ext_cdb 0KB 7KB [ 1083.890239] scsi_sense_cache 1056KB 1060KB [ 1083.895600] virtio_scsi_cmd 16KB 16KB [ 1083.911829] sgpool-128 8KB 8KB [ 1083.917335] sgpool-64 4KB 12KB [ 1083.922692] sgpool-32 2KB 15KB [ 1083.932799] sgpool-16 1KB 7KB [ 1083.940110] sgpool-8 0KB 7KB [ 1083.945465] mqueue_inode_cache 12KB 30KB [ 1083.954397] bio_post_read_ctx 14KB 15KB [ 1083.961631] bio-2 14KB 15KB [ 1083.978813] jfs_mp 7KB 7KB [ 1083.984190] cifs_small_rq 15KB 16KB [ 1083.990779] cifs_request 67KB 67KB [ 1083.998533] cifs_mpx_ids 0KB 7KB [ 1084.003898] nfs_commit_data 3KB 14KB [ 1084.012376] nfs_write_data 34KB 44KB [ 1084.018453] ext4_system_zone 1KB 7KB [ 1084.023842] bio-1 1KB 7KB [ 1084.031833] pid_namespace 2KB 7KB [ 1084.039303] rpc_buffers 17KB 25KB [ 1084.044667] rpc_tasks 2KB 7KB [ 1084.050833] UNIX 1953KB 1998KB [ 1084.058641] tcp_bind_bucket 3KB 4KB [ 1084.064020] ip_fib_trie 38KB 43KB [ 1084.071920] ip_fib_alias 177KB 193KB [ 1084.080032] ip_dst_cache 15KB 20KB [ 1084.085413] RAW 75KB 75KB [ 1084.095814] UDP 69KB 74KB [ 1084.102442] TCP 22KB 22KB [ 1084.109451] hugetlbfs_inode_cache 3KB 15KB [ 1084.115163] fscache_cookie_jar 1KB 11KB [ 1084.125986] eventpoll_pwq 26KB 43KB [ 1084.131367] eventpoll_epi 50KB 66KB [ 1084.138353] inotify_inode_mark 25KB 39KB [ 1084.143806] request_queue 199KB 199KB [ 1084.151704] blkdev_requests 1KB 3KB [ 1084.159425] blkdev_ioc 21KB 38KB [ 1084.164790] bio-0 849KB 870KB [ 1084.170824] biovec-max 1518KB 1534KB [ 1084.178726] biovec-64 801KB 842KB [ 1084.184102] biovec-16 123KB 146KB [ 1084.191126] bio_integrity_payload 1KB 8KB [ 1084.198518] khugepaged_mm_slot 6KB 31KB [ 1084.203980] uid_cache 0KB 4KB [ 1084.211052] dmaengine-unmap-2 0KB 3KB [ 1084.216545] skbuff_fclone_cache 48KB 48KB [ 1084.222074] skbuff_head_cache 9043KB 9273KB [ 1084.229575] configfs_dir_cache 3KB 7KB [ 1084.235031] file_lock_cache 56KB 75KB [ 1084.241335] file_lock_ctx 9KB 11KB [ 1084.249551] fsnotify_mark_connector 7KB 19KB [ 1084.255431] net_namespace 96KB 96KB [ 1084.262886] shmem_inode_cache 8114KB 8197KB [ 1084.271617] task_delay_info 222KB 367KB [ 1084.279116] taskstats 23KB 57KB [ 1084.285557] proc_dir_entry 993KB 1001KB [ 1084.296733] pde_opener 16KB 34KB [ 1084.302095] seq_file 263KB 468KB [ 1084.309263] sigqueue 45KB 66KB [ 1084.314626] kernfs_node_cache 17307KB 17773KB [ 1084.322066] mnt_cache 191KB 220KB [ 1084.329734] filp 6631KB 7597KB [ 1084.335183] names_cache 106709KB 106713KB [ 1084.345943] iint_cache 32KB 55KB [ 1084.351326] key_jar 23KB 135KB [ 1084.359999] uts_namespace 3KB 7KB [ 1084.365366] nsproxy 2KB 11KB [ 1084.372534] vm_area_struct 3267KB 3642KB [ 1084.380086] mm_struct 554KB 578KB [ 1084.385442] fs_cache 243KB 336KB [ 1084.394539] files_cache 944KB 1110KB [ 1084.399982] signal_cache 1591KB 2105KB [ 1084.405333] sighand_cache 605KB 610KB [ 1084.412480] task_struct 7253KB 7253KB [ 1084.417893] cred_jar 1941KB 2544KB [ 1084.423252] anon_vma_chain 1026KB 1488KB [ 1084.431809] anon_vma 140KB 288KB [ 1084.438402] pid 142KB 224KB [ 1084.443746] Acpi-Operand 156KB 198KB [ 1084.453377] Acpi-ParseExt 9KB 11KB [ 1084.458794] Acpi-Parse 41KB 47KB [ 1084.464149] Acpi-State 52KB 63KB [ 1084.473131] Acpi-Namespace 20KB 27KB [ 1084.478529] numa_policy 0KB 3KB [ 1084.483880] debug_objects_cache 1646KB 1828KB [ 1084.494653] trace_event_file 297KB 298KB [ 1084.501578] ftrace_event_field 398KB 401KB [ 1084.508890] pool_workqueue 151KB 152KB [ 1084.514242] page->ptl 493KB 1000KB [ 1084.522658] kmalloc-2097152 2050KB 2050KB [ 1084.530258] kmalloc-524288 2056KB 2056KB [ 1084.535623] kmalloc-262144 1290KB 1290KB [ 1084.543284] kmalloc-131072 650KB 650KB [ 1084.552932] kmalloc-65536 2904KB 2970KB [ 1084.560070] kmalloc-32768 2277KB 2409KB [ 1084.565433] kmalloc-16384 1336KB 1402KB [ 1084.572884] kmalloc-8192 5601KB 5643KB [ 1084.582660] kmalloc-4096 29048KB 29108KB [ 1084.591424] kmalloc-2048 18304KB 18595KB [ 1084.603447] kmalloc-1024 13837KB 14301KB [ 1084.610654] kmalloc-512 16890KB 17261KB [ 1084.619394] kmalloc-256 5658KB 6026KB [ 1084.624764] kmalloc-128 1414KB 1468KB [ 1084.632339] kmalloc-96 3369KB 4076KB [ 1084.639073] kmalloc-64 2756KB 3872KB [ 1084.644460] kmalloc-32 1988KB 2543KB [ 1084.651728] kmalloc-192 2251KB 2748KB [ 1084.660689] kmem_cache 177KB 183KB [ 1084.669983] Out of memory (oom_kill_allocating_task): Kill process 8111 (syz-fuzzer) score 0 or sacrifice child [ 1084.681878] Killed process 9362 (syz-executor.1) total-vm:48512kB, anon-rss:436kB, file-rss:4kB, shmem-rss:0kB [ 1084.703395] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1084.714904] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1084.721534] CPU: 1 PID: 8111 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 1084.729003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1084.738346] Call Trace: [ 1084.740927] dump_stack+0x1fc/0x2ef [ 1084.744640] dump_header+0x15d/0xc3f [ 1084.748348] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1084.753443] ? ___ratelimit+0x319/0x590 [ 1084.757415] oom_kill_process.cold+0x10/0x692 [ 1084.761904] ? check_preemption_disabled+0x41/0x280 [ 1084.766915] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1084.772245] out_of_memory+0x1072/0x1390 [ 1084.776316] ? oom_killer_disable+0x270/0x270 [ 1084.780950] ? mutex_trylock+0x15f/0x1a0 [ 1084.785000] __alloc_pages_nodemask+0x23a2/0x2890 [ 1084.789928] ? find_get_entry+0x4cd/0x8a0 [ 1084.794088] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1084.798953] alloc_pages_current+0x193/0x2a0 [ 1084.803360] filemap_fault+0x146e/0x2180 [ 1084.807426] ext4_filemap_fault+0x84/0xb0 [ 1084.811580] __do_fault+0x10b/0x4b0 [ 1084.815208] __handle_mm_fault+0x273b/0x41c0 [ 1084.819605] ? vm_insert_page+0x9c0/0x9c0 [ 1084.823747] ? __fget+0x356/0x510 [ 1084.827213] ? check_preemption_disabled+0x41/0x280 [ 1084.832235] handle_mm_fault+0x436/0xb10 [ 1084.836305] __do_page_fault+0x68e/0xd60 [ 1084.840362] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1084.845358] ? spurious_fault+0x840/0x840 [ 1084.849497] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1084.854326] ? page_fault+0x8/0x30 [ 1084.857858] page_fault+0x1e/0x30 [ 1084.861303] RIP: 0033:0x43047c [ 1084.864476] Code: Bad RIP value. [ 1084.867823] RSP: 002b:000000c0008e77f0 EFLAGS: 00010246 [ 1084.873173] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000467800 [ 1084.880428] RDX: 0000000000000080 RSI: 000000c0008e7840 RDI: 0000000000000004 [ 1084.887691] RBP: 000000c0008e7e40 R08: 0000000000000000 R09: 000000fbe7dca615 [ 1084.894950] R10: 00000000000001e7 R11: 0000000000000246 R12: 000000c0008e7870 [ 1084.902200] R13: 0000000000000000 R14: 000000c0009501a0 R15: 000000000000007f [ 1084.915325] Mem-Info: [ 1084.921191] active_anon:15757 inactive_anon:41310 isolated_anon:0 [ 1084.921191] active_file:17 inactive_file:5 isolated_file:0 [ 1084.921191] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1084.921191] slab_reclaimable:13535 slab_unreclaimable:113762 [ 1084.921191] mapped:22048 shmem:41928 pagetables:582 bounce:0 [ 1084.921191] free:25053 free_pcp:135 free_cma:0 [ 1084.964347] Node 0 active_anon:59928kB inactive_anon:51172kB active_file:32kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52736kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1084.996410] Node 1 active_anon:3080kB inactive_anon:114068kB active_file:24kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1672kB dirty:0kB writeback:0kB shmem:114976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1085.027853] Node 0 DMA free:10984kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1085.056008] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1085.061054] Node 0 DMA32 free:35396kB min:35996kB low:44992kB high:53988kB active_anon:59928kB inactive_anon:51172kB active_file:32kB inactive_file:32kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7488kB pagetables:2032kB bounce:0kB free_pcp:536kB local_pcp:0kB free_cma:0kB [ 1085.093783] lowmem_reserve[]: 0 0 1 1 1 [ 1085.097895] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1085.125719] lowmem_reserve[]: 0 0 0 0 0 [ 1085.129760] Node 1 Normal free:53824kB min:53876kB low:67344kB high:80812kB active_anon:3080kB inactive_anon:114068kB active_file:24kB inactive_file:24kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:480kB pagetables:336kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 1085.160185] lowmem_reserve[]: 0 0 0 0 0 [ 1085.164153] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10984kB [ 1085.181306] Node 0 DMA32: 1123*4kB (ME) 811*8kB (ME) 310*16kB (ME) 78*32kB (UME) 27*64kB (UME) 15*128kB (UM) 12*256kB (M) 6*512kB (UM) 3*1024kB (M) 2*2048kB (M) 0*4096kB = 35396kB [ 1085.201403] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1085.213979] Node 1 Normal: 270*4kB (UME) 237*8kB (UME) 180*16kB (UME) 89*32kB (ME) 19*64kB (ME) 7*128kB (ME) 2*256kB (M) 1*512kB (U) 3*1024kB (UME) 3*2048kB (UME) 8*4096kB (U) = 53824kB [ 1085.232729] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1085.241618] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1085.251997] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1085.264177] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1085.278106] 41956 total pagecache pages [ 1085.282080] 0 pages in swap cache [ 1085.285521] Swap cache stats: add 0, delete 0, find 0/0 [ 1085.291916] Free swap = 0kB [ 1085.294929] Total swap = 0kB [ 1085.301474] 2097051 pages RAM [ 1085.304575] 0 pages HighMem/MovableOnly [ 1085.312046] 369649 pages reserved [ 1085.315502] 0 pages cma reserved [ 1085.321843] Unreclaimable slab info: [ 1085.325565] Name Used Total [ 1085.332154] pid_2 14KB 72KB [ 1085.341243] batadv_tt_change_cache 7KB 7KB [ 1085.352488] batadv_tl_cache 8KB 16KB [ 1085.362431] TIPC 31KB 37KB [ 1085.369270] SCTPv6 24KB 30KB [ 1085.374654] DCCPv6 22KB 30KB [ 1085.383391] DCCP 19KB 35KB [ 1085.390546] RXRPC 27KB 32KB [ 1085.401957] rxrpc_call_jar 126KB 141KB [ 1085.410866] bridge_fdb_cache 17KB 27KB [ 1085.420107] fib6_nodes 250KB 268KB [ 1085.425475] ip6_dst_cache 751KB 761KB [ 1085.433473] RAWv6 121KB 128KB [ 1085.441622] UDPv6 43KB 45KB [ 1085.449263] TCPv6 27KB 42KB [ 1085.454645] nf_conntrack 17KB 18KB [ 1085.463604] t10_alua_lu_gp_cache 0KB 3KB [ 1085.470983] sd_ext_cdb 0KB 7KB [ 1085.479906] scsi_sense_cache 1056KB 1060KB [ 1085.485265] virtio_scsi_cmd 16KB 16KB [ 1085.492888] sgpool-128 8KB 8KB [ 1085.498277] sgpool-64 4KB 12KB [ 1085.503637] sgpool-32 2KB 15KB [ 1085.519962] sgpool-16 1KB 7KB [ 1085.525340] sgpool-8 0KB 7KB [ 1085.534312] mqueue_inode_cache 12KB 30KB [ 1085.545379] bio_post_read_ctx 14KB 15KB [ 1085.551754] bio-2 14KB 15KB [ 1085.563031] jfs_mp 7KB 7KB [ 1085.571869] cifs_small_rq 15KB 16KB [ 1085.578243] cifs_request 67KB 67KB [ 1085.583614] cifs_mpx_ids 0KB 7KB [ 1085.593153] nfs_commit_data 3KB 14KB [ 1085.600914] nfs_write_data 34KB 44KB [ 1085.612272] ext4_system_zone 1KB 7KB [ 1085.619094] bio-1 1KB 7KB [ 1085.624479] pid_namespace 2KB 7KB [ 1085.632470] rpc_buffers 17KB 25KB [ 1085.642291] rpc_tasks 2KB 7KB [ 1085.653130] UNIX 1944KB 1998KB [ 1085.660799] tcp_bind_bucket 3KB 4KB [ 1085.670890] ip_fib_trie 38KB 43KB [ 1085.678855] ip_fib_alias 177KB 193KB [ 1085.684209] ip_dst_cache 13KB 20KB [ 1085.692520] RAW 73KB 75KB [ 1085.699508] UDP 60KB 74KB [ 1085.704852] TCP 8KB 22KB [ 1085.715131] hugetlbfs_inode_cache 3KB 15KB [ 1085.722724] fscache_cookie_jar 1KB 11KB [ 1085.728257] eventpoll_pwq 24KB 43KB [ 1085.733630] eventpoll_epi 46KB 66KB [ 1085.741792] inotify_inode_mark 24KB 39KB [ 1085.754008] request_queue 199KB 199KB [ 1085.762418] blkdev_requests 1KB 3KB [ 1085.767804] blkdev_ioc 21KB 38KB [ 1085.773146] bio-0 849KB 870KB [ 1085.785513] biovec-max 1518KB 1534KB [ 1085.791013] biovec-64 801KB 842KB [ 1085.797931] biovec-16 123KB 146KB [ 1085.803288] bio_integrity_payload 1KB 8KB [ 1085.810638] khugepaged_mm_slot 5KB 31KB [ 1085.821481] uid_cache 0KB 4KB [ 1085.829851] dmaengine-unmap-2 0KB 3KB [ 1085.835237] skbuff_fclone_cache 48KB 48KB [ 1085.844153] skbuff_head_cache 9153KB 9273KB [ 1085.852124] configfs_dir_cache 3KB 7KB [ 1085.862987] file_lock_cache 53KB 75KB [ 1085.870266] file_lock_ctx 9KB 11KB [ 1085.875613] fsnotify_mark_connector 6KB 19KB [ 1085.884905] net_namespace 96KB 96KB [ 1085.894247] shmem_inode_cache 8108KB 8197KB [ 1085.903084] task_delay_info 221KB 367KB [ 1085.910488] taskstats 23KB 57KB [ 1085.924837] proc_dir_entry 993KB 1001KB [ 1085.932260] pde_opener 15KB 34KB [ 1085.941067] seq_file 262KB 468KB [ 1085.950195] sigqueue 45KB 66KB [ 1085.955578] kernfs_node_cache 17301KB 17773KB [ 1085.964461] mnt_cache 191KB 220KB [ 1085.971834] filp 6624KB 7597KB [ 1085.984562] names_cache 106709KB 106713KB [ 1085.989993] iint_cache 32KB 55KB [ 1085.995346] key_jar 23KB 135KB [ 1086.004108] uts_namespace 3KB 7KB [ 1086.009502] nsproxy 2KB 11KB [ 1086.014863] vm_area_struct 3264KB 3642KB [ 1086.023042] mm_struct 546KB 578KB [ 1086.032372] fs_cache 237KB 336KB [ 1086.039365] files_cache 933KB 1110KB [ 1086.044711] signal_cache 1584KB 2105KB [ 1086.052408] sighand_cache 601KB 610KB [ 1086.060326] task_struct 7253KB 7253KB [ 1086.065700] cred_jar 1935KB 2544KB [ 1086.073250] anon_vma_chain 1023KB 1488KB [ 1086.082257] anon_vma 134KB 288KB [ 1086.091817] pid 141KB 224KB [ 1086.098971] Acpi-Operand 156KB 198KB [ 1086.104319] Acpi-ParseExt 9KB 11KB [ 1086.113084] Acpi-Parse 41KB 47KB [ 1086.119382] Acpi-State 52KB 63KB [ 1086.130964] Acpi-Namespace 20KB 27KB [ 1086.138163] numa_policy 0KB 3KB [ 1086.143536] debug_objects_cache 1646KB 1828KB [ 1086.151229] trace_event_file 297KB 298KB [ 1086.160286] ftrace_event_field 398KB 401KB [ 1086.165736] pool_workqueue 151KB 152KB [ 1086.173267] page->ptl 490KB 1000KB [ 1086.182358] kmalloc-2097152 2050KB 2050KB [ 1086.189718] kmalloc-524288 2056KB 2056KB [ 1086.195080] kmalloc-262144 1290KB 1290KB [ 1086.203886] kmalloc-131072 650KB 650KB [ 1086.211313] kmalloc-65536 2904KB 2970KB [ 1086.224073] kmalloc-32768 2277KB 2409KB [ 1086.232794] kmalloc-16384 1336KB 1402KB [ 1086.241576] kmalloc-8192 5593KB 5643KB [ 1086.251029] kmalloc-4096 29048KB 29108KB [ 1086.263289] kmalloc-2048 18300KB 18595KB [ 1086.269810] kmalloc-1024 13837KB 14301KB [ 1086.275172] kmalloc-512 17075KB 17261KB [ 1086.284068] kmalloc-256 5658KB 6026KB [ 1086.292652] kmalloc-128 1410KB 1468KB [ 1086.302475] kmalloc-96 3377KB 4076KB [ 1086.309888] kmalloc-64 2756KB 3872KB [ 1086.315301] kmalloc-32 1988KB 2543KB [ 1086.322895] kmalloc-192 2248KB 2748KB [ 1086.332992] kmem_cache 177KB 183KB [ 1086.338412] Out of memory (oom_kill_allocating_task): Kill process 8111 (syz-fuzzer) score 0 or sacrifice child [ 1086.353045] Killed process 9338 (syz-executor.5) total-vm:48512kB, anon-rss:436kB, file-rss:4kB, shmem-rss:0kB [ 1086.370273] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1086.381790] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1086.390026] CPU: 1 PID: 8111 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 1086.397475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1086.406842] Call Trace: [ 1086.409436] dump_stack+0x1fc/0x2ef [ 1086.413066] dump_header+0x15d/0xc3f [ 1086.416807] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1086.421911] ? ___ratelimit+0x319/0x590 [ 1086.425892] oom_kill_process.cold+0x10/0x692 [ 1086.430390] ? check_preemption_disabled+0x41/0x280 [ 1086.435415] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1086.440706] out_of_memory+0x1072/0x1390 [ 1086.444783] ? oom_killer_disable+0x270/0x270 [ 1086.449306] ? mutex_trylock+0x15f/0x1a0 [ 1086.453376] __alloc_pages_nodemask+0x23a2/0x2890 [ 1086.458225] ? find_get_entry+0x4cd/0x8a0 [ 1086.462380] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1086.467246] alloc_pages_current+0x193/0x2a0 [ 1086.471653] filemap_fault+0x146e/0x2180 [ 1086.475725] ext4_filemap_fault+0x84/0xb0 [ 1086.479876] __do_fault+0x10b/0x4b0 [ 1086.483508] __handle_mm_fault+0x273b/0x41c0 [ 1086.487923] ? vm_insert_page+0x9c0/0x9c0 [ 1086.492067] ? __fget+0x356/0x510 [ 1086.495521] ? check_preemption_disabled+0x41/0x280 [ 1086.500532] handle_mm_fault+0x436/0xb10 [ 1086.504594] __do_page_fault+0x68e/0xd60 [ 1086.508662] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1086.513680] ? spurious_fault+0x840/0x840 [ 1086.517827] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1086.522693] ? page_fault+0x8/0x30 [ 1086.526231] page_fault+0x1e/0x30 [ 1086.529682] RIP: 0033:0x43047c [ 1086.532868] Code: Bad RIP value. [ 1086.536219] RSP: 002b:000000c0008e77f0 EFLAGS: 00010246 [ 1086.541576] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000467800 [ 1086.548839] RDX: 0000000000000080 RSI: 000000c0008e7840 RDI: 0000000000000004 [ 1086.556107] RBP: 000000c0008e7e40 R08: 0000000000000000 R09: 000000fbe7dca615 [ 1086.563380] R10: 00000000000001e7 R11: 0000000000000246 R12: 000000c0008e7870 [ 1086.570678] R13: 0000000000000000 R14: 000000c0009501a0 R15: 000000000000007f [ 1086.583951] Mem-Info: [ 1086.586426] active_anon:15727 inactive_anon:41310 isolated_anon:0 [ 1086.586426] active_file:39 inactive_file:0 isolated_file:0 [ 1086.586426] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1086.586426] slab_reclaimable:13535 slab_unreclaimable:113764 [ 1086.586426] mapped:22045 shmem:41928 pagetables:555 bounce:0 [ 1086.586426] free:24990 free_pcp:267 free_cma:0 [ 1086.623119] Node 0 active_anon:59828kB inactive_anon:51172kB active_file:32kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52736kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1086.659011] Node 1 active_anon:3080kB inactive_anon:114068kB active_file:0kB inactive_file:16kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1672kB dirty:0kB writeback:0kB shmem:114976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1086.696329] Node 0 DMA free:10984kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1086.733030] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1086.738124] Node 0 DMA32 free:35144kB min:35996kB low:44992kB high:53988kB active_anon:59828kB inactive_anon:51172kB active_file:132kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7456kB pagetables:1884kB bounce:0kB free_pcp:1060kB local_pcp:536kB free_cma:0kB [ 1086.775604] lowmem_reserve[]: 0 0 1 1 1 [ 1086.784830] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1086.814708] lowmem_reserve[]: 0 0 0 0 0 [ 1086.827566] Node 1 Normal free:53824kB min:53876kB low:67344kB high:80812kB active_anon:3076kB inactive_anon:114068kB active_file:24kB inactive_file:24kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:480kB pagetables:336kB bounce:0kB free_pcp:8kB local_pcp:4kB free_cma:0kB [ 1086.859716] lowmem_reserve[]: 0 0 0 0 0 [ 1086.863705] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10984kB [ 1086.891145] Node 0 DMA32: 1124*4kB (UME) 817*8kB (UME) 311*16kB (UME) 79*32kB (UME) 27*64kB (UME) 15*128kB (UM) 13*256kB (UM) 5*512kB (M) 3*1024kB (M) 2*2048kB (M) 0*4096kB = 35240kB [ 1086.921702] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1086.934657] Node 1 Normal: 270*4kB (UME) 237*8kB (UME) 180*16kB (UME) 89*32kB (ME) 19*64kB (ME) 7*128kB (ME) 2*256kB (M) 1*512kB (U) 3*1024kB (UME) 3*2048kB (UME) 8*4096kB (U) = 53824kB [ 1086.952734] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1086.964399] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1086.980178] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1086.993957] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1087.005697] 41956 total pagecache pages [ 1087.020234] 0 pages in swap cache [ 1087.023684] Swap cache stats: add 0, delete 0, find 0/0 [ 1087.039531] Free swap = 0kB [ 1087.042546] Total swap = 0kB [ 1087.045555] 2097051 pages RAM [ 1087.052875] 0 pages HighMem/MovableOnly [ 1087.063627] 369649 pages reserved [ 1087.070925] 0 pages cma reserved [ 1087.074298] Unreclaimable slab info: [ 1087.081287] Name Used Total [ 1087.090672] pid_2 14KB 72KB [ 1087.102863] batadv_tt_change_cache 7KB 7KB [ 1087.108829] batadv_tl_cache 8KB 16KB [ 1087.114193] TIPC 31KB 37KB [ 1087.123073] SCTPv6 24KB 30KB [ 1087.128510] DCCPv6 20KB 30KB [ 1087.133876] DCCP 16KB 35KB [ 1087.146571] RXRPC 27KB 32KB [ 1087.153380] rxrpc_call_jar 126KB 141KB [ 1087.158769] bridge_fdb_cache 17KB 27KB [ 1087.164113] fib6_nodes 246KB 268KB [ 1087.173145] ip6_dst_cache 756KB 761KB [ 1087.178552] RAWv6 121KB 128KB [ 1087.183911] UDPv6 43KB 45KB [ 1087.195035] TCPv6 27KB 36KB [ 1087.201287] nf_conntrack 17KB 18KB [ 1087.208338] t10_alua_lu_gp_cache 0KB 3KB [ 1087.213967] sd_ext_cdb 0KB 7KB [ 1087.225330] scsi_sense_cache 1056KB 1060KB [ 1087.232394] virtio_scsi_cmd 16KB 16KB [ 1087.243905] sgpool-128 8KB 8KB [ 1087.251572] sgpool-64 4KB 12KB [ 1087.260203] sgpool-32 2KB 15KB [ 1087.265557] sgpool-16 1KB 7KB [ 1087.271004] sgpool-8 0KB 7KB [ 1087.279994] mqueue_inode_cache 12KB 30KB [ 1087.285447] bio_post_read_ctx 14KB 15KB [ 1087.290954] bio-2 14KB 15KB [ 1087.299724] jfs_mp 7KB 7KB [ 1087.305100] cifs_small_rq 15KB 16KB [ 1087.310545] cifs_request 67KB 67KB [ 1087.319323] cifs_mpx_ids 0KB 7KB [ 1087.324698] nfs_commit_data 3KB 14KB [ 1087.330583] nfs_write_data 34KB 44KB [ 1087.339556] ext4_system_zone 1KB 7KB [ 1087.344926] bio-1 1KB 7KB [ 1087.350340] pid_namespace 2KB 7KB [ 1087.359937] rpc_buffers 17KB 25KB [ 1087.365320] rpc_tasks 2KB 7KB [ 1087.374753] UNIX 1940KB 1998KB [ 1087.383784] tcp_bind_bucket 3KB 4KB [ 1087.393194] ip_fib_trie 38KB 43KB [ 1087.400592] ip_fib_alias 175KB 193KB [ 1087.410234] ip_dst_cache 12KB 20KB [ 1087.415598] RAW 72KB 75KB [ 1087.424517] UDP 59KB 74KB [ 1087.431985] TCP 8KB 16KB [ 1087.439118] hugetlbfs_inode_cache 3KB 15KB [ 1087.444820] fscache_cookie_jar 1KB 11KB [ 1087.454417] eventpoll_pwq 23KB 43KB [ 1087.464824] eventpoll_epi 45KB 66KB [ 1087.472029] inotify_inode_mark 24KB 39KB [ 1087.479140] request_queue 199KB 199KB [ 1087.484479] blkdev_requests 1KB 3KB [ 1087.493943] blkdev_ioc 21KB 38KB [ 1087.502680] bio-0 849KB 870KB [ 1087.510041] biovec-max 1518KB 1534KB [ 1087.515391] biovec-64 798KB 842KB [ 1087.522480] biovec-16 123KB 146KB [ 1087.531822] bio_integrity_payload 1KB 8KB [ 1087.540994] khugepaged_mm_slot 4KB 31KB [ 1087.549098] uid_cache 0KB 4KB [ 1087.554466] dmaengine-unmap-2 0KB 3KB [ 1087.560861] skbuff_fclone_cache 47KB 48KB [ 1087.570825] skbuff_head_cache 9262KB 9273KB [ 1087.579726] configfs_dir_cache 3KB 7KB [ 1087.585174] file_lock_cache 49KB 75KB [ 1087.592619] file_lock_ctx 9KB 11KB [ 1087.601452] fsnotify_mark_connector 6KB 19KB [ 1087.611250] net_namespace 96KB 96KB [ 1087.619048] shmem_inode_cache 8105KB 8197KB [ 1087.624415] task_delay_info 219KB 367KB [ 1087.639115] taskstats 22KB 57KB [ 1087.644499] proc_dir_entry 991KB 1001KB [ 1087.652252] pde_opener 15KB 34KB [ 1087.658981] seq_file 262KB 468KB [ 1087.670411] sigqueue 44KB 66KB [ 1087.679347] kernfs_node_cache 17301KB 17773KB [ 1087.684722] mnt_cache 191KB 220KB [ 1087.692234] filp 6594KB 7597KB [ 1087.698796] names_cache 106709KB 106709KB [ 1087.704156] iint_cache 32KB 55KB [ 1087.713367] key_jar 23KB 135KB [ 1087.732565] uts_namespace 3KB 7KB [ 1087.741254] nsproxy 2KB 11KB [ 1087.750318] vm_area_struct 3251KB 3642KB [ 1087.764377] mm_struct 537KB 578KB [ 1087.772559] fs_cache 234KB 336KB [ 1087.783445] files_cache 882KB 1091KB [ 1087.790906] signal_cache 1578KB 2105KB [ 1087.810193] sighand_cache 585KB 610KB [ 1087.815559] task_struct 7253KB 7253KB [ 1087.823133] cred_jar 1910KB 2544KB [ 1087.828527] anon_vma_chain 1013KB 1488KB [ 1087.833890] anon_vma 133KB 288KB [ 1087.839255] pid 139KB 224KB [ 1087.844614] Acpi-Operand 156KB 198KB [ 1087.849985] Acpi-ParseExt 9KB 11KB [ 1087.855326] Acpi-Parse 41KB 47KB [ 1087.860687] Acpi-State 52KB 63KB [ 1087.866069] Acpi-Namespace 20KB 27KB [ 1087.871468] numa_policy 0KB 3KB [ 1087.876852] debug_objects_cache 1645KB 1828KB [ 1087.882386] trace_event_file 297KB 298KB [ 1087.887824] ftrace_event_field 398KB 401KB [ 1087.893273] pool_workqueue 151KB 152KB [ 1087.898662] page->ptl 487KB 1000KB [ 1087.904047] kmalloc-2097152 2050KB 2050KB [ 1087.909471] kmalloc-524288 2056KB 2056KB [ 1087.914838] kmalloc-262144 1290KB 1290KB [ 1087.920226] kmalloc-131072 650KB 650KB [ 1087.925613] kmalloc-65536 2904KB 2970KB [ 1087.931699] kmalloc-32768 2277KB 2409KB [ 1087.937116] kmalloc-16384 1336KB 1402KB [ 1087.942476] kmalloc-8192 5593KB 5634KB [ 1087.957711] kmalloc-4096 29048KB 29099KB [ 1087.963077] kmalloc-2048 18255KB 18589KB [ 1087.969651] kmalloc-1024 13837KB 14301KB [ 1087.975028] kmalloc-512 17283KB 17283KB [ 1087.980409] kmalloc-256 5655KB 6026KB [ 1087.985799] kmalloc-128 1387KB 1468KB [ 1087.991151] kmalloc-96 3399KB 4076KB [ 1087.996550] kmalloc-64 2743KB 3872KB [ 1088.001903] kmalloc-32 1988KB 2543KB [ 1088.007441] kmalloc-192 2223KB 2748KB [ 1088.012805] kmem_cache 177KB 183KB [ 1088.018209] Out of memory (oom_kill_allocating_task): Kill process 8111 (syz-fuzzer) score 0 or sacrifice child [ 1088.028529] Killed process 9337 (syz-executor.3) total-vm:48512kB, anon-rss:428kB, file-rss:0kB, shmem-rss:0kB [ 1088.039108] oom_reaper: reaped process 9337 (syz-executor.3), now anon-rss:0kB, file-rss:14336kB, shmem-rss:0kB [ 1088.610808] in:imklog invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1088.663402] in:imklog cpuset=/ mems_allowed=0-1 [ 1088.668210] CPU: 1 PID: 10498 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 [ 1088.675654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1088.685001] Call Trace: [ 1088.687593] dump_stack+0x1fc/0x2ef [ 1088.691224] dump_header+0x15d/0xc3f [ 1088.694942] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1088.700044] ? ___ratelimit+0x319/0x590 [ 1088.704023] oom_kill_process.cold+0x10/0x692 [ 1088.708517] ? check_preemption_disabled+0x41/0x280 [ 1088.713537] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1088.718814] out_of_memory+0x1072/0x1390 [ 1088.722880] ? oom_killer_disable+0x270/0x270 [ 1088.727382] ? mutex_trylock+0x15f/0x1a0 [ 1088.731446] __alloc_pages_nodemask+0x23a2/0x2890 [ 1088.736295] ? find_get_entry+0x4cd/0x8a0 [ 1088.740469] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1088.745349] alloc_pages_current+0x193/0x2a0 [ 1088.749764] filemap_fault+0x146e/0x2180 [ 1088.753842] ext4_filemap_fault+0x84/0xb0 [ 1088.757987] __do_fault+0x10b/0x4b0 [ 1088.761623] __handle_mm_fault+0x273b/0x41c0 [ 1088.766039] ? vm_insert_page+0x9c0/0x9c0 [ 1088.770191] ? lock_downgrade+0x720/0x720 [ 1088.774354] ? check_preemption_disabled+0x41/0x280 [ 1088.779380] handle_mm_fault+0x436/0xb10 [ 1088.783447] __do_page_fault+0x68e/0xd60 [ 1088.787514] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1088.792617] ? spurious_fault+0x840/0x840 [ 1088.796768] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1088.801612] ? page_fault+0x8/0x30 [ 1088.805177] page_fault+0x1e/0x30 [ 1088.808631] RIP: 0033:0x7f6f18967050 [ 1088.812347] Code: Bad RIP value. [ 1088.815706] RSP: 002b:00007f6f172610a8 EFLAGS: 00010202 [ 1088.821063] RAX: 00007f6f172611f0 RBX: 000055889b4ab78b RCX: 0000000000000000 [ 1088.828328] RDX: 00000000ffffffff RSI: 0000000000008000 RDI: 00007f6f172610b0 [ 1088.835591] RBP: 00007f6f18a54fe6 R08: 0000000000000000 R09: 00007f6f172612cc [ 1088.842867] R10: 0000000000000000 R11: 00000000000331a2 R12: 00007f6f172611d8 [ 1088.850130] R13: 000055889b4ab78b R14: 0000000000001f9f R15: 00007f6f172613d0 [ 1088.896779] Mem-Info: [ 1088.899230] active_anon:15693 inactive_anon:41310 isolated_anon:0 [ 1088.899230] active_file:15 inactive_file:13 isolated_file:0 [ 1088.899230] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1088.899230] slab_reclaimable:13534 slab_unreclaimable:113502 [ 1088.899230] mapped:22045 shmem:41928 pagetables:538 bounce:0 [ 1088.899230] free:25242 free_pcp:39 free_cma:0 [ 1088.941865] Node 0 active_anon:59700kB inactive_anon:51172kB active_file:60kB inactive_file:328kB unevictable:0kB isolated(anon):0kB isolated(file):52kB mapped:86708kB dirty:0kB writeback:0kB shmem:52736kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1088.972088] Node 1 active_anon:3072kB inactive_anon:114068kB active_file:24kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1672kB dirty:0kB writeback:0kB shmem:114976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1089.001351] Node 0 DMA free:10984kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1089.027910] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1089.032931] Node 0 DMA32 free:35532kB min:35996kB low:44992kB high:53988kB active_anon:59700kB inactive_anon:51172kB active_file:36kB inactive_file:28kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7424kB pagetables:1816kB bounce:0kB free_pcp:904kB local_pcp:476kB free_cma:0kB [ 1089.063329] lowmem_reserve[]: 0 0 1 1 1 [ 1089.067389] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1089.094827] lowmem_reserve[]: 0 0 0 0 0 [ 1089.098948] Node 1 Normal free:53836kB min:53876kB low:67344kB high:80812kB active_anon:3072kB inactive_anon:114068kB active_file:24kB inactive_file:24kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:480kB pagetables:336kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1089.127574] lowmem_reserve[]: 0 0 0 0 0 [ 1089.131552] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10984kB [ 1089.144798] Node 0 DMA32: 1099*4kB (UME) 815*8kB (UME) 316*16kB (UME) 84*32kB (UME) 24*64kB (ME) 15*128kB (UM) 14*256kB (UM) 6*512kB (UM) 3*1024kB (M) 2*2048kB (M) 0*4096kB = 35940kB [ 1089.161337] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1089.172467] Node 1 Normal: 268*4kB (UME) 233*8kB (UME) 178*16kB (UME) 92*32kB (ME) 19*64kB (ME) 7*128kB (ME) 2*256kB (M) 1*512kB (U) 3*1024kB (UME) 3*2048kB (UME) 8*4096kB (U) = 53848kB [ 1089.192884] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1089.201785] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1089.210760] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1089.219632] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1089.228248] 41947 total pagecache pages [ 1089.232211] 0 pages in swap cache [ 1089.235787] Swap cache stats: add 0, delete 0, find 0/0 [ 1089.241140] Free swap = 0kB [ 1089.244132] Total swap = 0kB [ 1089.247973] 2097051 pages RAM [ 1089.251068] 0 pages HighMem/MovableOnly [ 1089.255020] 369649 pages reserved [ 1089.258496] 0 pages cma reserved [ 1089.261850] Unreclaimable slab info: [ 1089.265604] Name Used Total [ 1089.271130] pid_2 14KB 72KB [ 1089.276606] batadv_tt_change_cache 7KB 7KB [ 1089.282388] batadv_tl_cache 8KB 16KB [ 1089.287793] TIPC 31KB 37KB [ 1089.293153] SCTPv6 24KB 30KB [ 1089.298551] DCCPv6 17KB 30KB [ 1089.303919] DCCP 16KB 35KB [ 1089.310205] RXRPC 27KB 32KB [ 1089.319024] rxrpc_call_jar 126KB 141KB [ 1089.324390] bridge_fdb_cache 17KB 27KB [ 1089.330848] fib6_nodes 246KB 268KB [ 1089.336287] ip6_dst_cache 756KB 761KB [ 1089.341646] RAWv6 121KB 128KB [ 1089.347167] UDPv6 43KB 45KB [ 1089.352526] TCPv6 27KB 36KB [ 1089.357932] nf_conntrack 17KB 18KB [ 1089.363336] t10_alua_lu_gp_cache 0KB 3KB [ 1089.368979] sd_ext_cdb 0KB 7KB [ 1089.374323] scsi_sense_cache 1056KB 1060KB [ 1089.379700] virtio_scsi_cmd 16KB 16KB [ 1089.385057] sgpool-128 8KB 8KB [ 1089.390439] sgpool-64 4KB 12KB [ 1089.395836] sgpool-32 2KB 15KB [ 1089.401201] sgpool-16 1KB 7KB [ 1089.406632] sgpool-8 0KB 7KB [ 1089.411991] mqueue_inode_cache 12KB 30KB [ 1089.418448] bio_post_read_ctx 14KB 15KB [ 1089.483013] bio-2 14KB 15KB [ 1089.504687] jfs_mp 7KB 7KB [ 1089.530142] cifs_small_rq 15KB 16KB [ 1089.561414] cifs_request 67KB 67KB [ 1089.593144] cifs_mpx_ids 0KB 7KB [ 1089.616202] nfs_commit_data 3KB 14KB [ 1089.621595] nfs_write_data 34KB 44KB [ 1089.664482] ext4_system_zone 1KB 7KB [ 1089.703971] bio-1 1KB 7KB [ 1089.745025] pid_namespace 2KB 7KB [ 1089.770445] rpc_buffers 17KB 25KB [ 1089.803455] rpc_tasks 2KB 7KB [ 1089.830839] UNIX 1938KB 1998KB [ 1089.868039] tcp_bind_bucket 3KB 4KB [ 1089.873511] ip_fib_trie 38KB 43KB [ 1089.935272] ip_fib_alias 175KB 193KB [ 1089.961220] ip_dst_cache 12KB 20KB [ 1090.016391] RAW 72KB 75KB [ 1090.021780] UDP 57KB 74KB [ 1090.071563] TCP 8KB 16KB [ 1090.102689] hugetlbfs_inode_cache 3KB 15KB [ 1090.134518] fscache_cookie_jar 1KB 11KB [ 1090.159188] eventpoll_pwq 23KB 43KB [ 1090.165276] eventpoll_epi 45KB 66KB [ 1090.224697] inotify_inode_mark 24KB 39KB [ 1090.250395] request_queue 199KB 199KB [ 1090.272379] blkdev_requests 1KB 3KB [ 1090.315621] blkdev_ioc 21KB 38KB [ 1090.320988] bio-0 872KB 892KB [ 1090.358043] biovec-max 1518KB 1534KB [ 1090.363418] biovec-64 856KB 897KB [ 1090.413178] biovec-16 136KB 146KB [ 1090.444311] bio_integrity_payload 1KB 8KB [ 1090.481335] khugepaged_mm_slot 3KB 31KB [ 1090.519487] uid_cache 0KB 4KB [ 1090.524861] dmaengine-unmap-2 0KB 3KB [ 1090.575111] skbuff_fclone_cache 47KB 48KB [ 1090.611312] skbuff_head_cache 9458KB 9461KB [ 1090.642293] configfs_dir_cache 3KB 7KB [ 1090.666038] file_lock_cache 49KB 75KB [ 1090.671414] file_lock_ctx 9KB 11KB [ 1090.725125] fsnotify_mark_connector 6KB 19KB [ 1090.750946] net_namespace 96KB 96KB [ 1090.788735] shmem_inode_cache 8104KB 8197KB [ 1090.794114] task_delay_info 217KB 367KB [ 1090.860131] taskstats 22KB 57KB [ 1090.887244] proc_dir_entry 991KB 1001KB [ 1090.916298] pde_opener 15KB 34KB [ 1090.921680] seq_file 261KB 468KB [ 1090.982730] sigqueue 44KB 66KB [ 1091.017508] kernfs_node_cache 17300KB 17773KB [ 1091.022883] mnt_cache 191KB 220KB [ 1091.070930] filp 6587KB 7597KB [ 1091.105334] names_cache 106097KB 106135KB [ 1091.135041] iint_cache 32KB 55KB [ 1091.165038] key_jar 23KB 135KB [ 1091.181898] uts_namespace 3KB 7KB [ 1091.209467] nsproxy 1KB 11KB [ 1091.214840] vm_area_struct 3248KB 3642KB [ 1091.268876] mm_struct 529KB 578KB [ 1091.274372] fs_cache 231KB 336KB [ 1091.323864] files_cache 871KB 1091KB [ 1091.352964] signal_cache 1571KB 2098KB [ 1091.378728] sighand_cache 582KB 610KB [ 1091.384105] task_struct 7202KB 7253KB [ 1091.434106] cred_jar 1904KB 2544KB [ 1091.460866] anon_vma_chain 1010KB 1488KB [ 1091.498967] anon_vma 132KB 288KB [ 1091.504346] pid 138KB 224KB [ 1091.565460] Acpi-Operand 156KB 198KB [ 1091.570873] Acpi-ParseExt 9KB 11KB [ 1091.618578] Acpi-Parse 41KB 47KB [ 1091.623981] Acpi-State 52KB 63KB [ 1091.677288] Acpi-Namespace 20KB 27KB [ 1091.682680] numa_policy 0KB 3KB [ 1091.732187] debug_objects_cache 1645KB 1828KB [ 1091.761570] trace_event_file 297KB 298KB [ 1091.785034] ftrace_event_field 398KB 401KB [ 1091.818280] pool_workqueue 151KB 152KB [ 1091.823659] page->ptl 485KB 1000KB [ 1091.888974] kmalloc-2097152 2050KB 2050KB [ 1091.894364] kmalloc-524288 2056KB 2056KB [ 1091.945004] kmalloc-262144 1290KB 1290KB [ 1091.973911] kmalloc-131072 650KB 650KB [ 1092.000039] kmalloc-65536 2904KB 2970KB [ 1092.027180] kmalloc-32768 2277KB 2409KB [ 1092.032550] kmalloc-16384 1336KB 1402KB [ 1092.082036] kmalloc-8192 5593KB 5634KB [ 1092.130131] kmalloc-4096 28963KB 29023KB [ 1092.164428] kmalloc-2048 18253KB 18589KB [ 1092.217748] kmalloc-1024 13837KB 14301KB [ 1092.223276] kmalloc-512 17805KB 17805KB [ 1092.288250] kmalloc-256 5655KB 6026KB [ 1092.293627] kmalloc-128 1386KB 1468KB [ 1092.355056] kmalloc-96 3452KB 4076KB [ 1092.386545] kmalloc-64 2743KB 3872KB [ 1092.391927] kmalloc-32 1988KB 2543KB [ 1092.455887] kmalloc-192 2217KB 2748KB [ 1092.461259] kmem_cache 177KB 183KB [ 1092.523111] Out of memory (oom_kill_allocating_task): Kill process 10498 (in:imklog) score 0 or sacrifice child [ 1092.563201] Killed process 10496 (rsyslogd) total-vm:254332kB, anon-rss:736kB, file-rss:0kB, shmem-rss:0kB [ 1092.575775] oom_reaper: reaped process 10496 (rsyslogd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1093.203967] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1093.238755] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1093.243555] CPU: 0 PID: 8082 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 1093.251080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1093.260427] Call Trace: [ 1093.263020] dump_stack+0x1fc/0x2ef [ 1093.266649] dump_header+0x15d/0xc3f [ 1093.270367] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1093.275466] ? ___ratelimit+0x319/0x590 [ 1093.279441] oom_kill_process.cold+0x10/0x692 [ 1093.283938] ? check_preemption_disabled+0x41/0x280 [ 1093.288962] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1093.294240] out_of_memory+0x1072/0x1390 [ 1093.298304] ? oom_killer_disable+0x270/0x270 [ 1093.302799] ? mutex_trylock+0x15f/0x1a0 [ 1093.306865] __alloc_pages_nodemask+0x23a2/0x2890 [ 1093.311725] ? find_get_entry+0x4cd/0x8a0 [ 1093.315884] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1093.320749] alloc_pages_current+0x193/0x2a0 [ 1093.325161] filemap_fault+0x146e/0x2180 [ 1093.329231] ext4_filemap_fault+0x84/0xb0 [ 1093.333378] __do_fault+0x10b/0x4b0 [ 1093.337006] __handle_mm_fault+0x273b/0x41c0 [ 1093.341419] ? vm_insert_page+0x9c0/0x9c0 [ 1093.345580] ? check_preemption_disabled+0x41/0x280 [ 1093.350599] handle_mm_fault+0x436/0xb10 [ 1093.354663] __do_page_fault+0x68e/0xd60 [ 1093.358731] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1093.363746] ? spurious_fault+0x840/0x840 [ 1093.367899] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1093.372743] ? page_fault+0x8/0x30 [ 1093.376284] page_fault+0x1e/0x30 [ 1093.379730] RIP: 0033:0x40b220 [ 1093.382919] Code: Bad RIP value. [ 1093.386276] RSP: 002b:000000c000061f68 EFLAGS: 00010202 [ 1093.391630] RAX: 0000000001f4f0b8 RBX: 000000c000061fc0 RCX: 000000c0004511e0 [ 1093.398901] RDX: 000000c00004b547 RSI: 000000000000247a RDI: 000000000043ee20 [ 1093.406173] RBP: 000000c000061f80 R08: 0000000000000000 R09: 0000000000000000 [ 1093.413443] R10: 0000000001000004 R11: 0000000000000202 R12: 000000c00004b638 [ 1093.420710] R13: 0000000000000000 R14: 000000c0000009c0 R15: 0000000000000000 [ 1093.914879] Mem-Info: [ 1093.918709] active_anon:15475 inactive_anon:41310 isolated_anon:0 [ 1093.918709] active_file:12 inactive_file:13 isolated_file:0 [ 1093.918709] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1093.918709] slab_reclaimable:13533 slab_unreclaimable:113129 [ 1093.918709] mapped:22067 shmem:41928 pagetables:508 bounce:0 [ 1093.918709] free:25105 free_pcp:58 free_cma:0 [ 1093.959463] Node 0 active_anon:59716kB inactive_anon:51172kB active_file:0kB inactive_file:84kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86508kB dirty:0kB writeback:0kB shmem:52736kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1093.997816] Node 1 active_anon:2184kB inactive_anon:114068kB active_file:120kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1764kB dirty:0kB writeback:0kB shmem:114976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1094.041848] Node 0 DMA free:10984kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1094.075201] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1094.080254] Node 0 DMA32 free:35996kB min:35996kB low:44992kB high:53988kB active_anon:59716kB inactive_anon:51172kB active_file:100kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7424kB pagetables:1816kB bounce:0kB free_pcp:212kB local_pcp:212kB free_cma:0kB [ 1094.109353] lowmem_reserve[]: 0 0 1 1 1 [ 1094.114183] Node 0 Normal free:4kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1094.140275] lowmem_reserve[]: 0 0 0 0 0 [ 1094.144348] Node 1 Normal free:53440kB min:53876kB low:67344kB high:80812kB active_anon:2184kB inactive_anon:114068kB active_file:20kB inactive_file:52kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:216kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1094.173555] lowmem_reserve[]: 0 0 0 0 0 [ 1094.177866] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10984kB [ 1094.191170] Node 0 DMA32: 1115*4kB (UME) 815*8kB (ME) 349*16kB (UME) 83*32kB (UME) 25*64kB (UME) 15*128kB (UM) 13*256kB (M) 5*512kB (M) 3*1024kB (M) 2*2048kB (M) 0*4096kB = 35796kB [ 1094.207531] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 1094.219981] Node 1 Normal: 223*4kB (ME) 184*8kB (ME) 160*16kB (ME) 98*32kB (UME) 23*64kB (UME) 11*128kB (ME) 3*256kB (M) 2*512kB (UM) 2*1024kB (ME) 3*2048kB (UME) 8*4096kB (U) = 53692kB [ 1094.240394] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1094.249304] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1094.257985] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1094.266880] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1094.275530] 41962 total pagecache pages [ 1094.279503] 0 pages in swap cache [ 1094.282933] Swap cache stats: add 0, delete 0, find 0/0 [ 1094.288440] Free swap = 0kB [ 1094.291460] Total swap = 0kB [ 1094.294454] 2097051 pages RAM [ 1094.297608] 0 pages HighMem/MovableOnly [ 1094.301590] 369649 pages reserved [ 1094.305024] 0 pages cma reserved [ 1094.318308] Unreclaimable slab info: [ 1094.322024] Name Used Total [ 1094.328753] pid_2 13KB 72KB [ 1094.334163] batadv_tt_change_cache 6KB 7KB [ 1094.341843] batadv_tl_cache 7KB 16KB [ 1094.350839] TIPC 24KB 37KB [ 1094.360051] SCTPv6 22KB 30KB [ 1094.369012] DCCPv6 17KB 30KB [ 1094.374371] DCCP 16KB 35KB [ 1094.381634] RXRPC 19KB 32KB [ 1094.390423] rxrpc_call_jar 124KB 141KB [ 1094.399446] bridge_fdb_cache 15KB 27KB [ 1094.404812] fib6_nodes 241KB 268KB [ 1094.411658] ip6_dst_cache 761KB 761KB [ 1094.420248] RAWv6 121KB 128KB [ 1094.428926] UDPv6 41KB 45KB [ 1094.434291] TCPv6 24KB 36KB [ 1094.443495] nf_conntrack 16KB 18KB [ 1094.451995] t10_alua_lu_gp_cache 0KB 3KB [ 1094.458403] sd_ext_cdb 0KB 7KB [ 1094.463769] scsi_sense_cache 1056KB 1060KB [ 1094.472521] virtio_scsi_cmd 16KB 16KB [ 1094.481780] sgpool-128 8KB 8KB [ 1094.490571] sgpool-64 4KB 12KB [ 1094.499513] sgpool-32 2KB 15KB [ 1094.504874] sgpool-16 1KB 7KB [ 1094.511923] sgpool-8 0KB 7KB [ 1094.518467] mqueue_inode_cache 12KB 30KB [ 1094.528709] bio_post_read_ctx 14KB 15KB [ 1094.534135] bio-2 14KB 15KB [ 1094.543333] jfs_mp 7KB 7KB [ 1094.550617] cifs_small_rq 15KB 16KB [ 1094.559667] cifs_request 67KB 67KB [ 1094.565021] cifs_mpx_ids 0KB 7KB [ 1094.573934] nfs_commit_data 3KB 14KB [ 1094.582989] nfs_write_data 34KB 44KB [ 1094.591561] ext4_system_zone 1KB 7KB [ 1094.600488] bio-1 1KB 7KB [ 1094.609348] pid_namespace 2KB 7KB [ 1094.614748] rpc_buffers 17KB 25KB [ 1094.622143] rpc_tasks 2KB 7KB [ 1094.630309] UNIX 1927KB 1998KB [ 1094.639327] tcp_bind_bucket 2KB 4KB [ 1094.644699] ip_fib_trie 36KB 43KB [ 1094.653228] ip_fib_alias 171KB 193KB [ 1094.671933] ip_dst_cache 11KB 20KB [ 1094.678877] RAW 72KB 75KB [ 1094.684236] UDP 57KB 74KB [ 1094.691511] TCP 8KB 16KB [ 1094.700297] hugetlbfs_inode_cache 3KB 15KB [ 1094.712295] fscache_cookie_jar 1KB 11KB [ 1094.718644] eventpoll_pwq 23KB 43KB [ 1094.724007] eventpoll_epi 43KB 66KB [ 1094.734101] inotify_inode_mark 20KB 39KB [ 1094.741377] request_queue 199KB 199KB [ 1094.749702] blkdev_requests 1KB 3KB [ 1094.760863] blkdev_ioc 21KB 38KB [ 1094.771073] bio-0 890KB 903KB [ 1094.781686] biovec-max 1518KB 1534KB [ 1094.789963] biovec-64 888KB 913KB [ 1094.801177] biovec-16 136KB 146KB [ 1094.811800] bio_integrity_payload 1KB 8KB [ 1094.820655] khugepaged_mm_slot 3KB 31KB [ 1094.832707] uid_cache 0KB 4KB [ 1094.844062] dmaengine-unmap-2 0KB 3KB [ 1094.852072] skbuff_fclone_cache 40KB 48KB [ 1094.860020] skbuff_head_cache 9743KB 9746KB [ 1094.868415] configfs_dir_cache 3KB 7KB [ 1094.873893] file_lock_cache 45KB 75KB [ 1094.883042] file_lock_ctx 9KB 11KB [ 1094.891853] fsnotify_mark_connector 6KB 19KB [ 1094.899493] net_namespace 96KB 96KB [ 1094.904841] shmem_inode_cache 8096KB 8193KB [ 1094.912154] task_delay_info 211KB 367KB [ 1094.921461] taskstats 22KB 57KB [ 1094.931648] proc_dir_entry 987KB 1001KB [ 1094.940666] pde_opener 14KB 34KB [ 1094.947810] seq_file 257KB 468KB [ 1094.953157] sigqueue 44KB 66KB [ 1094.962306] kernfs_node_cache 17295KB 17773KB [ 1094.971244] mnt_cache 190KB 220KB [ 1094.980142] filp 6553KB 7597KB [ 1094.987174] names_cache 105051KB 105081KB [ 1094.992538] iint_cache 29KB 55KB [ 1095.001676] key_jar 23KB 135KB [ 1095.011578] uts_namespace 3KB 7KB [ 1095.020779] nsproxy 1KB 11KB [ 1095.027899] vm_area_struct 3211KB 3642KB [ 1095.034102] mm_struct 520KB 578KB [ 1095.043154] fs_cache 222KB 332KB [ 1095.051977] files_cache 815KB 1076KB [ 1095.061333] signal_cache 1546KB 2098KB [ 1095.072570] sighand_cache 564KB 603KB [ 1095.093638] task_struct 7051KB 7095KB [ 1095.103756] cred_jar 1877KB 2544KB [ 1095.113303] anon_vma_chain 996KB 1488KB [ 1095.132230] anon_vma 121KB 288KB [ 1095.137816] pid 134KB 224KB [ 1095.143176] Acpi-Operand 156KB 198KB [ 1095.161589] Acpi-ParseExt 9KB 11KB [ 1095.174160] Acpi-Parse 41KB 47KB [ 1095.181239] Acpi-State 52KB 63KB [ 1095.192083] Acpi-Namespace 20KB 27KB [ 1095.206610] numa_policy 0KB 3KB [ 1095.211974] debug_objects_cache 1644KB 1828KB [ 1095.223565] trace_event_file 297KB 298KB [ 1095.231311] ftrace_event_field 398KB 401KB [ 1095.240959] pool_workqueue 146KB 152KB [ 1095.251149] page->ptl 478KB 1000KB [ 1095.258510] kmalloc-2097152 2050KB 2050KB [ 1095.263864] kmalloc-524288 2056KB 2056KB [ 1095.280482] kmalloc-262144 1290KB 1290KB [ 1095.291319] kmalloc-131072 650KB 650KB [ 1095.298621] kmalloc-65536 2772KB 2970KB [ 1095.303993] kmalloc-32768 2277KB 2409KB [ 1095.322921] kmalloc-16384 1336KB 1402KB [ 1095.332644] kmalloc-8192 5577KB 5634KB [ 1095.343771] kmalloc-4096 28802KB 28861KB [ 1095.362452] kmalloc-2048 18211KB 18576KB [ 1095.367871] kmalloc-1024 13851KB 14301KB [ 1095.373235] kmalloc-512 18187KB 18187KB [ 1095.389292] kmalloc-256 5641KB 6026KB [ 1095.394688] kmalloc-128 1383KB 1468KB [ 1095.400096] kmalloc-96 3459KB 4076KB [ 1095.408729] kmalloc-64 2731KB 3872KB [ 1095.414321] kmalloc-32 1988KB 2543KB [ 1095.438720] kmalloc-192 2214KB 2748KB [ 1095.453204] kmem_cache 177KB 183KB [ 1095.459798] Out of memory (oom_kill_allocating_task): Kill process 8082 (syz-fuzzer) score 0 or sacrifice child [ 1095.473596] Killed process 8968 (syz-executor.4) total-vm:48512kB, anon-rss:428kB, file-rss:0kB, shmem-rss:0kB [ 1095.519534] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1095.534968] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1095.539799] CPU: 1 PID: 8081 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 1095.547241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1095.556587] Call Trace: [ 1095.559180] dump_stack+0x1fc/0x2ef [ 1095.562812] dump_header+0x15d/0xc3f [ 1095.566530] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1095.571632] ? ___ratelimit+0x319/0x590 [ 1095.575606] oom_kill_process.cold+0x10/0x692 [ 1095.580099] ? check_preemption_disabled+0x41/0x280 [ 1095.585100] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1095.590358] out_of_memory+0x1072/0x1390 [ 1095.594423] ? oom_killer_disable+0x270/0x270 [ 1095.598923] ? mutex_trylock+0x15f/0x1a0 [ 1095.602968] __alloc_pages_nodemask+0x23a2/0x2890 [ 1095.607801] ? find_get_entry+0x4cd/0x8a0 [ 1095.611936] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1095.616788] alloc_pages_current+0x193/0x2a0 [ 1095.621181] filemap_fault+0x146e/0x2180 [ 1095.625231] ext4_filemap_fault+0x84/0xb0 [ 1095.629374] __do_fault+0x10b/0x4b0 [ 1095.632984] __handle_mm_fault+0x273b/0x41c0 [ 1095.637395] ? vm_insert_page+0x9c0/0x9c0 [ 1095.641533] ? check_preemption_disabled+0x41/0x280 [ 1095.646534] handle_mm_fault+0x436/0xb10 [ 1095.650580] __do_page_fault+0x68e/0xd60 [ 1095.654649] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1095.659669] ? spurious_fault+0x840/0x840 [ 1095.663808] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1095.668650] ? page_fault+0x8/0x30 [ 1095.672178] page_fault+0x1e/0x30 [ 1095.675619] RIP: 0033:0x451cf7 [ 1095.678802] Code: Bad RIP value. [ 1095.682177] RSP: 002b:000000c0000598e8 EFLAGS: 00010203 [ 1095.687529] RAX: 0000000000000041 RBX: 0000000000000002 RCX: 000000000117c760 [ 1095.694801] RDX: 0000000000000001 RSI: 000000000044218a RDI: 0000000000d01e34 [ 1095.702055] RBP: 000000c0000598f8 R08: 0000000001f7ee40 R09: 000001166be54c5e [ 1095.709306] R10: 001a50a47b7bc656 R11: 0000000000000001 R12: 000000c0000599a0 [ 1095.716568] R13: 000000c0006c8800 R14: 000000c000000340 R15: 00007f1ca264e834 [ 1095.730052] Mem-Info: [ 1095.732500] active_anon:15457 inactive_anon:41310 isolated_anon:0 [ 1095.732500] active_file:6 inactive_file:16 isolated_file:0 [ 1095.732500] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1095.732500] slab_reclaimable:13533 slab_unreclaimable:113226 [ 1095.732500] mapped:22044 shmem:41928 pagetables:495 bounce:0 [ 1095.732500] free:24993 free_pcp:162 free_cma:0 [ 1095.768545] Node 0 active_anon:59648kB inactive_anon:51172kB active_file:40kB inactive_file:20kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86504kB dirty:0kB writeback:0kB shmem:52736kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1095.799820] Node 1 active_anon:2180kB inactive_anon:114068kB active_file:0kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1672kB dirty:0kB writeback:0kB shmem:114976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1095.829014] Node 0 DMA free:10984kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1095.858887] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1095.863917] Node 0 DMA32 free:35292kB min:35996kB low:44992kB high:53988kB active_anon:59648kB inactive_anon:51172kB active_file:44kB inactive_file:12kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7392kB pagetables:1764kB bounce:0kB free_pcp:588kB local_pcp:228kB free_cma:0kB [ 1095.900269] lowmem_reserve[]: 0 0 1 1 1 [ 1095.904255] Node 0 Normal free:4kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1095.933572] lowmem_reserve[]: 0 0 0 0 0 [ 1095.956428] Node 1 Normal free:53820kB min:53876kB low:67344kB high:80812kB active_anon:2180kB inactive_anon:114068kB active_file:24kB inactive_file:28kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:212kB bounce:0kB free_pcp:16kB local_pcp:4kB free_cma:0kB [ 1095.992150] lowmem_reserve[]: 0 0 0 0 0 [ 1095.996236] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10984kB [ 1096.012848] Node 0 DMA32: 1115*4kB (UME) 818*8kB (UME) 317*16kB (UME) 84*32kB (UME) 25*64kB (UME) 15*128kB (UM) 13*256kB (M) 5*512kB (M) 3*1024kB (M) 2*2048kB (M) 0*4096kB = 35340kB [ 1096.032782] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 1096.043858] Node 1 Normal: 223*4kB (ME) 190*8kB (UME) 163*16kB (UME) 99*32kB (UME) 23*64kB (UME) 11*128kB (ME) 3*256kB (M) 2*512kB (UM) 2*1024kB (ME) 3*2048kB (UME) 8*4096kB (U) = 53820kB [ 1096.064296] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1096.073180] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1096.085310] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1096.094148] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1096.102785] 41956 total pagecache pages [ 1096.110320] 0 pages in swap cache [ 1096.113768] Swap cache stats: add 0, delete 0, find 0/0 [ 1096.119171] Free swap = 0kB [ 1096.122193] Total swap = 0kB [ 1096.128767] 2097051 pages RAM [ 1096.131869] 0 pages HighMem/MovableOnly [ 1096.135881] 369649 pages reserved [ 1096.139328] 0 pages cma reserved [ 1096.142687] Unreclaimable slab info: [ 1096.149980] Name Used Total [ 1096.155593] pid_2 12KB 72KB [ 1096.161020] batadv_tt_change_cache 4KB 7KB [ 1096.170516] batadv_tl_cache 7KB 16KB [ 1096.175967] TIPC 16KB 37KB [ 1096.181342] SCTPv6 22KB 30KB [ 1096.190384] DCCPv6 17KB 30KB [ 1096.195820] DCCP 16KB 35KB [ 1096.201391] RXRPC 17KB 32KB [ 1096.210394] rxrpc_call_jar 123KB 141KB [ 1096.215881] bridge_fdb_cache 15KB 27KB [ 1096.221251] fib6_nodes 238KB 268KB [ 1096.230124] ip6_dst_cache 765KB 765KB [ 1096.235547] RAWv6 121KB 128KB [ 1096.240914] UDPv6 39KB 45KB [ 1096.249801] TCPv6 24KB 36KB [ 1096.255224] nf_conntrack 15KB 18KB [ 1096.260641] t10_alua_lu_gp_cache 0KB 3KB [ 1096.269973] sd_ext_cdb 0KB 7KB [ 1096.275408] scsi_sense_cache 1056KB 1060KB [ 1096.280771] virtio_scsi_cmd 16KB 16KB [ 1096.293462] sgpool-128 8KB 8KB [ 1096.298914] sgpool-64 4KB 12KB [ 1096.304270] sgpool-32 2KB 15KB [ 1096.313172] sgpool-16 1KB 7KB [ 1096.318707] sgpool-8 0KB 7KB [ 1096.324077] mqueue_inode_cache 12KB 30KB [ 1096.333173] bio_post_read_ctx 14KB 15KB [ 1096.338650] bio-2 14KB 15KB [ 1096.344026] jfs_mp 7KB 7KB [ 1096.353101] cifs_small_rq 15KB 16KB [ 1096.362475] cifs_request 67KB 67KB [ 1096.371277] cifs_mpx_ids 0KB 7KB [ 1096.380583] nfs_commit_data 3KB 14KB [ 1096.390109] nfs_write_data 34KB 44KB [ 1096.399112] ext4_system_zone 1KB 7KB [ 1096.404493] bio-1 1KB 7KB [ 1096.414009] pid_namespace 2KB 7KB [ 1096.423053] rpc_buffers 17KB 25KB [ 1096.431855] rpc_tasks 2KB 7KB [ 1096.451982] UNIX 1923KB 1998KB [ 1096.462118] tcp_bind_bucket 2KB 4KB [ 1096.482521] ip_fib_trie 35KB 43KB [ 1096.493864] ip_fib_alias 169KB 193KB [ 1096.504920] ip_dst_cache 11KB 20KB [ 1096.513943] RAW 72KB 75KB [ 1096.533619] UDP 57KB 74KB [ 1096.542496] TCP 8KB 16KB [ 1096.549968] hugetlbfs_inode_cache 3KB 15KB [ 1096.561149] fscache_cookie_jar 1KB 11KB [ 1096.566658] eventpoll_pwq 23KB 43KB [ 1096.572014] eventpoll_epi 42KB 66KB [ 1096.591636] inotify_inode_mark 15KB 39KB [ 1096.604245] request_queue 199KB 199KB [ 1096.611959] blkdev_requests 1KB 3KB [ 1096.623438] blkdev_ioc 21KB 38KB [ 1096.628856] bio-0 890KB 903KB [ 1096.634219] biovec-max 1518KB 1534KB [ 1096.644413] biovec-64 888KB 913KB [ 1096.654782] biovec-16 133KB 146KB [ 1096.660207] bio_integrity_payload 1KB 8KB [ 1096.683437] khugepaged_mm_slot 3KB 27KB [ 1096.692425] uid_cache 0KB 4KB [ 1096.706318] dmaengine-unmap-2 0KB 3KB [ 1096.711701] skbuff_fclone_cache 33KB 48KB [ 1096.723101] skbuff_head_cache 9867KB 9870KB [ 1096.742573] configfs_dir_cache 3KB 7KB [ 1096.754360] file_lock_cache 44KB 75KB [ 1096.763734] file_lock_ctx 9KB 11KB [ 1096.791193] fsnotify_mark_connector 6KB 19KB [ 1096.802496] net_namespace 96KB 96KB [ 1096.811791] shmem_inode_cache 8089KB 8193KB [ 1096.822247] task_delay_info 207KB 367KB [ 1096.831833] taskstats 22KB 53KB [ 1096.843674] proc_dir_entry 983KB 1001KB [ 1096.854516] pde_opener 14KB 34KB [ 1096.861571] seq_file 254KB 468KB [ 1096.866995] sigqueue 56KB 66KB [ 1096.872354] kernfs_node_cache 17294KB 17773KB [ 1096.890961] mnt_cache 190KB 220KB [ 1096.898312] filp 6546KB 7597KB [ 1096.903689] names_cache 105043KB 105081KB [ 1096.911351] iint_cache 29KB 55KB [ 1096.923720] key_jar 23KB 135KB [ 1096.943333] uts_namespace 3KB 7KB [ 1096.952147] nsproxy 1KB 11KB [ 1096.968647] vm_area_struct 3208KB 3642KB [ 1096.974016] mm_struct 511KB 578KB [ 1096.993479] fs_cache 216KB 332KB [ 1096.998908] files_cache 805KB 1076KB [ 1097.004260] signal_cache 1539KB 2098KB [ 1097.017852] sighand_cache 552KB 603KB [ 1097.023223] task_struct 7038KB 7095KB [ 1097.034556] cred_jar 1871KB 2544KB [ 1097.039992] anon_vma_chain 994KB 1488KB [ 1097.052167] anon_vma 116KB 288KB [ 1097.062026] pid 131KB 224KB [ 1097.067430] Acpi-Operand 156KB 198KB [ 1097.072785] Acpi-ParseExt 9KB 11KB [ 1097.084276] Acpi-Parse 41KB 47KB [ 1097.103012] Acpi-State 52KB 63KB [ 1097.114315] Acpi-Namespace 20KB 27KB [ 1097.119788] numa_policy 0KB 3KB [ 1097.128718] debug_objects_cache 1643KB 1828KB [ 1097.134260] trace_event_file 297KB 298KB [ 1097.149758] ftrace_event_field 398KB 401KB [ 1097.158482] pool_workqueue 144KB 152KB [ 1097.163838] page->ptl 476KB 1000KB [ 1097.176226] kmalloc-2097152 2050KB 2050KB [ 1097.181588] kmalloc-524288 2056KB 2056KB [ 1097.189394] kmalloc-262144 1290KB 1290KB [ 1097.194751] kmalloc-131072 650KB 650KB [ 1097.210470] kmalloc-65536 2640KB 2970KB [ 1097.219493] kmalloc-32768 2277KB 2409KB [ 1097.224854] kmalloc-16384 1336KB 1402KB [ 1097.233604] kmalloc-8192 5519KB 5593KB [ 1097.242753] kmalloc-4096 28768KB 28827KB [ 1097.258912] kmalloc-2048 18200KB 18576KB [ 1097.264278] kmalloc-1024 13878KB 14301KB [ 1097.273200] kmalloc-512 18401KB 18401KB [ 1097.291193] kmalloc-256 5641KB 6026KB [ 1097.296648] kmalloc-128 1379KB 1468KB [ 1097.302006] kmalloc-96 3489KB 4076KB [ 1097.318933] kmalloc-64 2731KB 3872KB [ 1097.324311] kmalloc-32 1988KB 2543KB [ 1097.329737] kmalloc-192 2208KB 2748KB [ 1097.342132] kmem_cache 177KB 183KB [ 1097.349145] Out of memory (oom_kill_allocating_task): Kill process 8081 (syz-fuzzer) score 0 or sacrifice child [ 1097.359482] Killed process 5437 (syz-executor.0) total-vm:48512kB, anon-rss:428kB, file-rss:0kB, shmem-rss:0kB [ 1097.409470] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1097.424277] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1097.433491] CPU: 0 PID: 8081 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 1097.440967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1097.450304] Call Trace: [ 1097.452878] dump_stack+0x1fc/0x2ef [ 1097.456494] dump_header+0x15d/0xc3f [ 1097.460192] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1097.465290] ? ___ratelimit+0x319/0x590 [ 1097.469244] oom_kill_process.cold+0x10/0x692 [ 1097.473721] ? check_preemption_disabled+0x41/0x280 [ 1097.478722] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1097.483976] out_of_memory+0x1072/0x1390 [ 1097.488019] ? oom_killer_disable+0x270/0x270 [ 1097.492503] ? mutex_trylock+0x15f/0x1a0 [ 1097.496557] __alloc_pages_nodemask+0x23a2/0x2890 [ 1097.501394] ? find_get_entry+0x4cd/0x8a0 [ 1097.505541] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1097.510378] alloc_pages_current+0x193/0x2a0 [ 1097.514819] filemap_fault+0x146e/0x2180 [ 1097.518881] ext4_filemap_fault+0x84/0xb0 [ 1097.523008] __do_fault+0x10b/0x4b0 [ 1097.526621] __handle_mm_fault+0x273b/0x41c0 [ 1097.531023] ? vm_insert_page+0x9c0/0x9c0 [ 1097.535161] ? check_preemption_disabled+0x41/0x280 [ 1097.540164] handle_mm_fault+0x436/0xb10 [ 1097.544211] __do_page_fault+0x68e/0xd60 [ 1097.548261] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1097.553260] ? spurious_fault+0x840/0x840 [ 1097.557392] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1097.562218] ? page_fault+0x8/0x30 [ 1097.565747] page_fault+0x1e/0x30 [ 1097.569213] RIP: 0033:0x451cf7 [ 1097.572396] Code: Bad RIP value. [ 1097.575749] RSP: 002b:000000c0000598e8 EFLAGS: 00010203 [ 1097.581087] RAX: 0000000000000041 RBX: 0000000000000002 RCX: 000000000117c760 [ 1097.588428] RDX: 0000000000000001 RSI: 000000000044218a RDI: 0000000000d01e34 [ 1097.595680] RBP: 000000c0000598f8 R08: 0000000001f7ee40 R09: 000001166be54c5e [ 1097.602925] R10: 001a50a47b7bc656 R11: 0000000000000001 R12: 000000c0000599a0 [ 1097.610169] R13: 000000c0006c8800 R14: 000000c000000340 R15: 00007f1ca264e834 [ 1097.645116] Mem-Info: [ 1097.654883] active_anon:15322 inactive_anon:41310 isolated_anon:0 [ 1097.654883] active_file:314 inactive_file:350 isolated_file:80 [ 1097.654883] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1097.654883] slab_reclaimable:13532 slab_unreclaimable:113003 [ 1097.654883] mapped:18944 shmem:41928 pagetables:445 bounce:0 [ 1097.654883] free:25626 free_pcp:13 free_cma:0 [ 1097.731211] Node 0 active_anon:59116kB inactive_anon:51172kB active_file:476kB inactive_file:528kB unevictable:0kB isolated(anon):0kB isolated(file):72kB mapped:72900kB dirty:0kB writeback:0kB shmem:52736kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 16384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1097.768034] Node 1 active_anon:2180kB inactive_anon:114068kB active_file:4kB inactive_file:48kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1672kB dirty:0kB writeback:0kB shmem:114976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1097.795397] Node 0 DMA free:10984kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1097.859266] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1097.891078] Node 0 DMA32 free:36304kB min:35996kB low:44992kB high:53988kB active_anon:59108kB inactive_anon:51172kB active_file:556kB inactive_file:176kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7360kB pagetables:1612kB bounce:0kB free_pcp:132kB local_pcp:0kB free_cma:0kB [ 1097.989794] lowmem_reserve[]: 0 0 1 1 1 [ 1097.993796] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1098.118691] lowmem_reserve[]: 0 0 0 0 0 [ 1098.122697] Node 1 Normal free:53392kB min:53876kB low:67344kB high:80812kB active_anon:2160kB inactive_anon:114068kB active_file:0kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:212kB bounce:0kB free_pcp:164kB local_pcp:16kB free_cma:0kB [ 1098.221914] lowmem_reserve[]: 0 0 0 0 0 [ 1098.226017] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10984kB [ 1098.239325] Node 0 DMA32: 947*4kB (ME) 829*8kB (UME) 325*16kB (ME) 81*32kB (ME) 23*64kB (UME) 12*128kB (M) 11*256kB (M) 5*512kB (M) 4*1024kB (M) 2*2048kB (M) 0*4096kB = 34788kB [ 1098.255420] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1098.266669] Node 1 Normal: 222*4kB (UME) 187*8kB (UME) 162*16kB (UME) 97*32kB (UME) 22*64kB (UME) 9*128kB (ME) 3*256kB (M) 3*512kB (UM) 2*1024kB (ME) 3*2048kB (UME) 8*4096kB (U) = 53904kB [ 1098.294900] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1098.303743] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1098.436703] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1098.455234] syz-executor.0 (5438) used greatest stack depth: 23104 bytes left [ 1098.485680] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1098.494258] 42019 total pagecache pages [ 1098.505283] 0 pages in swap cache [ 1098.508735] Swap cache stats: add 0, delete 0, find 0/0 [ 1098.515642] Free swap = 0kB [ 1098.518675] Total swap = 0kB [ 1098.521703] 2097051 pages RAM [ 1098.524798] 0 pages HighMem/MovableOnly [ 1098.533272] 369649 pages reserved [ 1098.536812] 0 pages cma reserved [ 1098.540167] Unreclaimable slab info: [ 1098.543866] Name Used Total [ 1098.553287] pid_2 12KB 72KB [ 1098.558746] batadv_tt_change_cache 4KB 7KB [ 1098.564548] batadv_tl_cache 7KB 16KB [ 1098.573949] TIPC 16KB 37KB [ 1098.579364] SCTPv6 22KB 30KB [ 1098.584727] DCCPv6 17KB 30KB [ 1098.594299] DCCP 16KB 35KB [ 1098.617612] RXRPC 17KB 32KB [ 1098.622993] rxrpc_call_jar 123KB 141KB [ 1098.699788] bridge_fdb_cache 14KB 27KB [ 1098.738472] fib6_nodes 236KB 268KB [ 1098.743869] ip6_dst_cache 772KB 772KB [ 1098.808897] RAWv6 121KB 128KB [ 1098.814288] UDPv6 39KB 45KB [ 1098.869651] TCPv6 24KB 36KB [ 1098.895260] nf_conntrack 15KB 18KB [ 1098.911484] t10_alua_lu_gp_cache 0KB 3KB [ 1098.944477] sd_ext_cdb 0KB 7KB [ 1098.973867] scsi_sense_cache 1056KB 1060KB [ 1098.998822] virtio_scsi_cmd 16KB 16KB [ 1099.004199] sgpool-128 8KB 8KB [ 1099.062991] sgpool-64 4KB 12KB [ 1099.097296] sgpool-32 2KB 15KB [ 1099.102657] sgpool-16 1KB 7KB [ 1099.147887] sgpool-8 0KB 7KB [ 1099.153267] mqueue_inode_cache 12KB 30KB [ 1099.203457] bio_post_read_ctx 14KB 15KB [ 1099.241114] bio-2 14KB 15KB [ 1099.260054] jfs_mp 7KB 7KB [ 1099.299801] cifs_small_rq 15KB 16KB [ 1099.324228] cifs_request 67KB 67KB [ 1099.351352] cifs_mpx_ids 0KB 7KB [ 1099.380056] nfs_commit_data 3KB 14KB [ 1099.403410] nfs_write_data 34KB 44KB [ 1099.422019] ext4_system_zone 1KB 7KB [ 1099.441460] bio-1 1KB 7KB [ 1099.469395] pid_namespace 2KB 7KB [ 1099.492940] rpc_buffers 17KB 25KB [ 1099.503558] rpc_tasks 2KB 7KB [ 1099.534927] UNIX 1921KB 1995KB [ 1099.556718] tcp_bind_bucket 1KB 4KB [ 1099.562105] ip_fib_trie 34KB 43KB [ 1099.587858] ip_fib_alias 167KB 193KB [ 1099.593227] ip_dst_cache 11KB 20KB [ 1099.598625] RAW 72KB 75KB [ 1099.603985] UDP 57KB 74KB [ 1099.609496] TCP 8KB 16KB [ 1099.614887] hugetlbfs_inode_cache 3KB 15KB [ 1099.620594] fscache_cookie_jar 1KB 11KB [ 1099.626077] eventpoll_pwq 22KB 43KB [ 1099.631438] eventpoll_epi 42KB 66KB [ 1099.636830] inotify_inode_mark 14KB 39KB [ 1099.643933] request_queue 199KB 199KB [ 1099.649342] blkdev_requests 1KB 3KB [ 1099.654702] blkdev_ioc 25KB 38KB [ 1099.660097] bio-0 980KB 993KB [ 1099.665517] biovec-max 1518KB 1534KB [ 1099.670892] biovec-64 964KB 984KB [ 1099.676284] biovec-16 133KB 146KB [ 1099.681642] bio_integrity_payload 1KB 8KB [ 1099.687385] khugepaged_mm_slot 3KB 27KB [ 1099.692837] uid_cache 0KB 4KB [ 1099.698304] dmaengine-unmap-2 0KB 3KB [ 1099.703664] skbuff_fclone_cache 32KB 48KB [ 1099.778990] skbuff_head_cache 10013KB 10016KB [ 1099.784363] configfs_dir_cache 3KB 7KB [ 1099.809383] file_lock_cache 44KB 75KB [ 1099.854742] file_lock_ctx 9KB 11KB [ 1099.860134] fsnotify_mark_connector 6KB 19KB [ 1099.877788] net_namespace 96KB 96KB [ 1099.884778] shmem_inode_cache 8083KB 8193KB [ 1099.890134] task_delay_info 202KB 367KB [ 1099.909322] taskstats 21KB 53KB [ 1099.914751] proc_dir_entry 979KB 1001KB [ 1099.920108] pde_opener 14KB 34KB [ 1099.941939] seq_file 251KB 468KB [ 1099.947441] sigqueue 56KB 66KB [ 1099.952798] kernfs_node_cache 17294KB 17773KB [ 1099.958210] mnt_cache 190KB 220KB [ 1099.963561] filp 6518KB 7593KB [ 1099.987938] names_cache 104414KB 104452KB [ 1099.993389] iint_cache 33KB 55KB [ 1100.057901] key_jar 23KB 135KB [ 1100.063271] uts_namespace 3KB 7KB [ 1100.073716] nsproxy 1KB 11KB [ 1100.082580] vm_area_struct 3194KB 3642KB [ 1100.087983] mm_struct 498KB 578KB [ 1100.093333] fs_cache 209KB 332KB [ 1100.121956] files_cache 793KB 1068KB [ 1100.129941] signal_cache 1526KB 2091KB [ 1100.137745] sighand_cache 575KB 603KB [ 1100.143111] task_struct 6798KB 6855KB [ 1100.157877] cred_jar 1847KB 2544KB [ 1100.163236] anon_vma_chain 989KB 1488KB [ 1100.294516] anon_vma 110KB 288KB [ 1100.319060] pid 128KB 224KB [ 1100.324436] Acpi-Operand 156KB 198KB [ 1100.394075] Acpi-ParseExt 9KB 11KB [ 1100.427580] Acpi-Parse 41KB 47KB [ 1100.432962] Acpi-State 52KB 63KB [ 1100.508495] Acpi-Namespace 20KB 27KB [ 1100.513884] numa_policy 0KB 3KB [ 1100.574879] debug_objects_cache 1641KB 1828KB [ 1100.580439] trace_event_file 297KB 298KB [ 1100.627585] ftrace_event_field 398KB 401KB [ 1100.633062] pool_workqueue 143KB 152KB [ 1100.691770] page->ptl 472KB 1000KB [ 1100.714202] kmalloc-2097152 2050KB 2050KB [ 1100.746541] kmalloc-524288 2056KB 2056KB [ 1100.751917] kmalloc-262144 1290KB 1290KB [ 1100.807251] kmalloc-131072 650KB 650KB [ 1100.812634] kmalloc-65536 2640KB 2838KB [ 1100.866857] kmalloc-32768 2277KB 2409KB [ 1100.904306] kmalloc-16384 1336KB 1402KB [ 1100.930934] kmalloc-8192 5502KB 5577KB [ 1100.962290] kmalloc-4096 28458KB 28517KB [ 1100.987352] kmalloc-2048 18147KB 18557KB [ 1100.992719] kmalloc-1024 13891KB 14301KB [ 1101.043404] kmalloc-512 18795KB 18795KB [ 1101.065638] kmalloc-256 5627KB 6026KB [ 1101.071032] kmalloc-128 1373KB 1468KB [ 1101.109302] kmalloc-96 3527KB 4076KB [ 1101.144143] kmalloc-64 2719KB 3868KB [ 1101.149711] kmalloc-32 1992KB 2543KB [ 1101.185203] kmalloc-192 2200KB 2748KB [ 1101.190572] kmem_cache 177KB 183KB [ 1101.237957] Out of memory (oom_kill_allocating_task): Kill process 8081 (syz-fuzzer) score 0 or sacrifice child [ 1101.310677] Killed process 10589 (syz-executor.2) total-vm:48512kB, anon-rss:424kB, file-rss:0kB, shmem-rss:0kB [ 1102.175396] syz-executor.2 (10590) used greatest stack depth: 22968 bytes left [ 1102.505602] oom_reaper: reaped process 10582 (syz-executor.1), now anon-rss:0kB, file-rss:14332kB, shmem-rss:8kB [ 1102.605081] systemd-udevd invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=-1000 [ 1102.617336] systemd-udevd cpuset=/ mems_allowed=0-1 [ 1102.622371] CPU: 0 PID: 10724 Comm: systemd-udevd Not tainted 4.19.211-syzkaller #0 [ 1102.630148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1102.639486] Call Trace: [ 1102.642079] dump_stack+0x1fc/0x2ef [ 1102.645718] dump_header+0x15d/0xc3f [ 1102.649428] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1102.654534] ? ___ratelimit+0x319/0x590 [ 1102.658506] oom_kill_process.cold+0x10/0x692 [ 1102.662987] ? oom_badness.part.0+0x135/0x6e0 [ 1102.667482] ? lock_downgrade+0x720/0x720 [ 1102.671626] ? check_preemption_disabled+0x41/0x280 [ 1102.676644] out_of_memory+0x34d/0x1390 [ 1102.680624] ? oom_killer_disable+0x270/0x270 [ 1102.684576] net_ratelimit: 5 callbacks suppressed [ 1102.684583] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1102.685118] ? mutex_trylock+0x15f/0x1a0 [ 1102.700469] __alloc_pages_nodemask+0x23a2/0x2890 [ 1102.705323] ? find_get_entry+0x4cd/0x8a0 [ 1102.709495] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1102.714348] alloc_pages_current+0x193/0x2a0 [ 1102.718774] filemap_fault+0x146e/0x2180 [ 1102.722824] ext4_filemap_fault+0x84/0xb0 [ 1102.726963] __do_fault+0x10b/0x4b0 [ 1102.730583] __handle_mm_fault+0x273b/0x41c0 [ 1102.734976] ? vm_insert_page+0x9c0/0x9c0 [ 1102.739111] ? sync_mm_rss+0x97/0x1a0 [ 1102.742892] handle_mm_fault+0x436/0xb10 [ 1102.746955] __do_page_fault+0x68e/0xd60 [ 1102.751034] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1102.756053] ? spurious_fault+0x840/0x840 [ 1102.760197] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1102.765035] ? page_fault+0x8/0x30 [ 1102.768572] page_fault+0x1e/0x30 [ 1102.772018] RIP: 0033:0x7f56b0e7fd60 [ 1102.775717] Code: Bad RIP value. [ 1102.779083] RSP: 002b:00007ffd88a72ee8 EFLAGS: 00010246 [ 1102.784424] RAX: 0000000000000000 RBX: 0000557be7c4f3e8 RCX: 00007f56b1153840 [ 1102.791675] RDX: 0000557be7c50006 RSI: 0000000000000003 RDI: 0000000000000007 [ 1102.798929] RBP: 0000000000000004 R08: 0000000000000020 R09: 0000000000000018 [ 1102.806191] R10: 00007f56b0e8d2aa R11: 0000000000000246 R12: 0000000000000000 [ 1102.813457] R13: 0000000000000000 R14: 0000000000000007 R15: 000000000000000e [ 1102.825420] Mem-Info: [ 1102.827852] active_anon:14571 inactive_anon:41310 isolated_anon:0 [ 1102.827852] active_file:19 inactive_file:15 isolated_file:0 [ 1102.827852] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1102.827852] slab_reclaimable:13549 slab_unreclaimable:112595 [ 1102.827852] mapped:14876 shmem:41928 pagetables:450 bounce:0 [ 1102.827852] free:13765 free_pcp:123 free_cma:0 [ 1102.842595] syz-executor.1: vmalloc: allocation failure, allocated 1723658240 of 2147491840 bytes, mode:0x6080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 1102.880044] Node 0 active_anon:56240kB inactive_anon:51172kB active_file:72kB inactive_file:60kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:57832kB dirty:0kB writeback:0kB shmem:52736kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 14336kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1102.931113] Node 1 active_anon:2044kB inactive_anon:114068kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1672kB dirty:0kB writeback:0kB shmem:114976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1102.934211] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 1102.975536] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1102.979482] CPU: 1 PID: 10582 Comm: syz-executor.1 Not tainted 4.19.211-syzkaller #0 [ 1103.001702] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1103.009536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1103.009540] Call Trace: [ 1103.009561] dump_stack+0x1fc/0x2ef [ 1103.009578] warn_alloc.cold+0x7b/0x18f [ 1103.014597] Node 0 DMA32 free:17396kB min:35996kB low:44992kB high:53988kB active_anon:56240kB inactive_anon:51172kB active_file:72kB inactive_file:60kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7264kB pagetables:1588kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 1103.023929] ? zone_watermark_ok_safe+0x260/0x260 [ 1103.026500] lowmem_reserve[]: 0 0 1 1 1 [ 1103.030095] ? rcu_nmi_exit+0xb3/0x180 [ 1103.034056] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1103.062794] __vmalloc_area_node+0x4fd/0x780 [ 1103.062815] ? __vmalloc_node_range+0x180/0x180 [ 1103.067636] lowmem_reserve[]: 0 0 0 0 0 [ 1103.071582] ? _raw_spin_unlock+0x29/0x40 [ 1103.075458] Node 1 Normal free:26780kB min:53876kB low:67344kB high:80812kB active_anon:2044kB inactive_anon:114068kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:212kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 1103.101271] ? __get_vm_area_node+0x2e2/0x3a0 [ 1103.101288] __vmalloc_node_range+0xed/0x180 [ 1103.101306] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 1103.105698] lowmem_reserve[]: 0 0 0 0 0 [ 1103.110341] ? vb2_vmalloc_dmabuf_ops_release+0x40/0x40 [ 1103.114285] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 1103.118417] vmalloc_user+0x70/0xe0 [ 1103.118431] ? vb2_vmalloc_alloc+0xb3/0x2f0 [ 1103.118448] vb2_vmalloc_alloc+0xb3/0x2f0 [ 1103.146890] Node 0 DMA32: 1027*4kB (ME) 773*8kB (UME) 274*16kB (UME) 53*32kB (ME) 8*64kB (UME) 2*128kB (M) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17396kB [ 1103.151353] __vb2_queue_alloc+0x472/0xe60 [ 1103.155752] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1103.160052] vb2_core_create_bufs+0x273/0x7e0 [ 1103.164009] Node 1 Normal: 217*4kB (UME) 181*8kB (ME) 157*16kB (ME) 94*32kB (UME) 22*64kB (ME) 11*128kB (UME) 3*256kB (M) 2*512kB (M) 2*1024kB (ME) 2*2048kB (ME) 2*4096kB (U) = 26780kB [ 1103.169360] ? __vb2_queue_free+0x870/0x870 [ 1103.169376] ? mutex_trylock+0x1a0/0x1a0 [ 1103.169394] ? __video_do_ioctl+0x632/0xcd0 [ 1103.182574] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1103.186171] vb2_create_bufs+0x332/0x620 [ 1103.186189] ? __bpf_trace_vb2_event_class+0xe0/0xe0 [ 1103.190484] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1103.194610] ? __video_do_ioctl+0x632/0xcd0 [ 1103.194623] ? mutex_trylock+0x1a0/0x1a0 [ 1103.194640] ? mark_held_locks+0xf0/0xf0 [ 1103.209367] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1103.213573] vb2_ioctl_create_bufs+0x20d/0x360 [ 1103.224568] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1103.229029] ? memset+0x20/0x40 [ 1103.245592] 41962 total pagecache pages [ 1103.249876] v4l_create_bufs+0xb2/0x160 [ 1103.253910] 0 pages in swap cache [ 1103.258220] __video_do_ioctl+0x49a/0xcd0 [ 1103.258248] ? v4l_querycap+0x340/0x340 [ 1103.267069] Swap cache stats: add 0, delete 0, find 0/0 [ 1103.271104] ? __might_fault+0x192/0x1d0 [ 1103.276198] Free swap = 0kB [ 1103.284746] ? v4l_querycap+0x340/0x340 [ 1103.284761] video_usercopy+0x13f/0xfa0 [ 1103.284786] ? v4l_enumstd+0x60/0x60 [ 1103.289074] Total swap = 0kB [ 1103.293132] ? do_futex+0x171/0x1880 [ 1103.297185] 2097051 pages RAM [ 1103.305996] ? mark_held_locks+0xf0/0xf0 [ 1103.306017] ? debug_check_no_obj_freed+0x201/0x490 [ 1103.310569] 0 pages HighMem/MovableOnly [ 1103.319134] ? video_usercopy+0xfa0/0xfa0 [ 1103.319149] v4l2_ioctl+0x147/0x1a0 [ 1103.322399] 369649 pages reserved [ 1103.326371] ? video_devdata+0xa0/0xa0 [ 1103.326386] do_vfs_ioctl+0xcdb/0x12e0 [ 1103.326403] ? lock_downgrade+0x720/0x720 [ 1103.330355] 0 pages cma reserved [ 1103.333796] ? check_preemption_disabled+0x41/0x280 [ 1103.337928] Unreclaimable slab info: [ 1103.341868] ? ioctl_preallocate+0x200/0x200 [ 1103.347216] Name Used Total [ 1103.351247] ? __fget+0x356/0x510 [ 1103.354238] pid_2 12KB 72KB [ 1103.358190] ? do_dup2+0x450/0x450 [ 1103.358201] ? __se_sys_futex+0x298/0x3b0 [ 1103.358221] ksys_ioctl+0x9b/0xc0 [ 1103.362219] batadv_tt_change_cache 3KB 7KB [ 1103.365860] __x64_sys_ioctl+0x6f/0xb0 [ 1103.365872] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 1103.365887] do_syscall_64+0xf9/0x620 [ 1103.368877] batadv_tl_cache 7KB 16KB [ 1103.372587] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1103.375695] TIPC 16KB 37KB [ 1103.379701] RIP: 0033:0x7f2ed42610f9 [ 1103.384719] SCTPv6 22KB 30KB [ 1103.388644] Code: Bad RIP value. [ 1103.392767] DCCPv6 17KB 30KB [ 1103.396362] RSP: 002b:00007f2ed27d3168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1103.396376] RAX: ffffffffffffffda RBX: 00007f2ed4380f80 RCX: 00007f2ed42610f9 [ 1103.396383] RDX: 0000000020000440 RSI: 00000000c100565c RDI: 0000000000000003 [ 1103.396393] RBP: 00007f2ed42bcae9 R08: 0000000000000000 R09: 0000000000000000 [ 1103.399824] DCCP 16KB 35KB [ 1103.403680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1103.403690] R13: 00007ffda798718f R14: 00007f2ed27d3300 R15: 0000000000022000 [ 1103.407604] RXRPC 17KB 32KB [ 1103.412626] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1103.455893] rxrpc_call_jar 123KB 141KB [ 1103.459487] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1103.463272] bridge_fdb_cache 14KB 27KB [ 1103.467883] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1103.467925] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1103.469592] Mem-Info: [ 1103.494565] Bluetooth: hci3: command 0x0406 tx timeout [ 1103.496903] active_anon:14571 inactive_anon:41310 isolated_anon:0 [ 1103.496903] active_file:19 inactive_file:15 isolated_file:0 [ 1103.496903] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1103.496903] slab_reclaimable:13549 slab_unreclaimable:112595 [ 1103.496903] mapped:14876 shmem:41928 pagetables:450 bounce:0 [ 1103.496903] free:13764 free_pcp:120 free_cma:0 [ 1103.507942] fib6_nodes 235KB 268KB [ 1103.513309] Node 0 active_anon:56240kB inactive_anon:51172kB active_file:72kB inactive_file:60kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:57832kB dirty:0kB writeback:0kB shmem:52736kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 14336kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1103.553105] ip6_dst_cache 783KB 783KB [ 1103.555765] Node 1 active_anon:2044kB inactive_anon:114068kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:1672kB dirty:0kB writeback:0kB shmem:114976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1103.609921] RAWv6 121KB 128KB [ 1103.639446] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1103.703633] UDPv6 39KB 45KB [ 1103.704830] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1103.704854] Node 0 DMA32 free:17144kB min:35996kB low:44992kB high:53988kB active_anon:56240kB inactive_anon:51172kB active_file:72kB inactive_file:60kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7264kB pagetables:1588kB bounce:0kB free_pcp:472kB local_pcp:224kB free_cma:0kB [ 1103.704887] lowmem_reserve[]: 0 0 1 1 1 [ 1103.704907] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1103.704939] lowmem_reserve[]: 0 0 0 0 0 [ 1103.755451] TCPv6 21KB 30KB [ 1103.776320] Node 1 Normal free:26780kB min:53876kB low:67344kB high:80812kB active_anon:2044kB inactive_anon:114068kB active_file:12kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:384kB pagetables:212kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 1103.776352] lowmem_reserve[]: 0 0 0 0 0 [ 1103.776370] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 1103.837795] nf_conntrack 15KB 18KB [ 1103.844893] Node 0 DMA32: 1028*4kB (UME) 773*8kB (UME) 274*16kB (UME) 53*32kB (ME) 8*64kB (UME) 2*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17144kB [ 1103.885090] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1103.899469] t10_alua_lu_gp_cache 0KB 3KB [ 1103.908438] sd_ext_cdb 0KB 7KB [ 1103.910509] Node 1 Normal: 217*4kB (UME) 181*8kB (ME) 157*16kB (ME) 94*32kB (UME) 22*64kB (ME) 11*128kB (UME) 3*256kB (M) 2*512kB (M) 2*1024kB (ME) 2*2048kB (ME) 2*4096kB (U) = 26780kB [ 1103.913794] scsi_sense_cache 1056KB 1060KB [ 1103.942669] virtio_scsi_cmd 16KB 16KB [ 1103.951267] sgpool-128 8KB 8KB [ 1103.959119] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1103.962618] sgpool-64 4KB 12KB [ 1103.968025] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1103.968067] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1103.968107] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1104.003071] sgpool-32 2KB 15KB [ 1104.007273] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1104.008498] sgpool-16 1KB 7KB [ 1104.030544] sgpool-8 0KB 7KB [ 1104.035950] mqueue_inode_cache 12KB 30KB [ 1104.041401] bio_post_read_ctx 14KB 15KB [ 1104.042238] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1104.054285] bio-2 14KB 15KB [ 1104.061051] jfs_mp 7KB 7KB [ 1104.075766] cifs_small_rq 15KB 16KB [ 1104.081233] cifs_request 67KB 67KB [ 1104.089538] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1104.092798] cifs_mpx_ids 0KB 7KB [ 1104.111172] nfs_commit_data 3KB 14KB [ 1104.116587] nfs_write_data 34KB 44KB [ 1104.121989] ext4_system_zone 1KB 7KB [ 1104.124313] 41962 total pagecache pages [ 1104.136700] bio-1 1KB 7KB [ 1104.142072] pid_namespace 2KB 7KB [ 1104.153854] rpc_buffers 17KB 25KB [ 1104.160036] 0 pages in swap cache [ 1104.163493] Swap cache stats: add 0, delete 0, find 0/0 [ 1104.178677] rpc_tasks 2KB 7KB [ 1104.184055] UNIX 1903KB 1980KB [ 1104.188904] Free swap = 0kB [ 1104.192408] Total swap = 0kB [ 1104.208946] tcp_bind_bucket 1KB 4KB [ 1104.214321] ip_fib_trie 34KB 43KB [ 1104.216234] 2097051 pages RAM [ 1104.222787] 0 pages HighMem/MovableOnly [ 1104.233338] ip_fib_alias 166KB 193KB [ 1104.238750] ip_dst_cache 11KB 20KB [ 1104.244108] RAW 72KB 75KB [ 1104.246914] 369649 pages reserved [ 1104.252900] 0 pages cma reserved [ 1104.269540] UDP 57KB 74KB [ 1104.284254] TCP 8KB 16KB [ 1104.306951] hugetlbfs_inode_cache 3KB 15KB [ 1104.312676] fscache_cookie_jar 1KB 11KB [ 1104.338232] eventpoll_pwq 28KB 43KB [ 1104.343609] eventpoll_epi 53KB 66KB [ 1104.353059] inotify_inode_mark 13KB 39KB [ 1104.378680] request_queue 199KB 199KB [ 1104.384055] blkdev_requests 1KB 3KB [ 1104.409495] blkdev_ioc 25KB 38KB [ 1104.418577] bio-0 1270KB 1282KB [ 1104.423942] biovec-max 1518KB 1534KB [ 1104.449479] biovec-64 1200KB 1220KB [ 1104.462345] biovec-16 184KB 191KB [ 1104.474112] bio_integrity_payload 1KB 8KB [ 1104.497642] khugepaged_mm_slot 3KB 27KB [ 1104.503107] uid_cache 0KB 4KB [ 1104.521743] dmaengine-unmap-2 0KB 3KB [ 1104.530648] skbuff_fclone_cache 32KB 48KB [ 1104.548995] skbuff_head_cache 10216KB 10218KB [ 1104.561489] configfs_dir_cache 3KB 7KB [ 1104.573096] file_lock_cache 44KB 75KB [ 1104.591929] file_lock_ctx 9KB 11KB [ 1104.600707] fsnotify_mark_connector 6KB 19KB [ 1104.606675] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1104.606721] ICMPv6: ndisc: ndisc_alloc_skb failed to allocate an skb [ 1104.643744] net_namespace 96KB 96KB [ 1104.666289] shmem_inode_cache 8080KB 8193KB [ 1104.671673] task_delay_info 202KB 367KB [ 1104.701809] taskstats 21KB 53KB [ 1104.713757] proc_dir_entry 979KB 1001KB [ 1104.732775] pde_opener 14KB 34KB [ 1104.741784] seq_file 255KB 468KB [ 1104.760410] sigqueue 66KB 66KB [ 1104.769013] kernfs_node_cache 17283KB 17769KB [ 1104.787999] mnt_cache 190KB 220KB [ 1104.793367] filp 6440KB 7593KB [ 1104.812457] names_cache 104218KB 104218KB [ 1104.817888] iint_cache 37KB 55KB [ 1104.823251] key_jar 23KB 135KB [ 1104.841659] uts_namespace 3KB 7KB [ 1104.850480] nsproxy 1KB 11KB [ 1104.869145] vm_area_struct 3194KB 3642KB [ 1104.877447] mm_struct 490KB 578KB [ 1104.882826] fs_cache 209KB 332KB [ 1104.901231] files_cache 792KB 1068KB [ 1104.910174] signal_cache 1497KB 2077KB [ 1104.928334] sighand_cache 575KB 603KB [ 1104.933704] task_struct 6615KB 6678KB [ 1104.940204] cred_jar 1823KB 2544KB [ 1104.984488] anon_vma_chain 989KB 1488KB [ 1104.989863] anon_vma 124KB 288KB [ 1105.017642] pid 128KB 224KB [ 1105.023018] Acpi-Operand 156KB 198KB [ 1105.040604] Acpi-ParseExt 9KB 11KB [ 1105.049423] Acpi-Parse 41KB 47KB [ 1105.068156] Acpi-State 52KB 63KB [ 1105.073528] Acpi-Namespace 20KB 27KB [ 1105.080959] numa_policy 0KB 3KB [ 1105.112734] debug_objects_cache 1640KB 1828KB [ 1105.154605] trace_event_file 297KB 298KB [ 1105.159993] ftrace_event_field 398KB 401KB [ 1105.193545] pool_workqueue 142KB 152KB [ 1105.220991] page->ptl 471KB 1000KB [ 1105.232889] kmalloc-2097152 2050KB 2050KB [ 1105.251555] kmalloc-524288 2056KB 2056KB [ 1105.260041] kmalloc-262144 1290KB 1290KB [ 1105.278355] kmalloc-131072 650KB 650KB [ 1105.283812] kmalloc-65536 2640KB 2706KB [ 1105.290973] kmalloc-32768 2277KB 2409KB [ 1105.309067] kmalloc-16384 1336KB 1402KB [ 1105.327397] kmalloc-8192 5486KB 5560KB [ 1105.332759] kmalloc-4096 28028KB 28045KB [ 1105.360334] kmalloc-2048 18105KB 18544KB [ 1105.376027] kmalloc-1024 13945KB 14301KB [ 1105.381392] kmalloc-512 18900KB 18900KB [ 1105.404021] kmalloc-256 5614KB 6026KB [ 1105.427591] kmalloc-128 1373KB 1468KB [ 1105.432961] kmalloc-96 3542KB 4076KB [ 1105.441141] kmalloc-64 2707KB 3868KB [ 1105.463647] kmalloc-32 1995KB 2543KB [ 1105.487548] kmalloc-192 2200KB 2748KB [ 1105.492933] kmem_cache 177KB 183KB [ 1105.521034] Out of memory: Kill process 10575 (syz-executor.3) score 1002 or sacrifice child [ 1105.548260] Killed process 10584 (syz-executor.3) total-vm:60680kB, anon-rss:2548kB, file-rss:14336kB, shmem-rss:36kB [ 1105.582822] oom_reaper: reaped process 10584 (syz-executor.3), now anon-rss:0kB, file-rss:14332kB, shmem-rss:8kB [ 1105.597448] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 1105.629663] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1105.640689] CPU: 1 PID: 8085 Comm: syz-fuzzer Not tainted 4.19.211-syzkaller #0 [ 1105.648417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1105.657774] Call Trace: [ 1105.660370] dump_stack+0x1fc/0x2ef [ 1105.663999] dump_header+0x15d/0xc3f [ 1105.667715] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1105.672816] ? ___ratelimit+0x319/0x590 [ 1105.676797] oom_kill_process.cold+0x10/0x692 [ 1105.681299] ? check_preemption_disabled+0x41/0x280 [ 1105.686314] ? has_intersects_mems_allowed+0x1d6/0x290 [ 1105.691576] out_of_memory+0x1072/0x1390 [ 1105.695628] ? oom_killer_disable+0x270/0x270 [ 1105.700107] ? mutex_trylock+0x15f/0x1a0 [ 1105.704153] __alloc_pages_nodemask+0x23a2/0x2890 [ 1105.708989] ? find_get_entry+0x4cd/0x8a0 [ 1105.713128] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1105.718061] alloc_pages_current+0x193/0x2a0 [ 1105.722465] filemap_fault+0x146e/0x2180 [ 1105.726523] ext4_filemap_fault+0x84/0xb0 [ 1105.730779] __do_fault+0x10b/0x4b0 [ 1105.734400] __handle_mm_fault+0x273b/0x41c0 [ 1105.738796] ? vm_insert_page+0x9c0/0x9c0 [ 1105.742940] ? check_preemption_disabled+0x41/0x280 [ 1105.747946] handle_mm_fault+0x436/0xb10 [ 1105.752010] __do_page_fault+0x68e/0xd60 [ 1105.756063] ? trace_hardirqs_off_caller+0x6e/0x210 [ 1105.761078] ? spurious_fault+0x840/0x840 [ 1105.765212] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1105.770134] ? page_fault+0x8/0x30 [ 1105.773662] page_fault+0x1e/0x30 [ 1105.777098] RIP: 0033:0x450569 [ 1105.780277] Code: Bad RIP value. [ 1105.783623] RSP: 002b:000000c0004a17e8 EFLAGS: 00010206 [ 1105.788967] RAX: 0000000000000000 RBX: 0000000000000326 RCX: 0000000000dbecda [ 1105.796218] RDX: 000000000000002b RSI: 0000000000dbecda RDI: 0000000000000020 [ 1105.803469] RBP: 000000c0004a1830 R08: 000000c0004a1800 R09: 00000000008b4c59 [ 1105.810737] R10: 0000000000000002 R11: 0000000000dbefe0 R12: 00000000008b4baf [ 1105.817989] R13: 000000000001663d R14: 000000c0000016c0 R15: 0000000000000000 [ 1105.837885] Mem-Info: [ 1105.840328] active_anon:13934 inactive_anon:41310 isolated_anon:0 [ 1105.840328] active_file:21 inactive_file:0 isolated_file:0 [ 1105.840328] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1105.840328] slab_reclaimable:13549 slab_unreclaimable:112640 [ 1105.840328] mapped:14876 shmem:41928 pagetables:450 bounce:0 [ 1105.840328] free:17163 free_pcp:600 free_cma:0 [ 1105.875977] Node 0 active_anon:53692kB inactive_anon:51172kB active_file:68kB inactive_file:64kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:57832kB dirty:0kB writeback:0kB shmem:52736kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 12288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1105.980501] Node 1 active_anon:2040kB inactive_anon:114068kB active_file:588kB inactive_file:1432kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:3172kB dirty:0kB writeback:0kB shmem:114976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1106.180999] Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1106.281613] lowmem_reserve[]: 0 2693 2695 2695 2695 [ 1106.287002] Node 0 DMA32 free:26640kB min:35996kB low:44992kB high:53988kB active_anon:53208kB inactive_anon:51172kB active_file:68kB inactive_file:64kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:7264kB pagetables:1584kB bounce:0kB free_pcp:1092kB local_pcp:164kB free_cma:0kB [ 1106.354254] lowmem_reserve[]: 0 0 1 1 1 [ 1106.358268] Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1106.444249] lowmem_reserve[]: 0 0 0 0 0 [ 1106.448258] Node 1 Normal free:245788kB min:53876kB low:67344kB high:80812kB active_anon:2660kB inactive_anon:114068kB active_file:5060kB inactive_file:7592kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:416kB pagetables:388kB bounce:0kB free_pcp:2692kB local_pcp:1360kB free_cma:0kB [ 1106.514448] lowmem_reserve[]: 0 0 0 0 0 [ 1106.518475] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 0*128kB 0*256kB 1*512kB (U) 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10872kB [ 1106.558403] Node 0 DMA32: 978*4kB (UME) 2024*8kB (UME) 498*16kB (UME) 60*32kB (UME) 12*64kB (UME) 3*128kB (M) 1*256kB (U) 0*512kB 0*1024kB 1*2048kB (M) 0*4096kB = 33448kB [ 1106.597999] Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1106.637950] Node 1 Normal: 113*4kB (UME) 3*8kB (UME) 9*16kB (UE) 10*32kB (UE) 288*64kB (UME) 287*128kB (UME) 98*256kB (UM) 66*512kB (UM) 31*1024kB (UE) 47*2048kB (UME) 17*4096kB (U) = 312620kB [ 1106.678019] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1106.698300] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1106.731401] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1106.759142] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1106.784620] 45619 total pagecache pages [ 1106.789301] 0 pages in swap cache [ 1106.792759] Swap cache stats: add 0, delete 0, find 0/0 [ 1106.832455] Free swap = 0kB [ 1106.842856] Total swap = 0kB [ 1106.849563] 2097051 pages RAM [ 1106.856646] 0 pages HighMem/MovableOnly [ 1106.886209] 369649 pages reserved [ 1106.889677] 0 pages cma reserved [ 1106.893051] Unreclaimable slab info: [ 1106.940100] Name Used Total [ 1106.945813] pid_2 12KB 72KB [ 1106.951230] batadv_tt_change_cache 3KB 7KB [ 1106.970217] batadv_tl_cache 7KB 16KB [ 1106.979549] TIPC 13KB 37KB [ 1106.985161] SCTPv6 22KB 30KB [ 1106.990533] DCCPv6 17KB 30KB [ 1106.999620] DCCP 16KB 35KB [ 1107.005360] RXRPC 14KB 32KB [ 1107.010736] rxrpc_call_jar 111KB 141KB [ 1107.037701] bridge_fdb_cache 13KB 27KB [ 1107.043090] fib6_nodes 228KB 268KB [ 1107.048705] ip6_dst_cache 782KB 791KB [ 1107.054080] RAWv6 121KB 128KB [ 1107.077582] UDPv6 35KB 45KB [ 1107.083058] TCPv6 21KB 30KB [ 1107.104252] nf_conntrack 22KB 22KB [ 1107.109671] t10_alua_lu_gp_cache 0KB 3KB [ 1107.138017] sd_ext_cdb 0KB 7KB [ 1107.143391] scsi_sense_cache 1056KB 1060KB [ 1107.164700] virtio_scsi_cmd 16KB 16KB [ 1107.170161] sgpool-128 8KB 8KB [ 1107.197832] sgpool-64 4KB 12KB [ 1107.203204] sgpool-32 2KB 15KB [ 1107.213315] sgpool-16 1KB 7KB [ 1107.226836] sgpool-8 0KB 7KB [ 1107.232217] mqueue_inode_cache 12KB 30KB [ 1107.240941] bio_post_read_ctx 14KB 15KB [ 1107.247330] bio-2 14KB 15KB [ 1107.252695] jfs_mp 7KB 7KB [ 1107.261453] cifs_small_rq 15KB 16KB [ 1107.284934] cifs_request 67KB 67KB [ 1107.290300] cifs_mpx_ids 0KB 7KB [ 1107.305046] nfs_commit_data 3KB 14KB [ 1107.310417] nfs_write_data 34KB 44KB [ 1107.337207] ext4_system_zone 1KB 7KB [ 1107.342629] bio-1 1KB 7KB [ 1107.365056] pid_namespace 2KB 7KB [ 1107.370447] rpc_buffers 17KB 25KB [ 1107.397273] rpc_tasks 2KB 7KB [ 1107.402648] UNIX 1233KB 1342KB [ 1107.417173] tcp_bind_bucket 1KB 4KB [ 1107.433089] ip_fib_trie 33KB 43KB [ 1107.457043] ip_fib_alias 163KB 193KB [ 1107.462417] ip_dst_cache 11KB 20KB [ 1107.477200] RAW 69KB 75KB [ 1107.482583] UDP 69KB 74KB [ 1107.504923] TCP 8KB 16KB [ 1107.510296] hugetlbfs_inode_cache 3KB 15KB [ 1107.537159] fscache_cookie_jar 1KB 11KB [ 1107.545146] eventpoll_pwq 30KB 43KB [ 1107.550631] eventpoll_epi 56KB 66KB [ 1107.577081] inotify_inode_mark 13KB 39KB [ 1107.582547] request_queue 199KB 199KB [ 1107.603206] blkdev_requests 1KB 3KB [ 1107.612046] blkdev_ioc 33KB 38KB [ 1107.620565] bio-0 1510KB 1511KB [ 1107.628329] biovec-max 1518KB 1534KB [ 1107.633700] biovec-64 1368KB 1370KB [ 1107.642298] biovec-16 200KB 202KB [ 1107.649033] bio_integrity_payload 1KB 8KB [ 1107.677073] khugepaged_mm_slot 3KB 27KB [ 1107.682538] uid_cache 0KB 4KB [ 1107.697107] dmaengine-unmap-2 0KB 3KB [ 1107.702476] skbuff_fclone_cache 40KB 48KB [ 1107.724948] skbuff_head_cache 7976KB 9900KB [ 1107.744852] configfs_dir_cache 3KB 7KB [ 1107.750313] file_lock_cache 44KB 75KB [ 1107.776918] file_lock_ctx 9KB 11KB [ 1107.782284] fsnotify_mark_connector 6KB 19KB [ 1107.797075] net_namespace 96KB 96KB [ 1107.802442] shmem_inode_cache 8110KB 8193KB [ 1107.844885] task_delay_info 180KB 367KB [ 1107.850272] taskstats 21KB 53KB [ 1107.889409] proc_dir_entry 965KB 997KB [ 1107.905200] pde_opener 18KB 34KB [ 1107.910586] seq_file 269KB 468KB [ 1107.938107] sigqueue 66KB 66KB [ 1107.943483] kernfs_node_cache 17252KB 17766KB [ 1107.956766] mnt_cache 190KB 220KB [ 1107.962134] filp 7132KB 7593KB [ 1107.987903] names_cache 134597KB 134597KB [ 1107.993269] iint_cache 42KB 55KB [ 1108.027916] key_jar 23KB 135KB [ 1108.033292] uts_namespace 3KB 7KB [ 1108.047958] nsproxy 1KB 11KB [ 1108.053336] vm_area_struct 2850KB 3635KB [ 1108.074245] mm_struct 500KB 578KB [ 1108.088573] fs_cache 179KB 328KB [ 1108.093959] files_cache 715KB 1012KB [ 1108.128072] signal_cache 1151KB 1868KB [ 1108.133447] sighand_cache 592KB 596KB [ 1108.147731] task_struct 4633KB 4696KB [ 1108.153097] cred_jar 2252KB 2544KB [ 1108.175268] anon_vma_chain 927KB 1484KB [ 1108.180745] anon_vma 145KB 288KB [ 1108.195910] pid 113KB 224KB [ 1108.201275] Acpi-Operand 156KB 198KB [ 1108.220966] Acpi-ParseExt 9KB 11KB [ 1108.234468] Acpi-Parse 41KB 47KB [ 1108.239833] Acpi-State 52KB 63KB [ 1108.251576] Acpi-Namespace 20KB 27KB [ 1108.258024] numa_policy 0KB 3KB [ 1108.263390] debug_objects_cache 1564KB 1828KB [ 1108.273716] trace_event_file 297KB 298KB [ 1108.279936] ftrace_event_field 398KB 401KB [ 1108.289877] pool_workqueue 138KB 152KB [ 1108.295869] page->ptl 443KB 1000KB [ 1108.301268] kmalloc-2097152 2050KB 2050KB [ 1108.311432] kmalloc-524288 2056KB 2056KB [ 1108.317438] kmalloc-262144 1290KB 1290KB [ 1108.322803] kmalloc-131072 650KB 650KB [ 1108.333018] kmalloc-65536 2640KB 2706KB [ 1108.349079] kmalloc-32768 2145KB 2409KB [ 1108.368123] kmalloc-16384 1237KB 1369KB [ 1108.373524] kmalloc-8192 4545KB 4661KB [ 1108.380777] kmalloc-4096 19724KB 19762KB [ 1108.390954] kmalloc-2048 13115KB 15459KB [ 1108.397009] kmalloc-1024 9369KB 13285KB [ 1108.402379] kmalloc-512 14657KB 18675KB [ 1108.412497] kmalloc-256 4402KB 5992KB [ 1108.418560] kmalloc-128 1107KB 1464KB [ 1108.423925] kmalloc-96 3527KB 4076KB [ 1108.433900] kmalloc-64 2335KB 3856KB [ 1108.439978] kmalloc-32 1808KB 2543KB [ 1108.452170] kmalloc-192 1900KB 2740KB [ 1108.459834] kmem_cache 177KB 183KB [ 1108.469576] Out of memory (oom_kill_allocating_task): Kill process 8085 (syz-fuzzer) score 0 or sacrifice child [ 1108.480570] Killed process 8080 (syz-fuzzer) total-vm:925008kB, anon-rss:39636kB, file-rss:176kB, shmem-rss:476kB [