00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1469.632298] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1469.640013] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1469.647288] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1469.654562] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1469.661829] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1469.669113] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1469.682472] CPU: 0 PID: 393 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1469.690234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1469.699600] Call Trace: [ 1469.702216] dump_stack+0x197/0x210 [ 1469.705870] warn_alloc.cold+0x7b/0x173 [ 1469.709868] ? zone_watermark_ok_safe+0x260/0x260 [ 1469.714732] ? compaction_deferred+0x16a/0x3b0 [ 1469.715555] warn_alloc_show_mem: 1 callbacks suppressed [ 1469.715559] Mem-Info: [ 1469.719354] ? try_to_compact_pages+0x44/0xae0 [ 1469.719393] __alloc_pages_slowpath+0x2214/0x2870 [ 1469.731142] active_anon:278269 inactive_anon:204 isolated_anon:0 [ 1469.731142] active_file:4237 inactive_file:7090 isolated_file:0 [ 1469.731142] unevictable:0 dirty:70 writeback:0 unstable:0 [ 1469.731142] slab_reclaimable:17284 slab_unreclaimable:129241 [ 1469.731142] mapped:58835 shmem:255 pagetables:26192 bounce:0 [ 1469.731142] free:706711 free_pcp:448 free_cma:0 [ 1469.731753] ? warn_alloc+0x110/0x110 [ 1469.731772] ? __lock_is_held+0xb6/0x140 [ 1469.736900] Node 0 active_anon:1064612kB inactive_anon:816kB active_file:40kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208944kB dirty:52kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 346112kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1469.770294] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1469.770313] ? should_fail+0x14d/0x85c [ 1469.770333] ? __isolate_free_page+0x4c0/0x4c0 [ 1469.770352] ? __might_sleep+0x95/0x190 [ 1469.770370] __alloc_pages_nodemask+0x617/0x750 [ 1469.770390] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1469.774477] Node 0 DMA free:10528kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1469.778231] ? fs_reclaim_acquire+0x20/0x20 [ 1469.778249] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1469.778268] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1469.778285] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1469.806335] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1469.811498] alloc_pages_current+0x107/0x210 [ 1469.811524] ion_page_pool_alloc+0x17f/0x270 [ 1469.811544] ion_system_heap_allocate+0x154/0xa90 [ 1469.811567] ? ion_system_heap_free+0x250/0x250 [ 1469.815660] Node 0 DMA32 free:118760kB min:36168kB low:45208kB high:54248kB active_anon:1062164kB inactive_anon:816kB active_file:40kB inactive_file:40kB unevictable:0kB writepending:52kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28128kB pagetables:70744kB bounce:0kB free_pcp:1792kB local_pcp:1300kB free_cma:0kB [ 1469.820013] ? ion_alloc+0x306/0x900 [ 1469.820035] ion_alloc+0x29b/0x900 [ 1469.820059] ? ion_dma_buf_release+0x50/0x50 [ 1469.820084] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1469.824240] lowmem_reserve[]: 0 0 1 1 1 [ 1469.828700] ? _copy_from_user+0xdd/0x150 [ 1469.828722] ion_ioctl+0x17b/0x329 [ 1469.828738] ? ion_alloc.cold+0x28/0x28 [ 1469.828759] ? __might_sleep+0x95/0x190 [ 1469.834001] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1469.860473] ? ion_alloc.cold+0x28/0x28 22:56:47 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) r1 = msgget$private(0x0, 0x0) msgsnd(r1, &(0x7f0000000000)={0x2}, 0x2000, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000340)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}) msgctl$MSG_STAT_ANY(r1, 0xd, &(0x7f0000000000)=""/93) [ 1469.860493] do_vfs_ioctl+0xd5f/0x1380 [ 1469.860512] ? selinux_file_ioctl+0x46c/0x5d0 [ 1469.860527] ? selinux_file_ioctl+0x125/0x5d0 [ 1469.860542] ? ioctl_preallocate+0x210/0x210 [ 1469.860560] ? selinux_file_mprotect+0x620/0x620 [ 1469.865192] lowmem_reserve[]: 0 0 0 0 0 [ 1469.870421] ? iterate_fd+0x360/0x360 [ 1469.870440] ? nsecs_to_jiffies+0x30/0x30 [ 1469.870463] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1469.870479] ? security_file_ioctl+0x8d/0xc0 [ 1469.870496] ksys_ioctl+0xab/0xd0 [ 1469.876414] Node 0 DMA: 24*4kB (UME) 12*8kB (UME) 20*16kB (UME) 19*32kB (UM) 5*64kB (UME) 3*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10528kB [ 1469.881722] __x64_sys_ioctl+0x73/0xb0 [ 1469.881743] do_syscall_64+0xfd/0x620 [ 1469.881763] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1469.881779] RIP: 0033:0x45b349 [ 1469.886977] Node 0 DMA32: 4039*4kB (UMEH) 2580*8kB (UMEH) 1586*16kB (UMEH) 889*32kB (UMEH) 126*64kB (UH) 125*128kB (UH) 8*256kB (U) 4*512kB (UH) 0*1024kB 0*2048kB 0*4096kB = 118780kB [ 1469.891177] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1469.891186] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1469.891202] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1469.891211] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1469.891219] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 22:56:47 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0xfdfdffff}) [ 1469.891227] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1469.891239] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1469.895808] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1470.190041] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1470.221966] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1470.222258] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1470.247987] CPU: 0 PID: 404 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1470.255766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1470.259324] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1470.265135] Call Trace: [ 1470.265160] dump_stack+0x197/0x210 [ 1470.265182] warn_alloc.cold+0x7b/0x173 [ 1470.265199] ? zone_watermark_ok_safe+0x260/0x260 [ 1470.265214] ? compaction_deferred+0x16a/0x3b0 [ 1470.265233] ? try_to_compact_pages+0x44/0xae0 [ 1470.298905] __alloc_pages_slowpath+0x2214/0x2870 [ 1470.303823] ? warn_alloc+0x110/0x110 [ 1470.307674] ? __lock_is_held+0xb6/0x140 [ 1470.311780] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1470.317370] ? should_fail+0x14d/0x85c [ 1470.321419] ? __isolate_free_page+0x4c0/0x4c0 [ 1470.326061] ? __might_sleep+0x95/0x190 [ 1470.330096] __alloc_pages_nodemask+0x617/0x750 [ 1470.331855] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1470.334796] ? retint_kernel+0x2d/0x2d [ 1470.334818] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1470.334839] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1470.334862] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1470.351183] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1470.352675] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1470.352702] alloc_pages_current+0x107/0x210 [ 1470.370076] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1470.372874] ion_page_pool_alloc+0x17f/0x270 [ 1470.372893] ion_system_heap_allocate+0x154/0xa90 [ 1470.372914] ? ion_system_heap_free+0x250/0x250 [ 1470.379044] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1470.382990] ? ion_alloc+0x306/0x900 [ 1470.383010] ion_alloc+0x29b/0x900 22:56:47 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000244000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1470.383033] ? ion_dma_buf_release+0x50/0x50 [ 1470.383058] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1470.392294] 11581 total pagecache pages [ 1470.396314] ? _copy_from_user+0xdd/0x150 [ 1470.396335] ion_ioctl+0x17b/0x329 [ 1470.396354] ? ion_alloc.cold+0x28/0x28 [ 1470.402685] 0 pages in swap cache [ 1470.405883] ? __might_sleep+0x95/0x190 [ 1470.405907] ? ion_alloc.cold+0x28/0x28 [ 1470.420441] Swap cache stats: add 0, delete 0, find 0/0 [ 1470.421779] do_vfs_ioctl+0xd5f/0x1380 [ 1470.421798] ? selinux_file_ioctl+0x46c/0x5d0 [ 1470.421816] ? selinux_file_ioctl+0x125/0x5d0 [ 1470.426514] Free swap = 0kB [ 1470.431787] ? ioctl_preallocate+0x210/0x210 [ 1470.431807] ? selinux_file_mprotect+0x620/0x620 [ 1470.431829] ? iterate_fd+0x360/0x360 [ 1470.431846] ? nsecs_to_jiffies+0x30/0x30 [ 1470.431867] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1470.436273] Total swap = 0kB [ 1470.440007] ? security_file_ioctl+0x8d/0xc0 [ 1470.440028] ksys_ioctl+0xab/0xd0 [ 1470.440047] __x64_sys_ioctl+0x73/0xb0 [ 1470.440065] do_syscall_64+0xfd/0x620 [ 1470.440090] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1470.447565] 1965979 pages RAM [ 1470.447696] RIP: 0033:0x45b349 [ 1470.452545] 0 pages HighMem/MovableOnly [ 1470.455121] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1470.455130] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1470.455145] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1470.455158] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1470.462719] 341741 pages reserved [ 1470.464489] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1470.464499] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1470.464507] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1470.500557] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1470.646241] 0 pages cma reserved [ 1470.653907] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:56:48 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x13000000}) 22:56:48 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000150000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:56:48 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0xffff8000}) [ 1470.953244] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:56:48 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x8}) [ 1471.029432] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:56:48 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000250000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:56:48 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r0, 0x0, 0x0) getdents(r0, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r1, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r4}) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="2040000000000000002506000000080005000500000014000400697036746e6c3000007e1b8ed6d1c353a76d2500000000006eba7d1b84f341772736000008000300", @ANYRES32=r4, @ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x200000c}, 0x850) [ 1471.347590] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:56:48 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0xfffffdfd}) [ 1471.452973] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 22:56:48 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000350000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1471.495866] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1471.528009] CPU: 0 PID: 543 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1471.535857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1471.545350] Call Trace: [ 1471.547967] dump_stack+0x197/0x210 [ 1471.551623] warn_alloc.cold+0x7b/0x173 [ 1471.555618] ? zone_watermark_ok_safe+0x260/0x260 [ 1471.560486] ? compaction_deferred+0x16a/0x3b0 [ 1471.565096] ? try_to_compact_pages+0x44/0xae0 [ 1471.569719] __alloc_pages_slowpath+0x2214/0x2870 [ 1471.574647] ? warn_alloc+0x110/0x110 [ 1471.578473] ? __lock_is_held+0xb6/0x140 [ 1471.582563] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1471.588256] ? should_fail+0x14d/0x85c [ 1471.592163] ? __isolate_free_page+0x4c0/0x4c0 [ 1471.596773] ? __might_sleep+0x95/0x190 [ 1471.600777] __alloc_pages_nodemask+0x617/0x750 [ 1471.605483] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1471.610214] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1471.615372] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1471.620959] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1471.626713] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1471.632280] alloc_pages_current+0x107/0x210 [ 1471.636730] ion_page_pool_alloc+0x17f/0x270 [ 1471.641174] ion_system_heap_allocate+0x154/0xa90 [ 1471.646163] ? ion_system_heap_free+0x250/0x250 [ 1471.650881] ? ion_alloc+0x306/0x900 [ 1471.654634] ion_alloc+0x29b/0x900 [ 1471.658206] ? ion_dma_buf_release+0x50/0x50 [ 1471.662649] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1471.668213] ? _copy_from_user+0xdd/0x150 [ 1471.672385] ion_ioctl+0x17b/0x329 [ 1471.675948] ? ion_alloc.cold+0x28/0x28 [ 1471.679952] ? __might_sleep+0x95/0x190 [ 1471.683967] ? ion_alloc.cold+0x28/0x28 [ 1471.688055] do_vfs_ioctl+0xd5f/0x1380 [ 1471.691967] ? selinux_file_ioctl+0x46c/0x5d0 [ 1471.696491] ? selinux_file_ioctl+0x125/0x5d0 [ 1471.701011] ? ioctl_preallocate+0x210/0x210 [ 1471.705447] ? selinux_file_mprotect+0x620/0x620 [ 1471.710235] ? iterate_fd+0x360/0x360 [ 1471.714177] ? nsecs_to_jiffies+0x30/0x30 [ 1471.718368] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1471.724144] ? security_file_ioctl+0x8d/0xc0 [ 1471.728587] ksys_ioctl+0xab/0xd0 [ 1471.732066] __x64_sys_ioctl+0x73/0xb0 [ 1471.736114] do_syscall_64+0xfd/0x620 [ 1471.739952] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1471.745247] RIP: 0033:0x45b349 [ 1471.748462] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1471.767408] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1471.775151] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1471.782701] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1471.789996] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 22:56:49 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x8000) sendto$rose(r1, &(0x7f0000000100)="52cc2b553439d900867980dd1d9fb595abbd58d1cb68b411c06418be541e7b31706b3a466490fa396b9376cff2741ba5e01e23626c6c7b5dddfffb480795bef97bbb28dc5666f8061be50f37f3241ed39fb9ac2ccd0406b33551907a8bd274949cc44442866182de451d2589986ab75d6de10dbcbaa43d6476aa341478cb6da989ef67ae515e4bc47020ea7239a6b2e535c5199bb3012c8e02e207634446e7a6f5388b97138a32f214a8bcd8cd1092133d638be37f", 0xb5, 0x10, &(0x7f0000000080)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}}, 0x1c) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x1) 22:56:49 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$sock_void(r1, 0x1, 0x24, 0x0, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r1, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) write$binfmt_script(r1, &(0x7f0000000b40)=ANY=[@ANYBLOB='#'], 0x1) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000140)=0xda6, 0x4) sendto$inet(r1, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xd38, 0x13c, 0x0, 0x27) r2 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r2, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) getsockopt$IP_SET_OP_GET_FNAME(r2, 0x1, 0x53, &(0x7f0000000080)={0x8, 0x7, 0x0, 'syz1\x00'}, &(0x7f0000000180)=0x2c) setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, &(0x7f0000000100)={'mangle\x00', 0x4, [{}, {}, {}, {}]}, 0x68) recvfrom$inet(r1, &(0x7f0000000200)=""/105, 0x69, 0x41, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x402000, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, 0x3000, 0x1}) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) [ 1471.797333] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1471.804630] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1471.815795] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1471.815804] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1471.815832] CPU: 1 PID: 553 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1471.815840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1471.815845] Call Trace: [ 1471.815866] dump_stack+0x197/0x210 [ 1471.815888] warn_alloc.cold+0x7b/0x173 [ 1471.815908] ? zone_watermark_ok_safe+0x260/0x260 [ 1471.865046] ? compaction_deferred+0x16a/0x3b0 [ 1471.869674] ? try_to_compact_pages+0x44/0xae0 [ 1471.874297] __alloc_pages_slowpath+0x2214/0x2870 [ 1471.879184] ? warn_alloc+0x110/0x110 [ 1471.883005] ? __lock_is_held+0xb6/0x140 [ 1471.887085] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1471.892640] ? should_fail+0x14d/0x85c [ 1471.896553] ? __isolate_free_page+0x4c0/0x4c0 [ 1471.901160] ? __might_sleep+0x95/0x190 [ 1471.905156] __alloc_pages_nodemask+0x617/0x750 [ 1471.909854] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1471.915031] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1471.920074] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1471.925633] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1471.931487] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1471.937050] alloc_pages_current+0x107/0x210 [ 1471.941591] ion_page_pool_alloc+0x17f/0x270 [ 1471.946067] ion_system_heap_allocate+0x154/0xa90 [ 1471.950951] ? ion_system_heap_free+0x250/0x250 [ 1471.955643] ? ion_alloc+0x306/0x900 [ 1471.959427] ion_alloc+0x29b/0x900 [ 1471.963005] ? ion_dma_buf_release+0x50/0x50 [ 1471.967437] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1471.973011] ? _copy_from_user+0xdd/0x150 [ 1471.977177] ion_ioctl+0x17b/0x329 [ 1471.980759] ? ion_alloc.cold+0x28/0x28 [ 1471.984755] ? __might_sleep+0x95/0x190 [ 1471.988751] ? ion_alloc.cold+0x28/0x28 [ 1471.992748] do_vfs_ioctl+0xd5f/0x1380 [ 1471.996653] ? selinux_file_ioctl+0x46c/0x5d0 [ 1472.001297] ? selinux_file_ioctl+0x125/0x5d0 [ 1472.005834] ? ioctl_preallocate+0x210/0x210 [ 1472.010255] ? selinux_file_mprotect+0x620/0x620 [ 1472.015016] ? iterate_fd+0x360/0x360 [ 1472.018823] ? nsecs_to_jiffies+0x30/0x30 [ 1472.022982] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1472.028533] ? security_file_ioctl+0x8d/0xc0 [ 1472.032971] ksys_ioctl+0xab/0xd0 [ 1472.036442] __x64_sys_ioctl+0x73/0xb0 [ 1472.040445] do_syscall_64+0xfd/0x620 [ 1472.044261] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1472.049468] RIP: 0033:0x45b349 [ 1472.052672] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1472.071584] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1472.079301] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1472.086578] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 22:56:49 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000025e000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1472.093855] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1472.101129] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1472.108407] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1472.124884] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1472.137364] warn_alloc_show_mem: 2 callbacks suppressed [ 1472.137373] Mem-Info: [ 1472.180360] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1472.192189] active_anon:277296 inactive_anon:202 isolated_anon:0 [ 1472.192189] active_file:4238 inactive_file:7088 isolated_file:0 [ 1472.192189] unevictable:0 dirty:24 writeback:0 unstable:0 [ 1472.192189] slab_reclaimable:17305 slab_unreclaimable:129448 [ 1472.192189] mapped:58884 shmem:255 pagetables:26231 bounce:0 [ 1472.192189] free:850494 free_pcp:281 free_cma:0 [ 1472.227064] CPU: 1 PID: 573 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1472.234803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1472.244168] Call Trace: [ 1472.246776] dump_stack+0x197/0x210 [ 1472.250438] warn_alloc.cold+0x7b/0x173 [ 1472.254443] ? zone_watermark_ok_safe+0x260/0x260 [ 1472.259313] ? compaction_deferred+0x16a/0x3b0 [ 1472.263921] ? try_to_compact_pages+0x44/0xae0 [ 1472.268542] __alloc_pages_slowpath+0x2214/0x2870 [ 1472.273443] ? warn_alloc+0x110/0x110 22:56:49 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x3f) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) [ 1472.277265] ? __lock_is_held+0xb6/0x140 [ 1472.281355] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1472.286915] ? should_fail+0x14d/0x85c [ 1472.290854] ? __isolate_free_page+0x4c0/0x4c0 [ 1472.295462] ? __might_sleep+0x95/0x190 [ 1472.299599] __alloc_pages_nodemask+0x617/0x750 [ 1472.304289] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1472.309336] ? fs_reclaim_acquire+0x20/0x20 [ 1472.313685] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1472.319343] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1472.325074] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1472.330764] alloc_pages_current+0x107/0x210 [ 1472.335197] ion_page_pool_alloc+0x17f/0x270 [ 1472.339631] ion_system_heap_allocate+0x154/0xa90 [ 1472.344514] ? ion_system_heap_free+0x250/0x250 [ 1472.349214] ? ion_alloc+0x306/0x900 [ 1472.353082] ion_alloc+0x29b/0x900 [ 1472.356772] ? ion_dma_buf_release+0x50/0x50 [ 1472.361206] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1472.366875] ? _copy_from_user+0xdd/0x150 [ 1472.371169] ion_ioctl+0x17b/0x329 [ 1472.374841] ? ion_alloc.cold+0x28/0x28 [ 1472.378842] ? __might_sleep+0x95/0x190 [ 1472.382851] ? ion_alloc.cold+0x28/0x28 [ 1472.386954] do_vfs_ioctl+0xd5f/0x1380 [ 1472.390863] ? selinux_file_ioctl+0x46c/0x5d0 [ 1472.395380] ? selinux_file_ioctl+0x125/0x5d0 [ 1472.399903] ? ioctl_preallocate+0x210/0x210 [ 1472.404438] ? selinux_file_mprotect+0x620/0x620 [ 1472.409218] ? iterate_fd+0x360/0x360 [ 1472.413224] ? nsecs_to_jiffies+0x30/0x30 [ 1472.417415] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1472.422978] ? security_file_ioctl+0x8d/0xc0 [ 1472.427406] ksys_ioctl+0xab/0xd0 [ 1472.430887] __x64_sys_ioctl+0x73/0xb0 [ 1472.434797] do_syscall_64+0xfd/0x620 [ 1472.438615] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1472.444168] RIP: 0033:0x45b349 [ 1472.447375] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1472.466288] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1472.474332] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1472.481639] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1472.488951] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1472.496239] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1472.503535] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1472.552121] Node 0 active_anon:1060304kB inactive_anon:800kB active_file:44kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208940kB dirty:24kB writeback:0kB shmem:1012kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1472.580369] Node 0 DMA free:10452kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1472.639836] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1472.648577] Node 0 DMA32 free:104272kB min:36168kB low:45208kB high:54248kB active_anon:1057860kB inactive_anon:800kB active_file:44kB inactive_file:28kB unevictable:0kB writepending:24kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27968kB pagetables:70696kB bounce:0kB free_pcp:1944kB local_pcp:660kB free_cma:0kB [ 1472.699820] lowmem_reserve[]: 0 0 1 1 1 [ 1472.703979] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1472.753624] lowmem_reserve[]: 0 0 0 0 0 [ 1472.757952] Node 0 DMA: 27*4kB (UME) 11*8kB (UME) 19*16kB (UME) 19*32kB (UM) 4*64kB (UME) 3*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10452kB [ 1472.790164] Node 0 DMA32: 1309*4kB (UMEH) 3580*8kB (UMEH) 2081*16kB (UEH) 945*32kB (UEH) 4*64kB (UH) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 98436kB [ 1472.806297] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1472.824444] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1472.833101] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1472.846773] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1472.857211] CPU: 1 PID: 698 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1472.863622] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1472.864963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1472.864969] Call Trace: [ 1472.864993] dump_stack+0x197/0x210 [ 1472.865014] warn_alloc.cold+0x7b/0x173 [ 1472.884498] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1472.885680] ? zone_watermark_ok_safe+0x260/0x260 [ 1472.885697] ? compaction_deferred+0x16a/0x3b0 [ 1472.885716] ? try_to_compact_pages+0x44/0xae0 [ 1472.892261] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1472.893512] __alloc_pages_slowpath+0x2214/0x2870 [ 1472.893544] ? warn_alloc+0x110/0x110 [ 1472.910880] 11580 total pagecache pages [ 1472.911799] ? __lock_is_held+0xb6/0x140 [ 1472.911819] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1472.911837] ? should_fail+0x14d/0x85c [ 1472.920933] 0 pages in swap cache [ 1472.925022] ? __isolate_free_page+0x4c0/0x4c0 [ 1472.925043] ? __might_sleep+0x95/0x190 [ 1472.925062] __alloc_pages_nodemask+0x617/0x750 [ 1472.936664] Swap cache stats: add 0, delete 0, find 0/0 [ 1472.937830] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1472.937853] ? fs_reclaim_acquire+0x20/0x20 [ 1472.945621] Free swap = 0kB [ 1472.947452] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1472.947472] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1472.947489] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1472.955970] Total swap = 0kB [ 1472.959426] alloc_pages_current+0x107/0x210 [ 1472.959453] ion_page_pool_alloc+0x17f/0x270 [ 1472.959470] ion_system_heap_allocate+0x154/0xa90 [ 1472.959492] ? ion_system_heap_free+0x250/0x250 [ 1472.969106] 1965979 pages RAM [ 1472.973713] ? ion_alloc+0x306/0x900 [ 1472.973732] ion_alloc+0x29b/0x900 [ 1472.973753] ? ion_dma_buf_release+0x50/0x50 [ 1472.973775] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1472.973789] ? _copy_from_user+0xdd/0x150 [ 1472.973808] ion_ioctl+0x17b/0x329 [ 1472.973825] ? ion_alloc.cold+0x28/0x28 [ 1472.973844] ? __might_sleep+0x95/0x190 [ 1472.973860] ? ion_alloc.cold+0x28/0x28 [ 1472.973884] do_vfs_ioctl+0xd5f/0x1380 [ 1472.982911] 0 pages HighMem/MovableOnly [ 1472.983263] ? selinux_file_ioctl+0x46c/0x5d0 [ 1472.983282] ? selinux_file_ioctl+0x125/0x5d0 [ 1472.988682] 341741 pages reserved [ 1472.991971] ? ioctl_preallocate+0x210/0x210 [ 1472.991992] ? selinux_file_mprotect+0x620/0x620 [ 1472.992020] ? iterate_fd+0x360/0x360 [ 1472.992039] ? nsecs_to_jiffies+0x30/0x30 [ 1472.992060] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1472.992076] ? security_file_ioctl+0x8d/0xc0 [ 1472.992093] ksys_ioctl+0xab/0xd0 [ 1472.992109] __x64_sys_ioctl+0x73/0xb0 [ 1472.992131] do_syscall_64+0xfd/0x620 [ 1473.000035] 0 pages cma reserved [ 1473.003406] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1473.003419] RIP: 0033:0x45b349 [ 1473.003439] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:56:50 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x14000000}) 22:56:50 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000060000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:56:50 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x16}) 22:56:50 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1473.154542] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1473.162277] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1473.169573] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1473.176865] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1473.184282] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1473.191569] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c 22:56:50 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000362000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1473.475716] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1473.487353] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1473.505129] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1473.512380] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1473.518499] CPU: 1 PID: 714 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1473.521856] warn_alloc_show_mem: 2 callbacks suppressed [ 1473.521861] Mem-Info: [ 1473.526352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1473.526359] Call Trace: [ 1473.526385] dump_stack+0x197/0x210 [ 1473.526406] warn_alloc.cold+0x7b/0x173 [ 1473.526426] ? zone_watermark_ok_safe+0x260/0x260 [ 1473.558685] ? __lock_is_held+0xb6/0x140 [ 1473.562930] __alloc_pages_slowpath+0x2214/0x2870 [ 1473.567817] ? warn_alloc+0x110/0x110 [ 1473.571641] ? __lock_is_held+0xb6/0x140 22:56:51 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000263000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:56:51 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r1 = socket(0xffa16ce2d6d56b73, 0x0, 0x40) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000040)="37fea63040ceeb60fd2d887e5ebe56a7", 0x10) [ 1473.575725] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1473.581448] ? should_fail+0x14d/0x85c [ 1473.585361] ? __isolate_free_page+0x4c0/0x4c0 [ 1473.590079] ? __might_sleep+0x95/0x190 [ 1473.594075] __alloc_pages_nodemask+0x617/0x750 [ 1473.598826] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1473.603866] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1473.609422] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1473.615152] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1473.617095] active_anon:277789 inactive_anon:202 isolated_anon:12 [ 1473.617095] active_file:4238 inactive_file:7088 isolated_file:0 [ 1473.617095] unevictable:0 dirty:24 writeback:0 unstable:0 [ 1473.617095] slab_reclaimable:17280 slab_unreclaimable:129194 [ 1473.617095] mapped:58859 shmem:255 pagetables:26224 bounce:0 [ 1473.617095] free:855772 free_pcp:488 free_cma:0 [ 1473.625705] alloc_pages_current+0x107/0x210 [ 1473.625734] ion_page_pool_alloc+0x17f/0x270 [ 1473.625751] ion_system_heap_allocate+0x154/0xa90 [ 1473.625774] ? ion_system_heap_free+0x250/0x250 [ 1473.625791] ? ion_alloc+0x306/0x900 [ 1473.625808] ion_alloc+0x29b/0x900 [ 1473.625829] ? ion_dma_buf_release+0x50/0x50 [ 1473.625852] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1473.625866] ? _copy_from_user+0xdd/0x150 [ 1473.625905] ion_ioctl+0x17b/0x329 [ 1473.704372] ? ion_alloc.cold+0x28/0x28 [ 1473.708591] ? __might_sleep+0x95/0x190 [ 1473.712595] ? ion_alloc.cold+0x28/0x28 [ 1473.716593] do_vfs_ioctl+0xd5f/0x1380 [ 1473.720529] ? selinux_file_ioctl+0x46c/0x5d0 [ 1473.725047] ? selinux_file_ioctl+0x125/0x5d0 [ 1473.729706] ? ioctl_preallocate+0x210/0x210 [ 1473.734126] ? selinux_file_mprotect+0x620/0x620 [ 1473.738907] ? iterate_fd+0x360/0x360 [ 1473.742723] ? nsecs_to_jiffies+0x30/0x30 [ 1473.746897] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1473.752460] ? security_file_ioctl+0x8d/0xc0 [ 1473.756896] ksys_ioctl+0xab/0xd0 [ 1473.760386] __x64_sys_ioctl+0x73/0xb0 [ 1473.764290] do_syscall_64+0xfd/0x620 [ 1473.768101] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1473.773396] RIP: 0033:0x45b349 22:56:51 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000064000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1473.776595] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1473.796216] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1473.803947] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1473.811233] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1473.818517] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1473.825911] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1473.833337] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1473.846694] CPU: 0 PID: 717 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1473.854562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1473.864813] Call Trace: [ 1473.867426] dump_stack+0x197/0x210 [ 1473.871084] warn_alloc.cold+0x7b/0x173 [ 1473.875081] ? zone_watermark_ok_safe+0x260/0x260 [ 1473.880336] ? __lock_is_held+0xb6/0x140 [ 1473.884442] __alloc_pages_slowpath+0x2214/0x2870 [ 1473.889326] ? warn_alloc+0x110/0x110 [ 1473.893173] ? __lock_is_held+0xb6/0x140 [ 1473.897264] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1473.902822] ? should_fail+0x14d/0x85c [ 1473.906734] ? __isolate_free_page+0x4c0/0x4c0 [ 1473.911338] ? __might_sleep+0x95/0x190 [ 1473.915333] __alloc_pages_nodemask+0x617/0x750 [ 1473.920018] ? retint_kernel+0x2d/0x2d [ 1473.923925] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1473.929092] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1473.934688] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1473.940421] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1473.945988] alloc_pages_current+0x107/0x210 [ 1473.950421] ion_page_pool_alloc+0x17f/0x270 [ 1473.954849] ion_system_heap_allocate+0x154/0xa90 [ 1473.959723] ? ion_system_heap_free+0x250/0x250 [ 1473.964416] ? ion_alloc+0x306/0x900 [ 1473.968250] ion_alloc+0x29b/0x900 [ 1473.971807] ? ion_dma_buf_release+0x50/0x50 [ 1473.976249] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1473.982037] ? _copy_from_user+0xdd/0x150 [ 1473.986227] ion_ioctl+0x17b/0x329 [ 1473.989806] ? ion_alloc.cold+0x28/0x28 [ 1473.993826] ? __might_sleep+0x95/0x190 [ 1473.997823] ? ion_alloc.cold+0x28/0x28 [ 1474.001812] do_vfs_ioctl+0xd5f/0x1380 [ 1474.005702] ? selinux_file_ioctl+0x46c/0x5d0 [ 1474.010197] ? selinux_file_ioctl+0x125/0x5d0 [ 1474.014817] ? ioctl_preallocate+0x210/0x210 [ 1474.019250] ? selinux_file_mprotect+0x620/0x620 [ 1474.024009] ? iterate_fd+0x360/0x360 [ 1474.027821] ? nsecs_to_jiffies+0x30/0x30 [ 1474.031985] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1474.037544] ? security_file_ioctl+0x8d/0xc0 [ 1474.041970] ksys_ioctl+0xab/0xd0 [ 1474.045426] __x64_sys_ioctl+0x73/0xb0 [ 1474.049314] do_syscall_64+0xfd/0x620 [ 1474.053132] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1474.058335] RIP: 0033:0x45b349 [ 1474.061539] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1474.080444] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1474.088162] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1474.095425] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1474.102686] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1474.109943] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1474.117202] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c 22:56:51 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x4}) [ 1474.155285] Node 0 active_anon:1062528kB inactive_anon:812kB active_file:24kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208928kB dirty:16kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 344064kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1474.168627] xt_check_match: 11 callbacks suppressed [ 1474.168643] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1474.230622] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1474.250672] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1474.304087] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1474.309220] Node 0 DMA32 free:35768kB min:36168kB low:45208kB high:54248kB active_anon:1060180kB inactive_anon:812kB active_file:24kB inactive_file:32kB unevictable:0kB writepending:16kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28096kB pagetables:70972kB bounce:0kB free_pcp:972kB local_pcp:456kB free_cma:0kB [ 1474.340260] lowmem_reserve[]: 0 0 1 1 1 22:56:51 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000268000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1474.344464] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1474.376065] lowmem_reserve[]: 0 0 0 0 0 [ 1474.383664] Node 0 DMA: 14*4kB (UME) 11*8kB (UME) 19*16kB (UME) 19*32kB (UM) 2*64kB (ME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10400kB [ 1474.402155] Node 0 DMA32: 137*4kB (UMEH) 239*8kB (UMEH) 667*16kB (UEH) 719*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 37100kB [ 1474.446422] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1474.495790] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1474.525913] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1474.526742] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1474.577202] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1474.600217] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1474.618123] 11577 total pagecache pages 22:56:52 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x18000000}) [ 1474.637713] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1474.638078] 0 pages in swap cache [ 1474.672590] Swap cache stats: add 0, delete 0, find 0/0 [ 1474.678013] Free swap = 0kB [ 1474.727705] Total swap = 0kB [ 1474.766722] 1965979 pages RAM [ 1474.799799] 0 pages HighMem/MovableOnly [ 1474.804014] 341741 pages reserved [ 1474.817576] 0 pages cma reserved [ 1475.034840] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1475.046532] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1475.052853] CPU: 1 PID: 864 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1475.060589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1475.069955] Call Trace: [ 1475.072567] dump_stack+0x197/0x210 [ 1475.076215] warn_alloc.cold+0x7b/0x173 [ 1475.080204] ? zone_watermark_ok_safe+0x260/0x260 [ 1475.085065] ? compaction_deferred+0x16a/0x3b0 [ 1475.089672] ? try_to_compact_pages+0x44/0xae0 [ 1475.095253] __alloc_pages_slowpath+0x2214/0x2870 [ 1475.100137] ? warn_alloc+0x110/0x110 [ 1475.103961] ? __lock_is_held+0xb6/0x140 [ 1475.108046] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1475.113596] ? should_fail+0x14d/0x85c [ 1475.117492] ? __isolate_free_page+0x4c0/0x4c0 [ 1475.122080] ? __might_sleep+0x95/0x190 [ 1475.126066] __alloc_pages_nodemask+0x617/0x750 [ 1475.130734] ? retint_kernel+0x2d/0x2d [ 1475.134894] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1475.139909] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1475.145443] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1475.151147] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1475.156698] alloc_pages_current+0x107/0x210 [ 1475.161106] ion_page_pool_alloc+0x17f/0x270 [ 1475.165521] ion_system_heap_allocate+0x154/0xa90 [ 1475.170359] ? ion_system_heap_free+0x250/0x250 [ 1475.175021] ? ion_alloc+0x306/0x900 [ 1475.178728] ion_alloc+0x29b/0x900 [ 1475.182284] ? ion_dma_buf_release+0x50/0x50 [ 1475.186697] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1475.192226] ? _copy_from_user+0xdd/0x150 [ 1475.196367] ion_ioctl+0x17b/0x329 [ 1475.199900] ? ion_alloc.cold+0x28/0x28 [ 1475.203879] ? __might_sleep+0x95/0x190 [ 1475.207846] ? ion_alloc.cold+0x28/0x28 [ 1475.211815] do_vfs_ioctl+0xd5f/0x1380 [ 1475.215698] ? selinux_file_ioctl+0x46c/0x5d0 [ 1475.220203] ? selinux_file_ioctl+0x125/0x5d0 [ 1475.224694] ? ioctl_preallocate+0x210/0x210 [ 1475.229106] ? selinux_file_mprotect+0x620/0x620 [ 1475.233864] ? iterate_fd+0x360/0x360 [ 1475.237658] ? nsecs_to_jiffies+0x30/0x30 [ 1475.241807] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1475.247343] ? security_file_ioctl+0x8d/0xc0 [ 1475.251750] ksys_ioctl+0xab/0xd0 [ 1475.255201] __x64_sys_ioctl+0x73/0xb0 [ 1475.259099] do_syscall_64+0xfd/0x620 [ 1475.262897] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1475.268077] RIP: 0033:0x45b349 22:56:52 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000070000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:56:52 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x18}) 22:56:52 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8}) [ 1475.271265] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1475.290157] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1475.297856] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1475.305115] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1475.312373] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1475.319632] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1475.326898] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c 22:56:52 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010006, 0xffffffffffffffff}) [ 1475.360848] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1475.374473] warn_alloc_show_mem: 2 callbacks suppressed [ 1475.374478] Mem-Info: [ 1475.387302] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1475.420798] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1475.424504] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1475.436862] active_anon:277787 inactive_anon:204 isolated_anon:0 [ 1475.436862] active_file:4227 inactive_file:7105 isolated_file:0 [ 1475.436862] unevictable:0 dirty:61 writeback:0 unstable:0 [ 1475.436862] slab_reclaimable:17286 slab_unreclaimable:129297 [ 1475.436862] mapped:58888 shmem:255 pagetables:26210 bounce:0 22:56:52 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x8000005) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080), 0x2, 0x2}}, 0x20) setsockopt$llc_int(r0, 0x10c, 0x1, &(0x7f0000000040)=0x62, 0x4) r5 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = socket$inet6(0xa, 0x2, 0x0) r9 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r9, &(0x7f00000000c0)=""/45, 0x12c) getdents(r9, 0x0, 0x0) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r8, 0x29, 0x22, &(0x7f0000000300)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8) r12 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r12, 0x0, 0x0) getdents(r12, 0x0, 0x0) r13 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r15 = dup(r14) getsockname$packet(r15, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r13, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000013000100"/20, @ANYRES32=r16, @ANYBLOB="d5e9cabab02723c7009aa72900000000"], 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r16}) sendmsg$NL80211_CMD_GET_MPP(r9, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x104080804}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, r10, 0x2, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x3fc00}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r11}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r17}]}, 0x38}, 0x1, 0x0, 0x0, 0x42008}, 0x4) r18 = socket$inet6(0xa, 0x2, 0x0) r19 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r19, &(0x7f00000000c0)=""/45, 0x12c) getdents(r19, 0x0, 0x0) r20 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r18, 0x29, 0x22, &(0x7f0000000400)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8) r22 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r22, 0x0, 0x0) getdents(r22, 0x0, 0x0) r23 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r25 = dup(r24) getsockname$packet(r25, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r23, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r26}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r22, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r26}) sendmsg$NL80211_CMD_GET_MPP(r19, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x104080804}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, r20, 0x2, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x3fc00}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r21}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r27}]}, 0x38}, 0x1, 0x0, 0x0, 0x42008}, 0x4) r28 = socket$inet6(0xa, 0x2, 0x0) r29 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r29, &(0x7f00000000c0)=""/45, 0x12c) getdents(r29, 0x0, 0x0) r30 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r28, 0x29, 0x22, &(0x7f0000000400)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8) r32 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r32, 0x0, 0x0) getdents(r32, 0x0, 0x0) r33 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r35 = dup(r34) getsockname$packet(r35, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000180)=0x14) sendmsg$nl_route(r33, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r36}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r32, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r36}) sendmsg$NL80211_CMD_GET_MPP(r29, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x104080804}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r30, @ANYBLOB="020027bd7000ffdbdf09000000000000000000fc03000008000000", @ANYRES32=r31, @ANYBLOB="080001000000000008000300", @ANYRES32=r37, @ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x42008}, 0x4) setsockopt$packet_add_memb(r7, 0x107, 0x1, &(0x7f0000000200)={r31, 0x1, 0x3, @dev={[], 0x11}}, 0xa) ioctl$ION_IOC_ALLOC(r5, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) [ 1475.436862] free:854774 free_pcp:156 free_cma:0 [ 1475.456232] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1475.516431] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1475.528490] CPU: 1 PID: 876 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1475.536250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1475.545621] Call Trace: [ 1475.548231] dump_stack+0x197/0x210 [ 1475.551994] warn_alloc.cold+0x7b/0x173 [ 1475.555976] ? zone_watermark_ok_safe+0x260/0x260 [ 1475.560818] ? compaction_deferred+0x16a/0x3b0 [ 1475.565402] ? try_to_compact_pages+0x44/0xae0 [ 1475.569993] __alloc_pages_slowpath+0x2214/0x2870 [ 1475.574844] ? warn_alloc+0x110/0x110 [ 1475.578655] ? __lock_is_held+0xb6/0x140 [ 1475.582726] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1475.588390] ? should_fail+0x14d/0x85c [ 1475.592301] ? __isolate_free_page+0x4c0/0x4c0 [ 1475.596892] ? __might_sleep+0x95/0x190 [ 1475.600886] __alloc_pages_nodemask+0x617/0x750 [ 1475.605576] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1475.610594] ? fs_reclaim_acquire+0x20/0x20 [ 1475.614908] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1475.620465] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1475.626167] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1475.631716] alloc_pages_current+0x107/0x210 [ 1475.636124] ion_page_pool_alloc+0x17f/0x270 [ 1475.640531] ion_system_heap_allocate+0x154/0xa90 [ 1475.645371] ? ion_system_heap_free+0x250/0x250 [ 1475.650035] ? ion_alloc+0x306/0x900 [ 1475.653757] ion_alloc+0x29b/0x900 [ 1475.657298] ? ion_dma_buf_release+0x50/0x50 [ 1475.661824] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1475.667376] ? _copy_from_user+0xdd/0x150 [ 1475.671530] ion_ioctl+0x17b/0x329 [ 1475.675095] ? ion_alloc.cold+0x28/0x28 [ 1475.679094] ? __might_sleep+0x95/0x190 [ 1475.683072] ? ion_alloc.cold+0x28/0x28 [ 1475.687064] do_vfs_ioctl+0xd5f/0x1380 [ 1475.690975] ? selinux_file_ioctl+0x46c/0x5d0 [ 1475.695472] ? selinux_file_ioctl+0x125/0x5d0 [ 1475.699999] ? ioctl_preallocate+0x210/0x210 [ 1475.704459] ? selinux_file_mprotect+0x620/0x620 [ 1475.709244] ? iterate_fd+0x360/0x360 [ 1475.713049] ? nsecs_to_jiffies+0x30/0x30 [ 1475.717207] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1475.722759] ? security_file_ioctl+0x8d/0xc0 [ 1475.727194] ksys_ioctl+0xab/0xd0 [ 1475.730650] __x64_sys_ioctl+0x73/0xb0 [ 1475.734608] do_syscall_64+0xfd/0x620 [ 1475.738453] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1475.743645] RIP: 0033:0x45b349 [ 1475.746850] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1475.765885] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1475.773593] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1475.780893] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1475.788167] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1475.795446] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1475.802830] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1475.812187] CPU: 1 PID: 874 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1475.819928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1475.829306] Call Trace: [ 1475.831932] dump_stack+0x197/0x210 [ 1475.835595] warn_alloc.cold+0x7b/0x173 [ 1475.839643] ? zone_watermark_ok_safe+0x260/0x260 [ 1475.844549] ? compaction_deferred+0x16a/0x3b0 [ 1475.849566] ? try_to_compact_pages+0x44/0xae0 [ 1475.854198] __alloc_pages_slowpath+0x2214/0x2870 [ 1475.859198] ? warn_alloc+0x110/0x110 [ 1475.863063] ? __lock_is_held+0xb6/0x140 [ 1475.867193] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1475.872855] ? should_fail+0x14d/0x85c [ 1475.876797] ? __isolate_free_page+0x4c0/0x4c0 [ 1475.881420] ? __might_sleep+0x95/0x190 [ 1475.885428] __alloc_pages_nodemask+0x617/0x750 [ 1475.889181] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1475.890136] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1475.890156] ? fs_reclaim_acquire+0x20/0x20 [ 1475.890175] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1475.890193] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1475.890207] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1475.890228] alloc_pages_current+0x107/0x210 [ 1475.890251] ion_page_pool_alloc+0x17f/0x270 [ 1475.890268] ion_system_heap_allocate+0x154/0xa90 [ 1475.890289] ? ion_system_heap_free+0x250/0x250 [ 1475.890305] ? ion_alloc+0x306/0x900 [ 1475.890325] ion_alloc+0x29b/0x900 [ 1475.890347] ? ion_dma_buf_release+0x50/0x50 [ 1475.890368] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 22:56:53 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000170000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1475.908982] Node 0 active_anon:1062588kB inactive_anon:816kB active_file:20kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208928kB dirty:0kB writeback:0kB shmem:1016kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 344064kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1475.913796] ? _copy_from_user+0xdd/0x150 [ 1475.913816] ion_ioctl+0x17b/0x329 [ 1475.913832] ? ion_alloc.cold+0x28/0x28 [ 1475.913853] ? __might_sleep+0x95/0x190 [ 1475.913870] ? ion_alloc.cold+0x28/0x28 [ 1475.913889] do_vfs_ioctl+0xd5f/0x1380 [ 1475.913906] ? selinux_file_ioctl+0x46c/0x5d0 [ 1475.913921] ? selinux_file_ioctl+0x125/0x5d0 [ 1475.913935] ? ioctl_preallocate+0x210/0x210 [ 1475.913955] ? selinux_file_mprotect+0x620/0x620 [ 1475.928118] device team0 entered promiscuous mode [ 1475.929774] ? iterate_fd+0x360/0x360 [ 1475.929888] ? nsecs_to_jiffies+0x30/0x30 [ 1475.929915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1475.929931] ? security_file_ioctl+0x8d/0xc0 [ 1475.929949] ksys_ioctl+0xab/0xd0 [ 1475.929966] __x64_sys_ioctl+0x73/0xb0 [ 1475.929987] do_syscall_64+0xfd/0x620 [ 1475.947491] Node 0 DMA free:10484kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1475.947944] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1475.947956] RIP: 0033:0x45b349 [ 1475.947969] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1475.947981] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1475.957021] device team_slave_0 entered promiscuous mode [ 1475.961499] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1475.961508] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1475.961516] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1475.961523] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1475.961531] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1476.010134] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1476.176334] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1476.192455] device team_slave_1 entered promiscuous mode 22:56:53 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x4000}) [ 1476.232788] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1476.279056] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1476.307905] CPU: 1 PID: 881 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1476.315683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1476.325348] Call Trace: [ 1476.327964] dump_stack+0x197/0x210 [ 1476.331626] warn_alloc.cold+0x7b/0x173 [ 1476.335632] ? zone_watermark_ok_safe+0x260/0x260 [ 1476.340737] ? compaction_deferred+0x16a/0x3b0 [ 1476.345345] ? try_to_compact_pages+0x44/0xae0 [ 1476.349969] __alloc_pages_slowpath+0x2214/0x2870 [ 1476.355033] ? warn_alloc+0x110/0x110 [ 1476.358851] ? __lock_is_held+0xb6/0x140 [ 1476.362942] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1476.368512] ? should_fail+0x14d/0x85c [ 1476.372532] ? __isolate_free_page+0x4c0/0x4c0 [ 1476.377140] ? __might_sleep+0x95/0x190 [ 1476.379913] Node 0 DMA32 free:45616kB min:36168kB low:45208kB high:54248kB active_anon:1060140kB inactive_anon:816kB active_file:20kB inactive_file:32kB unevictable:0kB writepending:0kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28032kB pagetables:70936kB bounce:0kB free_pcp:1144kB local_pcp:484kB free_cma:0kB [ 1476.381129] __alloc_pages_nodemask+0x617/0x750 [ 1476.381151] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1476.381170] ? fs_reclaim_acquire+0x20/0x20 [ 1476.424719] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1476.430309] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1476.436048] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1476.441616] alloc_pages_current+0x107/0x210 [ 1476.446056] ion_page_pool_alloc+0x17f/0x270 [ 1476.450495] ion_system_heap_allocate+0x154/0xa90 [ 1476.455359] ? ion_system_heap_free+0x250/0x250 [ 1476.460069] ? ion_alloc+0x306/0x900 [ 1476.463808] ion_alloc+0x29b/0x900 [ 1476.467377] ? ion_dma_buf_release+0x50/0x50 [ 1476.471813] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 22:56:53 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/dev\x00') ioctl$RTC_EPOCH_READ(r1, 0x8008700d, &(0x7f0000000080)) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000300)=""/238, 0xee) [ 1476.477372] ? _copy_from_user+0xdd/0x150 [ 1476.481548] ion_ioctl+0x17b/0x329 [ 1476.485120] ? ion_alloc.cold+0x28/0x28 [ 1476.489123] ? __might_sleep+0x95/0x190 [ 1476.493120] ? ion_alloc.cold+0x28/0x28 [ 1476.497215] do_vfs_ioctl+0xd5f/0x1380 [ 1476.497483] lowmem_reserve[]: 0 0 1 1 1 [ 1476.501131] ? selinux_file_ioctl+0x46c/0x5d0 [ 1476.501146] ? selinux_file_ioctl+0x125/0x5d0 [ 1476.501162] ? ioctl_preallocate+0x210/0x210 [ 1476.501178] ? selinux_file_mprotect+0x620/0x620 [ 1476.501199] ? iterate_fd+0x360/0x360 [ 1476.501215] ? nsecs_to_jiffies+0x30/0x30 [ 1476.501237] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1476.505621] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1476.509728] ? security_file_ioctl+0x8d/0xc0 [ 1476.509748] ksys_ioctl+0xab/0xd0 [ 1476.509765] __x64_sys_ioctl+0x73/0xb0 [ 1476.509798] do_syscall_64+0xfd/0x620 [ 1476.509819] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1476.509829] RIP: 0033:0x45b349 [ 1476.509845] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1476.509854] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1476.509869] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1476.509878] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000007 22:56:54 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000074000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1476.509887] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1476.509894] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1476.509902] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1476.580806] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1476.695389] lowmem_reserve[]: 0 0 0 0 0 [ 1476.722930] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1476.725726] Node 0 DMA: 27*4kB (UME) 15*8kB (UME) 19*16kB (UME) 19*32kB (UM) 3*64kB (UME) 3*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10420kB [ 1476.777689] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1476.788997] Node 0 DMA32: 1481*4kB (UEH) 2321*8kB (UMH) 1080*16kB (UMEH) 891*32kB (UEH) 4*64kB (UH) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 71308kB [ 1476.801397] CPU: 0 PID: 1012 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1476.806536] warn_alloc_show_mem: 2 callbacks suppressed [ 1476.806540] Mem-Info: [ 1476.813206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1476.813213] Call Trace: [ 1476.813239] dump_stack+0x197/0x210 [ 1476.813263] warn_alloc.cold+0x7b/0x173 [ 1476.813282] ? zone_watermark_ok_safe+0x260/0x260 [ 1476.813298] ? compaction_deferred+0x16a/0x3b0 [ 1476.813317] ? try_to_compact_pages+0x44/0xae0 [ 1476.819606] active_anon:277799 inactive_anon:203 isolated_anon:0 [ 1476.819606] active_file:4231 inactive_file:7105 isolated_file:0 [ 1476.819606] unevictable:0 dirty:25 writeback:0 unstable:0 [ 1476.819606] slab_reclaimable:17271 slab_unreclaimable:129137 [ 1476.819606] mapped:58837 shmem:255 pagetables:26229 bounce:0 [ 1476.819606] free:830969 free_pcp:444 free_cma:0 [ 1476.821141] __alloc_pages_slowpath+0x2214/0x2870 [ 1476.821177] ? warn_alloc+0x110/0x110 [ 1476.821193] ? __lock_is_held+0xb6/0x140 [ 1476.821211] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1476.821231] ? should_fail+0x14d/0x85c [ 1476.831491] Node 0 active_anon:1062732kB inactive_anon:812kB active_file:16kB inactive_file:68kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208924kB dirty:24kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 344064kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1476.833183] ? __isolate_free_page+0x4c0/0x4c0 [ 1476.833206] ? __might_sleep+0x95/0x190 [ 1476.833227] __alloc_pages_nodemask+0x617/0x750 [ 1476.837771] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1476.840957] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1476.840977] ? fs_reclaim_acquire+0x20/0x20 [ 1476.840993] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1476.841010] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1476.841028] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1476.848866] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1476.850472] alloc_pages_current+0x107/0x210 [ 1476.850496] ion_page_pool_alloc+0x17f/0x270 [ 1476.850515] ion_system_heap_allocate+0x154/0xa90 [ 1476.850540] ? ion_system_heap_free+0x250/0x250 [ 1476.850559] ? ion_alloc+0x306/0x900 22:56:54 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x32}) [ 1476.860247] Node 0 DMA free:10420kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1476.888852] ion_alloc+0x29b/0x900 [ 1476.888877] ? ion_dma_buf_release+0x50/0x50 [ 1476.888902] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1476.888917] ? _copy_from_user+0xdd/0x150 [ 1476.888935] ion_ioctl+0x17b/0x329 [ 1476.888951] ? ion_alloc.cold+0x28/0x28 [ 1476.888969] ? __might_sleep+0x95/0x190 [ 1476.888988] ? ion_alloc.cold+0x28/0x28 [ 1476.894588] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1476.897635] do_vfs_ioctl+0xd5f/0x1380 [ 1476.897655] ? selinux_file_ioctl+0x46c/0x5d0 [ 1476.897669] ? selinux_file_ioctl+0x125/0x5d0 [ 1476.897686] ? ioctl_preallocate+0x210/0x210 [ 1476.902573] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1476.907429] ? selinux_file_mprotect+0x620/0x620 [ 1476.907455] ? iterate_fd+0x360/0x360 [ 1476.907472] ? nsecs_to_jiffies+0x30/0x30 [ 1476.907494] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1476.916853] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1476.939157] ? security_file_ioctl+0x8d/0xc0 [ 1476.939177] ksys_ioctl+0xab/0xd0 [ 1476.939196] __x64_sys_ioctl+0x73/0xb0 [ 1476.939215] do_syscall_64+0xfd/0x620 [ 1476.939236] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1476.939248] RIP: 0033:0x45b349 [ 1476.939263] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1476.939270] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1476.944509] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1476.947849] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1476.947859] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1476.947869] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1476.947878] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1476.947886] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1477.074495] Node 0 DMA32 free:62836kB min:36168kB low:45208kB high:54248kB active_anon:1060184kB inactive_anon:812kB active_file:16kB inactive_file:68kB unevictable:0kB writepending:24kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28128kB pagetables:70892kB bounce:0kB free_pcp:1612kB local_pcp:304kB free_cma:0kB [ 1477.270646] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1477.279254] 11590 total pagecache pages [ 1477.284485] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1477.294328] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1477.294338] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1477.294375] CPU: 1 PID: 1023 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1477.294384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1477.294389] Call Trace: [ 1477.294414] dump_stack+0x197/0x210 [ 1477.319831] 0 pages in swap cache [ 1477.328513] warn_alloc.cold+0x7b/0x173 [ 1477.328533] ? zone_watermark_ok_safe+0x260/0x260 [ 1477.328548] ? compaction_deferred+0x16a/0x3b0 [ 1477.328567] ? try_to_compact_pages+0x44/0xae0 [ 1477.334496] Swap cache stats: add 0, delete 0, find 0/0 [ 1477.334807] __alloc_pages_slowpath+0x2214/0x2870 [ 1477.334839] ? warn_alloc+0x110/0x110 [ 1477.338340] Free swap = 0kB [ 1477.342368] ? __lock_is_held+0xb6/0x140 [ 1477.342389] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1477.342404] ? should_fail+0x14d/0x85c [ 1477.342423] ? __isolate_free_page+0x4c0/0x4c0 [ 1477.342442] ? __might_sleep+0x95/0x190 [ 1477.342461] __alloc_pages_nodemask+0x617/0x750 [ 1477.342479] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1477.342497] ? fs_reclaim_acquire+0x20/0x20 [ 1477.342512] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1477.342528] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1477.342546] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1477.348292] Total swap = 0kB [ 1477.352202] alloc_pages_current+0x107/0x210 [ 1477.352227] ion_page_pool_alloc+0x17f/0x270 [ 1477.352246] ion_system_heap_allocate+0x154/0xa90 [ 1477.352267] ? ion_system_heap_free+0x250/0x250 [ 1477.352284] ? ion_alloc+0x306/0x900 [ 1477.352303] ion_alloc+0x29b/0x900 [ 1477.352324] ? ion_dma_buf_release+0x50/0x50 [ 1477.352348] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1477.352361] ? _copy_from_user+0xdd/0x150 [ 1477.352385] ion_ioctl+0x17b/0x329 [ 1477.357136] 1965979 pages RAM 22:56:54 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000390000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1477.362337] ? ion_alloc.cold+0x28/0x28 [ 1477.362365] ? __might_sleep+0x95/0x190 [ 1477.362381] ? ion_alloc.cold+0x28/0x28 [ 1477.362399] do_vfs_ioctl+0xd5f/0x1380 [ 1477.362416] ? selinux_file_ioctl+0x46c/0x5d0 [ 1477.362431] ? selinux_file_ioctl+0x125/0x5d0 [ 1477.362445] ? ioctl_preallocate+0x210/0x210 [ 1477.362461] ? selinux_file_mprotect+0x620/0x620 [ 1477.362482] ? iterate_fd+0x360/0x360 [ 1477.367528] 0 pages HighMem/MovableOnly [ 1477.371140] ? nsecs_to_jiffies+0x30/0x30 [ 1477.371165] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1477.371182] ? security_file_ioctl+0x8d/0xc0 [ 1477.371199] ksys_ioctl+0xab/0xd0 [ 1477.371217] __x64_sys_ioctl+0x73/0xb0 [ 1477.371236] do_syscall_64+0xfd/0x620 [ 1477.371256] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1477.371266] RIP: 0033:0x45b349 [ 1477.371284] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1477.374445] 341741 pages reserved [ 1477.378452] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1477.378467] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1477.378475] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1477.378484] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1477.378492] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1477.378501] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1477.483433] syz-executor.1 invoked oom-killer: gfp_mask=0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0, order=0, oom_score_adj=1000 [ 1477.537093] 0 pages cma reserved [ 1477.549773] lowmem_reserve[]: 0 0 1 1 1 [ 1477.558564] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1477.603625] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:56:55 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x20000000}) 22:56:55 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x400000}) [ 1477.699987] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1477.757860] lowmem_reserve[]: 0 0 0 0 0 [ 1477.766723] Node 0 DMA: 20*4kB (UME) 15*8kB (UME) 19*16kB (UME) 19*32kB (UM) 3*64kB (UME) 3*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10392kB [ 1477.797297] Node 0 DMA32: 153*4kB (UEH) 29*8kB (UMH) 270*16kB (UMEH) 896*32kB (UEH) 121*64kB (UH) 89*128kB (UH) 55*256kB (U) 25*512kB (UH) 21*1024kB (U) 0*2048kB 0*4096kB = 101356kB [ 1477.835180] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1477.842745] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1477.858011] CPU: 1 PID: 1014 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1477.865862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1477.875254] Call Trace: [ 1477.877886] dump_stack+0x197/0x210 [ 1477.881548] warn_alloc.cold+0x7b/0x173 [ 1477.885554] ? zone_watermark_ok_safe+0x260/0x260 [ 1477.890429] ? compaction_deferred+0x16a/0x3b0 [ 1477.895052] ? try_to_compact_pages+0x44/0xae0 [ 1477.899874] __alloc_pages_slowpath+0x2214/0x2870 [ 1477.904774] ? warn_alloc+0x110/0x110 [ 1477.908610] ? __lock_is_held+0xb6/0x140 [ 1477.912810] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1477.918373] ? should_fail+0x14d/0x85c [ 1477.922292] ? __isolate_free_page+0x4c0/0x4c0 [ 1477.926995] ? __might_sleep+0x95/0x190 [ 1477.931033] __alloc_pages_nodemask+0x617/0x750 [ 1477.935754] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1477.940932] ? fs_reclaim_acquire+0x20/0x20 [ 1477.945327] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1477.950997] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1477.956743] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1477.962330] alloc_pages_current+0x107/0x210 [ 1477.966914] ion_page_pool_alloc+0x17f/0x270 [ 1477.971464] ion_system_heap_allocate+0x154/0xa90 [ 1477.976349] ? ion_system_heap_free+0x250/0x250 [ 1477.981058] ? ion_alloc+0x306/0x900 [ 1477.984793] ion_alloc+0x29b/0x900 [ 1477.988377] ? ion_dma_buf_release+0x50/0x50 [ 1477.992830] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1477.998405] ? _copy_from_user+0xdd/0x150 [ 1478.000548] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1478.002581] ion_ioctl+0x17b/0x329 [ 1478.011512] ? ion_alloc.cold+0x28/0x28 [ 1478.015526] ? __might_sleep+0x95/0x190 [ 1478.019522] ? ion_alloc.cold+0x28/0x28 [ 1478.023554] do_vfs_ioctl+0xd5f/0x1380 [ 1478.027487] ? selinux_file_ioctl+0x46c/0x5d0 [ 1478.032009] ? selinux_file_ioctl+0x125/0x5d0 [ 1478.036531] ? ioctl_preallocate+0x210/0x210 [ 1478.041222] ? selinux_file_mprotect+0x620/0x620 [ 1478.046114] ? iterate_fd+0x360/0x360 [ 1478.050481] ? nsecs_to_jiffies+0x30/0x30 [ 1478.054675] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1478.060267] ? security_file_ioctl+0x8d/0xc0 [ 1478.064693] ksys_ioctl+0xab/0xd0 [ 1478.068186] __x64_sys_ioctl+0x73/0xb0 [ 1478.072100] do_syscall_64+0xfd/0x620 [ 1478.076043] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1478.081255] RIP: 0033:0x45b349 [ 1478.084464] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:56:55 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x6b6b6b}) 22:56:55 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000293000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1478.103531] RSP: 002b:00007f17cfa52c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1478.111268] RAX: ffffffffffffffda RBX: 00007f17cfa536d4 RCX: 000000000045b349 [ 1478.118660] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1478.126064] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 1478.133370] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1478.140661] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bfd4 [ 1478.166378] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1478.203837] CPU: 0 PID: 1012 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1478.211673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1478.215963] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1478.221043] Call Trace: [ 1478.221070] dump_stack+0x197/0x210 [ 1478.221088] dump_header+0x15e/0xa55 [ 1478.221107] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1478.221122] ? ___ratelimit+0x60/0x595 [ 1478.221142] ? do_raw_spin_unlock+0x181/0x270 [ 1478.253255] oom_kill_process.cold+0x10/0x6ef [ 1478.257782] ? lock_downgrade+0x880/0x880 [ 1478.262002] out_of_memory+0x362/0x1330 [ 1478.266006] ? oom_killer_disable+0x280/0x280 [ 1478.270525] ? mutex_trylock+0x18e/0x1e0 [ 1478.274604] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 1478.279560] __alloc_pages_slowpath+0x20b5/0x2870 [ 1478.284449] ? warn_alloc+0x110/0x110 [ 1478.288273] ? __lock_is_held+0xb6/0x140 [ 1478.290995] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1478.292375] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1478.292390] ? should_fail+0x14d/0x85c [ 1478.292414] ? __might_sleep+0x95/0x190 [ 1478.314716] __alloc_pages_nodemask+0x617/0x750 [ 1478.319422] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1478.324576] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1478.330265] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1478.335997] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1478.341557] alloc_pages_current+0x107/0x210 [ 1478.345987] ion_page_pool_alloc+0x17f/0x270 [ 1478.350425] ion_system_heap_allocate+0x154/0xa90 [ 1478.355315] ? ion_system_heap_free+0x250/0x250 [ 1478.360014] ? ion_alloc+0x306/0x900 [ 1478.363768] ion_alloc+0x29b/0x900 [ 1478.367361] ? ion_dma_buf_release+0x50/0x50 [ 1478.371910] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1478.377470] ? _copy_from_user+0xdd/0x150 [ 1478.381659] ion_ioctl+0x17b/0x329 [ 1478.385231] ? ion_alloc.cold+0x28/0x28 [ 1478.389240] ? __might_sleep+0x95/0x190 [ 1478.392952] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1478.393247] ? ion_alloc.cold+0x28/0x28 [ 1478.405926] do_vfs_ioctl+0xd5f/0x1380 [ 1478.409901] ? selinux_file_ioctl+0x46c/0x5d0 [ 1478.414442] ? selinux_file_ioctl+0x125/0x5d0 [ 1478.419074] ? ioctl_preallocate+0x210/0x210 [ 1478.419705] 11580 total pagecache pages [ 1478.423524] ? selinux_file_mprotect+0x620/0x620 [ 1478.423547] ? iterate_fd+0x360/0x360 [ 1478.423563] ? nsecs_to_jiffies+0x30/0x30 [ 1478.423584] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1478.429708] 0 pages in swap cache [ 1478.432342] ? security_file_ioctl+0x8d/0xc0 [ 1478.432363] ksys_ioctl+0xab/0xd0 [ 1478.432386] __x64_sys_ioctl+0x73/0xb0 [ 1478.439595] Swap cache stats: add 0, delete 0, find 0/0 22:56:55 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000198000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1478.440351] do_syscall_64+0xfd/0x620 [ 1478.440373] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1478.440389] RIP: 0033:0x45b349 [ 1478.445929] Free swap = 0kB [ 1478.449397] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1478.475818] Total swap = 0kB [ 1478.478756] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1478.478770] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1478.478779] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1478.478788] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1478.478796] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1478.478808] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1478.509744] 1965979 pages RAM [ 1478.773780] 0 pages HighMem/MovableOnly [ 1478.787270] 341741 pages reserved [ 1478.799289] 0 pages cma reserved [ 1478.813541] Mem-Info: [ 1478.816480] active_anon:277761 inactive_anon:203 isolated_anon:0 22:56:56 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x80ffff}) 22:56:56 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x3a}) 22:56:56 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000009a000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1478.816480] active_file:4231 inactive_file:7095 isolated_file:0 [ 1478.816480] unevictable:0 dirty:19 writeback:0 unstable:0 [ 1478.816480] slab_reclaimable:17300 slab_unreclaimable:129259 [ 1478.816480] mapped:58829 shmem:255 pagetables:26179 bounce:0 [ 1478.816480] free:853902 free_pcp:494 free_cma:0 [ 1478.988075] warn_alloc_show_mem: 2 callbacks suppressed [ 1478.988080] Mem-Info: [ 1479.018683] Node 0 active_anon:1062348kB inactive_anon:812kB active_file:16kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208920kB dirty:0kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 344064kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1479.181289] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1479.219886] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1479.225640] CPU: 0 PID: 1195 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1479.233462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1479.242847] Call Trace: [ 1479.245477] dump_stack+0x197/0x210 [ 1479.249148] warn_alloc.cold+0x7b/0x173 [ 1479.253161] ? zone_watermark_ok_safe+0x260/0x260 [ 1479.258034] ? compaction_deferred+0x16a/0x3b0 [ 1479.262643] ? try_to_compact_pages+0x44/0xae0 [ 1479.267264] __alloc_pages_slowpath+0x2214/0x2870 [ 1479.272150] ? warn_alloc+0x110/0x110 [ 1479.275969] ? __lock_is_held+0xb6/0x140 [ 1479.280053] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1479.285609] ? should_fail+0x14d/0x85c [ 1479.289521] ? __isolate_free_page+0x4c0/0x4c0 [ 1479.294138] ? __might_sleep+0x95/0x190 [ 1479.298146] __alloc_pages_nodemask+0x617/0x750 [ 1479.302849] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1479.307889] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1479.313449] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1479.319183] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1479.324754] alloc_pages_current+0x107/0x210 [ 1479.329221] ion_page_pool_alloc+0x17f/0x270 [ 1479.333660] ion_system_heap_allocate+0x154/0xa90 [ 1479.338538] ? ion_system_heap_free+0x250/0x250 [ 1479.343239] ? ion_alloc+0x306/0x900 [ 1479.346981] ion_alloc+0x29b/0x900 [ 1479.350548] ? ion_dma_buf_release+0x50/0x50 [ 1479.354983] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1479.360539] ? _copy_from_user+0xdd/0x150 [ 1479.364711] ion_ioctl+0x17b/0x329 [ 1479.368270] ? ion_alloc.cold+0x28/0x28 [ 1479.372269] ? __might_sleep+0x95/0x190 [ 1479.376261] ? ion_alloc.cold+0x28/0x28 [ 1479.380381] do_vfs_ioctl+0xd5f/0x1380 [ 1479.384287] ? selinux_file_ioctl+0x46c/0x5d0 [ 1479.388910] ? selinux_file_ioctl+0x125/0x5d0 [ 1479.393432] ? ioctl_preallocate+0x210/0x210 [ 1479.397863] ? selinux_file_mprotect+0x620/0x620 [ 1479.402795] ? iterate_fd+0x360/0x360 [ 1479.406617] ? nsecs_to_jiffies+0x30/0x30 [ 1479.410799] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1479.416361] ? security_file_ioctl+0x8d/0xc0 [ 1479.420911] ksys_ioctl+0xab/0xd0 [ 1479.424393] __x64_sys_ioctl+0x73/0xb0 [ 1479.428311] do_syscall_64+0xfd/0x620 [ 1479.432140] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1479.438478] RIP: 0033:0x45b349 [ 1479.441686] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1479.460607] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1479.468345] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1479.475635] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1479.483043] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1479.490335] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1479.497653] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1479.510101] active_anon:277247 inactive_anon:203 isolated_anon:0 [ 1479.510101] active_file:4231 inactive_file:7095 isolated_file:0 [ 1479.510101] unevictable:0 dirty:19 writeback:0 unstable:0 [ 1479.510101] slab_reclaimable:17300 slab_unreclaimable:129131 [ 1479.510101] mapped:58854 shmem:255 pagetables:26216 bounce:0 [ 1479.510101] free:782491 free_pcp:706 free_cma:0 [ 1479.510133] Node 0 active_anon:1060192kB inactive_anon:812kB active_file:16kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208920kB dirty:0kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 344064kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1479.510139] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1479.510190] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1479.867116] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1479.894649] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1479.910044] Node 0 DMA32 free:39068kB min:36168kB low:45208kB high:54248kB active_anon:1057636kB inactive_anon:804kB active_file:16kB inactive_file:4kB unevictable:0kB writepending:0kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27808kB pagetables:70420kB bounce:0kB free_pcp:2796kB local_pcp:1356kB free_cma:0kB [ 1479.943529] Node 0 DMA32 free:39068kB min:36168kB low:45208kB high:54248kB active_anon:1057636kB inactive_anon:804kB active_file:16kB inactive_file:4kB unevictable:0kB writepending:0kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27808kB pagetables:70420kB bounce:0kB free_pcp:2796kB local_pcp:1440kB free_cma:0kB [ 1479.960028] lowmem_reserve[]: 0 0 1 1 1 [ 1479.977677] lowmem_reserve[]: 0 0 1 1 1 [ 1479.982223] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1479.990090] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1480.012778] lowmem_reserve[]: 0 0 0 0 0 [ 1480.034591] lowmem_reserve[]: 0 0 0 0 0 [ 1480.042655] Node 0 DMA: 20*4kB (UME) 8*8kB (UME) 15*16kB (UME) 19*32kB (UM) 3*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10400kB [ 1480.059213] Node 0 DMA: 20*4kB (UME) 8*8kB (UME) 15*16kB (UME) 19*32kB (UM) 3*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10400kB [ 1480.076984] Node 0 DMA32: 101*4kB (UMEH) 422*8kB (UMEH) 64*16kB (UMEH) 901*32kB (UEH) 6*64kB (MEH) 9*128kB (MEH) 1*256kB (M) 3*512kB (UEH) 0*1024kB 1*2048kB (M) 0*4096kB = 39012kB [ 1480.093697] Node 0 DMA32: 101*4kB (UMEH) 422*8kB (UMEH) 64*16kB (UMEH) 901*32kB (UEH) 6*64kB (MEH) 9*128kB (MEH) 1*256kB (M) 3*512kB (UEH) 0*1024kB 1*2048kB (M) 0*4096kB = 39012kB [ 1480.119963] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1480.140870] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1480.156970] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1480.167875] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1480.179382] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1480.179792] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1480.190063] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1480.200179] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1480.210491] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1480.214851] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1480.227528] 11589 total pagecache pages [ 1480.232411] 11589 total pagecache pages [ 1480.236296] 0 pages in swap cache [ 1480.240974] 0 pages in swap cache [ 1480.247107] Swap cache stats: add 0, delete 0, find 0/0 [ 1480.248330] Swap cache stats: add 0, delete 0, find 0/0 [ 1480.252842] Free swap = 0kB [ 1480.258330] Free swap = 0kB [ 1480.261191] Total swap = 0kB [ 1480.267293] 1965979 pages RAM [ 1480.268816] Total swap = 0kB [ 1480.270656] 0 pages HighMem/MovableOnly [ 1480.273860] 1965979 pages RAM [ 1480.277617] 341741 pages reserved [ 1480.284271] 0 pages cma reserved [ 1480.284939] 0 pages HighMem/MovableOnly [ 1480.287823] Out of memory: Kill process 863 (syz-executor.0) score 1007 or sacrifice child [ 1480.291914] 341741 pages reserved [ 1480.308561] 0 pages cma reserved 22:56:57 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) ioctl$VIDIOC_QUERYBUF(r3, 0xc0585609, &(0x7f0000000100)={0xff, 0x3bc8d17b2ca60a6e, 0x4, 0x40, 0x668e4103, {r4, r5/1000+30000}, {0x5, 0x0, 0x6c, 0x0, 0x0, 0x7, "f79faaa6"}, 0xe5b, 0x1, @planes=&(0x7f0000000080)={0x4, 0x8, @mem_offset=0x588, 0x7241}, 0x7, 0x0, r1}) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r6, 0x84, 0x8, &(0x7f0000000180)=0xff, 0x4) 22:56:57 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) r1 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r1, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r1, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000000)=@sack_info={0x0, 0x4, 0x575d9ba0}, &(0x7f0000000040)=0xc) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000100)={r2, @in6={{0xa, 0x4e22, 0x8, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x1}}}, 0x84) 22:56:57 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000019a000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:56:57 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x4000000}) 22:56:57 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3f000000}) 22:56:57 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x3c}) [ 1480.481324] xt_check_match: 7 callbacks suppressed [ 1480.481340] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1480.535593] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:56:58 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000039b000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:56:58 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x40000000}) [ 1480.783592] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1480.832794] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1480.847163] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1480.892284] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1480.914035] CPU: 0 PID: 1346 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1480.921894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1480.931284] Call Trace: [ 1480.933899] dump_stack+0x197/0x210 [ 1480.937572] warn_alloc.cold+0x7b/0x173 [ 1480.941584] ? zone_watermark_ok_safe+0x260/0x260 [ 1480.946450] ? compaction_deferred+0x16a/0x3b0 [ 1480.951093] ? try_to_compact_pages+0x44/0xae0 [ 1480.955724] __alloc_pages_slowpath+0x2214/0x2870 [ 1480.960651] ? warn_alloc+0x110/0x110 [ 1480.964484] ? __lock_is_held+0xb6/0x140 [ 1480.968570] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1480.974135] ? should_fail+0x14d/0x85c [ 1480.978057] ? __isolate_free_page+0x4c0/0x4c0 [ 1480.982878] ? __might_sleep+0x95/0x190 [ 1480.986888] __alloc_pages_nodemask+0x617/0x750 [ 1480.991604] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1480.996652] ? fs_reclaim_acquire+0x20/0x20 [ 1481.000997] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1481.006695] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1481.012446] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1481.018011] alloc_pages_current+0x107/0x210 [ 1481.022459] ion_page_pool_alloc+0x17f/0x270 [ 1481.026900] ion_system_heap_allocate+0x154/0xa90 [ 1481.031777] ? ion_system_heap_free+0x250/0x250 [ 1481.036487] ? ion_alloc+0x306/0x900 [ 1481.040224] ion_alloc+0x29b/0x900 [ 1481.043814] ? ion_dma_buf_release+0x50/0x50 [ 1481.048252] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1481.053815] ? _copy_from_user+0xdd/0x150 [ 1481.058107] ion_ioctl+0x17b/0x329 [ 1481.061686] ? ion_alloc.cold+0x28/0x28 [ 1481.065722] ? __might_sleep+0x95/0x190 [ 1481.069729] ? ion_alloc.cold+0x28/0x28 [ 1481.072517] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1481.073723] do_vfs_ioctl+0xd5f/0x1380 [ 1481.073744] ? selinux_file_ioctl+0x46c/0x5d0 [ 1481.073764] ? selinux_file_ioctl+0x125/0x5d0 [ 1481.085622] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1481.089063] ? ioctl_preallocate+0x210/0x210 [ 1481.089085] ? selinux_file_mprotect+0x620/0x620 [ 1481.089107] ? iterate_fd+0x360/0x360 [ 1481.116865] ? nsecs_to_jiffies+0x30/0x30 [ 1481.121052] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1481.126622] ? security_file_ioctl+0x8d/0xc0 [ 1481.131062] ksys_ioctl+0xab/0xd0 [ 1481.134560] __x64_sys_ioctl+0x73/0xb0 [ 1481.139509] do_syscall_64+0xfd/0x620 [ 1481.143322] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1481.148649] RIP: 0033:0x45b349 [ 1481.151858] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1481.170787] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1481.178506] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1481.185907] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1481.193316] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1481.201217] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 22:56:58 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000029c000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1481.208499] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1481.215807] CPU: 1 PID: 1332 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1481.220259] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1481.223622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1481.223627] Call Trace: [ 1481.223651] dump_stack+0x197/0x210 [ 1481.223673] warn_alloc.cold+0x7b/0x173 [ 1481.223692] ? zone_watermark_ok_safe+0x260/0x260 [ 1481.223708] ? __lock_is_held+0xb6/0x140 [ 1481.223742] __alloc_pages_slowpath+0x2214/0x2870 [ 1481.237166] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1481.244538] ? warn_alloc+0x110/0x110 [ 1481.244562] ? __lock_is_held+0xb6/0x140 [ 1481.244580] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1481.244597] ? should_fail+0x14d/0x85c [ 1481.244614] ? __isolate_free_page+0x4c0/0x4c0 [ 1481.244633] ? __might_sleep+0x95/0x190 [ 1481.244650] __alloc_pages_nodemask+0x617/0x750 [ 1481.244669] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1481.244689] ? fs_reclaim_acquire+0x20/0x20 [ 1481.249851] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1481.251007] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1481.251033] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1481.251051] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1481.257391] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1481.259891] alloc_pages_current+0x107/0x210 [ 1481.259914] ion_page_pool_alloc+0x17f/0x270 [ 1481.259931] ion_system_heap_allocate+0x154/0xa90 [ 1481.259952] ? ion_system_heap_free+0x250/0x250 [ 1481.259969] ? ion_alloc+0x306/0x900 [ 1481.259988] ion_alloc+0x29b/0x900 [ 1481.260011] ? ion_dma_buf_release+0x50/0x50 [ 1481.260033] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1481.260047] ? _copy_from_user+0xdd/0x150 [ 1481.260065] ion_ioctl+0x17b/0x329 [ 1481.260087] ? ion_alloc.cold+0x28/0x28 [ 1481.260108] ? __might_sleep+0x95/0x190 [ 1481.260124] ? ion_alloc.cold+0x28/0x28 [ 1481.260141] do_vfs_ioctl+0xd5f/0x1380 [ 1481.260157] ? selinux_file_ioctl+0x46c/0x5d0 [ 1481.260172] ? selinux_file_ioctl+0x125/0x5d0 [ 1481.260186] ? ioctl_preallocate+0x210/0x210 [ 1481.260201] ? selinux_file_mprotect+0x620/0x620 [ 1481.260226] ? iterate_fd+0x360/0x360 [ 1481.268503] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1481.269174] ? nsecs_to_jiffies+0x30/0x30 [ 1481.269205] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1481.269222] ? security_file_ioctl+0x8d/0xc0 [ 1481.269247] ksys_ioctl+0xab/0xd0 [ 1481.295140] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 1481.298149] __x64_sys_ioctl+0x73/0xb0 [ 1481.298171] do_syscall_64+0xfd/0x620 [ 1481.298191] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1481.298207] RIP: 0033:0x45b349 [ 1481.349658] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1481.355017] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1481.359413] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1481.363815] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1481.363830] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1481.363838] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1481.363845] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1481.363852] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1481.363859] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1481.371681] CPU: 1 PID: 1355 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1481.420372] warn_alloc_show_mem: 1 callbacks suppressed [ 1481.420376] Mem-Info: [ 1481.423208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1481.423214] Call Trace: [ 1481.423239] dump_stack+0x197/0x210 [ 1481.423262] warn_alloc.cold+0x7b/0x173 [ 1481.423277] ? zone_watermark_ok_safe+0x260/0x260 [ 1481.423295] ? __lock_is_held+0xb6/0x140 [ 1481.436826] active_anon:277284 inactive_anon:204 isolated_anon:24 [ 1481.436826] active_file:4231 inactive_file:7107 isolated_file:0 [ 1481.436826] unevictable:0 dirty:87 writeback:0 unstable:0 [ 1481.436826] slab_reclaimable:17267 slab_unreclaimable:129224 [ 1481.436826] mapped:58861 shmem:255 pagetables:26216 bounce:0 [ 1481.436826] free:852413 free_pcp:235 free_cma:0 [ 1481.441645] __alloc_pages_slowpath+0x2214/0x2870 [ 1481.441681] ? warn_alloc+0x110/0x110 [ 1481.441695] ? __lock_is_held+0xb6/0x140 [ 1481.441712] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1481.441727] ? should_fail+0x14d/0x85c [ 1481.441744] ? __isolate_free_page+0x4c0/0x4c0 [ 1481.441765] ? __might_sleep+0x95/0x190 [ 1481.478546] Node 0 active_anon:1060084kB inactive_anon:800kB active_file:16kB inactive_file:4kB unevictable:0kB isolated(anon):96kB isolated(file):0kB mapped:208920kB dirty:0kB writeback:0kB shmem:1004kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1481.480780] __alloc_pages_nodemask+0x617/0x750 [ 1481.480802] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1481.480821] ? fs_reclaim_acquire+0x20/0x20 [ 1481.480837] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1481.480855] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1481.480868] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1481.480886] alloc_pages_current+0x107/0x210 [ 1481.480907] ion_page_pool_alloc+0x17f/0x270 [ 1481.480924] ion_system_heap_allocate+0x154/0xa90 [ 1481.480946] ? ion_system_heap_free+0x250/0x250 [ 1481.480962] ? ion_alloc+0x306/0x900 [ 1481.480980] ion_alloc+0x29b/0x900 [ 1481.481001] ? ion_dma_buf_release+0x50/0x50 [ 1481.481022] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 22:56:59 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000000a0000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1481.481035] ? _copy_from_user+0xdd/0x150 [ 1481.481051] ion_ioctl+0x17b/0x329 [ 1481.481067] ? ion_alloc.cold+0x28/0x28 [ 1481.481087] ? __might_sleep+0x95/0x190 [ 1481.481101] ? ion_alloc.cold+0x28/0x28 [ 1481.481117] do_vfs_ioctl+0xd5f/0x1380 [ 1481.481134] ? selinux_file_ioctl+0x46c/0x5d0 [ 1481.481151] ? selinux_file_ioctl+0x125/0x5d0 [ 1481.481171] ? ioctl_preallocate+0x210/0x210 [ 1481.496633] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1481.511387] ? selinux_file_mprotect+0x620/0x620 [ 1481.511409] ? iterate_fd+0x360/0x360 [ 1481.511450] ? nsecs_to_jiffies+0x30/0x30 [ 1481.511472] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1481.511488] ? security_file_ioctl+0x8d/0xc0 [ 1481.511505] ksys_ioctl+0xab/0xd0 [ 1481.511523] __x64_sys_ioctl+0x73/0xb0 [ 1481.511541] do_syscall_64+0xfd/0x620 [ 1481.511565] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1481.555735] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1481.561257] RIP: 0033:0x45b349 [ 1481.561273] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1481.561280] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1481.561294] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1481.561303] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1481.561311] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1481.561318] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1481.561326] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1481.699872] CPU: 1 PID: 1340 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1481.937186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1481.946709] Call Trace: [ 1481.949313] dump_stack+0x197/0x210 [ 1481.952979] warn_alloc.cold+0x7b/0x173 [ 1481.956988] ? zone_watermark_ok_safe+0x260/0x260 [ 1481.961851] ? compaction_deferred+0x16a/0x3b0 [ 1481.966469] ? try_to_compact_pages+0x44/0xae0 [ 1481.971099] __alloc_pages_slowpath+0x2214/0x2870 [ 1481.975974] ? warn_alloc+0x110/0x110 [ 1481.979800] ? __lock_is_held+0xb6/0x140 [ 1481.983874] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1481.989421] ? should_fail+0x14d/0x85c [ 1481.993565] ? __isolate_free_page+0x4c0/0x4c0 [ 1481.998174] ? __might_sleep+0x95/0x190 [ 1482.002169] __alloc_pages_nodemask+0x617/0x750 [ 1482.006863] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1482.011909] ? fs_reclaim_acquire+0x20/0x20 22:56:59 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xf0ffffff}) [ 1482.016349] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1482.021939] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1482.027673] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1482.033254] alloc_pages_current+0x107/0x210 [ 1482.037835] ion_page_pool_alloc+0x17f/0x270 [ 1482.042284] ion_system_heap_allocate+0x154/0xa90 [ 1482.047163] ? ion_system_heap_free+0x250/0x250 [ 1482.051868] ? ion_alloc+0x306/0x900 [ 1482.055751] ion_alloc+0x29b/0x900 [ 1482.059328] ? ion_dma_buf_release+0x50/0x50 [ 1482.063767] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1482.069328] ? _copy_from_user+0xdd/0x150 [ 1482.073597] ion_ioctl+0x17b/0x329 [ 1482.077159] ? ion_alloc.cold+0x28/0x28 [ 1482.081157] ? __might_sleep+0x95/0x190 [ 1482.085159] ? ion_alloc.cold+0x28/0x28 [ 1482.089166] do_vfs_ioctl+0xd5f/0x1380 [ 1482.093075] ? selinux_file_ioctl+0x46c/0x5d0 [ 1482.097692] ? selinux_file_ioctl+0x125/0x5d0 [ 1482.102212] ? ioctl_preallocate+0x210/0x210 [ 1482.106648] ? selinux_file_mprotect+0x620/0x620 [ 1482.111588] ? iterate_fd+0x360/0x360 [ 1482.115430] ? nsecs_to_jiffies+0x30/0x30 [ 1482.119606] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1482.125199] ? security_file_ioctl+0x8d/0xc0 [ 1482.129630] ksys_ioctl+0xab/0xd0 [ 1482.133133] __x64_sys_ioctl+0x73/0xb0 [ 1482.137054] do_syscall_64+0xfd/0x620 [ 1482.140876] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1482.146091] RIP: 0033:0x45b349 [ 1482.149412] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1482.168817] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1482.176712] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1482.184135] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1482.191531] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1482.196870] Node 0 DMA free:10428kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1482.198813] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1482.198823] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1482.247926] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1482.249905] CPU: 0 PID: 1338 Comm: syz-executor.4 Not tainted 4.19.100-syzkaller #0 [ 1482.263084] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1482.265246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1482.265253] Call Trace: [ 1482.265275] dump_stack+0x197/0x210 [ 1482.265299] warn_alloc.cold+0x7b/0x173 [ 1482.294311] ? zone_watermark_ok_safe+0x260/0x260 [ 1482.299179] ? compaction_deferred+0x16a/0x3b0 [ 1482.303794] ? try_to_compact_pages+0x44/0xae0 [ 1482.308431] __alloc_pages_slowpath+0x2214/0x2870 [ 1482.313322] ? warn_alloc+0x110/0x110 [ 1482.317140] ? __lock_is_held+0xb6/0x140 [ 1482.321388] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1482.327081] ? should_fail+0x14d/0x85c [ 1482.330992] ? __isolate_free_page+0x4c0/0x4c0 [ 1482.335600] ? __might_sleep+0x95/0x190 [ 1482.339598] __alloc_pages_nodemask+0x617/0x750 [ 1482.344290] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1482.349330] ? fs_reclaim_acquire+0x20/0x20 [ 1482.353675] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1482.359265] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1482.364997] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1482.370593] alloc_pages_current+0x107/0x210 [ 1482.375053] ion_page_pool_alloc+0x17f/0x270 [ 1482.379510] ion_system_heap_allocate+0x154/0xa90 [ 1482.384383] ? ion_system_heap_free+0x250/0x250 [ 1482.389169] ? ion_alloc+0x306/0x900 [ 1482.392921] ion_alloc+0x29b/0x900 [ 1482.396589] ? ion_dma_buf_release+0x50/0x50 [ 1482.401061] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1482.406623] ? _copy_from_user+0xdd/0x150 [ 1482.410937] ion_ioctl+0x17b/0x329 [ 1482.414506] ? ion_alloc.cold+0x28/0x28 [ 1482.418517] ? __might_sleep+0x95/0x190 [ 1482.422653] ? ion_alloc.cold+0x28/0x28 [ 1482.426667] do_vfs_ioctl+0xd5f/0x1380 [ 1482.430650] ? selinux_file_ioctl+0x46c/0x5d0 [ 1482.435198] ? selinux_file_ioctl+0x125/0x5d0 [ 1482.439719] ? ioctl_preallocate+0x210/0x210 [ 1482.444184] ? selinux_file_mprotect+0x620/0x620 [ 1482.449072] ? iterate_fd+0x360/0x360 [ 1482.452902] ? nsecs_to_jiffies+0x30/0x30 [ 1482.457205] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1482.462896] ? security_file_ioctl+0x8d/0xc0 [ 1482.467351] ksys_ioctl+0xab/0xd0 [ 1482.470958] __x64_sys_ioctl+0x73/0xb0 [ 1482.474888] do_syscall_64+0xfd/0x620 [ 1482.478705] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1482.484026] RIP: 0033:0x45b349 [ 1482.487224] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1482.506347] RSP: 002b:00007ff249f47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1482.514184] RAX: ffffffffffffffda RBX: 00007ff249f486d4 RCX: 000000000045b349 22:56:59 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x42}) [ 1482.521555] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1482.528842] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1482.536131] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1482.543423] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1482.553453] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1482.565046] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1482.569855] CPU: 1 PID: 1344 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1482.584409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1482.590559] warn_alloc_show_mem: 2 callbacks suppressed [ 1482.590565] Mem-Info: [ 1482.593783] Call Trace: [ 1482.599187] active_anon:277229 inactive_anon:205 isolated_anon:12 [ 1482.599187] active_file:4232 inactive_file:7115 isolated_file:0 [ 1482.599187] unevictable:0 dirty:105 writeback:0 unstable:0 [ 1482.599187] slab_reclaimable:17251 slab_unreclaimable:128999 [ 1482.599187] mapped:58851 shmem:255 pagetables:26203 bounce:0 [ 1482.599187] free:804735 free_pcp:0 free_cma:0 [ 1482.601595] dump_stack+0x197/0x210 [ 1482.601617] warn_alloc.cold+0x7b/0x173 [ 1482.601633] ? zone_watermark_ok_safe+0x260/0x260 [ 1482.601648] ? compaction_deferred+0x16a/0x3b0 [ 1482.601665] ? try_to_compact_pages+0x44/0xae0 [ 1482.601695] __alloc_pages_slowpath+0x2214/0x2870 [ 1482.601730] ? warn_alloc+0x110/0x110 [ 1482.601749] ? __lock_is_held+0xb6/0x140 [ 1482.604451] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1482.638427] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1482.638448] ? should_fail+0x14d/0x85c [ 1482.638469] ? __isolate_free_page+0x4c0/0x4c0 [ 1482.638488] ? __might_sleep+0x95/0x190 [ 1482.638507] __alloc_pages_nodemask+0x617/0x750 [ 1482.638527] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1482.638545] ? fs_reclaim_acquire+0x20/0x20 [ 1482.638560] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1482.638577] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1482.638596] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1482.643723] Node 0 active_anon:1060004kB inactive_anon:808kB active_file:20kB inactive_file:36kB unevictable:0kB isolated(anon):48kB isolated(file):0kB mapped:208920kB dirty:36kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1482.646226] alloc_pages_current+0x107/0x210 [ 1482.651144] Node 0 DMA free:10428kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1482.655656] ion_page_pool_alloc+0x17f/0x270 [ 1482.660555] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1482.665217] ion_system_heap_allocate+0x154/0xa90 [ 1482.665240] ? ion_system_heap_free+0x250/0x250 [ 1482.665259] ? ion_alloc+0x306/0x900 [ 1482.681962] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1482.684017] ion_alloc+0x29b/0x900 [ 1482.687889] Node 0 DMA32 free:60900kB min:36168kB low:45208kB high:54248kB active_anon:1057476kB inactive_anon:804kB active_file:20kB inactive_file:36kB unevictable:0kB writepending:36kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27744kB pagetables:70344kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 1482.692488] ? ion_dma_buf_release+0x50/0x50 [ 1482.692512] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1482.692526] ? _copy_from_user+0xdd/0x150 [ 1482.692543] ion_ioctl+0x17b/0x329 [ 1482.692559] ? ion_alloc.cold+0x28/0x28 [ 1482.692585] ? __might_sleep+0x95/0x190 [ 1482.696839] Node 0 DMA32 free:60900kB min:36168kB low:45208kB high:54248kB active_anon:1057476kB inactive_anon:804kB active_file:20kB inactive_file:36kB unevictable:0kB writepending:36kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27744kB pagetables:70344kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 1482.701235] ? ion_alloc.cold+0x28/0x28 [ 1482.701262] do_vfs_ioctl+0xd5f/0x1380 [ 1482.701280] ? selinux_file_ioctl+0x46c/0x5d0 [ 1482.701295] ? selinux_file_ioctl+0x125/0x5d0 [ 1482.701310] ? ioctl_preallocate+0x210/0x210 [ 1482.701325] ? selinux_file_mprotect+0x620/0x620 [ 1482.701346] ? iterate_fd+0x360/0x360 [ 1482.708856] lowmem_reserve[]: 0 0 1 1 1 [ 1482.710840] ? nsecs_to_jiffies+0x30/0x30 [ 1482.710862] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1482.710878] ? security_file_ioctl+0x8d/0xc0 [ 1482.710897] ksys_ioctl+0xab/0xd0 [ 1482.710915] __x64_sys_ioctl+0x73/0xb0 [ 1482.710933] do_syscall_64+0xfd/0x620 [ 1482.710954] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1482.722768] lowmem_reserve[]: 0 0 1 1 1 [ 1482.727772] RIP: 0033:0x45b349 [ 1482.727787] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1482.727795] RSP: 002b:00007f6e444d6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1482.727810] RAX: ffffffffffffffda RBX: 00007f6e444d76d4 RCX: 000000000045b349 [ 1482.727818] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1482.727826] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 1482.727834] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1482.727841] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bfd4 [ 1482.748844] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1482.758237] CPU: 0 PID: 1497 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1483.053251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1483.062616] Call Trace: [ 1483.065222] dump_stack+0x197/0x210 [ 1483.068863] warn_alloc.cold+0x7b/0x173 [ 1483.072852] ? zone_watermark_ok_safe+0x260/0x260 [ 1483.077709] ? compaction_deferred+0x16a/0x3b0 [ 1483.082301] ? try_to_compact_pages+0x44/0xae0 [ 1483.087010] __alloc_pages_slowpath+0x2214/0x2870 [ 1483.092224] ? warn_alloc+0x110/0x110 [ 1483.096172] ? __lock_is_held+0xb6/0x140 [ 1483.100877] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1483.106553] ? should_fail+0x14d/0x85c [ 1483.110464] ? __isolate_free_page+0x4c0/0x4c0 [ 1483.115062] ? __might_sleep+0x95/0x190 [ 1483.119057] __alloc_pages_nodemask+0x617/0x750 [ 1483.123743] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1483.128797] ? fs_reclaim_acquire+0x20/0x20 [ 1483.133147] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1483.138694] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1483.144424] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1483.149990] alloc_pages_current+0x107/0x210 [ 1483.154427] ion_page_pool_alloc+0x17f/0x270 [ 1483.158860] ion_system_heap_allocate+0x154/0xa90 [ 1483.163731] ? ion_system_heap_free+0x250/0x250 [ 1483.168405] ? ion_alloc+0x306/0x900 [ 1483.172128] ion_alloc+0x29b/0x900 [ 1483.175691] ? ion_dma_buf_release+0x50/0x50 [ 1483.180105] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1483.185664] ? _copy_from_user+0xdd/0x150 [ 1483.189834] ion_ioctl+0x17b/0x329 [ 1483.193394] ? ion_alloc.cold+0x28/0x28 [ 1483.197406] ? __might_sleep+0x95/0x190 [ 1483.201390] ? ion_alloc.cold+0x28/0x28 [ 1483.205526] do_vfs_ioctl+0xd5f/0x1380 [ 1483.209419] ? selinux_file_ioctl+0x46c/0x5d0 [ 1483.213961] ? selinux_file_ioctl+0x125/0x5d0 [ 1483.218469] ? ioctl_preallocate+0x210/0x210 [ 1483.222904] ? selinux_file_mprotect+0x620/0x620 [ 1483.227677] ? iterate_fd+0x360/0x360 [ 1483.231637] ? nsecs_to_jiffies+0x30/0x30 [ 1483.235796] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1483.241345] ? security_file_ioctl+0x8d/0xc0 [ 1483.245769] ksys_ioctl+0xab/0xd0 [ 1483.249249] __x64_sys_ioctl+0x73/0xb0 [ 1483.253165] do_syscall_64+0xfd/0x620 [ 1483.256998] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1483.262211] RIP: 0033:0x45b349 [ 1483.265420] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1483.284469] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1483.292195] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1483.299601] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1483.306881] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1483.314268] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1483.321610] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1483.342194] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1483.353893] CPU: 1 PID: 1504 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1483.369050] lowmem_reserve[]: 0 0 0 0 0 [ 1483.377760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1483.377767] Call Trace: [ 1483.377791] dump_stack+0x197/0x210 [ 1483.377811] warn_alloc.cold+0x7b/0x173 [ 1483.377827] ? zone_watermark_ok_safe+0x260/0x260 [ 1483.377844] ? __lock_is_held+0xb6/0x140 [ 1483.377883] __alloc_pages_slowpath+0x2214/0x2870 [ 1483.377914] ? warn_alloc+0x110/0x110 [ 1483.377932] ? __lock_is_held+0xb6/0x140 [ 1483.382842] Node 0 DMA: 27*4kB (UME) 8*8kB (UME) 15*16kB (UME) 19*32kB (UM) 3*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10428kB [ 1483.391948] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1483.391975] ? should_fail+0x14d/0x85c [ 1483.391994] ? __isolate_free_page+0x4c0/0x4c0 [ 1483.392014] ? __might_sleep+0x95/0x190 [ 1483.392033] __alloc_pages_nodemask+0x617/0x750 [ 1483.392052] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1483.392071] ? fs_reclaim_acquire+0x20/0x20 [ 1483.392090] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1483.396496] Node 0 DMA32: 3104*4kB (UMEH) 405*8kB (UMEH) 771*16kB (UMEH) 923*32kB (UMEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 58488kB [ 1483.398355] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1483.398376] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1483.403418] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1483.407515] alloc_pages_current+0x107/0x210 [ 1483.407542] ion_page_pool_alloc+0x17f/0x270 [ 1483.412372] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1483.416499] ion_system_heap_allocate+0x154/0xa90 [ 1483.416521] ? ion_system_heap_free+0x250/0x250 [ 1483.416540] ? ion_alloc+0x306/0x900 [ 1483.421162] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1483.424417] ion_alloc+0x29b/0x900 [ 1483.424442] ? ion_dma_buf_release+0x50/0x50 [ 1483.441238] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1483.446135] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1483.446151] ? _copy_from_user+0xdd/0x150 [ 1483.446174] ion_ioctl+0x17b/0x329 [ 1483.461033] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1483.463434] ? ion_alloc.cold+0x28/0x28 [ 1483.463463] ? __might_sleep+0x95/0x190 [ 1483.463483] ? ion_alloc.cold+0x28/0x28 [ 1483.468966] 11613 total pagecache pages [ 1483.472872] do_vfs_ioctl+0xd5f/0x1380 [ 1483.472891] ? selinux_file_ioctl+0x46c/0x5d0 [ 1483.472905] ? selinux_file_ioctl+0x125/0x5d0 [ 1483.472920] ? ioctl_preallocate+0x210/0x210 [ 1483.472937] ? selinux_file_mprotect+0x620/0x620 [ 1483.472958] ? iterate_fd+0x360/0x360 [ 1483.472978] ? nsecs_to_jiffies+0x30/0x30 [ 1483.473000] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1483.481291] 0 pages in swap cache [ 1483.493775] ? security_file_ioctl+0x8d/0xc0 [ 1483.493794] ksys_ioctl+0xab/0xd0 [ 1483.493813] __x64_sys_ioctl+0x73/0xb0 [ 1483.493829] do_syscall_64+0xfd/0x620 [ 1483.493850] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1483.493861] RIP: 0033:0x45b349 [ 1483.493875] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1483.493883] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1483.493903] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1483.510789] Swap cache stats: add 0, delete 0, find 0/0 [ 1483.515930] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1483.515940] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1483.515948] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1483.515956] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1483.516549] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1483.525521] Free swap = 0kB [ 1483.536412] lowmem_reserve[]: 0 0 0 0 0 [ 1483.546743] Total swap = 0kB [ 1483.548185] Node 0 DMA: 27*4kB (UME) 8*8kB (UME) 15*16kB (UME) 19*32kB (UM) 3*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10428kB [ 1483.558795] 1965979 pages RAM [ 1483.579995] Node 0 DMA32: 3104*4kB (UMEH) 492*8kB (UMEH) 771*16kB (UMEH) 923*32kB (UMEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 59184kB [ 1483.590721] 0 pages HighMem/MovableOnly 22:57:01 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x105440, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1483.610012] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1483.617113] 341741 pages reserved [ 1483.640299] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1483.649799] warn_alloc_show_mem: 3 callbacks suppressed [ 1483.649805] Mem-Info: [ 1483.659997] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1483.681053] 0 pages cma reserved [ 1483.739159] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1483.877324] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1483.880787] active_anon:277220 inactive_anon:205 isolated_anon:0 [ 1483.880787] active_file:4232 inactive_file:7137 isolated_file:0 [ 1483.880787] unevictable:0 dirty:129 writeback:0 unstable:0 [ 1483.880787] slab_reclaimable:17252 slab_unreclaimable:129196 [ 1483.880787] mapped:58829 shmem:255 pagetables:26214 bounce:0 [ 1483.880787] free:789255 free_pcp:267 free_cma:0 [ 1483.893346] 11628 total pagecache pages [ 1483.930594] 0 pages in swap cache [ 1483.957145] Swap cache stats: add 0, delete 0, find 0/0 [ 1483.969903] Node 0 active_anon:1060020kB inactive_anon:804kB active_file:20kB inactive_file:88kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208920kB dirty:8kB writeback:0kB shmem:1004kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1483.979416] Free swap = 0kB [ 1484.032844] Node 0 DMA free:10388kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1484.049572] Total swap = 0kB [ 1484.099754] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1484.104961] Node 0 DMA32 free:199684kB min:36168kB low:45208kB high:54248kB active_anon:1057572kB inactive_anon:804kB active_file:20kB inactive_file:88kB unevictable:0kB writepending:0kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27744kB pagetables:70344kB bounce:0kB free_pcp:1140kB local_pcp:596kB free_cma:0kB [ 1484.141354] lowmem_reserve[]: 0 0 1 1 1 [ 1484.145557] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1484.149747] 1965979 pages RAM [ 1484.177882] lowmem_reserve[]: 0 0 0 0 0 [ 1484.182785] Node 0 DMA: 17*4kB (UME) 8*8kB (UME) 15*16kB (UME) 19*32kB (UM) 3*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10388kB [ 1484.200539] 0 pages HighMem/MovableOnly [ 1484.204549] 341741 pages reserved [ 1484.205162] Node 0 DMA32: 105*4kB (UMEH) 220*8kB (UMEH) 257*16kB (UMEH) 924*32kB (UMEH) 599*64kB (UMEH) 364*128kB (UMEH) 152*256kB (UM) 40*512kB (UEH) 26*1024kB (U) 1*2048kB (U) 0*4096kB = 208852kB [ 1484.208001] 0 pages cma reserved [ 1484.229780] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB 22:57:01 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000001a2000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:01 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8000000}) 22:57:01 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140)='devlink\x00') sendmsg$DEVLINK_CMD_GET(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x14, r2, 0xc91add0bf88807dd, 0x0, 0x0, {0x17}}, 0x14}}, 0x0) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_RESET_STATS(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)={0xc8, r3, 0x100, 0x70bd28, 0x25dfdbff, {}, [@TIPC_NLA_SOCK={0xb4, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8001}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1f}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x80000000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2ee7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xe3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x55d}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1ff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfff}]}]}, 0xc8}, 0x1, 0x0, 0x0, 0x800}, 0x8c1) [ 1484.259952] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1484.269041] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1484.282633] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 22:57:01 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xfeffffff}) 22:57:01 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r2, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000240)='yeah\x00', 0x5) r3 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r3, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r3, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r4 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r4, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r4, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r5 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r4, &(0x7f0000000300)={0xa, 0xce21, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x40}, 0x1c) sendmsg(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r5, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r6 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r6, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r6, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r6, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r7 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r7, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r7, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r7, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) write$binfmt_script(r2, &(0x7f0000000180)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYPTR64=&(0x7f0000000a00)=ANY=[@ANYRES16=r7, @ANYBLOB="e1d978bfb76519fd25029f6e1f01560206141f44b2033eecf3028bcf9d4737f6abc30a896d82a96d308c115b713733608f870b4c0ef56239d7bf43e955aef489d20ea25ea22c754866af2c6fbb9a5ea5326fa12606623068d45b260aec8a390ecaf4f53e0c51e87e4506954641e7e6664f25850024ff21b38518c31f37222d377e89074d04fc62cea91a823f8874f1b3948c7c694e43e144e4ea7fe6351877491ea377f5f3c77b372dcce1e75465acc0eb0c02fc9cfac146b85c0df80d4fe78a5fc875be291fd80a19e93e76989d07bae7beef2668d15bfab8a6068a9a99661f776acc9d0bcc9057525129c1bfe2cd98aae6ae809254e7650616c85e173d41fd0f756bc0214db835220000000000000000", @ANYRESOCT=r1], @ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="6e4cd1fa37c55ac83d7a07d5f543ad21047792fa812d3011d119c2bef05956aa26c107ac6c8ca27e033db77828ba7732264b4dfe43364fd80fc54ffa46d645ee34ff18bd1499630780ea9aa7fc76ae", @ANYRES32=r0], @ANYBLOB="4afb541a69f206754e915ae8e8a477d7540c105bb95a8cb842ae28dcc6dab43a6e4559fb8d9c95e09ded660ace57cd3ba720ed1c49c757120ecc5add59e53ae530e3e08b5573f531e0c7b0f48db4a61a278573dff464ae688239c21c2b40614afab255b89aadcbd1f72eb3c74257389c100954c177806bc7983658c8aa23d669052695e86a5e87b14ce1c9da11d2ba5a27805583185fbf66beb5eb0fcaa5593f4066f6f7eac5f66e4c74fd8dd4540085c13096b3095af3fa77657bd1bbaa69605d56bb4add458f820289b00a5cada4d3fd0738423067b32118f2bc7195b639762a60cdcd0c8ad1aa70", @ANYRES64=0x0]], 0xfffffca1) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000140)=0xda6, 0x4) sendto$inet(r2, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xd38, 0x13c, 0x0, 0x27) setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0) r8 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r8, 0x6, 0x8, &(0x7f00000000c0)=0x2000000000000074, 0x4) bind$inet(r8, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r8, 0x0, 0x0, 0x40, &(0x7f0000e68000)={0x2, 0x4e22, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) write$binfmt_script(r8, &(0x7f0000000b40)=ANY=[@ANYBLOB='#'], 0x1) setsockopt$sock_int(r8, 0x1, 0x8, &(0x7f0000000140)=0xda6, 0x4) sendto$inet(r8, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xd38, 0x13c, 0x0, 0x27) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r8, 0x84, 0x13, &(0x7f0000000100)=0xffffff00, 0x4) getsockopt(r1, 0x5, 0x287c, &(0x7f0000000040)=""/42, &(0x7f0000000080)=0x2a) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) [ 1484.338306] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1484.347700] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1484.392336] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1484.405592] 11603 total pagecache pages [ 1484.421146] 0 pages in swap cache [ 1484.428166] Swap cache stats: add 0, delete 0, find 0/0 22:57:01 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000000b0000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1484.465259] Free swap = 0kB [ 1484.481560] Total swap = 0kB [ 1484.494993] 1965979 pages RAM [ 1484.509283] 0 pages HighMem/MovableOnly [ 1484.522586] 341741 pages reserved [ 1484.533823] 0 pages cma reserved 22:57:02 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r1, 0xc008551c, &(0x7f0000000000)=ANY=[@ANYBLOB="010400000b000000902e0000090000000700000009000000"]) r2 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r2, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) ioctl$SOUND_MIXER_WRITE_RECSRC(r1, 0xc0044dff, &(0x7f0000000040)=0x7fff) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r2, 0x84, 0x5, &(0x7f0000000100)={0x0, @in6={{0xa, 0x4e23, 0x1000, @rand_addr="3414f0508864f3ea06106d382c4b6ea4", 0xf}}}, 0x84) r3 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r3, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) 22:57:02 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000001b6000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:02 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x50}) 22:57:02 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x6b6b6b00}) [ 1485.013033] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1485.055622] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1485.068281] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1485.080656] CPU: 1 PID: 1655 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1485.088640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1485.098135] Call Trace: [ 1485.100747] dump_stack+0x197/0x210 22:57:02 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000002bf000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1485.104409] warn_alloc.cold+0x7b/0x173 [ 1485.108430] ? zone_watermark_ok_safe+0x260/0x260 [ 1485.113312] ? __lock_is_held+0xb6/0x140 [ 1485.117440] __alloc_pages_slowpath+0x2214/0x2870 [ 1485.122335] ? warn_alloc+0x110/0x110 [ 1485.126271] ? __lock_is_held+0xb6/0x140 [ 1485.130471] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1485.136036] ? should_fail+0x14d/0x85c [ 1485.139951] ? __isolate_free_page+0x4c0/0x4c0 [ 1485.144565] ? __might_sleep+0x95/0x190 [ 1485.148696] __alloc_pages_nodemask+0x617/0x750 [ 1485.153389] ? retint_kernel+0x2d/0x2d [ 1485.157311] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1485.162372] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1485.168062] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1485.173804] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1485.179367] alloc_pages_current+0x107/0x210 [ 1485.183821] ion_page_pool_alloc+0x17f/0x270 [ 1485.188256] ion_system_heap_allocate+0x154/0xa90 [ 1485.193169] ? ion_system_heap_free+0x250/0x250 [ 1485.198000] ? ion_alloc+0x306/0x900 [ 1485.201750] ion_alloc+0x29b/0x900 [ 1485.205425] ? ion_dma_buf_release+0x50/0x50 [ 1485.209877] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1485.215451] ? _copy_from_user+0xdd/0x150 [ 1485.219735] ion_ioctl+0x17b/0x329 [ 1485.223449] ? ion_alloc.cold+0x28/0x28 [ 1485.227457] ? __might_sleep+0x95/0x190 [ 1485.231462] ? ion_alloc.cold+0x28/0x28 [ 1485.235636] do_vfs_ioctl+0xd5f/0x1380 [ 1485.240428] ? selinux_file_ioctl+0x46c/0x5d0 [ 1485.244959] ? selinux_file_ioctl+0x125/0x5d0 [ 1485.249483] ? ioctl_preallocate+0x210/0x210 [ 1485.254129] ? selinux_file_mprotect+0x620/0x620 [ 1485.258939] ? iterate_fd+0x360/0x360 [ 1485.262872] ? nsecs_to_jiffies+0x30/0x30 [ 1485.267062] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1485.272628] ? security_file_ioctl+0x8d/0xc0 [ 1485.277064] ksys_ioctl+0xab/0xd0 [ 1485.280543] __x64_sys_ioctl+0x73/0xb0 [ 1485.284462] do_syscall_64+0xfd/0x620 [ 1485.288301] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1485.293506] RIP: 0033:0x45b349 [ 1485.296725] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1485.315935] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1485.323653] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1485.330937] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000007 [ 1485.338240] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1485.345525] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1485.352812] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1485.405490] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1485.437792] CPU: 1 PID: 1641 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1485.445749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1485.455351] Call Trace: [ 1485.457969] dump_stack+0x197/0x210 [ 1485.461631] warn_alloc.cold+0x7b/0x173 [ 1485.465644] ? zone_watermark_ok_safe+0x260/0x260 [ 1485.470575] ? __lock_is_held+0xb6/0x140 [ 1485.474694] __alloc_pages_slowpath+0x2214/0x2870 [ 1485.479594] ? warn_alloc+0x110/0x110 [ 1485.483428] ? __lock_is_held+0xb6/0x140 [ 1485.487535] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1485.493117] ? should_fail+0x14d/0x85c [ 1485.497045] ? __isolate_free_page+0x4c0/0x4c0 [ 1485.501667] ? __might_sleep+0x95/0x190 [ 1485.505673] __alloc_pages_nodemask+0x617/0x750 [ 1485.510484] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1485.515528] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1485.521202] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1485.526946] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1485.529882] Mem-Info: [ 1485.532623] alloc_pages_current+0x107/0x210 [ 1485.532648] ion_page_pool_alloc+0x17f/0x270 [ 1485.532668] ion_system_heap_allocate+0x154/0xa90 [ 1485.535418] active_anon:277822 inactive_anon:205 isolated_anon:12 [ 1485.535418] active_file:4232 inactive_file:7123 isolated_file:0 [ 1485.535418] unevictable:0 dirty:15 writeback:25 unstable:0 [ 1485.535418] slab_reclaimable:17232 slab_unreclaimable:128942 [ 1485.535418] mapped:58846 shmem:255 pagetables:26206 bounce:0 [ 1485.535418] free:752638 free_pcp:296 free_cma:0 [ 1485.539509] ? ion_system_heap_free+0x250/0x250 [ 1485.539528] ? ion_alloc+0x306/0x900 [ 1485.539548] ion_alloc+0x29b/0x900 [ 1485.539570] ? ion_dma_buf_release+0x50/0x50 [ 1485.539594] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1485.575394] Node 0 active_anon:1062676kB inactive_anon:816kB active_file:24kB inactive_file:24kB unevictable:0kB isolated(anon):48kB isolated(file):0kB mapped:208932kB dirty:28kB writeback:0kB shmem:1016kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 344064kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1485.583386] ? _copy_from_user+0xdd/0x150 [ 1485.583414] ion_ioctl+0x17b/0x329 [ 1485.583436] ? ion_alloc.cold+0x28/0x28 [ 1485.583456] ? __might_sleep+0x95/0x190 [ 1485.583473] ? ion_alloc.cold+0x28/0x28 [ 1485.583489] do_vfs_ioctl+0xd5f/0x1380 [ 1485.583507] ? selinux_file_ioctl+0x46c/0x5d0 [ 1485.583522] ? selinux_file_ioctl+0x125/0x5d0 [ 1485.583537] ? ioctl_preallocate+0x210/0x210 [ 1485.583553] ? selinux_file_mprotect+0x620/0x620 [ 1485.583577] ? iterate_fd+0x360/0x360 [ 1485.625247] Node 0 DMA free:10452kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1485.633466] ? nsecs_to_jiffies+0x30/0x30 [ 1485.633489] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1485.633506] ? security_file_ioctl+0x8d/0xc0 [ 1485.633524] ksys_ioctl+0xab/0xd0 [ 1485.633541] __x64_sys_ioctl+0x73/0xb0 [ 1485.633558] do_syscall_64+0xfd/0x620 [ 1485.633577] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1485.633588] RIP: 0033:0x45b349 [ 1485.633605] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1485.633618] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1485.633637] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1485.668743] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1485.671086] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1485.671102] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1485.671113] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 22:57:03 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm-monitor\x00', 0x210000, 0x0) sendmsg$NFT_MSG_GETTABLE(r2, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000010a01020000000000e1d6343400000001000004"], 0x14}, 0x1, 0x0, 0x0, 0x8004814}, 0x40041) fcntl$getownex(r1, 0x10, &(0x7f0000000100)={0x0, 0x0}) process_vm_readv(r3, &(0x7f0000000380)=[{&(0x7f0000000340)=""/61, 0x3d}], 0x1, &(0x7f0000002540)=[{&(0x7f00000003c0)=""/63, 0x7ffff002}], 0x2, 0x0) r4 = syz_open_procfs(r3, &(0x7f0000000040)='attr/current\x00') socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) getsockname$netrom(r6, &(0x7f0000000280)={{0x3, @null}, [@default, @netrom, @rose, @remote, @bcast, @rose, @null, @bcast]}, &(0x7f0000000300)=0x48) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000080)={0x10010009, 0xffffffffffffffff, 0x0, r4}) [ 1485.671122] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1485.821680] xt_check_match: 4 callbacks suppressed [ 1485.821709] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1485.865318] ptrace attach of "/root/syz-executor.1"[8177] was attempted by "/root/syz-executor.1"[1715] [ 1485.879782] Node 0 DMA32 free:49788kB min:36168kB low:45208kB high:54248kB active_anon:1060316kB inactive_anon:816kB active_file:36kB inactive_file:20kB unevictable:0kB writepending:24kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28128kB pagetables:71008kB bounce:0kB free_pcp:1424kB local_pcp:808kB free_cma:0kB [ 1485.879897] lowmem_reserve[]: 0 0 1 1 1 22:57:03 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xfdfdffff}) [ 1485.879917] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1485.879951] lowmem_reserve[]: 0 0 0 0 0 [ 1485.879971] Node 0 DMA: 17*4kB (UME) 8*8kB (UME) 15*16kB (UME) 19*32kB (UM) 4*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10452kB 22:57:03 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000003c0000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1486.138135] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:03 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x6c}) [ 1486.195492] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:03 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffff7f}) 22:57:03 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000002c6000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1486.371357] warn_alloc: 1 callbacks suppressed [ 1486.371387] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1486.419450] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1486.431770] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1486.443467] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1486.443726] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1486.449050] CPU: 0 PID: 1808 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1486.466275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1486.467724] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1486.475663] Call Trace: [ 1486.475691] dump_stack+0x197/0x210 [ 1486.475715] warn_alloc.cold+0x7b/0x173 [ 1486.475733] ? zone_watermark_ok_safe+0x260/0x260 [ 1486.475749] ? __lock_is_held+0xb6/0x140 [ 1486.475785] __alloc_pages_slowpath+0x2214/0x2870 [ 1486.475830] ? warn_alloc+0x110/0x110 [ 1486.490572] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1486.491449] ? __lock_is_held+0xb6/0x140 [ 1486.491471] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1486.528374] ? should_fail+0x14d/0x85c [ 1486.532285] ? __isolate_free_page+0x4c0/0x4c0 [ 1486.536892] ? __might_sleep+0x95/0x190 [ 1486.540890] __alloc_pages_nodemask+0x617/0x750 [ 1486.545599] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1486.550762] ? fs_reclaim_acquire+0x20/0x20 [ 1486.555220] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1486.560776] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1486.566506] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1486.572082] alloc_pages_current+0x107/0x210 [ 1486.576519] ion_page_pool_alloc+0x17f/0x270 [ 1486.581063] ion_system_heap_allocate+0x154/0xa90 [ 1486.585919] ? ion_system_heap_free+0x250/0x250 [ 1486.590598] ? ion_alloc+0x306/0x900 [ 1486.594323] ion_alloc+0x29b/0x900 [ 1486.597876] ? ion_dma_buf_release+0x50/0x50 [ 1486.602301] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1486.607864] ? _copy_from_user+0xdd/0x150 [ 1486.612039] ion_ioctl+0x17b/0x329 [ 1486.615737] ? ion_alloc.cold+0x28/0x28 [ 1486.619718] ? __might_sleep+0x95/0x190 [ 1486.623706] ? ion_alloc.cold+0x28/0x28 [ 1486.627686] do_vfs_ioctl+0xd5f/0x1380 [ 1486.631619] ? selinux_file_ioctl+0x46c/0x5d0 [ 1486.636136] ? selinux_file_ioctl+0x125/0x5d0 [ 1486.640660] ? ioctl_preallocate+0x210/0x210 [ 1486.645085] ? selinux_file_mprotect+0x620/0x620 [ 1486.649861] ? iterate_fd+0x360/0x360 [ 1486.653668] ? nsecs_to_jiffies+0x30/0x30 [ 1486.657844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1486.663397] ? security_file_ioctl+0x8d/0xc0 [ 1486.667825] ksys_ioctl+0xab/0xd0 [ 1486.671284] __x64_sys_ioctl+0x73/0xb0 [ 1486.675302] do_syscall_64+0xfd/0x620 [ 1486.679108] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1486.684293] RIP: 0033:0x45b349 [ 1486.687656] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1486.706802] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1486.714527] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1486.721927] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 22:57:04 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000001d4000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1486.729316] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1486.736607] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1486.743879] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1486.751199] CPU: 1 PID: 1811 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1486.759018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1486.768418] Call Trace: [ 1486.771031] dump_stack+0x197/0x210 [ 1486.772536] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1486.774684] warn_alloc.cold+0x7b/0x173 [ 1486.774702] ? zone_watermark_ok_safe+0x260/0x260 [ 1486.774721] ? __lock_is_held+0xb6/0x140 [ 1486.793133] __alloc_pages_slowpath+0x2214/0x2870 [ 1486.798029] ? warn_alloc+0x110/0x110 [ 1486.801841] ? __lock_is_held+0xb6/0x140 [ 1486.805923] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1486.811486] ? should_fail+0x14d/0x85c [ 1486.815401] ? __isolate_free_page+0x4c0/0x4c0 [ 1486.820137] ? __might_sleep+0x95/0x190 [ 1486.824126] __alloc_pages_nodemask+0x617/0x750 [ 1486.828815] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1486.833859] ? fs_reclaim_acquire+0x20/0x20 [ 1486.838198] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1486.843758] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1486.849494] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1486.855084] alloc_pages_current+0x107/0x210 [ 1486.859658] ion_page_pool_alloc+0x17f/0x270 [ 1486.864223] ion_system_heap_allocate+0x154/0xa90 [ 1486.869106] ? ion_system_heap_free+0x250/0x250 [ 1486.871607] ptrace attach of "/root/syz-executor.1"[8177] was attempted by "/root/syz-executor.1"[1774] [ 1486.873801] ? ion_alloc+0x306/0x900 [ 1486.873822] ion_alloc+0x29b/0x900 [ 1486.890655] ? ion_dma_buf_release+0x50/0x50 [ 1486.895099] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1486.900660] ? _copy_from_user+0xdd/0x150 [ 1486.902414] Node 0 DMA32: 3008*4kB (UEH) 2225*8kB (UEH) 1056*16kB (UEH) 909*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 1*1024kB (U) 0*2048kB 0*4096kB = 77800kB [ 1486.904850] ion_ioctl+0x17b/0x329 [ 1486.904877] ? ion_alloc.cold+0x28/0x28 [ 1486.904901] ? __might_sleep+0x95/0x190 [ 1486.931751] ? ion_alloc.cold+0x28/0x28 [ 1486.935751] do_vfs_ioctl+0xd5f/0x1380 [ 1486.939663] ? selinux_file_ioctl+0x46c/0x5d0 [ 1486.944180] ? selinux_file_ioctl+0x125/0x5d0 [ 1486.948695] ? ioctl_preallocate+0x210/0x210 [ 1486.953154] ? selinux_file_mprotect+0x620/0x620 [ 1486.957938] ? iterate_fd+0x360/0x360 [ 1486.960378] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1486.961754] ? nsecs_to_jiffies+0x30/0x30 [ 1486.961778] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1486.961798] ? security_file_ioctl+0x8d/0xc0 [ 1486.986580] ksys_ioctl+0xab/0xd0 [ 1486.990064] __x64_sys_ioctl+0x73/0xb0 [ 1486.993976] do_syscall_64+0xfd/0x620 [ 1486.994559] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1486.998244] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1486.998257] RIP: 0033:0x45b349 [ 1486.998273] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1486.998281] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1486.998300] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1487.031335] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1487.034566] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1487.034575] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1487.034583] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1487.034591] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1487.078536] warn_alloc_show_mem: 1 callbacks suppressed [ 1487.078541] Mem-Info: [ 1487.098495] CPU: 0 PID: 1715 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1487.098856] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1487.106604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1487.106611] Call Trace: [ 1487.106636] dump_stack+0x197/0x210 [ 1487.106657] warn_alloc.cold+0x7b/0x173 [ 1487.106678] ? zone_watermark_ok_safe+0x260/0x260 [ 1487.134670] active_anon:277781 inactive_anon:204 isolated_anon:0 [ 1487.134670] active_file:4234 inactive_file:7129 isolated_file:0 [ 1487.134670] unevictable:0 dirty:73 writeback:0 unstable:0 [ 1487.134670] slab_reclaimable:17224 slab_unreclaimable:129436 [ 1487.134670] mapped:58830 shmem:255 pagetables:26220 bounce:0 [ 1487.134670] free:851024 free_pcp:324 free_cma:0 [ 1487.135820] ? __lock_is_held+0xb6/0x140 [ 1487.135864] __alloc_pages_slowpath+0x2214/0x2870 [ 1487.141246] Node 0 active_anon:1062660kB inactive_anon:812kB active_file:32kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208928kB dirty:28kB writeback:0kB shmem:1016kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 344064kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1487.174673] ? warn_alloc+0x110/0x110 [ 1487.174692] ? __lock_is_held+0xb6/0x140 [ 1487.174711] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1487.174727] ? should_fail+0x14d/0x85c [ 1487.174746] ? __isolate_free_page+0x4c0/0x4c0 [ 1487.174764] ? __might_sleep+0x95/0x190 [ 1487.174785] __alloc_pages_nodemask+0x617/0x750 [ 1487.193731] Node 0 DMA free:10428kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1487.211597] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1487.211621] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1487.211640] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1487.211655] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1487.211673] alloc_pages_current+0x107/0x210 [ 1487.211699] ion_page_pool_alloc+0x17f/0x270 [ 1487.218278] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1487.219586] ion_system_heap_allocate+0x154/0xa90 [ 1487.219608] ? ion_system_heap_free+0x250/0x250 [ 1487.227720] Node 0 DMA32 free:76176kB min:36168kB low:45208kB high:54248kB active_anon:1060112kB inactive_anon:812kB active_file:32kB inactive_file:24kB unevictable:0kB writepending:28kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27968kB pagetables:70784kB bounce:0kB free_pcp:1532kB local_pcp:1108kB free_cma:0kB [ 1487.229065] ? ion_alloc+0x306/0x900 [ 1487.229087] ion_alloc+0x29b/0x900 [ 1487.239579] lowmem_reserve[]: 0 0 1 1 1 [ 1487.242363] ? ion_dma_buf_release+0x50/0x50 [ 1487.242389] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1487.242415] ? _copy_from_user+0xdd/0x150 [ 1487.302183] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1487.305100] ion_ioctl+0x17b/0x329 [ 1487.305202] ? ion_alloc.cold+0x28/0x28 [ 1487.305230] ? __might_sleep+0x95/0x190 [ 1487.312218] lowmem_reserve[]: 0 0 0 0 0 [ 1487.315028] ? ion_alloc.cold+0x28/0x28 [ 1487.315047] do_vfs_ioctl+0xd5f/0x1380 [ 1487.315071] ? selinux_file_ioctl+0x46c/0x5d0 [ 1487.344683] Node 0 DMA: 27*4kB (UME) 8*8kB (UME) 15*16kB (UME) 19*32kB (UM) 3*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10428kB [ 1487.348126] ? selinux_file_ioctl+0x125/0x5d0 [ 1487.348145] ? ioctl_preallocate+0x210/0x210 [ 1487.348159] ? selinux_file_mprotect+0x620/0x620 [ 1487.348180] ? iterate_fd+0x360/0x360 [ 1487.351985] Node 0 DMA32: 3008*4kB (UEH) 2083*8kB (UEH) 1056*16kB (UEH) 920*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 75992kB [ 1487.355699] ? nsecs_to_jiffies+0x30/0x30 [ 1487.355722] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1487.355741] ? security_file_ioctl+0x8d/0xc0 [ 1487.360311] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1487.365810] ksys_ioctl+0xab/0xd0 [ 1487.365834] __x64_sys_ioctl+0x73/0xb0 [ 1487.365855] do_syscall_64+0xfd/0x620 [ 1487.370284] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1487.395932] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1487.395945] RIP: 0033:0x45b349 [ 1487.395959] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1487.395967] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1487.395982] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1487.395990] RDX: 0000000020000080 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1487.395997] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1487.396012] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1487.399873] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1487.403530] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1487.492075] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1487.613500] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1487.622963] 11617 total pagecache pages [ 1487.627236] 0 pages in swap cache [ 1487.631817] Swap cache stats: add 0, delete 0, find 0/0 [ 1487.637492] Free swap = 0kB [ 1487.641443] Total swap = 0kB [ 1487.644871] 1965979 pages RAM [ 1487.648220] 0 pages HighMem/MovableOnly [ 1487.653212] 341741 pages reserved [ 1487.656917] 0 pages cma reserved [ 1487.665752] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 22:57:05 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000003d8000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:05 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffff8000}) 22:57:05 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/policy\x00', 0x0, 0x0) ioctl$RTC_PIE_ON(r1, 0x7005) [ 1487.679821] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1487.699744] 11631 total pagecache pages [ 1487.703922] 0 pages in swap cache [ 1487.707390] Swap cache stats: add 0, delete 0, find 0/0 [ 1487.724718] Free swap = 0kB [ 1487.727886] Total swap = 0kB 22:57:05 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video36\x00', 0x2, 0x0) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) 22:57:05 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0xfe}) [ 1487.759888] 1965979 pages RAM [ 1487.785499] 0 pages HighMem/MovableOnly [ 1487.819557] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1487.826605] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1487.833738] 341741 pages reserved [ 1487.842836] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1487.854561] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1487.858565] CPU: 1 PID: 1954 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1487.872355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1487.881860] Call Trace: [ 1487.884906] dump_stack+0x197/0x210 [ 1487.888599] warn_alloc.cold+0x7b/0x173 [ 1487.892616] ? zone_watermark_ok_safe+0x260/0x260 [ 1487.897511] ? compaction_deferred+0x16a/0x3b0 [ 1487.902126] ? try_to_compact_pages+0x44/0xae0 [ 1487.902615] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1487.906745] __alloc_pages_slowpath+0x2214/0x2870 [ 1487.906780] ? warn_alloc+0x110/0x110 [ 1487.920792] ? __lock_is_held+0xb6/0x140 [ 1487.924885] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1487.930451] ? should_fail+0x14d/0x85c [ 1487.934465] ? __isolate_free_page+0x4c0/0x4c0 [ 1487.939074] ? __might_sleep+0x95/0x190 [ 1487.939814] 0 pages cma reserved [ 1487.943078] __alloc_pages_nodemask+0x617/0x750 [ 1487.951388] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1487.956429] ? fs_reclaim_acquire+0x20/0x20 [ 1487.960931] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1487.966589] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1487.972332] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1487.977909] alloc_pages_current+0x107/0x210 [ 1487.982876] ion_page_pool_alloc+0x17f/0x270 [ 1487.987319] ion_system_heap_allocate+0x154/0xa90 [ 1487.992206] ? ion_system_heap_free+0x250/0x250 [ 1487.996911] ? ion_alloc+0x306/0x900 [ 1488.000653] ion_alloc+0x29b/0x900 [ 1488.004228] ? ion_dma_buf_release+0x50/0x50 [ 1488.008675] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1488.014239] ? _copy_from_user+0xdd/0x150 [ 1488.018425] ion_ioctl+0x17b/0x329 [ 1488.021992] ? ion_alloc.cold+0x28/0x28 [ 1488.026021] ? __might_sleep+0x95/0x190 [ 1488.030131] ? ion_alloc.cold+0x28/0x28 [ 1488.034136] do_vfs_ioctl+0xd5f/0x1380 [ 1488.038056] ? selinux_file_ioctl+0x46c/0x5d0 [ 1488.042584] ? selinux_file_ioctl+0x125/0x5d0 [ 1488.047103] ? ioctl_preallocate+0x210/0x210 [ 1488.051544] ? selinux_file_mprotect+0x620/0x620 [ 1488.056344] ? iterate_fd+0x360/0x360 [ 1488.060168] ? nsecs_to_jiffies+0x30/0x30 [ 1488.064362] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1488.070172] ? security_file_ioctl+0x8d/0xc0 [ 1488.074630] ksys_ioctl+0xab/0xd0 [ 1488.078265] __x64_sys_ioctl+0x73/0xb0 [ 1488.082195] do_syscall_64+0xfd/0x620 [ 1488.086031] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1488.091256] RIP: 0033:0x45b349 [ 1488.094461] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1488.113480] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1488.121226] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1488.128526] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1488.135967] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1488.143266] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1488.150571] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1488.163281] CPU: 0 PID: 1950 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1488.171162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1488.180527] Call Trace: [ 1488.183164] dump_stack+0x197/0x210 [ 1488.186822] warn_alloc.cold+0x7b/0x173 [ 1488.190872] ? zone_watermark_ok_safe+0x260/0x260 [ 1488.195771] ? compaction_deferred+0x16a/0x3b0 [ 1488.200514] ? try_to_compact_pages+0x44/0xae0 [ 1488.205139] __alloc_pages_slowpath+0x2214/0x2870 [ 1488.210045] ? warn_alloc+0x110/0x110 [ 1488.213877] ? __lock_is_held+0xb6/0x140 [ 1488.217981] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1488.223570] ? should_fail+0x14d/0x85c [ 1488.227531] ? __isolate_free_page+0x4c0/0x4c0 [ 1488.232256] ? __might_sleep+0x95/0x190 [ 1488.236276] __alloc_pages_nodemask+0x617/0x750 [ 1488.241013] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1488.246078] ? fs_reclaim_acquire+0x20/0x20 [ 1488.250586] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1488.253641] warn_alloc_show_mem: 2 callbacks suppressed [ 1488.253646] Mem-Info: [ 1488.256288] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1488.256305] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1488.256329] alloc_pages_current+0x107/0x210 [ 1488.256356] ion_page_pool_alloc+0x17f/0x270 [ 1488.256384] ion_system_heap_allocate+0x154/0xa90 [ 1488.262286] active_anon:277266 inactive_anon:204 isolated_anon:0 [ 1488.262286] active_file:4234 inactive_file:7143 isolated_file:0 [ 1488.262286] unevictable:0 dirty:89 writeback:0 unstable:0 [ 1488.262286] slab_reclaimable:17223 slab_unreclaimable:129396 [ 1488.262286] mapped:58845 shmem:255 pagetables:26223 bounce:0 22:57:05 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000000e0000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1488.262286] free:807506 free_pcp:79 free_cma:0 [ 1488.264418] ? ion_system_heap_free+0x250/0x250 [ 1488.264447] ? ion_alloc+0x306/0x900 [ 1488.264474] ion_alloc+0x29b/0x900 [ 1488.264497] ? ion_dma_buf_release+0x50/0x50 [ 1488.270600] Node 0 active_anon:1060600kB inactive_anon:812kB active_file:32kB inactive_file:80kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208928kB dirty:84kB writeback:0kB shmem:1016kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1488.275994] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1488.276012] ? _copy_from_user+0xdd/0x150 [ 1488.276039] ion_ioctl+0x17b/0x329 [ 1488.276065] ? ion_alloc.cold+0x28/0x28 [ 1488.280691] Node 0 DMA free:10444kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1488.284903] ? __might_sleep+0x95/0x190 [ 1488.284924] ? ion_alloc.cold+0x28/0x28 [ 1488.284945] do_vfs_ioctl+0xd5f/0x1380 [ 1488.284968] ? selinux_file_ioctl+0x46c/0x5d0 [ 1488.291140] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1488.323443] ? selinux_file_ioctl+0x125/0x5d0 [ 1488.323462] ? ioctl_preallocate+0x210/0x210 [ 1488.323478] ? selinux_file_mprotect+0x620/0x620 [ 1488.323500] ? iterate_fd+0x360/0x360 [ 1488.323517] ? nsecs_to_jiffies+0x30/0x30 [ 1488.323539] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1488.323553] ? security_file_ioctl+0x8d/0xc0 [ 1488.323572] ksys_ioctl+0xab/0xd0 [ 1488.328452] Node 0 DMA32 free:64860kB min:36168kB low:45208kB high:54248kB active_anon:1057952kB inactive_anon:812kB active_file:32kB inactive_file:80kB unevictable:0kB writepending:84kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28192kB pagetables:70796kB bounce:0kB free_pcp:316kB local_pcp:0kB free_cma:0kB [ 1488.332106] __x64_sys_ioctl+0x73/0xb0 [ 1488.332127] do_syscall_64+0xfd/0x620 [ 1488.332149] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1488.332161] RIP: 0033:0x45b349 [ 1488.332176] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1488.332184] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1488.332203] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1488.335928] lowmem_reserve[]: 0 0 1 1 1 [ 1488.340154] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1488.340162] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1488.340170] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1488.340179] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1488.458082] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1488.497537] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:06 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xfffffdfd}) 22:57:06 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xfffffff0}) [ 1488.638843] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1488.694525] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1488.710069] CPU: 0 PID: 1960 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1488.717925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1488.727429] Call Trace: [ 1488.730038] dump_stack+0x197/0x210 [ 1488.733694] warn_alloc.cold+0x7b/0x173 [ 1488.737799] ? zone_watermark_ok_safe+0x260/0x260 [ 1488.742679] ? compaction_deferred+0x16a/0x3b0 [ 1488.747313] ? try_to_compact_pages+0x44/0xae0 [ 1488.751948] __alloc_pages_slowpath+0x2214/0x2870 [ 1488.756863] ? warn_alloc+0x110/0x110 [ 1488.760686] ? __lock_is_held+0xb6/0x140 [ 1488.764887] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1488.770448] ? should_fail+0x14d/0x85c [ 1488.774380] ? __isolate_free_page+0x4c0/0x4c0 [ 1488.779001] ? __might_sleep+0x95/0x190 [ 1488.783095] __alloc_pages_nodemask+0x617/0x750 [ 1488.787795] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1488.792405] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1488.797598] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1488.800128] lowmem_reserve[]: 0 0 0 0 0 [ 1488.803170] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1488.803191] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1488.803220] alloc_pages_current+0x107/0x210 [ 1488.803243] ion_page_pool_alloc+0x17f/0x270 [ 1488.810234] Node 0 DMA: 27*4kB (UME) 12*8kB (UME) 17*16kB (UME) 19*32kB (UM) 2*64kB (ME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10428kB [ 1488.812927] ion_system_heap_allocate+0x154/0xa90 [ 1488.812953] ? ion_system_heap_free+0x250/0x250 [ 1488.812973] ? ion_alloc+0x306/0x900 [ 1488.812992] ion_alloc+0x29b/0x900 [ 1488.818901] Node 0 DMA32: 516*4kB (UMEH) 2971*8kB (UEH) 1132*16kB (UEH) 921*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 74376kB [ 1488.826446] ? ion_dma_buf_release+0x50/0x50 [ 1488.826473] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1488.826489] ? _copy_from_user+0xdd/0x150 22:57:06 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r1 = socket$key(0xf, 0x3, 0x2) syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x8, 0x400) shutdown(r1, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$sock_ax25_SIOCDELRT(r3, 0x890c, &(0x7f0000000100)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, 0x5, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) [ 1488.826508] ion_ioctl+0x17b/0x329 [ 1488.826527] ? ion_alloc.cold+0x28/0x28 [ 1488.826547] ? __might_sleep+0x95/0x190 [ 1488.826566] ? ion_alloc.cold+0x28/0x28 [ 1488.846094] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1488.846995] do_vfs_ioctl+0xd5f/0x1380 [ 1488.847017] ? selinux_file_ioctl+0x46c/0x5d0 [ 1488.847031] ? selinux_file_ioctl+0x125/0x5d0 [ 1488.847048] ? ioctl_preallocate+0x210/0x210 [ 1488.859232] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1488.860373] ? selinux_file_mprotect+0x620/0x620 [ 1488.860398] ? iterate_fd+0x360/0x360 [ 1488.860417] ? nsecs_to_jiffies+0x30/0x30 [ 1488.860443] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1488.860459] ? security_file_ioctl+0x8d/0xc0 [ 1488.860478] ksys_ioctl+0xab/0xd0 [ 1488.867303] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1488.879196] __x64_sys_ioctl+0x73/0xb0 [ 1488.879215] do_syscall_64+0xfd/0x620 [ 1488.879238] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1488.879251] RIP: 0033:0x45b349 [ 1488.879271] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1488.879279] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1488.879292] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1488.879305] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000004 [ 1488.920319] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1488.924184] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1488.924194] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1488.924202] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1489.092283] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:06 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000003e0000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1489.236235] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1489.251975] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1489.269771] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1489.281236] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1489.281268] CPU: 1 PID: 1975 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1489.281310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1489.295949] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1489.303872] Call Trace: [ 1489.303896] dump_stack+0x197/0x210 [ 1489.303919] warn_alloc.cold+0x7b/0x173 [ 1489.303938] ? zone_watermark_ok_safe+0x260/0x260 [ 1489.303955] ? __lock_is_held+0xb6/0x140 [ 1489.303989] __alloc_pages_slowpath+0x2214/0x2870 [ 1489.304022] ? warn_alloc+0x110/0x110 [ 1489.304035] ? __lock_is_held+0xb6/0x140 [ 1489.304051] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1489.304066] ? should_fail+0x14d/0x85c [ 1489.304085] ? __isolate_free_page+0x4c0/0x4c0 [ 1489.355490] ? __might_sleep+0x95/0x190 [ 1489.359483] __alloc_pages_nodemask+0x617/0x750 [ 1489.364170] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1489.369207] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1489.374877] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1489.380605] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1489.386173] alloc_pages_current+0x107/0x210 [ 1489.390612] ion_page_pool_alloc+0x17f/0x270 [ 1489.395047] ion_system_heap_allocate+0x154/0xa90 [ 1489.400040] ? ion_system_heap_free+0x250/0x250 [ 1489.400683] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1489.404746] ? ion_alloc+0x306/0x900 [ 1489.404765] ion_alloc+0x29b/0x900 [ 1489.404787] ? ion_dma_buf_release+0x50/0x50 [ 1489.425132] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1489.430723] ? _copy_from_user+0xdd/0x150 [ 1489.434993] ion_ioctl+0x17b/0x329 [ 1489.438676] ? ion_alloc.cold+0x28/0x28 [ 1489.442679] ? __might_sleep+0x95/0x190 [ 1489.446113] 11641 total pagecache pages [ 1489.446668] ? ion_alloc.cold+0x28/0x28 [ 1489.454665] do_vfs_ioctl+0xd5f/0x1380 [ 1489.458577] ? selinux_file_ioctl+0x46c/0x5d0 [ 1489.463144] ? selinux_file_ioctl+0x125/0x5d0 [ 1489.464383] 0 pages in swap cache [ 1489.467783] ? ioctl_preallocate+0x210/0x210 [ 1489.467807] ? selinux_file_mprotect+0x620/0x620 [ 1489.467827] ? iterate_fd+0x360/0x360 [ 1489.467845] ? nsecs_to_jiffies+0x30/0x30 [ 1489.467866] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1489.467886] ? security_file_ioctl+0x8d/0xc0 [ 1489.493501] Swap cache stats: add 0, delete 0, find 0/0 [ 1489.493970] ksys_ioctl+0xab/0xd0 [ 1489.505283] Free swap = 0kB [ 1489.507302] __x64_sys_ioctl+0x73/0xb0 [ 1489.507324] do_syscall_64+0xfd/0x620 [ 1489.507349] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1489.515084] Total swap = 0kB [ 1489.518054] RIP: 0033:0x45b349 [ 1489.518071] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1489.518081] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1489.518096] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1489.518105] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1489.518118] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1489.531539] 1965979 pages RAM 22:57:07 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x40, 0x0) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200)='TIPC\x00') sendmsg$TIPC_CMD_DISABLE_BEARER(r1, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="08012dbd7000fc9d0788cf00ff000000703a73797af200000000000000a0d2ca076c877b1cc99f975a19b2f5a143fe3f6152b26aa9c9f99647105149f77250166ac4caea22069a55e23f1264fa2fc1f6a632"], 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x40) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000000)={0x4, 0x3, 0x4, 0x1000, 0x3ff, {0x77359400}, {0x4, 0x8, 0x6, 0x14, 0x1, 0x8, "944df2ee"}, 0x7, 0x3, @userptr=0x9, 0x2, 0x0, 0xffffffffffffffff}) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000080)={0x10010005, 0xfffffffffffffff7, 0x0, r3}) r4 = syz_open_dev$vcsu(&(0x7f0000000100)='/dev/vcsu#\x00', 0xf2, 0x10800) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$LOOP_SET_BLOCK_SIZE(r6, 0x4c09, 0xde) ioctl$IOC_PR_RESERVE(r4, 0x401070c9, &(0x7f0000000140)={0xffffffff00000000, 0x7f}) ioctl$VIDIOC_G_SELECTION(r4, 0xc040565e, &(0x7f0000000340)={0x2, 0x2, 0x2, {0x1, 0xa6c3, 0x400, 0x3}}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_bt_bnep_BNEPCONNADD(r8, 0x400442c8, &(0x7f0000000380)=ANY=[@ANYRES32=r9, @ANYBLOB="05000000b0054ec0650fa55bc38dd04cdb4514f96a7f641d7f0df9844243a5635b000001cc454ecfbfef5c676f060dafac71f7255e369231bdc61ecec9a10285ea53f9a6cb74e16eeedd8d72edbd50801f456b6190c4db2ac7d4d7c5a1328e76161d48c076c0de2fd43f1e5fff1fc5711b88a298ef1a232f248ddd5982"]) 22:57:07 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000003e3000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1489.548448] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1489.548458] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1489.628726] CPU: 0 PID: 2014 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1489.636683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1489.646481] Call Trace: [ 1489.649092] dump_stack+0x197/0x210 [ 1489.652746] warn_alloc.cold+0x7b/0x173 [ 1489.656811] ? zone_watermark_ok_safe+0x260/0x260 [ 1489.661677] ? __lock_is_held+0xb6/0x140 [ 1489.665856] __alloc_pages_slowpath+0x2214/0x2870 [ 1489.670764] ? warn_alloc+0x110/0x110 [ 1489.674595] ? __lock_is_held+0xb6/0x140 [ 1489.678677] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1489.684539] ? should_fail+0x14d/0x85c [ 1489.688456] ? __isolate_free_page+0x4c0/0x4c0 [ 1489.693074] ? __might_sleep+0x95/0x190 [ 1489.697076] __alloc_pages_nodemask+0x617/0x750 [ 1489.701784] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1489.706830] ? fs_reclaim_acquire+0x20/0x20 [ 1489.711331] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1489.717016] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1489.722794] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1489.728402] alloc_pages_current+0x107/0x210 [ 1489.732854] ion_page_pool_alloc+0x17f/0x270 [ 1489.737374] ion_system_heap_allocate+0x154/0xa90 [ 1489.742420] ? ion_system_heap_free+0x250/0x250 [ 1489.743591] warn_alloc_show_mem: 2 callbacks suppressed [ 1489.743596] Mem-Info: [ 1489.747160] ? ion_alloc+0x306/0x900 [ 1489.747182] ion_alloc+0x29b/0x900 [ 1489.747205] ? ion_dma_buf_release+0x50/0x50 [ 1489.756079] active_anon:277280 inactive_anon:204 isolated_anon:0 [ 1489.756079] active_file:4234 inactive_file:7152 isolated_file:0 [ 1489.756079] unevictable:0 dirty:39 writeback:0 unstable:0 [ 1489.756079] slab_reclaimable:17198 slab_unreclaimable:129039 [ 1489.756079] mapped:58832 shmem:255 pagetables:26248 bounce:0 [ 1489.756079] free:860220 free_pcp:608 free_cma:0 [ 1489.758736] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1489.758753] ? _copy_from_user+0xdd/0x150 [ 1489.758779] ion_ioctl+0x17b/0x329 [ 1489.769163] Node 0 active_anon:1060656kB inactive_anon:816kB active_file:32kB inactive_file:116kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208928kB dirty:24kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1489.800812] ? ion_alloc.cold+0x28/0x28 [ 1489.800833] ? __might_sleep+0x95/0x190 [ 1489.800848] ? ion_alloc.cold+0x28/0x28 [ 1489.800865] do_vfs_ioctl+0xd5f/0x1380 [ 1489.800884] ? selinux_file_ioctl+0x46c/0x5d0 [ 1489.800899] ? selinux_file_ioctl+0x125/0x5d0 [ 1489.800917] ? ioctl_preallocate+0x210/0x210 [ 1489.808125] Node 0 DMA free:10428kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1489.810602] ? selinux_file_mprotect+0x620/0x620 [ 1489.810626] ? iterate_fd+0x360/0x360 [ 1489.810643] ? nsecs_to_jiffies+0x30/0x30 [ 1489.810665] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1489.814296] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1489.842030] ? security_file_ioctl+0x8d/0xc0 [ 1489.842049] ksys_ioctl+0xab/0xd0 [ 1489.842066] __x64_sys_ioctl+0x73/0xb0 [ 1489.842083] do_syscall_64+0xfd/0x620 [ 1489.842101] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1489.842117] RIP: 0033:0x45b349 [ 1489.846203] Node 0 DMA32 free:103312kB min:36168kB low:45208kB high:54248kB active_anon:1058208kB inactive_anon:816kB active_file:32kB inactive_file:116kB unevictable:0kB writepending:124kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28160kB pagetables:70968kB bounce:0kB free_pcp:2432kB local_pcp:1668kB free_cma:0kB [ 1489.850091] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1489.850100] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1489.850113] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1489.850122] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1489.850130] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 22:57:07 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000003e8000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:07 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x3, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x14, 0x4, 0x1, 0x801, 0x0, 0x0, {0x3}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x40004}, 0xc010) r4 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6(0xa, 0x2, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r6, &(0x7f00000000c0)=""/45, 0x12c) getdents(r6, 0x0, 0x0) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000000400)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8) r9 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r9, 0x0, 0x0) getdents(r9, 0x0, 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) getsockname$packet(r12, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r10, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r13}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r13}) sendmsg$NL80211_CMD_GET_MPP(r6, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x104080804}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, r7, 0x2, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x3fc00}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r8}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r14}]}, 0x38}, 0x1, 0x0, 0x0, 0x42008}, 0x4) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000240)={{{@in=@local, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@empty}}, &(0x7f0000000340)=0xe8) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000380)={&(0x7f00000004c0)={0x9c, r7, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x3}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x40, 0x84, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8}, @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa, 0x5, @remote}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x14, 0x6, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8, 0x3, 0x8}, @NL80211_BAND_6GHZ={0x8, 0x3, 0x4}]}, @NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0x2}, @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa, 0x5, @dev={[], 0x24}}]}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x1}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x3}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x3}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r15}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0xed}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x9, 0x5}}, @NL80211_ATTR_WDEV={0xc, 0x99, {0xfffffc00, 0xffffffffffffffff}}]}, 0x9c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004000) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1489.850137] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1489.850145] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1489.937764] 0 pages HighMem/MovableOnly [ 1489.938177] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1489.946711] 341741 pages reserved [ 1490.046766] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1490.099158] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1490.111463] CPU: 1 PID: 2032 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1490.119280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1490.128762] Call Trace: [ 1490.131375] dump_stack+0x197/0x210 [ 1490.135026] warn_alloc.cold+0x7b/0x173 [ 1490.139023] ? zone_watermark_ok_safe+0x260/0x260 [ 1490.140597] 0 pages cma reserved [ 1490.143878] ? compaction_deferred+0x16a/0x3b0 [ 1490.143900] ? try_to_compact_pages+0x44/0xae0 [ 1490.143939] __alloc_pages_slowpath+0x2214/0x2870 [ 1490.161440] ? warn_alloc+0x110/0x110 [ 1490.165282] ? __lock_is_held+0xb6/0x140 [ 1490.169374] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1490.174929] ? should_fail+0x14d/0x85c [ 1490.178841] ? __isolate_free_page+0x4c0/0x4c0 [ 1490.183448] ? __might_sleep+0x95/0x190 [ 1490.187450] __alloc_pages_nodemask+0x617/0x750 [ 1490.192254] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1490.197296] ? fs_reclaim_acquire+0x20/0x20 [ 1490.202445] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1490.208443] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1490.214182] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1490.219750] alloc_pages_current+0x107/0x210 [ 1490.224202] ion_page_pool_alloc+0x17f/0x270 [ 1490.228794] ion_system_heap_allocate+0x154/0xa90 [ 1490.233688] ? ion_system_heap_free+0x250/0x250 [ 1490.238403] ? ion_alloc+0x306/0x900 [ 1490.242143] ion_alloc+0x29b/0x900 [ 1490.245717] ? ion_dma_buf_release+0x50/0x50 [ 1490.250154] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1490.254644] lowmem_reserve[]: 0 0 1 1 1 [ 1490.255754] ? _copy_from_user+0xdd/0x150 [ 1490.255777] ion_ioctl+0x17b/0x329 [ 1490.255794] ? ion_alloc.cold+0x28/0x28 [ 1490.255814] ? __might_sleep+0x95/0x190 [ 1490.255829] ? ion_alloc.cold+0x28/0x28 [ 1490.255849] do_vfs_ioctl+0xd5f/0x1380 [ 1490.274711] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1490.275573] ? selinux_file_ioctl+0x46c/0x5d0 [ 1490.282251] lowmem_reserve[]: 0 0 0 0 0 [ 1490.283447] ? selinux_file_ioctl+0x125/0x5d0 [ 1490.283468] ? ioctl_preallocate+0x210/0x210 [ 1490.283482] ? selinux_file_mprotect+0x620/0x620 [ 1490.283503] ? iterate_fd+0x360/0x360 [ 1490.335288] ? nsecs_to_jiffies+0x30/0x30 [ 1490.339472] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1490.341510] Node 0 DMA: 27*4kB (UME) 12*8kB (UME) 17*16kB (UME) 19*32kB (UM) 2*64kB (ME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10428kB [ 1490.345038] ? security_file_ioctl+0x8d/0xc0 [ 1490.345058] ksys_ioctl+0xab/0xd0 [ 1490.345077] __x64_sys_ioctl+0x73/0xb0 [ 1490.372886] do_syscall_64+0xfd/0x620 [ 1490.376738] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1490.378350] Node 0 DMA32: 3138*4kB (UEH) 3995*8kB (UEH) 1604*16kB (UEH) 1009*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 103424kB [ 1490.381974] RIP: 0033:0x45b349 [ 1490.381990] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1490.381999] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1490.382013] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1490.382020] RDX: 0000000020000080 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1490.382028] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 22:57:07 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x3ba}) 22:57:07 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000001ec000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1490.382036] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1490.382050] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c 22:57:08 executing program 5: r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x800000, 0x0) fsetxattr$security_evm(r0, &(0x7f0000000040)='security.evm\x00', &(0x7f0000000080)=@v1={0x2, "7cb785e706037d"}, 0x8, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$inet6(0xa, 0x3, 0x3c) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140)='devlink\x00') sendmsg$DEVLINK_CMD_GET(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x14, r6, 0xc91add0bf88807dd, 0x0, 0x0, {0x17}}, 0x14}}, 0x0) r7 = syz_genetlink_get_family_id$fou(&(0x7f0000000280)='fou\x00') getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000a00)={{{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@empty}}, &(0x7f0000000b00)=0xe8) sendmsg$FOU_CMD_GET(r5, &(0x7f0000000c00)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x30000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x4c, r7, 0x2, 0x70bd2b, 0x25dfdbfd, {}, [@FOU_ATTR_LOCAL_V6={0x14, 0x7, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @empty}, @FOU_ATTR_IFINDEX={0x8, 0xb, r8}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @dev={0xac, 0x14, 0x14, 0x2b}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) connect$inet6(r4, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r4, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) ioctl$VIDIOC_S_EXT_CTRLS(r3, 0xc0205648, &(0x7f0000000200)={0xc4ffff, 0x6, 0x7fffffff, r4, 0x0, &(0x7f0000000180)={0x0, 0x2, [], @value=0x100}}) ioctl$SG_GET_REQUEST_TABLE(r9, 0x2286, &(0x7f0000000300)) set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r10 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r10, 0xc0184900, &(0x7f00000001c0)={0x0, 0xffffffffffffffdf}) write$binfmt_misc(r1, &(0x7f0000000c40)={'syz1', "66b754dc35b2c655a5762797d7234d1d35d3b189855861cd13df5a680109b05372e441903c92d0ffb47e458a567613e8d59075364ce698afc32aa060e43fa30db4249197"}, 0x48) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) newfstatat(0xffffffffffffff9c, &(0x7f0000000cc0)='./file0\x00', &(0x7f0000000d00), 0x6000) pipe(&(0x7f0000000140)) ioctl$EVIOCGBITSND(r12, 0x80404532, &(0x7f0000000100)=""/21) 22:57:08 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000003ec000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1490.640122] warn_alloc_show_mem: 1 callbacks suppressed [ 1490.640128] Mem-Info: [ 1490.642928] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1490.650090] active_anon:277279 inactive_anon:202 isolated_anon:0 [ 1490.650090] active_file:4234 inactive_file:7128 isolated_file:0 [ 1490.650090] unevictable:0 dirty:31 writeback:0 unstable:0 [ 1490.650090] slab_reclaimable:17192 slab_unreclaimable:129533 [ 1490.650090] mapped:58880 shmem:255 pagetables:26207 bounce:0 22:57:08 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f0000000200)={0x980000, 0x800, 0xffffffc1, 0xffffffffffffffff, 0x0, &(0x7f0000000180)={0xa20929, 0x4, [], @value=0x8}}) recvfrom$ax25(r0, &(0x7f0000000240)=""/170, 0xaa, 0x10121, &(0x7f0000000300)={{0x3, @bcast}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @default]}, 0x48) r1 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$KDSETKEYCODE(r3, 0x4b4d, &(0x7f0000000080)={0x0, 0x7}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r3, 0x84, 0x20, &(0x7f0000000040)=0x9, 0x4) socket$inet6(0xa, 0x3, 0x0) r4 = socket$inet6(0xa, 0x3, 0x3c) sendmsg(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000140)={'bridge_slave_0\x00'}) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1490.650090] free:810075 free_pcp:134 free_cma:0 [ 1490.692403] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1490.758615] Node 0 active_anon:1060552kB inactive_anon:808kB active_file:32kB inactive_file:20kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208928kB dirty:28kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1490.789805] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1490.798435] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1490.849707] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1490.882157] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1490.894610] CPU: 1 PID: 2018 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1490.902466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1490.911952] Call Trace: [ 1490.914561] dump_stack+0x197/0x210 [ 1490.918319] warn_alloc.cold+0x7b/0x173 [ 1490.922349] ? zone_watermark_ok_safe+0x260/0x260 [ 1490.927216] ? __lock_is_held+0xb6/0x140 [ 1490.931325] __alloc_pages_slowpath+0x2214/0x2870 [ 1490.936211] ? warn_alloc+0x110/0x110 [ 1490.940036] ? __lock_is_held+0xb6/0x140 [ 1490.944125] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1490.949692] ? should_fail+0x14d/0x85c [ 1490.953619] ? __isolate_free_page+0x4c0/0x4c0 [ 1490.958331] ? __might_sleep+0x95/0x190 [ 1490.962337] __alloc_pages_nodemask+0x617/0x750 [ 1490.967187] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1490.972249] ? fs_reclaim_acquire+0x20/0x20 [ 1490.976590] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1490.978381] Node 0 DMA free:10428kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1490.982147] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1490.982163] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1490.982184] alloc_pages_current+0x107/0x210 [ 1490.982205] ion_page_pool_alloc+0x17f/0x270 [ 1490.982224] ion_system_heap_allocate+0x154/0xa90 [ 1490.982245] ? ion_system_heap_free+0x250/0x250 [ 1490.982262] ? ion_alloc+0x306/0x900 [ 1490.982282] ion_alloc+0x29b/0x900 [ 1490.982303] ? ion_dma_buf_release+0x50/0x50 [ 1490.982324] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1491.015543] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1491.020443] ? _copy_from_user+0xdd/0x150 [ 1491.020464] ion_ioctl+0x17b/0x329 [ 1491.020489] ? ion_alloc.cold+0x28/0x28 [ 1491.020508] ? __might_sleep+0x95/0x190 [ 1491.020525] ? ion_alloc.cold+0x28/0x28 [ 1491.020542] do_vfs_ioctl+0xd5f/0x1380 [ 1491.020559] ? selinux_file_ioctl+0x46c/0x5d0 [ 1491.020573] ? selinux_file_ioctl+0x125/0x5d0 [ 1491.020591] ? ioctl_preallocate+0x210/0x210 [ 1491.025564] Node 0 DMA32 free:67492kB min:36168kB low:45208kB high:54248kB active_anon:1058104kB inactive_anon:808kB active_file:32kB inactive_file:20kB unevictable:0kB writepending:28kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28000kB pagetables:70804kB bounce:0kB free_pcp:1280kB local_pcp:864kB free_cma:0kB [ 1491.029527] ? selinux_file_mprotect+0x620/0x620 [ 1491.029550] ? iterate_fd+0x360/0x360 [ 1491.029568] ? nsecs_to_jiffies+0x30/0x30 [ 1491.029595] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1491.039564] lowmem_reserve[]: 0 0 1 1 1 [ 1491.042955] ? security_file_ioctl+0x8d/0xc0 [ 1491.042974] ksys_ioctl+0xab/0xd0 [ 1491.042992] __x64_sys_ioctl+0x73/0xb0 [ 1491.043010] do_syscall_64+0xfd/0x620 [ 1491.043032] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1491.043043] RIP: 0033:0x45b349 [ 1491.043059] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1491.043066] RSP: 002b:00007f17cfa52c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1491.043080] RAX: ffffffffffffffda RBX: 00007f17cfa536d4 RCX: 000000000045b349 [ 1491.043088] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1491.043095] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 1491.043102] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1491.043129] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bfd4 [ 1491.231558] syz-executor.3 invoked oom-killer: gfp_mask=0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0, order=0, oom_score_adj=1000 [ 1491.234173] 11617 total pagecache pages [ 1491.245010] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1491.264565] CPU: 1 PID: 2134 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1491.272413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1491.281912] Call Trace: [ 1491.284533] dump_stack+0x197/0x210 [ 1491.288302] dump_header+0x15e/0xa55 [ 1491.291375] 0 pages in swap cache [ 1491.292039] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 1491.295478] Swap cache stats: add 0, delete 0, find 0/0 [ 1491.301152] ? ___ratelimit+0x60/0x595 [ 1491.301167] ? do_raw_spin_unlock+0x181/0x270 [ 1491.301185] oom_kill_process.cold+0x10/0x6ef [ 1491.301203] ? lock_downgrade+0x880/0x880 [ 1491.301225] out_of_memory+0x362/0x1330 [ 1491.301246] ? oom_killer_disable+0x280/0x280 [ 1491.301263] ? mutex_trylock+0x18e/0x1e0 [ 1491.301277] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 1491.301295] __alloc_pages_slowpath+0x20b5/0x2870 [ 1491.301325] ? warn_alloc+0x110/0x110 [ 1491.313350] Free swap = 0kB [ 1491.315182] ? __lock_is_held+0xb6/0x140 [ 1491.323803] Total swap = 0kB [ 1491.323872] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1491.327835] 1965979 pages RAM [ 1491.332336] ? should_fail+0x14d/0x85c [ 1491.332361] ? __might_sleep+0x95/0x190 [ 1491.332380] __alloc_pages_nodemask+0x617/0x750 [ 1491.332396] ? retint_kernel+0x2d/0x2d [ 1491.332414] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1491.332435] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1491.332453] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1491.332467] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1491.332489] alloc_pages_current+0x107/0x210 [ 1491.342784] 0 pages HighMem/MovableOnly [ 1491.346301] ion_page_pool_alloc+0x17f/0x270 [ 1491.352102] 341741 pages reserved [ 1491.353104] ion_system_heap_allocate+0x154/0xa90 [ 1491.357160] 0 pages cma reserved [ 1491.360188] ? ion_system_heap_free+0x250/0x250 [ 1491.360205] ? ion_alloc+0x306/0x900 [ 1491.360224] ion_alloc+0x29b/0x900 [ 1491.360245] ? ion_dma_buf_release+0x50/0x50 [ 1491.360271] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1491.360285] ? _copy_from_user+0xdd/0x150 [ 1491.360304] ion_ioctl+0x17b/0x329 [ 1491.405332] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1491.407402] ? ion_alloc.cold+0x28/0x28 [ 1491.413973] lowmem_reserve[]: 0 0 0 0 0 [ 1491.415787] ? __might_sleep+0x95/0x190 [ 1491.423085] Node 0 DMA: 20*4kB (UME) 12*8kB (UME) 17*16kB (UME) 19*32kB (UM) 2*64kB (ME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10400kB [ 1491.423637] ? ion_alloc.cold+0x28/0x28 [ 1491.428454] Node 0 DMA32: 81*4kB (UEH) 29*8kB (UEH) 73*16kB (UEH) 1031*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 35676kB [ 1491.431817] do_vfs_ioctl+0xd5f/0x1380 [ 1491.431834] ? selinux_file_ioctl+0x46c/0x5d0 [ 1491.431848] ? selinux_file_ioctl+0x125/0x5d0 [ 1491.431863] ? ioctl_preallocate+0x210/0x210 [ 1491.431878] ? selinux_file_mprotect+0x620/0x620 [ 1491.431900] ? iterate_fd+0x360/0x360 [ 1491.431917] ? nsecs_to_jiffies+0x30/0x30 [ 1491.431944] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1491.442568] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1491.443832] ? security_file_ioctl+0x8d/0xc0 [ 1491.448221] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1491.454289] ksys_ioctl+0xab/0xd0 [ 1491.454308] __x64_sys_ioctl+0x73/0xb0 22:57:08 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xfffffffe}) [ 1491.454325] do_syscall_64+0xfd/0x620 [ 1491.454345] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1491.454357] RIP: 0033:0x45b349 [ 1491.454371] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1491.454379] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1491.454392] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1491.454400] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1491.454412] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1491.464782] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1491.488093] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1491.488102] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1491.723508] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1491.737274] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1491.745690] Mem-Info: [ 1491.746433] 11620 total pagecache pages [ 1491.748592] active_anon:277219 inactive_anon:203 isolated_anon:0 [ 1491.748592] active_file:4231 inactive_file:7133 isolated_file:0 [ 1491.748592] unevictable:0 dirty:27 writeback:0 unstable:0 [ 1491.748592] slab_reclaimable:17188 slab_unreclaimable:129091 [ 1491.748592] mapped:58821 shmem:255 pagetables:26178 bounce:0 [ 1491.748592] free:818404 free_pcp:517 free_cma:0 [ 1491.756908] 0 pages in swap cache [ 1491.795200] Swap cache stats: add 0, delete 0, find 0/0 [ 1491.801015] Free swap = 0kB [ 1491.804051] Total swap = 0kB [ 1491.807076] 1965979 pages RAM [ 1491.818422] Mem-Info: [ 1491.821256] active_anon:277219 inactive_anon:203 isolated_anon:0 [ 1491.821256] active_file:4231 inactive_file:7133 isolated_file:0 [ 1491.821256] unevictable:0 dirty:27 writeback:0 unstable:0 [ 1491.821256] slab_reclaimable:17188 slab_unreclaimable:129091 [ 1491.821256] mapped:58821 shmem:255 pagetables:26178 bounce:0 [ 1491.821256] free:821182 free_pcp:516 free_cma:0 [ 1491.860044] 0 pages HighMem/MovableOnly [ 1491.860340] Node 0 active_anon:1060284kB inactive_anon:812kB active_file:20kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208920kB dirty:0kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1491.881509] 341741 pages reserved [ 1491.897334] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1491.917810] 0 pages cma reserved [ 1491.930083] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1491.935410] Node 0 DMA32 free:39252kB min:36168kB low:45208kB high:54248kB active_anon:1057836kB inactive_anon:812kB active_file:20kB inactive_file:24kB unevictable:0kB writepending:0kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27872kB pagetables:70524kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1491.943868] warn_alloc: 1 callbacks suppressed [ 1491.943888] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1491.974482] lowmem_reserve[]: 0 0 1 1 1 [ 1491.989105] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1491.991908] Node 0 active_anon:1060284kB inactive_anon:812kB active_file:20kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208920kB dirty:0kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1492.020185] lowmem_reserve[]: 0 0 0 0 0 [ 1492.043188] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1492.052357] Node 0 DMA: 20*4kB (UME) 12*8kB (UME) 17*16kB (UME) 19*32kB (UM) 2*64kB (ME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10400kB [ 1492.052991] CPU: 1 PID: 2164 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1492.073615] Node 0 DMA32: 396*4kB (UMEH) 260*8kB (UMEH) 92*16kB (UMEH) 1035*32kB (UEH) 125*64kB (UH) 3*128kB (UH) 36*256kB (U) 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 56368kB [ 1492.076343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1492.076349] Call Trace: [ 1492.076371] dump_stack+0x197/0x210 [ 1492.076393] warn_alloc.cold+0x7b/0x173 [ 1492.097961] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1492.101646] ? zone_watermark_ok_safe+0x260/0x260 [ 1492.101663] ? compaction_deferred+0x16a/0x3b0 [ 1492.101681] ? try_to_compact_pages+0x44/0xae0 [ 1492.101712] __alloc_pages_slowpath+0x2214/0x2870 [ 1492.101746] ? warn_alloc+0x110/0x110 [ 1492.104840] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1492.107933] ? __lock_is_held+0xb6/0x140 [ 1492.107953] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1492.107972] ? should_fail+0x14d/0x85c [ 1492.116965] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1492.122609] ? __isolate_free_page+0x4c0/0x4c0 [ 1492.122628] ? __might_sleep+0x95/0x190 [ 1492.122649] __alloc_pages_nodemask+0x617/0x750 [ 1492.122665] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1492.122685] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1492.128043] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1492.132123] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1492.132141] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1492.132156] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1492.132175] alloc_pages_current+0x107/0x210 [ 1492.132196] ion_page_pool_alloc+0x17f/0x270 [ 1492.132216] ion_system_heap_allocate+0x154/0xa90 [ 1492.132240] ? ion_system_heap_free+0x250/0x250 [ 1492.132257] ? ion_alloc+0x306/0x900 [ 1492.132275] ion_alloc+0x29b/0x900 [ 1492.132294] ? ion_dma_buf_release+0x50/0x50 [ 1492.132316] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1492.142146] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1492.145504] ? _copy_from_user+0xdd/0x150 [ 1492.145526] ion_ioctl+0x17b/0x329 [ 1492.145544] ? ion_alloc.cold+0x28/0x28 [ 1492.156934] 11620 total pagecache pages [ 1492.158472] ? __might_sleep+0x95/0x190 [ 1492.158493] ? ion_alloc.cold+0x28/0x28 [ 1492.167368] 0 pages in swap cache [ 1492.167927] do_vfs_ioctl+0xd5f/0x1380 [ 1492.167948] ? selinux_file_ioctl+0x46c/0x5d0 [ 1492.179552] Swap cache stats: add 0, delete 0, find 0/0 [ 1492.181546] ? selinux_file_ioctl+0x125/0x5d0 [ 1492.181565] ? ioctl_preallocate+0x210/0x210 [ 1492.181582] ? selinux_file_mprotect+0x620/0x620 [ 1492.181605] ? iterate_fd+0x360/0x360 [ 1492.181623] ? nsecs_to_jiffies+0x30/0x30 [ 1492.181644] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1492.181665] ? security_file_ioctl+0x8d/0xc0 [ 1492.188685] Free swap = 0kB [ 1492.190294] ksys_ioctl+0xab/0xd0 [ 1492.190312] __x64_sys_ioctl+0x73/0xb0 [ 1492.190333] do_syscall_64+0xfd/0x620 [ 1492.190354] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1492.190366] RIP: 0033:0x45b349 [ 1492.190382] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1492.190390] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1492.190404] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1492.190413] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1492.190421] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1492.190434] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1492.202582] Total swap = 0kB [ 1492.208890] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1492.209536] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1492.217043] 1965979 pages RAM [ 1492.220703] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1492.232083] 0 pages HighMem/MovableOnly [ 1492.235507] Node 0 DMA32 free:55984kB min:36168kB low:45208kB high:54248kB active_anon:1057836kB inactive_anon:812kB active_file:20kB inactive_file:24kB unevictable:0kB writepending:0kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27872kB pagetables:70524kB bounce:0kB free_pcp:228kB local_pcp:0kB free_cma:0kB [ 1492.243834] 341741 pages reserved [ 1492.245249] lowmem_reserve[]: 0 0 1 1 1 [ 1492.248923] 0 pages cma reserved 22:57:10 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000040)={0x81, 0xffffffffffffffff}) 22:57:10 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) socket$inet(0x2, 0x1, 0x40) openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$UI_SET_KEYBIT(0xffffffffffffffff, 0x40045565, 0x256) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) r2 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r2, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x10000, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000000000)={0xb6d, 0xfffffffffffffff7, 0x0, r4}) 22:57:10 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000003ee000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:10 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000140)={0x1002, 0x5ebac1d57f7d8151, 0x0, r1}) 22:57:10 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffff}) [ 1492.256210] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1492.554409] lowmem_reserve[]: 0 0 0 0 0 [ 1492.574989] Node 0 DMA: 13*4kB (ME) 14*8kB (UME) 17*16kB (UME) 19*32kB (UM) 2*64kB (ME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10388kB [ 1492.616677] xt_check_match: 9 callbacks suppressed [ 1492.616693] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1492.674969] Node 0 DMA32: 381*4kB (UMEH) 335*8kB (UMEH) 62*16kB (UMEH) 452*32kB (UEH) 4*64kB (UH) 6*128kB (UH) 86*256kB (U) 1*512kB (H) 6*1024kB (U) 0*2048kB 0*4096kB = 49356kB 22:57:10 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) keyctl$update(0x2, 0x0, &(0x7f0000000100)="b243280ee40af1396568e8faf3e5eeb8fe12fcfab0fa73d2f56942582c51f32559360f9669fc5c75f16758e5197897810647e1318e119d1fc5bdf50ac8213b800a3718c061c72afcab14d5d596913441a946fb43edec310e05874654951660ea74cf73d4c79a4a8fb3b32272f06a17b05899ed3ee1fb4e0a2cd1ddea2b954dbb69de12156b86263b95a99205", 0x8c) [ 1492.726240] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1492.911811] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1492.948538] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1492.955250] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1492.965252] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1492.971800] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1492.988572] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1492.989488] CPU: 0 PID: 2288 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1493.001940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1493.011303] Call Trace: [ 1493.013906] dump_stack+0x197/0x210 [ 1493.017548] warn_alloc.cold+0x7b/0x173 [ 1493.021538] ? zone_watermark_ok_safe+0x260/0x260 [ 1493.026397] ? compaction_deferred+0x16a/0x3b0 [ 1493.031163] ? try_to_compact_pages+0x44/0xae0 [ 1493.035812] __alloc_pages_slowpath+0x2214/0x2870 [ 1493.040694] ? warn_alloc+0x110/0x110 [ 1493.044619] ? __lock_is_held+0xb6/0x140 [ 1493.048807] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1493.054352] ? should_fail+0x14d/0x85c [ 1493.058252] ? __isolate_free_page+0x4c0/0x4c0 [ 1493.062845] ? __might_sleep+0x95/0x190 [ 1493.066851] __alloc_pages_nodemask+0x617/0x750 [ 1493.071553] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1493.076603] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1493.082154] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1493.087977] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1493.093533] alloc_pages_current+0x107/0x210 [ 1493.097965] ion_page_pool_alloc+0x17f/0x270 [ 1493.102390] ion_system_heap_allocate+0x154/0xa90 [ 1493.107261] ? ion_system_heap_free+0x250/0x250 [ 1493.111948] ? ion_alloc+0x306/0x900 [ 1493.115673] ion_alloc+0x29b/0x900 [ 1493.119233] ? ion_dma_buf_release+0x50/0x50 [ 1493.123661] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1493.129220] ? _copy_from_user+0xdd/0x150 [ 1493.133382] ion_ioctl+0x17b/0x329 [ 1493.136941] ? ion_alloc.cold+0x28/0x28 [ 1493.141054] ? __might_sleep+0x95/0x190 [ 1493.145056] ? ion_alloc.cold+0x28/0x28 [ 1493.149035] do_vfs_ioctl+0xd5f/0x1380 [ 1493.152942] ? selinux_file_ioctl+0x46c/0x5d0 [ 1493.157498] ? selinux_file_ioctl+0x125/0x5d0 [ 1493.162021] ? ioctl_preallocate+0x210/0x210 [ 1493.166481] ? selinux_file_mprotect+0x620/0x620 [ 1493.171259] ? iterate_fd+0x360/0x360 [ 1493.175074] ? nsecs_to_jiffies+0x30/0x30 [ 1493.179228] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1493.184777] ? security_file_ioctl+0x8d/0xc0 [ 1493.189211] ksys_ioctl+0xab/0xd0 [ 1493.192697] __x64_sys_ioctl+0x73/0xb0 [ 1493.196745] do_syscall_64+0xfd/0x620 [ 1493.201266] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1493.206572] RIP: 0033:0x45b349 [ 1493.209797] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1493.228722] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1493.236447] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1493.243725] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1493.251001] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1493.258418] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1493.265696] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1493.273191] CPU: 1 PID: 2313 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1493.281016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1493.285143] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1493.290384] Call Trace: [ 1493.290409] dump_stack+0x197/0x210 [ 1493.290431] warn_alloc.cold+0x7b/0x173 [ 1493.290447] ? zone_watermark_ok_safe+0x260/0x260 [ 1493.290464] ? compaction_deferred+0x16a/0x3b0 [ 1493.290482] ? try_to_compact_pages+0x44/0xae0 [ 1493.290514] __alloc_pages_slowpath+0x2214/0x2870 [ 1493.290546] ? warn_alloc+0x110/0x110 [ 1493.290564] ? __lock_is_held+0xb6/0x140 [ 1493.303841] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1493.305484] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1493.305500] ? should_fail+0x14d/0x85c [ 1493.305520] ? __isolate_free_page+0x4c0/0x4c0 [ 1493.312136] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1493.314348] ? __might_sleep+0x95/0x190 [ 1493.314370] __alloc_pages_nodemask+0x617/0x750 [ 1493.314391] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1493.319044] 11620 total pagecache pages [ 1493.323615] ? fs_reclaim_acquire+0x20/0x20 [ 1493.323631] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1493.323649] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1493.323662] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1493.323682] alloc_pages_current+0x107/0x210 [ 1493.323706] ion_page_pool_alloc+0x17f/0x270 [ 1493.323723] ion_system_heap_allocate+0x154/0xa90 [ 1493.323747] ? ion_system_heap_free+0x250/0x250 [ 1493.323766] ? ion_alloc+0x306/0x900 [ 1493.323787] ion_alloc+0x29b/0x900 [ 1493.323815] ? ion_dma_buf_release+0x50/0x50 [ 1493.323838] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1493.323852] ? _copy_from_user+0xdd/0x150 [ 1493.323870] ion_ioctl+0x17b/0x329 [ 1493.339882] 0 pages in swap cache [ 1493.345511] ? ion_alloc.cold+0x28/0x28 [ 1493.345533] ? __might_sleep+0x95/0x190 [ 1493.345553] ? ion_alloc.cold+0x28/0x28 [ 1493.355772] Swap cache stats: add 0, delete 0, find 0/0 [ 1493.359945] do_vfs_ioctl+0xd5f/0x1380 [ 1493.359965] ? selinux_file_ioctl+0x46c/0x5d0 [ 1493.359979] ? selinux_file_ioctl+0x125/0x5d0 [ 1493.359995] ? ioctl_preallocate+0x210/0x210 [ 1493.360011] ? selinux_file_mprotect+0x620/0x620 [ 1493.360031] ? iterate_fd+0x360/0x360 [ 1493.360048] ? nsecs_to_jiffies+0x30/0x30 [ 1493.360069] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1493.369026] Free swap = 0kB [ 1493.372972] ? security_file_ioctl+0x8d/0xc0 [ 1493.372992] ksys_ioctl+0xab/0xd0 [ 1493.373011] __x64_sys_ioctl+0x73/0xb0 [ 1493.373028] do_syscall_64+0xfd/0x620 [ 1493.373050] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1493.373062] RIP: 0033:0x45b349 [ 1493.373078] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1493.373087] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 22:57:11 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x3bb}) 22:57:11 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) getsockopt$IP_VS_SO_GET_TIMEOUT(r3, 0x0, 0x486, &(0x7f0000000040), &(0x7f0000000080)=0xc) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) socket$inet6(0xa, 0x80000, 0x9) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, r5}) 22:57:11 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x1130c1, 0x0) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000140)='nbd\x00') r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140)='devlink\x00') sendmsg$DEVLINK_CMD_GET(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x14, r4, 0xc91add0bf88807dd, 0x0, 0x0, {0x17}}, 0x14}}, 0x0) sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000040", @ANYRES16=r2, @ANYBLOB="050c27bd7000ffdbdf2503000000"], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x8040) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x20, r2, 0x300, 0x70bd2b, 0x25dfdbfe, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x80}]}, 0x20}, 0x1, 0x0, 0x0, 0x4040001}, 0x4000) 22:57:11 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000003f0000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1493.373100] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1493.373109] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1493.373117] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1493.373124] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1493.373136] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1493.385575] Total swap = 0kB [ 1493.387460] warn_alloc_show_mem: 1 callbacks suppressed [ 1493.387465] Mem-Info: [ 1493.393867] 1965979 pages RAM [ 1493.396915] active_anon:277239 inactive_anon:202 isolated_anon:0 [ 1493.396915] active_file:4230 inactive_file:7136 isolated_file:0 [ 1493.396915] unevictable:0 dirty:1 writeback:0 unstable:0 [ 1493.396915] slab_reclaimable:17168 slab_unreclaimable:129055 [ 1493.396915] mapped:58832 shmem:255 pagetables:26186 bounce:0 [ 1493.396915] free:842424 free_pcp:591 free_cma:0 [ 1493.396955] Node 0 active_anon:1060104kB inactive_anon:808kB active_file:16kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208920kB dirty:4kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1493.403470] 0 pages HighMem/MovableOnly [ 1493.409915] Node 0 DMA free:10384kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1493.414055] 341741 pages reserved [ 1493.417228] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1493.417253] Node 0 DMA32 free:37780kB min:36168kB low:45208kB high:54248kB active_anon:1057756kB inactive_anon:808kB active_file:16kB inactive_file:8kB unevictable:0kB writepending:4kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27808kB pagetables:70668kB bounce:0kB free_pcp:2364kB local_pcp:1080kB free_cma:0kB [ 1493.422588] 0 pages cma reserved [ 1493.434875] lowmem_reserve[]: 0 0 1 1 1 [ 1493.439260] Out of memory: Kill process 934 (syz-executor.1) score 1007 or sacrifice child [ 1493.444461] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1493.449091] Killed process 934 (syz-executor.1) total-vm:72720kB, anon-rss:2212kB, file-rss:34688kB, shmem-rss:0kB [ 1493.456412] lowmem_reserve[]: 0 0 0 0 0 [ 1493.461766] oom_reaper: reaped process 934 (syz-executor.1), now anon-rss:0kB, file-rss:34688kB, shmem-rss:0kB [ 1493.463732] Node 0 DMA: 20*4kB (UME) 10*8kB (UME) 17*16kB (UME) 19*32kB (UM) 2*64kB (ME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10384kB [ 1493.750623] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1493.797619] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 22:57:11 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000001f6000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1493.871153] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1493.876677] CPU: 1 PID: 2332 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1493.884629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1493.894002] Call Trace: [ 1493.896617] dump_stack+0x197/0x210 [ 1493.900281] warn_alloc.cold+0x7b/0x173 [ 1493.904283] ? zone_watermark_ok_safe+0x260/0x260 [ 1493.909168] ? compaction_deferred+0x16a/0x3b0 [ 1493.913804] ? try_to_compact_pages+0x44/0xae0 [ 1493.918425] __alloc_pages_slowpath+0x2214/0x2870 [ 1493.923317] ? warn_alloc+0x110/0x110 [ 1493.927150] ? __lock_is_held+0xb6/0x140 [ 1493.931250] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1493.936822] ? should_fail+0x14d/0x85c [ 1493.940790] ? __isolate_free_page+0x4c0/0x4c0 [ 1493.945407] ? __might_sleep+0x95/0x190 [ 1493.949407] __alloc_pages_nodemask+0x617/0x750 [ 1493.954221] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1493.954241] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1493.959251] ? fs_reclaim_acquire+0x20/0x20 [ 1493.959269] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1493.959290] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1493.959304] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1493.959326] alloc_pages_current+0x107/0x210 [ 1493.990440] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1493.990528] ion_page_pool_alloc+0x17f/0x270 [ 1494.006227] ion_system_heap_allocate+0x154/0xa90 [ 1494.011229] ? ion_system_heap_free+0x250/0x250 [ 1494.015923] ? ion_alloc+0x306/0x900 [ 1494.019663] ion_alloc+0x29b/0x900 [ 1494.023237] ? ion_dma_buf_release+0x50/0x50 [ 1494.027680] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1494.033235] ? _copy_from_user+0xdd/0x150 [ 1494.037405] ion_ioctl+0x17b/0x329 [ 1494.040983] ? ion_alloc.cold+0x28/0x28 [ 1494.044971] ? __might_sleep+0x95/0x190 [ 1494.048993] ? ion_alloc.cold+0x28/0x28 [ 1494.053102] do_vfs_ioctl+0xd5f/0x1380 [ 1494.057022] ? selinux_file_ioctl+0x46c/0x5d0 [ 1494.061565] ? selinux_file_ioctl+0x125/0x5d0 [ 1494.066183] ? ioctl_preallocate+0x210/0x210 [ 1494.070610] ? selinux_file_mprotect+0x620/0x620 [ 1494.075402] ? iterate_fd+0x360/0x360 [ 1494.079216] ? nsecs_to_jiffies+0x30/0x30 [ 1494.083401] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1494.089066] ? security_file_ioctl+0x8d/0xc0 [ 1494.093492] ksys_ioctl+0xab/0xd0 [ 1494.096982] __x64_sys_ioctl+0x73/0xb0 [ 1494.100913] do_syscall_64+0xfd/0x620 [ 1494.104741] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1494.108357] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1494.109946] RIP: 0033:0x45b349 [ 1494.109962] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1494.109971] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1494.109984] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1494.109992] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1494.110001] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1494.110010] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1494.110018] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1494.118216] CPU: 1 PID: 2319 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1494.142407] Node 0 DMA32: 275*4kB (UMEH) 369*8kB (UMEH) 229*16kB (UMEH) 989*32kB (UMEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 40324kB [ 1494.146053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1494.146060] Call Trace: [ 1494.146088] dump_stack+0x197/0x210 [ 1494.146111] warn_alloc.cold+0x7b/0x173 [ 1494.146135] ? zone_watermark_ok_safe+0x260/0x260 [ 1494.202564] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1494.205831] ? compaction_deferred+0x16a/0x3b0 [ 1494.205852] ? try_to_compact_pages+0x44/0xae0 [ 1494.205934] __alloc_pages_slowpath+0x2214/0x2870 [ 1494.205979] ? warn_alloc+0x110/0x110 [ 1494.206000] ? __lock_is_held+0xb6/0x140 [ 1494.263071] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1494.268653] ? should_fail+0x14d/0x85c [ 1494.272571] ? __isolate_free_page+0x4c0/0x4c0 [ 1494.277185] ? __might_sleep+0x95/0x190 [ 1494.281187] __alloc_pages_nodemask+0x617/0x750 [ 1494.285888] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1494.290947] ? fs_reclaim_acquire+0x20/0x20 [ 1494.293913] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1494.295399] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1494.295421] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1494.295436] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1494.295474] alloc_pages_current+0x107/0x210 [ 1494.326490] ion_page_pool_alloc+0x17f/0x270 [ 1494.330938] ion_system_heap_allocate+0x154/0xa90 [ 1494.335833] ? ion_system_heap_free+0x250/0x250 [ 1494.340536] ? ion_alloc+0x306/0x900 [ 1494.344271] ion_alloc+0x29b/0x900 [ 1494.347841] ? ion_dma_buf_release+0x50/0x50 [ 1494.352275] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1494.357830] ? _copy_from_user+0xdd/0x150 [ 1494.362003] ion_ioctl+0x17b/0x329 [ 1494.365571] ? ion_alloc.cold+0x28/0x28 [ 1494.369581] ? __might_sleep+0x95/0x190 [ 1494.373585] ? ion_alloc.cold+0x28/0x28 [ 1494.377586] do_vfs_ioctl+0xd5f/0x1380 [ 1494.381635] ? selinux_file_ioctl+0x46c/0x5d0 [ 1494.386154] ? selinux_file_ioctl+0x125/0x5d0 [ 1494.390676] ? ioctl_preallocate+0x210/0x210 [ 1494.395106] ? selinux_file_mprotect+0x620/0x620 [ 1494.399904] ? iterate_fd+0x360/0x360 [ 1494.403461] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1494.403722] ? nsecs_to_jiffies+0x30/0x30 [ 1494.416470] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 22:57:11 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) r3 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r3, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r3, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = accept4$alg(r5, 0x0, 0x0, 0x0) ioctl$sock_SIOCDELDLCI(r6, 0x8981, &(0x7f0000000040)={'veth0_virt_wifi\x00', 0x20}) writev(r3, &(0x7f0000000400), 0x0) r7 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x100, 0x5) getsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000200)={{{@in=@loopback, @in6=@ipv4={[], [], @remote}}}, {{@in6=@local}, 0x0, @in6=@empty}}, &(0x7f0000000140)=0xe8) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1494.422161] ? security_file_ioctl+0x8d/0xc0 [ 1494.426837] ksys_ioctl+0xab/0xd0 [ 1494.430599] __x64_sys_ioctl+0x73/0xb0 [ 1494.434515] do_syscall_64+0xfd/0x620 [ 1494.438352] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1494.443568] RIP: 0033:0x45b349 [ 1494.446783] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1494.463920] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1494.465830] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1494.465846] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1494.465857] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1494.465866] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1494.465876] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1494.465885] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1494.482050] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1494.485956] CPU: 0 PID: 2315 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1494.536572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1494.540794] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1494.545963] Call Trace: [ 1494.545990] dump_stack+0x197/0x210 [ 1494.561678] warn_alloc.cold+0x7b/0x173 [ 1494.565784] ? zone_watermark_ok_safe+0x260/0x260 [ 1494.570562] warn_alloc_show_mem: 2 callbacks suppressed [ 1494.570568] Mem-Info: [ 1494.570647] ? compaction_deferred+0x16a/0x3b0 [ 1494.576045] active_anon:276759 inactive_anon:204 isolated_anon:0 [ 1494.576045] active_file:4230 inactive_file:7146 isolated_file:0 [ 1494.576045] unevictable:0 dirty:83 writeback:0 unstable:0 [ 1494.576045] slab_reclaimable:17165 slab_unreclaimable:129072 [ 1494.576045] mapped:58860 shmem:255 pagetables:26235 bounce:0 [ 1494.576045] free:797704 free_pcp:336 free_cma:0 [ 1494.578474] ? try_to_compact_pages+0x44/0xae0 [ 1494.583137] Node 0 active_anon:1057856kB inactive_anon:796kB active_file:16kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208920kB dirty:0kB writeback:0kB shmem:996kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1494.617185] __alloc_pages_slowpath+0x2214/0x2870 [ 1494.617219] ? warn_alloc+0x110/0x110 [ 1494.617239] ? __lock_is_held+0xb6/0x140 [ 1494.621877] Node 0 DMA free:10384kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1494.649552] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1494.649568] ? should_fail+0x14d/0x85c [ 1494.649586] ? __isolate_free_page+0x4c0/0x4c0 [ 1494.649609] ? __might_sleep+0x95/0x190 [ 1494.654640] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1494.658593] __alloc_pages_nodemask+0x617/0x750 [ 1494.662695] Node 0 DMA32 free:36912kB min:36168kB low:45208kB high:54248kB active_anon:1055408kB inactive_anon:796kB active_file:16kB inactive_file:4kB unevictable:0kB writepending:0kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27712kB pagetables:70412kB bounce:0kB free_pcp:1344kB local_pcp:1084kB free_cma:0kB [ 1494.689325] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1494.689346] ? fs_reclaim_acquire+0x20/0x20 [ 1494.689366] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1494.695005] lowmem_reserve[]: 0 0 1 1 1 [ 1494.699019] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1494.703652] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1494.707604] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1494.712664] lowmem_reserve[]: 0 0 0 0 0 [ 1494.717452] alloc_pages_current+0x107/0x210 [ 1494.746994] Node 0 DMA: 20*4kB (UME) 10*8kB (UME) 17*16kB (UME) 19*32kB (UM) 2*64kB (ME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10384kB [ 1494.751982] ion_page_pool_alloc+0x17f/0x270 [ 1494.752002] ion_system_heap_allocate+0x154/0xa90 [ 1494.752027] ? ion_system_heap_free+0x250/0x250 [ 1494.756342] Node 0 DMA32: 226*4kB (UMEH) 115*8kB (UMEH) 154*16kB (UMEH) 990*32kB (UMEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 36928kB [ 1494.761931] ? ion_alloc+0x306/0x900 [ 1494.761949] ion_alloc+0x29b/0x900 [ 1494.761971] ? ion_dma_buf_release+0x50/0x50 [ 1494.761995] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 22:57:12 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000003f8000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1494.765967] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1494.771804] ? _copy_from_user+0xdd/0x150 [ 1494.771825] ion_ioctl+0x17b/0x329 [ 1494.771842] ? ion_alloc.cold+0x28/0x28 [ 1494.771865] ? __might_sleep+0x95/0x190 [ 1494.797869] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1494.803393] ? ion_alloc.cold+0x28/0x28 [ 1494.803413] do_vfs_ioctl+0xd5f/0x1380 [ 1494.803438] ? selinux_file_ioctl+0x46c/0x5d0 [ 1494.807430] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1494.811847] ? selinux_file_ioctl+0x125/0x5d0 [ 1494.811865] ? ioctl_preallocate+0x210/0x210 [ 1494.811879] ? selinux_file_mprotect+0x620/0x620 [ 1494.811906] ? iterate_fd+0x360/0x360 [ 1494.827963] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1494.832332] ? nsecs_to_jiffies+0x30/0x30 [ 1494.832365] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1494.837204] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1494.841912] ? security_file_ioctl+0x8d/0xc0 [ 1494.841930] ksys_ioctl+0xab/0xd0 [ 1494.841947] __x64_sys_ioctl+0x73/0xb0 [ 1494.841971] do_syscall_64+0xfd/0x620 [ 1494.857117] 11630 total pagecache pages [ 1494.860798] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1494.860810] RIP: 0033:0x45b349 [ 1494.860826] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1494.860839] RSP: 002b:00007f17cfa52c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1494.865184] 0 pages in swap cache [ 1494.869590] RAX: ffffffffffffffda RBX: 00007f17cfa536d4 RCX: 000000000045b349 [ 1494.875201] Swap cache stats: add 0, delete 0, find 0/0 [ 1494.885808] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1494.885818] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 1494.885825] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 22:57:12 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') sendmsg$FOU_CMD_DEL(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r2, 0x100, 0x70bd28, 0x25dfdbfd}, 0x14}}, 0x80) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1494.885833] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bfd4 [ 1495.016806] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1495.095631] Free swap = 0kB [ 1495.109845] Total swap = 0kB [ 1495.119887] 1965979 pages RAM [ 1495.124305] 0 pages HighMem/MovableOnly [ 1495.128535] 341741 pages reserved [ 1495.145603] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1495.157553] 0 pages cma reserved 22:57:12 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0xeeb}) [ 1495.195679] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1495.224960] 11639 total pagecache pages [ 1495.244844] 0 pages in swap cache [ 1495.254479] Swap cache stats: add 0, delete 0, find 0/0 [ 1495.266052] Free swap = 0kB [ 1495.272040] Total swap = 0kB [ 1495.277593] 1965979 pages RAM [ 1495.283417] 0 pages HighMem/MovableOnly [ 1495.291235] 341741 pages reserved [ 1495.297288] 0 pages cma reserved [ 1495.339976] oom_reaper: reaped process 2332 (syz-executor.5), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 1495.343537] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 22:57:12 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000002f9000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:12 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0xffaf) write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000180)={0xe, 0x3, 0xfa00, @id_resuseaddr={&(0x7f0000000480)=0x1, r4, 0x0, 0x1, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21}, {0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc]}}, r4}}, 0x48) write$RDMA_USER_CM_CMD_JOIN_MCAST(0xffffffffffffffff, &(0x7f0000000440)={0x16, 0x98, 0xfa00, {&(0x7f0000000400)={0xffffffffffffffff}, 0x1, r4, 0x10, 0x1, @in6={0xa, 0x4e22, 0x412d3eee, @loopback, 0x400}}}, 0xa0) write$RDMA_USER_CM_CMD_LEAVE_MCAST(r2, &(0x7f0000000500)={0x11, 0x10, 0xfa00, {&(0x7f00000003c0), r5}}, 0x18) r6 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) ioctl$VIDIOC_QUERYBUF(r6, 0xc0585609, &(0x7f0000000100)={0x9, 0xa, 0x4, 0x20, 0x7, {r7, r8/1000+10000}, {0x1, 0x8, 0x5, 0x0, 0x26, 0x7, "53f26594"}, 0x5, 0x3, @userptr=0x3, 0x3, 0x0, 0xffffffffffffffff}) r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00') sendmsg$TIPC_NL_NAME_TABLE_GET(r9, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x120, r10, 0x100, 0x70bd28, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x8, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_LINK={0x2c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}]}, @TIPC_NLA_NET={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xcff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x75f3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x531b}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x10000000}, @TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_ID={0x8}]}, @TIPC_NLA_LINK={0x8c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x10}, 0x8801) set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r11 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r11, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1495.435414] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1495.476267] CPU: 1 PID: 2336 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1495.484140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1495.493515] Call Trace: [ 1495.496129] dump_stack+0x197/0x210 [ 1495.499814] warn_alloc.cold+0x7b/0x173 [ 1495.503922] ? zone_watermark_ok_safe+0x260/0x260 [ 1495.508901] ? compaction_deferred+0x16a/0x3b0 [ 1495.513511] ? try_to_compact_pages+0x44/0xae0 [ 1495.518138] __alloc_pages_slowpath+0x2214/0x2870 [ 1495.523028] ? warn_alloc+0x110/0x110 [ 1495.526855] ? __lock_is_held+0xb6/0x140 [ 1495.530940] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1495.536500] ? should_fail+0x14d/0x85c [ 1495.540410] ? __isolate_free_page+0x4c0/0x4c0 [ 1495.545014] ? __might_sleep+0x95/0x190 [ 1495.549039] __alloc_pages_nodemask+0x617/0x750 [ 1495.553732] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1495.558965] ? fs_reclaim_acquire+0x20/0x20 [ 1495.560785] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1495.563345] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1495.563365] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1495.563379] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1495.563401] alloc_pages_current+0x107/0x210 [ 1495.594318] ion_page_pool_alloc+0x17f/0x270 [ 1495.598612] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1495.598750] ion_system_heap_allocate+0x154/0xa90 [ 1495.598775] ? ion_system_heap_free+0x250/0x250 [ 1495.617773] ? ion_alloc+0x306/0x900 [ 1495.621512] ion_alloc+0x29b/0x900 [ 1495.625230] ? ion_dma_buf_release+0x50/0x50 [ 1495.629670] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1495.635454] ? _copy_from_user+0xdd/0x150 [ 1495.639624] ion_ioctl+0x17b/0x329 [ 1495.643188] ? ion_alloc.cold+0x28/0x28 [ 1495.647295] ? __might_sleep+0x95/0x190 [ 1495.651291] ? ion_alloc.cold+0x28/0x28 [ 1495.655550] do_vfs_ioctl+0xd5f/0x1380 [ 1495.659463] ? selinux_file_ioctl+0x46c/0x5d0 [ 1495.663982] ? selinux_file_ioctl+0x125/0x5d0 [ 1495.668501] ? ioctl_preallocate+0x210/0x210 22:57:13 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:13 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000003f9000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1495.672957] ? selinux_file_mprotect+0x620/0x620 [ 1495.677745] ? iterate_fd+0x360/0x360 [ 1495.681565] ? nsecs_to_jiffies+0x30/0x30 [ 1495.685742] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1495.691307] ? security_file_ioctl+0x8d/0xc0 [ 1495.695742] ksys_ioctl+0xab/0xd0 [ 1495.699245] __x64_sys_ioctl+0x73/0xb0 [ 1495.703158] do_syscall_64+0xfd/0x620 [ 1495.706987] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1495.712192] RIP: 0033:0x45b349 [ 1495.715408] Code: Bad RIP value. [ 1495.718787] RSP: 002b:00007f6e444d6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1495.726660] RAX: ffffffffffffffda RBX: 00007f6e444d76d4 RCX: 000000000045b349 [ 1495.733949] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1495.741337] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 1495.748752] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1495.756210] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bfd4 [ 1495.864765] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1495.892858] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1495.904957] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1495.930827] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1495.947559] CPU: 0 PID: 2500 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1495.955414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1495.964800] Call Trace: [ 1495.967413] dump_stack+0x197/0x210 [ 1495.971229] warn_alloc.cold+0x7b/0x173 [ 1495.975251] ? zone_watermark_ok_safe+0x260/0x260 [ 1495.980127] ? __lock_is_held+0xb6/0x140 [ 1495.984245] __alloc_pages_slowpath+0x2214/0x2870 [ 1495.986035] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1495.989148] ? warn_alloc+0x110/0x110 [ 1496.004813] ? __lock_is_held+0xb6/0x140 [ 1496.008667] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1496.008926] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1496.008941] ? should_fail+0x14d/0x85c [ 1496.008962] ? __isolate_free_page+0x4c0/0x4c0 [ 1496.028417] ? __might_sleep+0x95/0x190 [ 1496.032420] __alloc_pages_nodemask+0x617/0x750 [ 1496.037116] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1496.042167] ? fs_reclaim_acquire+0x20/0x20 [ 1496.046524] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1496.052097] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1496.057928] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1496.063480] alloc_pages_current+0x107/0x210 [ 1496.067915] ion_page_pool_alloc+0x17f/0x270 [ 1496.072455] ion_system_heap_allocate+0x154/0xa90 [ 1496.077393] ? ion_system_heap_free+0x250/0x250 [ 1496.080060] warn_alloc_show_mem: 1 callbacks suppressed [ 1496.080065] Mem-Info: [ 1496.082077] ? ion_alloc+0x306/0x900 [ 1496.082098] ion_alloc+0x29b/0x900 [ 1496.082121] ? ion_dma_buf_release+0x50/0x50 [ 1496.100015] active_anon:276709 inactive_anon:203 isolated_anon:24 [ 1496.100015] active_file:4231 inactive_file:7151 isolated_file:0 [ 1496.100015] unevictable:0 dirty:88 writeback:0 unstable:0 [ 1496.100015] slab_reclaimable:17165 slab_unreclaimable:129087 [ 1496.100015] mapped:58853 shmem:255 pagetables:26179 bounce:0 [ 1496.100015] free:759465 free_pcp:162 free_cma:0 [ 1496.101572] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1496.101610] ? _copy_from_user+0xdd/0x150 [ 1496.145300] ion_ioctl+0x17b/0x329 [ 1496.148877] ? ion_alloc.cold+0x28/0x28 [ 1496.152876] ? __might_sleep+0x95/0x190 [ 1496.156872] ? ion_alloc.cold+0x28/0x28 [ 1496.160866] do_vfs_ioctl+0xd5f/0x1380 [ 1496.164780] ? selinux_file_ioctl+0x46c/0x5d0 [ 1496.169307] ? selinux_file_ioctl+0x125/0x5d0 [ 1496.170021] Node 0 active_anon:1058048kB inactive_anon:792kB active_file:20kB inactive_file:0kB unevictable:0kB isolated(anon):96kB isolated(file):0kB mapped:208920kB dirty:0kB writeback:0kB shmem:992kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1496.173812] ? ioctl_preallocate+0x210/0x210 [ 1496.173828] ? selinux_file_mprotect+0x620/0x620 [ 1496.173849] ? iterate_fd+0x360/0x360 [ 1496.173865] ? nsecs_to_jiffies+0x30/0x30 [ 1496.173889] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1496.220020] Node 1 active_anon:48788kB inactive_anon:20kB active_file:16904kB inactive_file:28604kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:26492kB dirty:352kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 14336kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1496.224240] ? security_file_ioctl+0x8d/0xc0 [ 1496.224259] ksys_ioctl+0xab/0xd0 [ 1496.224277] __x64_sys_ioctl+0x73/0xb0 [ 1496.263944] do_syscall_64+0xfd/0x620 [ 1496.267764] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1496.272961] RIP: 0033:0x45b349 22:57:13 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x400000, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0xffffffffffffff40, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_SMI(r4, 0xaeb7) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000040)={0x10010005, 0x0, 0x0, r1}) [ 1496.276154] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1496.279991] Node 0 DMA free:10444kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1496.295079] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1496.295095] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1496.295103] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 000000000000000a [ 1496.295110] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1496.295117] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1496.295125] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1496.384456] CPU: 1 PID: 2490 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1496.392331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1496.401975] Call Trace: [ 1496.404584] dump_stack+0x197/0x210 [ 1496.408256] warn_alloc.cold+0x7b/0x173 [ 1496.412247] ? zone_watermark_ok_safe+0x260/0x260 [ 1496.417112] ? __lock_is_held+0xb6/0x140 [ 1496.421209] __alloc_pages_slowpath+0x2214/0x2870 [ 1496.426091] ? warn_alloc+0x110/0x110 [ 1496.429905] ? __lock_is_held+0xb6/0x140 [ 1496.433983] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1496.439524] ? should_fail+0x14d/0x85c [ 1496.443470] ? __isolate_free_page+0x4c0/0x4c0 [ 1496.448069] ? __might_sleep+0x95/0x190 [ 1496.452306] __alloc_pages_nodemask+0x617/0x750 [ 1496.456979] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1496.462030] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1496.467602] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1496.473325] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1496.478881] alloc_pages_current+0x107/0x210 [ 1496.483320] ion_page_pool_alloc+0x17f/0x270 [ 1496.487754] ion_system_heap_allocate+0x154/0xa90 [ 1496.492638] ? ion_system_heap_free+0x250/0x250 [ 1496.497312] ? ion_alloc+0x306/0x900 [ 1496.501031] ion_alloc+0x29b/0x900 [ 1496.504590] ? ion_dma_buf_release+0x50/0x50 [ 1496.509134] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1496.514677] ? _copy_from_user+0xdd/0x150 [ 1496.518847] ion_ioctl+0x17b/0x329 [ 1496.522389] ? ion_alloc.cold+0x28/0x28 [ 1496.526382] ? __might_sleep+0x95/0x190 [ 1496.530357] ? ion_alloc.cold+0x28/0x28 [ 1496.534342] do_vfs_ioctl+0xd5f/0x1380 [ 1496.538266] ? selinux_file_ioctl+0x46c/0x5d0 [ 1496.542767] ? selinux_file_ioctl+0x125/0x5d0 [ 1496.547289] ? ioctl_preallocate+0x210/0x210 [ 1496.551701] ? selinux_file_mprotect+0x620/0x620 [ 1496.556475] ? iterate_fd+0x360/0x360 [ 1496.560279] ? nsecs_to_jiffies+0x30/0x30 [ 1496.564447] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1496.570019] ? security_file_ioctl+0x8d/0xc0 [ 1496.574441] ksys_ioctl+0xab/0xd0 [ 1496.577912] __x64_sys_ioctl+0x73/0xb0 [ 1496.581811] do_syscall_64+0xfd/0x620 [ 1496.585700] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1496.590910] RIP: 0033:0x45b349 [ 1496.594342] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1496.613256] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1496.620977] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1496.628259] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1496.635541] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1496.642822] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1496.650101] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1496.658416] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1496.689336] Node 0 DMA32 free:67048kB min:36168kB low:45208kB high:54248kB active_anon:1055940kB inactive_anon:796kB active_file:16kB inactive_file:52kB unevictable:0kB writepending:48kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27968kB pagetables:70484kB bounce:0kB free_pcp:1428kB local_pcp:756kB free_cma:0kB [ 1496.812697] lowmem_reserve[]: 0 0 1 1 1 [ 1496.816854] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1496.843095] lowmem_reserve[]: 0 0 0 0 0 [ 1496.847121] Node 1 Normal free:2797272kB min:53704kB low:67128kB high:80552kB active_anon:48652kB inactive_anon:12kB active_file:16904kB inactive_file:28652kB unevictable:0kB writepending:492kB present:3932160kB managed:3870168kB mlocked:0kB kernel_stack:12800kB pagetables:33932kB bounce:0kB free_pcp:264kB local_pcp:44kB free_cma:0kB [ 1496.894488] lowmem_reserve[]: 0 0 0 0 0 [ 1496.898822] Node 0 DMA: 20*4kB (UME) 10*8kB (UME) 22*16kB (UME) 19*32kB (UM) 2*64kB (ME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10464kB [ 1496.919467] Node 0 DMA32: 25*4kB (UEH) 2264*8kB (UMH) 701*16kB (UEH) 998*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 62324kB [ 1496.938556] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1496.949486] Node 1 Normal: 296*4kB (UME) 33*8kB (UME) 11*16kB (UME) 13*32kB (UME) 114*64kB (UME) 57*128kB (UM) 8*256kB (UM) 13*512kB (UME) 5*1024kB (UME) 3*2048kB (ME) 674*4096kB (UM) = 2797304kB [ 1496.971753] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1496.982677] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1496.993686] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1497.004378] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1497.015504] 11660 total pagecache pages [ 1497.019559] 0 pages in swap cache [ 1497.024840] Swap cache stats: add 0, delete 0, find 0/0 [ 1497.032836] Free swap = 0kB [ 1497.035943] Total swap = 0kB [ 1497.038984] 1965979 pages RAM [ 1497.044610] 0 pages HighMem/MovableOnly [ 1497.048661] 341741 pages reserved [ 1497.054890] 0 pages cma reserved 22:57:14 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0xffffffffffffffd0) 22:57:14 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000003fc000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:14 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) write$P9_RSTATFS(r4, &(0x7f0000000040)={0x43, 0x9, 0x1, {0x101, 0x5, 0x80000001, 0xfffffffffffffffa, 0x3, 0x4, 0x200, 0xaf, 0x6}}, 0x43) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:14 executing program 1: r0 = socket$phonet(0x23, 0x2, 0x1) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x1002, 0x4) set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r1 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1497.070243] warn_alloc_show_mem: 1 callbacks suppressed [ 1497.070316] Mem-Info: [ 1497.089838] active_anon:276660 inactive_anon:202 isolated_anon:0 [ 1497.089838] active_file:4230 inactive_file:7176 isolated_file:0 [ 1497.089838] unevictable:0 dirty:135 writeback:0 unstable:0 [ 1497.089838] slab_reclaimable:17173 slab_unreclaimable:128962 [ 1497.089838] mapped:58834 shmem:255 pagetables:26126 bounce:0 22:57:14 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000000040)={0x10010005, 0xffffffffffffffe7}) [ 1497.089838] free:717513 free_pcp:562 free_cma:0 [ 1497.155365] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1497.190959] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1497.201832] CPU: 1 PID: 2646 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1497.209922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1497.219428] Call Trace: [ 1497.222329] dump_stack+0x197/0x210 [ 1497.226016] warn_alloc.cold+0x7b/0x173 [ 1497.230088] ? zone_watermark_ok_safe+0x260/0x260 [ 1497.234964] ? compaction_deferred+0x16a/0x3b0 [ 1497.239600] ? try_to_compact_pages+0x44/0xae0 [ 1497.244354] __alloc_pages_slowpath+0x2214/0x2870 [ 1497.249262] ? warn_alloc+0x110/0x110 [ 1497.253096] ? __lock_is_held+0xb6/0x140 [ 1497.257192] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1497.262891] ? should_fail+0x14d/0x85c [ 1497.263369] Node 0 active_anon:1058288kB inactive_anon:796kB active_file:16kB inactive_file:52kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208920kB dirty:48kB writeback:0kB shmem:1004kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1497.266801] ? __isolate_free_page+0x4c0/0x4c0 [ 1497.266821] ? __might_sleep+0x95/0x190 22:57:14 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self\x00', 0x7c34c3, 0x0) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) [ 1497.266842] __alloc_pages_nodemask+0x617/0x750 [ 1497.308013] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1497.313073] ? fs_reclaim_acquire+0x20/0x20 [ 1497.317446] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1497.323379] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1497.329132] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1497.334715] alloc_pages_current+0x107/0x210 [ 1497.339169] ion_page_pool_alloc+0x17f/0x270 [ 1497.343622] ion_system_heap_allocate+0x154/0xa90 [ 1497.348562] ? ion_system_heap_free+0x250/0x250 [ 1497.353387] ? ion_alloc+0x306/0x900 [ 1497.357131] ion_alloc+0x29b/0x900 [ 1497.360703] ? ion_dma_buf_release+0x50/0x50 [ 1497.364160] Node 0 DMA free:10464kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1497.365200] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1497.365216] ? _copy_from_user+0xdd/0x150 [ 1497.365237] ion_ioctl+0x17b/0x329 [ 1497.365255] ? ion_alloc.cold+0x28/0x28 [ 1497.365274] ? __might_sleep+0x95/0x190 [ 1497.365293] ? ion_alloc.cold+0x28/0x28 [ 1497.417965] do_vfs_ioctl+0xd5f/0x1380 [ 1497.421882] ? selinux_file_ioctl+0x46c/0x5d0 [ 1497.426409] ? selinux_file_ioctl+0x125/0x5d0 [ 1497.430955] ? ioctl_preallocate+0x210/0x210 [ 1497.435418] ? selinux_file_mprotect+0x620/0x620 [ 1497.437730] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1497.440213] ? iterate_fd+0x360/0x360 [ 1497.440234] ? nsecs_to_jiffies+0x30/0x30 [ 1497.440257] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1497.440272] ? security_file_ioctl+0x8d/0xc0 [ 1497.440290] ksys_ioctl+0xab/0xd0 [ 1497.440307] __x64_sys_ioctl+0x73/0xb0 [ 1497.440326] do_syscall_64+0xfd/0x620 [ 1497.448149] Node 0 DMA32 free:61620kB min:36168kB low:45208kB high:54248kB active_anon:1055840kB inactive_anon:796kB active_file:16kB inactive_file:52kB unevictable:0kB writepending:48kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27936kB pagetables:70632kB bounce:0kB free_pcp:1108kB local_pcp:652kB free_cma:0kB [ 1497.449247] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1497.449260] RIP: 0033:0x45b349 [ 1497.449276] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1497.449284] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1497.449302] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1497.458596] lowmem_reserve[]: 0 0 1 1 1 [ 1497.458994] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000004 [ 1497.468294] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1497.470735] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1497.470744] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1497.470753] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1497.613311] lowmem_reserve[]: 0 0 0 0 0 [ 1497.645288] Node 0 DMA: 20*4kB (UME) 10*8kB (UME) 22*16kB (UME) 19*32kB (UM) 2*64kB (ME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10464kB [ 1497.730008] Node 0 DMA32: 74*4kB (UEH) 27*8kB (EH) 610*16kB (UEH) 997*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 43136kB [ 1497.760572] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1497.785037] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1497.796904] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1497.809912] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1497.818913] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1497.834040] 11667 total pagecache pages [ 1497.839189] 0 pages in swap cache [ 1497.856699] Swap cache stats: add 0, delete 0, find 0/0 [ 1497.869890] Free swap = 0kB [ 1497.876527] Total swap = 0kB [ 1497.890421] 1965979 pages RAM [ 1497.893873] 0 pages HighMem/MovableOnly [ 1497.903365] 341741 pages reserved [ 1497.914490] 0 pages cma reserved 22:57:15 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x1600}) 22:57:15 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ion\x00', 0x83ec047a6e8dead7, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) setxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='trusted.overlay.upper\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="00fb6e0703425620cc3e825594fde4b87e85c3b233ef8c6fb21d93fe812d54d15da5d3b69b9ec2a2cc2612ed11404c89c6bb7e5739c5fef043d864a5c98b10cc910138a2b537a303d61dd46b229cd914e30e3975d9d6a62e279cba2b8171cba9b5ace90e0a8011e42065c2c5f283ac8cdd239c28062e53ebbbc66de8b2f9cadf1a9b1652557949413413b0eb1ad55a7cf5800c6bd4d363dbba8c304295e6e104dc02bcdabf9316b2ffd123b408d10cc898942bb65f86ebab1f78e08cec2729c41626c1a13c398ca6b9ad1bad1fbac1723a378050"], 0x6e, 0x1) 22:57:15 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000003fd000000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:15 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000640)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r0, 0x4004ae8b, &(0x7f0000001540)={0x1000, "13a72d79384daa9048bb33f900089404ae0fa10769314a85ee538b73470176818f39022bb5e5d28ba8080a4ec7ec844f684ca58a442c8b15528bca9cf206cf5c59d294e183c4c5ef15f3d337689e3a708230db7bdf82efc4b57e64e89414eb3cfd4182824631ce36a1e9a77af6365c82955fa029a6ecd7ec42dc1b009f57f4aebc178a5373f24c1e71449d071b3285146a8da9e85fdc1f2419e24a1963f1bc4e51282a9eec74d4410b84fc745276418a093c8418afdefb91792918080f7c4b83b45bbaf95d5e7a6704a0c55363d727805d49eae30e7e1003ff485f625828e9a8d8a057c81aabc4f64ed59bfa03959b3a34d3da4cdf89f1cec18dab424154786a856c253931d2fd4807d5170caf46c5e1972432f5fdb6dd26d0fb3a0ad9e1efedadb2ce03fed19d3e342078490735ba96248089ec0654bedbf6e688f85c72e16d5a634eae1d580b3c2dbdccf36e366fd76e598d55722b6732bd4a7161abc8bcea96a1135fb172ebf2fef900bbb5d47666d2c51f431ffb5a01ab39635cfcccf6d326f4f8d361560ae3c4787870eda05c8dbfb5b82cdd85aa787f71f6b5c5cf653438676d4f3c9b8e886060633ec99b794c96ba64a3dfe198b4e4fd41df24fcaff253c07cc9066d26465bf6b9a8a92b39363ba230f6ce6d3e5fca37d466ce9ffcfc6391dc3cbb87129d335e6c58d643ab3cb1c10f70a7938533b238fdf93141004f5dcc8f5e2a2f526c22cc9141bb81170ebe9108bd8fa6de8188c9264ccb8fe5f3b86765f659c6c07d0ddf8b87ac9bb8f8c86744396a39b343e89b97be48a84c77f9bf046f50dd84f4e71e2c8f476faa377e5815a86d44d7dfe07fc376b901c8827f9cd3c5a31cbcafeef043716940cd6bfa37a87d91fcf8d945896d48bd2c56059fd4f0d528f186030ab6882b49811c5f1fcb7f3cffed6c5c6f8f146a76bdfdb66054963cf1a275bf6b52a95e53ff3fe76513e24cd12b5f4307c549f853b4d8778d183daad5ae183a9e8c773815807e4451f3ea22b5dd5a682376f659ff9ddaf54dc5f5a3e81b8bafa3683fef9854b3668a0c7a3b18dbac2c807e77d04a9391fc64dc60fbe57cd591b7aead4f6f72cc0a8be2e43e3c26c0cc953bd5a1be0604cc69798a661c0a0ee2224e1c8a24f210423ca34a74746acabfc66d42e4af95449198202f5ee42f30011983959b54e3e2814bd30be4f842ac458192616de3bfd92fa3a492467b6b8cdfb4f78c72bc7ee260a7b191d07b80438dab29fb1c52592d7a1dc83ba64e2e3b2dfabed3757d77c27a8528c1f729e7cc7cea92afe49d2aef77c36e799c950a29991a3b8283a0e5946c0feea9096858d5330adcb4542710e9d688787394bfbd1d5e3d0780fecdc91bab3dad5b5ca530b0c47302e974050c54a53849c74b79c0c11fe19be6e3fa5c2b99aa05f2d22992930b21991d04bffe88eccdf75cb6d7a7630d8ce3bd416bc4df27b7c88040dd7d30b98ef98dd14c1e641fcb08abeaac636c1cc24fe47ecdf73c3f6e997058d35a69d91af6b4eb2920ef73d419df06fc8608fe1e32c518275bd1f552a790d7f26a62e23a177dc7dd5532404eda3136144bafcf1113d41ceefbcd98c1ac6222ed59ec15a8da445702a2729ac70da7eb973cfe506d36b0a8b80b52f6e16102a5e0017224c8927d1c1dcaefbb398a9812d4aedcb49b1622f65448626dd0d816e7e06ce90a19deb23c8469681308e2b34d262508c4244e4e1d94f47be40e31f60590b89663e7aa503d2a23ceba7f2d82844e2c34ba7afb2d32f5216b7370b785c639e61c30aff6055da1f7128cee4142e3759e52ff5dcaf87103ffe6ee00af432de137eb6ad2d5db10f5443b6d40f47355eff6b7cf460631a351cb63b513b52b61c807cc8f92b9a8e41ca7ec8905633d58735f090d415ae64d3fdd8779804e55f8e1a9b2887c95030facb85835d2b3a37554c7fc1a91e767ed3aa960be2232196e5cd518440be6b49223f2c737124b127e2cfb3c0f63c564684a12e5af3d12821b5561fcc4bdaf1a603dfc9ceb1711c0e7d410038ca75e2dd1ffff4c3a8f446e915481f35e46fc8306b62d770612621e92526c4c9e02a5506fbb66c910c499b32ecd69b2b4ed1f6ba177c26e99ac49d84434cce59022bb1fceb5ed9e54e34125ac6c1ba91e4d29e0cb5de4982ee2ea541ad1637f376c3279a6423563227a974baa3c4bd15ddb111f1f82edd56f67744403ebff95287253d4a8d911ef781a9c5019869fba2bd12f7a36afa5709cffda01a5218a26ad2a799ca2404841978ff73666eb076a2aa65e5ea54cc7ca5570dc042c9f45b63f6c39d66ed48ce00ffe53f381f384818b141fb8b30c9ec92bc6ce1dc5d1c8f1da94ef658189603235d182a4e6d995d4560518b08e893986b9c81d197ea25d5f1af783c842bb0ff2ef93a8e9b25237f33da425250b2732409a15c07b83dd045005711b19720184c639b274840ceb3f82f47946fc53112d01901d6c854a6acbba1feb9dc823acc9b950faafefb846a7f0ae23a0d73d98a4a8d8de7b53f95a48cf44346f203413bf526806f9d23487bb6d98151f6efd0fab496b052ee571cf450ff5ab2a2fb314fdd2e3a05d7ad4bb81637cd3c391ffcca8cb6ea69d219f45ba5a3526fe626f581a19e15484a13a8b3ebbd5a430d63e9a53d42fd9d2dbab053e06c8f59fd062a432b6ca05b40ae6638ab08814474accb20ff9210471a8e277ab54c79145c20a7e6f54dde0f230e5cc9e5883933dd4812976e937990edb1845e2a215b0ec66ef6b11b306071e15fa2755e6dcaffa9374fa1344c5a2361d3d7a4e5284250b135fb587f163cd2e2fd758f5485bec26ad3c65c9bcd884c5f3b107274ee5badeaf4665f6dc3fa39f87daab679078cf06fd051f49b4d062bb96c3c94934980c5072d73de4df371d4d0ca87b4ea71641b875d7628bc664cb258b24a1d35a6f3e668e2a64d8bb0e05b85cb2db82f9fc1516cca77683967f2d78a2aea1a1128538f39147ec6bfcafb0cb4a8dbaeed8a85f07c9c054f148fccba89f729d0a7527071dd61974fd754fc7247c17f7d79be2da14bf52507aa21d3f49b8f5e6f9b323dce9f023dda18814bd558a2f8232d625f70b7c71b0ef0c54b8e1975270f34c82fc30e014c96a0d792fcf75c71fb00d49740f92b2b7356624e20c4bb540de94521686696701db23421896b811c2fbd966a3debf1ffe7fb2b831eaf4019f49d0dd4b51a7379d97ff8d5b29abcc46dc7e54fe6b6c3980ecb0a55cbc1e2a380b8188fb9748b914123847784c6ee8fbbc86d8bd325c990a7d7ef5f898d1eaaccb5319315a2a775c29c479d95031776423c8d3b63ab9a0576569d97a8a02c77e95a2e49add3979712fd3912e1c31e85591503526103029eb9543db2a03c5a5d689330c177f3bdd80a65a4ff59ddc272e0ba38b47761ae5c4bd697a7dac964c5d06cd460c0ac8d350225e427bb91e7377497686e66ee8bdcca9102eb2def4d0e9dd67fc245a7ad58ccad060d9591c22902bc9f0b3d36f7a689e9ae74b0a7b7b05257802e9457237e56d006bd8edf2af40f167a99a60531b76fbfc27b4c07930bc17c26aac66e83e8f535c93aa62d0c19ff7cd641b1fd3d1ad87ce989c3641f1afe9f22e41645ad84a33f2b7c372b7467f1ee830828e0c42cc59d7db7e968ae8374d41abe4d0911120fce04b24286f29dff5273f3fdf978f401801493ecd01399eb20982b266811f9734a50c780265ae2e0e0e71ea97e359c226ff364cc4e0fa318a295c8698e76d0ecbcc602937ab40f37d9f74c48d579e68460b257480c27dfa887be1f1d6a07ebe80cb6e33da5f72cf5603e35dd8b13e56e6a28bbb1d67bf1589cfae7978b5d528c858c0f9fc6cafbec185c604ee1acec6d5c69c0978ccba2c0653d10d89ece378dded610cc8227353a1085316a898c3b1878b3fb490e2d9a8f31543938b8430bdfe0fb97c3ff0fc62923dba7629d7992d9ba7147542b440b4ec7aca95fb339d3bbb00fe6812fe61a2bc32663ed317120eb157d5c40e27f8241470feb7ebf50d1df09cef7237a74de311b4e589a3f09090d3b4123618290f73afd27291e71634263fa65d72ea9948151d0707ed1f9f020b47d901c9972c9dbaaf9709093250f86bfb6e7782baaddbb7b862e78fe231f2ea8dc0c5f8fa21570c4696d1cfef05b4c72cbfe476a6f726a1c35b321caa77f8e4285946f936a2dd08713b9dc19651226d2a78d0a8ec06bd5165bef5beaaa1a16a6ca483c4bfa14238f1ce9d4640cb9a752024bb3ae5a0fac5d0919a47286fb0a0e1586b0ea3157f7920e8145dde7ce8e610ca06f9d30459221e7afcb17b4850dace2dc298710fd9d9c98f6114f1fe6464fefc816e9164446b7edc2d9d04769c3cd6a34c08e48d04861bbf1bacb00afd800f1d30c2b7bd68e98bbe0a5e0a076c08191750b0eb686464a57b604b72e27fe3ed665f7406dac9074014ee9165b8c4bbf5d84294b4dc4931074b486c48f7ea35fdff9c7480ddacbca2e0199815751d5142d6ec0e0da3e429f86446b821f452eecad9e5ed6823014d3386d6b0667f45cdc975fdb278df96d9aa460d989ec90e2c8935d2485ee4d1ec16e32535a4f014486c60c59488e737477ac2458da617af6c37cccebb6fff95c0d866932b9ede34e08046993cfd639b8241b18271e8a72d316c508b456d15e4d67d0345ed0e1dd3ce889c852460921ae2f2ccf47466507119328f27bf0420ce9b5f9093502ec0c4392b9b05f93a4c914bbe4fe9b789e7ef7a2a37af152b57e0a58f6ed6c44473bc850b4fd2c1a490655cffcf5196e33bc56b18d3948fa0e8caf6a15ff289230c101b8b02dca128478fb5820ba9eac503f480bcf4405492157e05646e8a1b845b069b8dd2c3ab9b7802c12ca098058e23930ded324924b55a86f5dddeeeeaa8b18425a3dc0ffd177797b120a518bdc79ba6857326e8e84cc0f5b3e0b1332d37a0d556058bfe6975fc9f808320ec58869d5c0fb6e4e37f42649ef0aa625227bf98023d2dfcc5c8ddc70cdb57aa35823052a660a065bd403423045ede73ce2de8e08c558bb249c1e74b1d55111ac4dc3f318afd475844722a1ee380a1e88b9e1608bbdebeb653e6614759c069fcd6d31cc835e55de7d6eb9a341261dc599712263a87d0d29545522aaad0008da4cbb4412c5acc4f1248a5c6feb383d6fb80cddf33159398db6b069f79c294860374e38787700f180c706e056cb20d92afa8ad60613fca2309fc25e2969c99c5801b3a2682db15b8be947a6804628d7f37ffa20dfa2cad253ee2358c19bf2c713e2960cc2895718c025116d7e17fd7c50e377d758b579c5db6ba9cc495f1fdff281e7c2521d6d256a2ff7e4721b842619db802cda4ee9fe6a3f2f123268d9754f11b731b1186cc1612ea2decde153f622d5a9c02761f70d59e17351fcafcaea4ec0b6cf7f70d158a5efaa8a6b8373339365069cd5479f75e0cedcd5962665e43e67631b5c675f2aa8c71c3e6f6073226fc2874b250a9b52cf723d34e35b753135fca7fb9536bf4205edbb3670f804e04d391dad214fbe269d536a837e0e1a650cb70e71e504d4822c09a70266d1421241954a2a34cc09caa1d06abba97b7715c7c6632944fdb6a02d21e287cc23c2b079b445faee207e7648a7f390bce60615cd1cde2ded2664480bacd831d5710618b63c74d6ddd43217469a3795d669601e36ef8fd816a0b13909e0b4db1429a556b8943a2d72bbc63a5194e9bf749e3e5e2faa3462561b1dcd12fc8a84ca91c6b7543dcc324a03729a92510"}) r1 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000740)='nl80211\x00') sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x34, r4, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_PEER_AID={0x6, 0xb5, 0xa8}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x1}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x2}, @NL80211_ATTR_STA_PLINK_STATE={0x5, 0x74, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x8004}, 0xc004804) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = syz_open_dev$sg(&(0x7f0000000680)='/dev/sg#\x00', 0x7f, 0x361441) ioctl$SG_GET_PACK_ID(r7, 0x227c, &(0x7f00000006c0)) sendmmsg$alg(r6, &(0x7f0000000d80)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000040)="c05f6ce7f8ed1b4b8e7fbcfa7e40e6c5db627e614590233d9be76c946097b56ea334e9f9d7d24f16a60780aae1c0799b24eabecbeb8c2ab231cf76a1906b857645ddbd0844cd8140488054db3a6f0f6ef9882f9e2972163f", 0x58}, {&(0x7f0000000200)="86bfb134f6bafb6128996af83a0ca4c5dfd32b1a53bfbed63a85d42a7bcbd136913dfd8536f4ca94864ebeb3b9a0e888b15bd1c9e67e2df9068abda29a509b413553861b9faca392e6c5320c3788b6ff569e22c74372f3f4c0ddd6e7793fe09e050db1256f0e40cf3a36e990fa3f3d3cbe1cce13660f5484e5a773f2760f75bd3a5bc8b0b3cb168b171cd2739692c7c84eec67713aed24769b45e6357900ca28a5301a5382ed46f076b8", 0xaa}, {&(0x7f00000002c0)="55c2b78b2ead077aeebd1b012d8a8790a746b71bf65a5ec7107f4508259e2d25c38ae8294fdf96164c877a8ea4b181f2cdba8a1a7085f96ef2c5aecabd651415004884bfb42532a5957774c5df0f039ba9d8eac330c5c8d4802f1e395e71a2d23c76caf33e1f31d6c352087e73ace364e6426b161913b5647ccab42feedf268599f5ff71d9ff87a92c6ed5cdd2694d9fabbf778e82c5ec3dff26f15f231dc74aa5aa0704ceb8caabc4510c7632a2443d424cc4a44d", 0xb5}, {&(0x7f0000000140)="4f78bf522ff0c73febd2a36c18bbed462df4fd75da1342d08081b9c2b18cd50316bc5e85bf56790c85afb1e2a34a3c1feafe6dc8372207c5467d24978d9d34089499376df90f16b967a4e75176a8390012621bb55068c7eff4a9bc7de38b4ac52cab6c49aaec007ef23306e2975710dacbaeaa1c73adea4bf798e3adc4", 0x7d}, {&(0x7f00000004c0)="5056be033eb167a38e605a80a1238f22b6efc99d5f279076176757aa9c737df304015f6db3fb5b911a66d36804168aa436ff9063c982ae3db9a90a2b8bf38ed40aad4be050c3c38a6c67ed4cd793aed94e3a95a0bc1891585410978fdd5f76cc87e9761a9a54aa9620ff9ab2fd9233e6c52ec51ad23a5c17055030c6b502af85a72679a5e12add50e1072b98cf68203f3c26b24427", 0x95}, {&(0x7f0000000580)="112164e1699ef1e210c17a4c338dcce3b8093314937b73533010c3e94261f0c9a7c6e50569bfe9e8c37de433fb4459907b46d3c3b955e1a7fb895a1543e188559906a9f4039c184841e29d529ee062062d3067d84bf7f1591ab09113bd9c6310f4b06d62ab480adbf156c5c7efe7437c13c0e7d014356e19bac7f104ea732a676db7058b9bf4a57d68a766810588dce638cef3", 0x93}], 0x6, &(0x7f00000011c0)=ANY=[@ANYBLOB="180000000900000017010000030000000100000000000000f00000000000000001ea825209e96e18df78721701000002000000d7000000d281c9c262de9a237c07b601f7a772c7a2d35a0a2109db5b853bf091d2b59144f6825ed2d001a19ffc055305d02d91a0d8d04cb40f040b44fbaf56299eef536f0ac3cb77c666b415e368238c740c998dd0436ee6e7d973d7afa4ed52c48ec3934d1e45ab85cc9d09f056a1234ddf058810933de1f1471e50e68e4db5812d77a33097b5da80b8737a217005108ac7847e8f7c3fb37fd7dfe0e759e6060aab9674aecbb3d53f829cdc40ea209039d2311fbbdb89060a2174283d72c1b0f1e2463c3e577765e1b1e288e7f2196520fa08167836516a36a8e8bfa59211ace868f40000000000180000000000000017010000040000007d8000000000000088000000000000001701000002000000740000006e483e03b3f135eb13002d910b55097c34d4f5b8df845cb6e9cc78d08ff54cd712a26819171e6aad79f7b97f35deb51920d23ca949ce987b64ec429f0aab4f978e36b75a3119887aa1f87543f19f77238161f2b891689a647a964745f9f8836cbf3102090da369625185300ab94273c7e1026a9d180000000000000017010000030000000000000000000000180000000000000017010000030000000000000000000000780000000000000017010000020000006200000075bbe420238ff5b0164ffb2a8099f5d85a5e1ad79f9112b9b5a534161fa0709d57bdce07c70029a25f184d773de294470d667ea23f3c42206321b1e6a47581b66db811d4b475d441b38f63a308d9ba89b1790e57d20002e4729e32958c1edc5fa2d3000018000000000000001701000004000000f6676bf3ae3225be94edb81fa2f150eadb9ed8086b3d7fee0eabf5e90bfb02099214deb0176b4028d14469071200bac090a8a36cce347e8d73601eb0251ee2843693690239448256cc40617a95c8ddc19cb52832759779b482d6c076a35e993338b01e0cd7369b54ed01059910f8a1a28912b72b6000b118bdb333ae24fddfa6533cb1693c4681f3af37878f48683c7841f423e0a3f1bde2afaa38b0c9b64045eebe484bc97c908fa11cbceab8edd43bd50fdfe4633333a07a3b24d46bb42397bb84de50c97a540b0495783fc395540b9c9755750b843fc15035bee09f2dd6cf41c364c90aa0e70f8f4ca1c2d708dbb9916b663be1a6a9667745fea017bd639b84e664d72f360b2845074f"], 0x268, 0x20040084}, {0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000008c0)="d12c72be911942438628d0ccfb11c94ff03a8c0d0778cc9b56c798b4490c194d1d379a7cd6fb964cd3a601f7ce97ce04fc83caa831274adc08ad2fa34060612bae2e000e968862a8685560f17b63ccfc507122231d72edcc60e3fbf72b121827de5b5ff7ea9fed577d8014ec7fdb0fac9db32a1030609dde8708dc3a0b3529c09c8e19bc5d49294dad796815f206f06c5017695c14", 0x95}, {&(0x7f0000000980)="a794f1acde6cc6dafcfd17ddf297e2e747460ce66b557fa16201cab61e2ac892b387583a085a5aadc27c620a63c8b72cfcae8229135c688fe090c179a1c899d07622b1c24d843f554e82ffad73244fc378264329caffcda7c023d99604400c31a9689a8370", 0x65}, {&(0x7f0000000a00)="4cef4c89c167835ef074ff7b58682f3b430bfb65d56759c4df6369bbed8b4a9c810ff567970d83ed0f7e040b76fafdfc935975f2f33bdc472f5c8df31133b8c90d13fb00fa9b5df3c5c752c1b5", 0x4d}, {&(0x7f0000000a80)="20878c1e0c7f7e0e32618db866e9ac0a000363570e30731b5e6c3804745fe70edfbedfbcadd46c65280d7560c3917d78c6b4d195bdaa58565dbde791542c086669e55db237c1356bedb824b7ac803ca7c68130f1d6b61a3da9983368d060cdb8928d66b1416d2e292c403f90522b8782ab6fa534196faff99c6cc9cb02ea5cc54a7722a93c090369f23e467ef875d1247301b3516e51dee8cba1a34ab726df9e70262291bf2cd9f5f88e46e49967568b76c7ebdac0a7a0257f21a57c18b8e46dcbee2e88cce1cba410", 0xc9}], 0x4, 0x0, 0x0, 0x24000000}, {0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000b80)="763dc4abd8e1f56a7b802120a50a22e7d69cd0ef9a10007df86da2b11b178a79a50d2df426ed5c79acf65e43756cfdbd868219f592461e384ec20537032e88c930399c448c106acfdbccc9e2f62182118dac04457a3bb5b74420400c290443f892967afb905d03bc088761048c6027f2b558b69469", 0x75}, {&(0x7f0000000c00)="9a699dc14daaa01b797d8c19e8a44e64c4827b20a4905e7be887ac14f28450512ec5abaa412dbe6c62d82436d67fd595b74e370279a7d5012baa", 0x3a}, {&(0x7f0000000c40)="337ff36657b1e25a533984e9e1213bdc5dc77336b6857cbd4e82b67e00db9c87031528a213203b0575b2391909b98d417e0904883954acd85caed77265a7e92ef99151830ec75292ff2cd1659eb6770f916039d4e7910bd945b9c6b5cc8b46ab86541aba", 0x64}, {&(0x7f0000000cc0)="64cfd521b57e5cf4c83115418a2a170a4c9e886080f3591c41b0aec4fc0be6d243f1c565edc1c625f1f81c859113a168a0be1c1414cdbaac3af4a87852c9dc47e601977c0e893f5d", 0x48}], 0x4, 0x0, 0x0, 0x40}], 0x3, 0x20000000) 22:57:15 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x40800, 0x0) bind$bt_sco(r1, &(0x7f0000000040)={0x1f, @fixed={[], 0x10}}, 0x8) 22:57:15 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) ioctl$FICLONE(r0, 0x40049409, r1) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f00000013c0)='/dev/vcs\x00', 0x1, 0x0) ioctl$NBD_DISCONNECT(r2, 0xab08) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f0000001400), &(0x7f0000001440)=0x4) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1498.344624] xt_check_match: 2 callbacks suppressed [ 1498.344642] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1498.444000] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:16 executing program 1: set_mempolicy(0x0, &(0x7f00000000c0)=0x1, 0x2) openat$ion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ion\x00', 0x80, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f00000001c0)={0x3, 0x20}) 22:57:16 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000040000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1498.675184] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1498.696337] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1498.705354] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1498.720378] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1498.733984] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1498.745825] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1498.755468] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1498.762252] CPU: 0 PID: 2696 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1498.767262] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1498.772782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1498.772789] Call Trace: [ 1498.772814] dump_stack+0x197/0x210 [ 1498.772836] warn_alloc.cold+0x7b/0x173 [ 1498.772853] ? zone_watermark_ok_safe+0x260/0x260 [ 1498.772870] ? compaction_deferred+0x16a/0x3b0 [ 1498.772887] ? try_to_compact_pages+0x44/0xae0 [ 1498.772917] __alloc_pages_slowpath+0x2214/0x2870 [ 1498.816763] ? warn_alloc+0x110/0x110 [ 1498.820581] ? __lock_is_held+0xb6/0x140 [ 1498.824658] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1498.830204] ? should_fail+0x14d/0x85c [ 1498.834110] ? __isolate_free_page+0x4c0/0x4c0 [ 1498.838719] ? __might_sleep+0x95/0x190 [ 1498.842712] __alloc_pages_nodemask+0x617/0x750 [ 1498.847525] ? retint_kernel+0x2d/0x2d [ 1498.851451] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1498.856482] ? __sanitizer_cov_trace_pc+0x3f/0x50 [ 1498.861353] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1498.866908] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1498.872765] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1498.878320] alloc_pages_current+0x107/0x210 [ 1498.882878] ion_page_pool_alloc+0x17f/0x270 [ 1498.887324] ion_system_heap_allocate+0x154/0xa90 [ 1498.892192] ? ion_system_heap_free+0x250/0x250 [ 1498.896882] ? ion_alloc+0x306/0x900 [ 1498.900640] ion_alloc+0x29b/0x900 [ 1498.904195] ? ion_dma_buf_release+0x50/0x50 [ 1498.908638] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1498.914325] ? _copy_from_user+0xdd/0x150 [ 1498.918522] ion_ioctl+0x17b/0x329 [ 1498.922104] ? ion_alloc.cold+0x28/0x28 [ 1498.926095] ? __might_sleep+0x95/0x190 [ 1498.930080] ? ion_alloc.cold+0x28/0x28 [ 1498.934085] do_vfs_ioctl+0xd5f/0x1380 [ 1498.938193] ? selinux_file_ioctl+0x46c/0x5d0 [ 1498.942713] ? selinux_file_ioctl+0x125/0x5d0 [ 1498.947220] ? ioctl_preallocate+0x210/0x210 [ 1498.951762] ? selinux_file_mprotect+0x620/0x620 [ 1498.956552] ? iterate_fd+0x360/0x360 [ 1498.960365] ? nsecs_to_jiffies+0x30/0x30 [ 1498.964559] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1498.970122] ? security_file_ioctl+0x8d/0xc0 [ 1498.974698] ksys_ioctl+0xab/0xd0 [ 1498.978195] __x64_sys_ioctl+0x73/0xb0 [ 1498.982109] do_syscall_64+0xfd/0x620 [ 1498.985930] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1498.991304] RIP: 0033:0x45b349 [ 1498.994861] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1499.014143] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 22:57:16 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x4, 0x4000000000) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1499.021866] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1499.029161] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1499.036683] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1499.043997] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1499.051376] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1499.058706] CPU: 1 PID: 2679 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1499.066525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1499.076010] Call Trace: [ 1499.078618] dump_stack+0x197/0x210 [ 1499.082273] warn_alloc.cold+0x7b/0x173 [ 1499.086273] ? zone_watermark_ok_safe+0x260/0x260 [ 1499.091133] ? compaction_deferred+0x16a/0x3b0 [ 1499.095739] ? try_to_compact_pages+0x44/0xae0 [ 1499.100365] __alloc_pages_slowpath+0x2214/0x2870 [ 1499.105251] ? warn_alloc+0x110/0x110 [ 1499.109075] ? __lock_is_held+0xb6/0x140 [ 1499.113266] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1499.118831] ? should_fail+0x14d/0x85c [ 1499.122744] ? __isolate_free_page+0x4c0/0x4c0 [ 1499.127350] ? __might_sleep+0x95/0x190 [ 1499.131349] __alloc_pages_nodemask+0x617/0x750 [ 1499.136084] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1499.141152] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1499.145860] warn_alloc_show_mem: 1 callbacks suppressed [ 1499.145865] Mem-Info: [ 1499.146707] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1499.146725] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1499.156693] active_anon:277728 inactive_anon:205 isolated_anon:0 [ 1499.156693] active_file:4231 inactive_file:7166 isolated_file:0 [ 1499.156693] unevictable:0 dirty:68 writeback:0 unstable:0 [ 1499.156693] slab_reclaimable:17185 slab_unreclaimable:128967 [ 1499.156693] mapped:58850 shmem:255 pagetables:26171 bounce:0 [ 1499.156693] free:797857 free_pcp:578 free_cma:0 [ 1499.160236] alloc_pages_current+0x107/0x210 [ 1499.160261] ion_page_pool_alloc+0x17f/0x270 [ 1499.160278] ion_system_heap_allocate+0x154/0xa90 [ 1499.160302] ? ion_system_heap_free+0x250/0x250 [ 1499.160318] ? ion_alloc+0x306/0x900 [ 1499.160340] ion_alloc+0x29b/0x900 [ 1499.166020] Node 0 active_anon:1062348kB inactive_anon:808kB active_file:20kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208920kB dirty:4kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 346112kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1499.199684] ? ion_dma_buf_release+0x50/0x50 [ 1499.199710] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1499.199727] ? _copy_from_user+0xdd/0x150 [ 1499.199744] ion_ioctl+0x17b/0x329 [ 1499.199760] ? ion_alloc.cold+0x28/0x28 [ 1499.199779] ? __might_sleep+0x95/0x190 [ 1499.199799] ? ion_alloc.cold+0x28/0x28 [ 1499.199817] do_vfs_ioctl+0xd5f/0x1380 [ 1499.199836] ? selinux_file_ioctl+0x46c/0x5d0 [ 1499.199856] ? selinux_file_ioctl+0x125/0x5d0 [ 1499.199872] ? ioctl_preallocate+0x210/0x210 [ 1499.199887] ? selinux_file_mprotect+0x620/0x620 [ 1499.199909] ? iterate_fd+0x360/0x360 [ 1499.199925] ? nsecs_to_jiffies+0x30/0x30 [ 1499.199995] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1499.200022] ? security_file_ioctl+0x8d/0xc0 [ 1499.200038] ksys_ioctl+0xab/0xd0 [ 1499.200055] __x64_sys_ioctl+0x73/0xb0 [ 1499.200077] do_syscall_64+0xfd/0x620 [ 1499.200099] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1499.226367] Node 0 DMA free:10420kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1499.253470] RIP: 0033:0x45b349 [ 1499.253485] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1499.253492] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1499.253506] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1499.253514] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1499.253523] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1499.253532] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 22:57:16 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000000100000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:16 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r3, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r3, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) fcntl$setlease(r3, 0x400, 0x2) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x145) setsockopt$inet6_buf(r4, 0x29, 0x2e, &(0x7f0000000200)="1c595ec1342e1c8dc3ede44edc5fd587c46925b24175213a94b79f5ad7631de29cb041510ed71ab46554c20bd58da99fa3a8ebba12c42cfb3ce8e3245b55431df860ad8e44594a515a4bf8e6127d057f543e64e39fa3b5a0070f925e889b580c285d7af5c84ad4cf34af56bf8fa702dc082a47508519b5d99d412d9f32348c37f781cee6c886e8321e5722", 0x8b) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1499.253540] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1499.343063] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1499.369738] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1499.375435] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1499.467005] CPU: 1 PID: 2691 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1499.475449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1499.484835] Call Trace: [ 1499.487452] dump_stack+0x197/0x210 [ 1499.491107] warn_alloc.cold+0x7b/0x173 [ 1499.495206] ? zone_watermark_ok_safe+0x260/0x260 [ 1499.500093] ? compaction_deferred+0x16a/0x3b0 [ 1499.504707] ? try_to_compact_pages+0x44/0xae0 [ 1499.505191] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1499.509356] __alloc_pages_slowpath+0x2214/0x2870 [ 1499.509396] ? warn_alloc+0x110/0x110 [ 1499.509409] ? __lock_is_held+0xb6/0x140 [ 1499.509427] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1499.509449] ? should_fail+0x14d/0x85c [ 1499.537126] ? __isolate_free_page+0x4c0/0x4c0 [ 1499.541741] ? __might_sleep+0x95/0x190 [ 1499.545741] __alloc_pages_nodemask+0x617/0x750 [ 1499.550448] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1499.555485] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1499.561036] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1499.567827] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1499.573507] alloc_pages_current+0x107/0x210 [ 1499.577938] ion_page_pool_alloc+0x17f/0x270 [ 1499.582411] ion_system_heap_allocate+0x154/0xa90 [ 1499.587284] ? ion_system_heap_free+0x250/0x250 [ 1499.591969] ? ion_alloc+0x306/0x900 [ 1499.595682] ion_alloc+0x29b/0x900 [ 1499.599240] ? ion_dma_buf_release+0x50/0x50 [ 1499.603969] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1499.609522] ? _copy_from_user+0xdd/0x150 [ 1499.613690] ion_ioctl+0x17b/0x329 [ 1499.617261] ? ion_alloc.cold+0x28/0x28 [ 1499.621265] ? __might_sleep+0x95/0x190 [ 1499.625246] ? ion_alloc.cold+0x28/0x28 [ 1499.629219] do_vfs_ioctl+0xd5f/0x1380 [ 1499.633137] ? selinux_file_ioctl+0x46c/0x5d0 [ 1499.637650] ? selinux_file_ioctl+0x125/0x5d0 [ 1499.642177] ? ioctl_preallocate+0x210/0x210 [ 1499.646613] ? selinux_file_mprotect+0x620/0x620 [ 1499.651394] ? iterate_fd+0x360/0x360 [ 1499.655196] ? nsecs_to_jiffies+0x30/0x30 [ 1499.659368] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1499.665031] ? security_file_ioctl+0x8d/0xc0 [ 1499.669455] ksys_ioctl+0xab/0xd0 [ 1499.672929] __x64_sys_ioctl+0x73/0xb0 [ 1499.676820] do_syscall_64+0xfd/0x620 [ 1499.680639] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1499.685949] RIP: 0033:0x45b349 [ 1499.689154] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1499.708166] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1499.715892] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1499.723274] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1499.730629] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1499.738020] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1499.745320] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1499.763851] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1499.767947] CPU: 0 PID: 2688 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1499.776758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1499.784221] Node 0 DMA32 free:104128kB min:36168kB low:45208kB high:54248kB active_anon:1060184kB inactive_anon:808kB active_file:16kB inactive_file:48kB unevictable:0kB writepending:20kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28192kB pagetables:70896kB bounce:0kB free_pcp:2080kB local_pcp:348kB free_cma:0kB [ 1499.786125] Call Trace: [ 1499.786151] dump_stack+0x197/0x210 [ 1499.786171] warn_alloc.cold+0x7b/0x173 [ 1499.786192] ? zone_watermark_ok_safe+0x260/0x260 [ 1499.827496] lowmem_reserve[]: 0 0 1 1 1 [ 1499.830849] ? compaction_deferred+0x16a/0x3b0 [ 1499.830868] ? try_to_compact_pages+0x44/0xae0 [ 1499.830902] __alloc_pages_slowpath+0x2214/0x2870 [ 1499.836112] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1499.839594] ? warn_alloc+0x110/0x110 [ 1499.839615] ? __lock_is_held+0xb6/0x140 [ 1499.844563] lowmem_reserve[]: 0 0 0 0 0 [ 1499.849057] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1499.849073] ? should_fail+0x14d/0x85c [ 1499.849094] ? __isolate_free_page+0x4c0/0x4c0 [ 1499.891660] Node 0 DMA: 27*4kB (UME) 7*8kB (ME) 17*16kB (UME) 19*32kB (UM) 3*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10452kB [ 1499.892479] ? __might_sleep+0x95/0x190 [ 1499.892500] __alloc_pages_nodemask+0x617/0x750 [ 1499.892521] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1499.896675] Node 0 DMA32: 3369*4kB (UEH) 4328*8kB (UEH) 1420*16kB (UEH) 999*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 103748kB [ 1499.900988] ? fs_reclaim_acquire+0x20/0x20 [ 1499.901005] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1499.901023] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1499.901036] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1499.901057] alloc_pages_current+0x107/0x210 [ 1499.917211] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1499.920824] ion_page_pool_alloc+0x17f/0x270 [ 1499.920844] ion_system_heap_allocate+0x154/0xa90 [ 1499.920867] ? ion_system_heap_free+0x250/0x250 [ 1499.925931] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1499.930672] ? ion_alloc+0x306/0x900 [ 1499.930692] ion_alloc+0x29b/0x900 [ 1499.930715] ? ion_dma_buf_release+0x50/0x50 [ 1499.930743] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1499.946245] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1499.950195] ? _copy_from_user+0xdd/0x150 [ 1499.950215] ion_ioctl+0x17b/0x329 [ 1499.950232] ? ion_alloc.cold+0x28/0x28 [ 1499.950252] ? __might_sleep+0x95/0x190 [ 1499.950270] ? ion_alloc.cold+0x28/0x28 [ 1499.956229] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1499.961647] do_vfs_ioctl+0xd5f/0x1380 [ 1499.961666] ? selinux_file_ioctl+0x46c/0x5d0 [ 1499.961681] ? selinux_file_ioctl+0x125/0x5d0 [ 1499.961696] ? ioctl_preallocate+0x210/0x210 [ 1499.961715] ? selinux_file_mprotect+0x620/0x620 [ 1499.967578] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1499.971694] ? iterate_fd+0x360/0x360 [ 1499.971712] ? nsecs_to_jiffies+0x30/0x30 [ 1499.971733] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1499.971749] ? security_file_ioctl+0x8d/0xc0 [ 1499.971768] ksys_ioctl+0xab/0xd0 [ 1500.015723] 11663 total pagecache pages [ 1500.017609] __x64_sys_ioctl+0x73/0xb0 [ 1500.017629] do_syscall_64+0xfd/0x620 [ 1500.038160] 0 pages in swap cache [ 1500.039473] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1500.039484] RIP: 0033:0x45b349 [ 1500.039503] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1500.053326] Swap cache stats: add 0, delete 0, find 0/0 [ 1500.060334] RSP: 002b:00007f6e444d6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1500.060350] RAX: ffffffffffffffda RBX: 00007f6e444d76d4 RCX: 000000000045b349 22:57:17 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000000200000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1500.060358] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1500.060365] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 1500.060373] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1500.060381] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bfd4 22:57:17 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x1800}) 22:57:17 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f0000000040)=0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:17 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000030200000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:17 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) r3 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r3, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r3, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) ioctl$VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000040)={0xffffffff, 0x5, 0x4, 0x2040008, 0x8, {r1, r2/1000+10000}, {0x2, 0xc, 0x5, 0x0, 0x89, 0x2, "c953188d"}, 0x4b809317, 0x3, @fd, 0x7ff, 0x0, r3}) ioctl$PPPIOCSMAXCID(r4, 0x40047451, &(0x7f0000000100)=0x72b) 22:57:18 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCGETX(r2, 0x5432, &(0x7f0000000040)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0xc4c85513, &(0x7f00000004c0)={{0x1, 0x0, 0xfffffffa, 0x80000000, '\x00', 0x6}, 0x0, [0x0, 0x7f, 0xcae, 0x2970, 0xffffffffffffff81, 0x0, 0x2, 0x7, 0x6, 0x2, 0x0, 0x74, 0x600, 0x0, 0x1, 0x7f, 0x0, 0x122, 0x2, 0x89d, 0x9, 0x9, 0x6, 0x8000000000000, 0x2, 0xfed, 0x1, 0x4, 0x81, 0x8, 0x0, 0x2, 0x1, 0x400, 0x7, 0x2, 0x302, 0x3, 0x100000000, 0x401, 0x7, 0x6, 0x800, 0x7, 0x3, 0x80000000, 0x1, 0x2, 0x7, 0x1ff, 0x80000000, 0x0, 0x6, 0x3, 0x80000000, 0x4, 0x3f, 0x55c, 0xea75, 0x400, 0x40, 0x3, 0x0, 0x7ff, 0xa5, 0x1, 0x7, 0x5, 0x1, 0x81, 0xfffffffffffffff8, 0x3, 0x80, 0x3ff, 0x0, 0x400, 0xc6f, 0xbd, 0x3f, 0x7, 0x10001, 0xcaf9, 0x5, 0x2, 0x0, 0xc38, 0x6, 0x5e, 0x0, 0x1, 0x80000000, 0x7e, 0x5993, 0x80000001, 0x628d3fd, 0x6b2, 0xd692, 0x6, 0x86d6, 0x3, 0x401, 0x8, 0x100, 0x2, 0x10000, 0x101, 0x26a, 0x0, 0x533, 0x7, 0x4, 0x2, 0x4, 0x1, 0x4000000000000000, 0x401, 0x5, 0xff00000000000, 0x1b6, 0xa10, 0x80000001, 0x5, 0x0, 0x0, 0x401, 0x10000, 0x1, 0x8874]}) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) prctl$PR_SET_FPEMU(0xa, 0x6) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1500.243208] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1500.255512] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1500.460789] Free swap = 0kB [ 1500.460798] Total swap = 0kB [ 1500.460810] 1965979 pages RAM [ 1500.460816] 0 pages HighMem/MovableOnly [ 1500.460822] 341741 pages reserved [ 1500.460826] 0 pages cma reserved [ 1500.498880] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1500.498890] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1500.498919] CPU: 1 PID: 2854 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1500.498931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1500.498937] Call Trace: [ 1500.498960] dump_stack+0x197/0x210 [ 1500.498984] warn_alloc.cold+0x7b/0x173 [ 1500.499004] ? zone_watermark_ok_safe+0x260/0x260 [ 1500.499020] ? compaction_deferred+0x16a/0x3b0 [ 1500.499039] ? try_to_compact_pages+0x44/0xae0 [ 1500.499073] __alloc_pages_slowpath+0x2214/0x2870 [ 1500.499107] ? warn_alloc+0x110/0x110 [ 1500.499121] ? __lock_is_held+0xb6/0x140 [ 1500.499141] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1500.499157] ? should_fail+0x14d/0x85c [ 1500.499176] ? __isolate_free_page+0x4c0/0x4c0 [ 1500.499196] ? __might_sleep+0x95/0x190 [ 1500.499217] __alloc_pages_nodemask+0x617/0x750 [ 1500.499238] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1500.499258] ? fs_reclaim_acquire+0x20/0x20 [ 1500.499273] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1500.499291] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1500.499306] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1500.499334] alloc_pages_current+0x107/0x210 [ 1500.499355] ion_page_pool_alloc+0x17f/0x270 [ 1500.499375] ion_system_heap_allocate+0x154/0xa90 [ 1500.499400] ? ion_system_heap_free+0x250/0x250 [ 1500.499419] ? ion_alloc+0x306/0x900 [ 1500.499439] ion_alloc+0x29b/0x900 [ 1500.499467] ? ion_dma_buf_release+0x50/0x50 [ 1500.499491] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1500.499505] ? _copy_from_user+0xdd/0x150 [ 1500.499525] ion_ioctl+0x17b/0x329 [ 1500.499541] ? ion_alloc.cold+0x28/0x28 [ 1500.499561] ? __might_sleep+0x95/0x190 [ 1500.499578] ? ion_alloc.cold+0x28/0x28 [ 1500.499595] do_vfs_ioctl+0xd5f/0x1380 [ 1500.499612] ? selinux_file_ioctl+0x46c/0x5d0 [ 1500.499629] ? selinux_file_ioctl+0x125/0x5d0 [ 1500.499645] ? ioctl_preallocate+0x210/0x210 [ 1500.499662] ? selinux_file_mprotect+0x620/0x620 [ 1500.499683] ? iterate_fd+0x360/0x360 [ 1500.499698] ? nsecs_to_jiffies+0x30/0x30 [ 1500.499718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1500.499735] ? security_file_ioctl+0x8d/0xc0 [ 1500.499753] ksys_ioctl+0xab/0xd0 [ 1500.499772] __x64_sys_ioctl+0x73/0xb0 [ 1500.499797] do_syscall_64+0xfd/0x620 [ 1500.499820] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1500.499831] RIP: 0033:0x45b349 [ 1500.499847] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1500.499855] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1500.499871] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1500.499881] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1500.499891] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1500.499901] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1500.499911] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1500.503760] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1500.503771] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1500.503809] CPU: 1 PID: 2851 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1500.503819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1500.503824] Call Trace: [ 1500.503852] dump_stack+0x197/0x210 [ 1500.503879] warn_alloc.cold+0x7b/0x173 [ 1500.503938] ? zone_watermark_ok_safe+0x260/0x260 [ 1500.503966] ? compaction_deferred+0x16a/0x3b0 [ 1500.503987] ? try_to_compact_pages+0x44/0xae0 [ 1500.504026] __alloc_pages_slowpath+0x2214/0x2870 [ 1500.504063] ? warn_alloc+0x110/0x110 [ 1500.504079] ? __lock_is_held+0xb6/0x140 [ 1500.504097] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1500.504113] ? should_fail+0x14d/0x85c [ 1500.504129] ? __isolate_free_page+0x4c0/0x4c0 [ 1500.504146] ? __might_sleep+0x95/0x190 [ 1500.504164] __alloc_pages_nodemask+0x617/0x750 [ 1500.504185] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1500.504202] ? fs_reclaim_acquire+0x20/0x20 [ 1500.504215] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1500.504231] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1500.504243] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1500.504260] alloc_pages_current+0x107/0x210 [ 1500.504279] ion_page_pool_alloc+0x17f/0x270 [ 1500.504296] ion_system_heap_allocate+0x154/0xa90 [ 1500.504345] ? ion_system_heap_free+0x250/0x250 [ 1500.504361] ? ion_alloc+0x306/0x900 [ 1500.504378] ion_alloc+0x29b/0x900 [ 1500.504399] ? ion_dma_buf_release+0x50/0x50 [ 1500.504418] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1500.504431] ? _copy_from_user+0xdd/0x150 [ 1500.504447] ion_ioctl+0x17b/0x329 [ 1500.504462] ? ion_alloc.cold+0x28/0x28 [ 1500.504480] ? __might_sleep+0x95/0x190 [ 1500.504494] ? ion_alloc.cold+0x28/0x28 [ 1500.504509] do_vfs_ioctl+0xd5f/0x1380 [ 1500.504524] ? selinux_file_ioctl+0x46c/0x5d0 [ 1500.504538] ? selinux_file_ioctl+0x125/0x5d0 [ 1500.504552] ? ioctl_preallocate+0x210/0x210 [ 1500.504566] ? selinux_file_mprotect+0x620/0x620 [ 1500.504585] ? iterate_fd+0x360/0x360 [ 1500.504599] ? nsecs_to_jiffies+0x30/0x30 [ 1500.504621] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1500.504638] ? security_file_ioctl+0x8d/0xc0 [ 1500.504653] ksys_ioctl+0xab/0xd0 [ 1500.504670] __x64_sys_ioctl+0x73/0xb0 [ 1500.504686] do_syscall_64+0xfd/0x620 [ 1500.504705] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1500.504717] RIP: 0033:0x45b349 [ 1500.504733] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1500.504741] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1500.504755] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1500.504764] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1500.504772] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1500.504781] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1500.504789] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1500.504817] warn_alloc_show_mem: 3 callbacks suppressed [ 1500.504822] Mem-Info: [ 1500.504859] active_anon:277762 inactive_anon:203 isolated_anon:0 [ 1500.504859] active_file:4230 inactive_file:7177 isolated_file:0 [ 1500.504859] unevictable:0 dirty:47 writeback:1 unstable:0 [ 1500.504859] slab_reclaimable:17186 slab_unreclaimable:128828 [ 1500.504859] mapped:58850 shmem:255 pagetables:26193 bounce:0 [ 1500.504859] free:727761 free_pcp:235 free_cma:0 [ 1500.504886] Node 0 active_anon:1062484kB inactive_anon:808kB active_file:16kB inactive_file:48kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208920kB dirty:20kB writeback:0kB shmem:1012kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 344064kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1500.504891] Node 0 DMA free:10452kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1500.504922] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1500.504940] Node 0 DMA32 free:102492kB min:36168kB low:45208kB high:54248kB active_anon:1060036kB inactive_anon:808kB active_file:16kB inactive_file:48kB unevictable:0kB writepending:20kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27968kB pagetables:70748kB bounce:0kB free_pcp:940kB local_pcp:508kB free_cma:0kB [ 1500.504972] lowmem_reserve[]: 0 0 1 1 1 [ 1500.504989] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1500.505019] lowmem_reserve[]: 0 0 0 0 0 [ 1500.505036] Node 0 DMA: 27*4kB (UME) 7*8kB (ME) 17*16kB (UME) 19*32kB (UM) 3*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10452kB [ 1500.505109] Node 0 DMA32: 2647*4kB (UEH) 4168*8kB (UMEH) 1547*16kB (UMEH) 1015*32kB (UMEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 102124kB [ 1500.505174] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1500.505230] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1500.505241] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1500.505251] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1500.505261] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1500.505266] 11663 total pagecache pages [ 1500.505279] 0 pages in swap cache [ 1500.505287] Swap cache stats: add 0, delete 0, find 0/0 [ 1500.505292] Free swap = 0kB [ 1500.505297] Total swap = 0kB [ 1500.505314] 1965979 pages RAM [ 1500.505320] 0 pages HighMem/MovableOnly [ 1500.505325] 341741 pages reserved [ 1500.505329] 0 pages cma reserved [ 1500.558502] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1500.610333] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1500.772558] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1500.772570] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1500.773800] CPU: 0 PID: 2863 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1500.773812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1500.773819] Call Trace: [ 1500.773843] dump_stack+0x197/0x210 [ 1500.773870] warn_alloc.cold+0x7b/0x173 [ 1500.773891] ? zone_watermark_ok_safe+0x260/0x260 [ 1500.773910] ? compaction_deferred+0x16a/0x3b0 [ 1500.773931] ? try_to_compact_pages+0x44/0xae0 [ 1500.773968] __alloc_pages_slowpath+0x2214/0x2870 [ 1500.774007] ? warn_alloc+0x110/0x110 [ 1500.774022] ? __lock_is_held+0xb6/0x140 [ 1500.774042] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1500.774059] ? should_fail+0x14d/0x85c [ 1500.774079] ? __isolate_free_page+0x4c0/0x4c0 [ 1500.774101] ? __might_sleep+0x95/0x190 [ 1500.774123] __alloc_pages_nodemask+0x617/0x750 [ 1500.774146] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1500.774168] ? fs_reclaim_acquire+0x20/0x20 [ 1500.774185] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1500.774204] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1500.774226] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1500.774254] alloc_pages_current+0x107/0x210 [ 1500.774280] ion_page_pool_alloc+0x17f/0x270 [ 1500.774302] ion_system_heap_allocate+0x154/0xa90 [ 1500.774329] ? ion_system_heap_free+0x250/0x250 [ 1500.774348] ? ion_alloc+0x306/0x900 [ 1500.774369] ion_alloc+0x29b/0x900 [ 1500.774394] ? ion_dma_buf_release+0x50/0x50 [ 1500.774419] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1500.774435] ? _copy_from_user+0xdd/0x150 [ 1500.774455] ion_ioctl+0x17b/0x329 [ 1500.774474] ? ion_alloc.cold+0x28/0x28 [ 1500.774495] ? __might_sleep+0x95/0x190 [ 1500.774514] ? ion_alloc.cold+0x28/0x28 [ 1500.774531] do_vfs_ioctl+0xd5f/0x1380 [ 1500.774549] ? selinux_file_ioctl+0x46c/0x5d0 [ 1500.774566] ? selinux_file_ioctl+0x125/0x5d0 [ 1500.774584] ? ioctl_preallocate+0x210/0x210 [ 1500.774602] ? selinux_file_mprotect+0x620/0x620 [ 1500.774626] ? iterate_fd+0x360/0x360 [ 1500.774645] ? nsecs_to_jiffies+0x30/0x30 [ 1500.774670] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1500.774687] ? security_file_ioctl+0x8d/0xc0 [ 1500.774707] ksys_ioctl+0xab/0xd0 [ 1500.774726] __x64_sys_ioctl+0x73/0xb0 [ 1500.774747] do_syscall_64+0xfd/0x620 [ 1500.774768] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1500.774781] RIP: 0033:0x45b349 [ 1500.774797] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1500.774806] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1500.774821] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1500.774831] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 22:57:19 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = dup3(r0, r0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffdd, 0x0, r3}) 22:57:19 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$netrom_NETROM_T1(r1, 0x103, 0x1, &(0x7f0000000000), &(0x7f0000000040)=0x4) 22:57:19 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000000300000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:19 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) r3 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_inet_SIOCGARP(r3, 0x8954, &(0x7f0000000040)={{0x2, 0x4e20, @rand_addr=0x5}, {0x306}, 0x14, {0x2, 0x4e20, @multicast1}, 'veth0\x00'}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) r4 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r4, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) getsockopt$TIPC_NODE_RECVQ_DEPTH(r6, 0x10f, 0x83, &(0x7f0000000140), &(0x7f0000000180)=0x4) writev(r4, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) sendmsg(r4, &(0x7f0000000100)={0x0, 0x45, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:19 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000100), &(0x7f0000000140)=0x4) r1 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000500)={'syz'}, &(0x7f0000000380)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce0000b4ec24c53d3d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0xc0, 0xfffffffffffffffe) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SNDCTL_DSP_SYNC(r3, 0x5001, 0x0) r4 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz'}, &(0x7f0000000100)='\x00', 0x1, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000040)={r1, r1, r4}, &(0x7f0000000280)=""/243, 0x20e, &(0x7f0000000240)={&(0x7f0000000080)={'crct10dif-generic\x00'}}) keyctl$setperm(0x5, r1, 0x4000000) r5 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0xb6240, 0x0) ioctl$ION_IOC_ALLOC(r5, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000040)={0x2f, 0x1, 0x7, 0x8, 0x1, 0x4, 0x3, 0x8f, 0x1}) 22:57:19 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x2000}) [ 1500.774841] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1500.774850] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1500.774859] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c 22:57:20 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000000400000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:20 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x80, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="480000000008010400000000000000000a00000a2c0004070000004000000007080001400000000408000140000000030800024000000007214a6ebe28fc284e3deaf2c5cf1f650800024000000001050003002f000000"], 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x811) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) 22:57:20 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socket$vsock_dgram(0x28, 0x2, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:20 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x3200}) 22:57:20 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000000500000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:20 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000000600000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1503.067077] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1503.069443] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1503.081219] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1503.094489] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1503.145889] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1503.170717] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1503.176020] CPU: 0 PID: 3181 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1503.183979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1503.188791] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1503.193385] Call Trace: [ 1503.193409] dump_stack+0x197/0x210 [ 1503.193432] warn_alloc.cold+0x7b/0x173 [ 1503.193451] ? zone_watermark_ok_safe+0x260/0x260 [ 1503.193466] ? __lock_is_held+0xb6/0x140 [ 1503.193501] __alloc_pages_slowpath+0x2214/0x2870 [ 1503.222795] ? warn_alloc+0x110/0x110 [ 1503.226612] ? __lock_is_held+0xb6/0x140 [ 1503.230698] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1503.236244] ? should_fail+0x14d/0x85c [ 1503.240320] ? __isolate_free_page+0x4c0/0x4c0 [ 1503.244909] ? __might_sleep+0x95/0x190 [ 1503.248887] __alloc_pages_nodemask+0x617/0x750 [ 1503.253562] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1503.258585] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1503.264127] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1503.269855] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1503.275426] alloc_pages_current+0x107/0x210 [ 1503.279849] ion_page_pool_alloc+0x17f/0x270 [ 1503.284262] ion_system_heap_allocate+0x154/0xa90 [ 1503.289115] ? ion_system_heap_free+0x250/0x250 [ 1503.293806] ? ion_alloc+0x306/0x900 [ 1503.297534] ion_alloc+0x29b/0x900 [ 1503.301191] ? ion_dma_buf_release+0x50/0x50 [ 1503.305637] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1503.311184] ? _copy_from_user+0xdd/0x150 [ 1503.315432] ion_ioctl+0x17b/0x329 [ 1503.318986] ? ion_alloc.cold+0x28/0x28 [ 1503.322970] ? __might_sleep+0x95/0x190 [ 1503.326958] ? ion_alloc.cold+0x28/0x28 [ 1503.330951] do_vfs_ioctl+0xd5f/0x1380 [ 1503.334859] ? selinux_file_ioctl+0x46c/0x5d0 [ 1503.339363] ? selinux_file_ioctl+0x125/0x5d0 [ 1503.343858] ? ioctl_preallocate+0x210/0x210 [ 1503.348283] ? selinux_file_mprotect+0x620/0x620 [ 1503.353051] ? iterate_fd+0x360/0x360 [ 1503.356854] ? nsecs_to_jiffies+0x30/0x30 [ 1503.361023] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1503.366576] ? security_file_ioctl+0x8d/0xc0 [ 1503.371001] ksys_ioctl+0xab/0xd0 [ 1503.374537] __x64_sys_ioctl+0x73/0xb0 [ 1503.378527] do_syscall_64+0xfd/0x620 [ 1503.382369] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1503.387609] RIP: 0033:0x45b349 [ 1503.390820] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1503.409851] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1503.417576] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1503.424880] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1503.432161] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1503.439439] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1503.446712] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1503.454032] CPU: 1 PID: 3177 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1503.461854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1503.471222] Call Trace: [ 1503.473838] dump_stack+0x197/0x210 [ 1503.477489] warn_alloc.cold+0x7b/0x173 [ 1503.481491] ? zone_watermark_ok_safe+0x260/0x260 [ 1503.484061] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1503.486373] ? compaction_deferred+0x16a/0x3b0 [ 1503.486392] ? try_to_compact_pages+0x44/0xae0 [ 1503.486424] __alloc_pages_slowpath+0x2214/0x2870 [ 1503.505829] ? warn_alloc+0x110/0x110 [ 1503.509662] ? __lock_is_held+0xb6/0x140 [ 1503.513748] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1503.519302] ? should_fail+0x14d/0x85c [ 1503.523224] ? __isolate_free_page+0x4c0/0x4c0 [ 1503.527811] ? __might_sleep+0x95/0x190 [ 1503.531790] __alloc_pages_nodemask+0x617/0x750 [ 1503.536461] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1503.541494] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1503.547039] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1503.552760] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1503.558306] alloc_pages_current+0x107/0x210 [ 1503.562726] ion_page_pool_alloc+0x17f/0x270 [ 1503.567138] ion_system_heap_allocate+0x154/0xa90 [ 1503.571981] ? ion_system_heap_free+0x250/0x250 [ 1503.576646] ? ion_alloc+0x306/0x900 [ 1503.580376] ion_alloc+0x29b/0x900 [ 1503.583927] ? ion_dma_buf_release+0x50/0x50 [ 1503.588346] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1503.593883] ? _copy_from_user+0xdd/0x150 [ 1503.598029] ion_ioctl+0x17b/0x329 [ 1503.601577] ? ion_alloc.cold+0x28/0x28 [ 1503.605564] ? __might_sleep+0x95/0x190 [ 1503.609535] ? ion_alloc.cold+0x28/0x28 [ 1503.613532] do_vfs_ioctl+0xd5f/0x1380 [ 1503.617421] ? selinux_file_ioctl+0x46c/0x5d0 [ 1503.621934] ? selinux_file_ioctl+0x125/0x5d0 [ 1503.626458] ? ioctl_preallocate+0x210/0x210 [ 1503.630876] ? selinux_file_mprotect+0x620/0x620 [ 1503.635786] ? iterate_fd+0x360/0x360 [ 1503.639601] ? nsecs_to_jiffies+0x30/0x30 [ 1503.643766] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1503.649324] ? security_file_ioctl+0x8d/0xc0 [ 1503.653753] ksys_ioctl+0xab/0xd0 [ 1503.657225] __x64_sys_ioctl+0x73/0xb0 [ 1503.661131] do_syscall_64+0xfd/0x620 [ 1503.664961] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1503.670149] RIP: 0033:0x45b349 [ 1503.673372] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1503.692288] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1503.700013] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1503.707297] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1503.714588] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1503.721871] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1503.729159] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1503.736465] CPU: 0 PID: 3173 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1503.739818] warn_alloc_show_mem: 2 callbacks suppressed [ 1503.739823] Mem-Info: [ 1503.744277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1503.744283] Call Trace: [ 1503.744306] dump_stack+0x197/0x210 [ 1503.744329] warn_alloc.cold+0x7b/0x173 [ 1503.771728] ? zone_watermark_ok_safe+0x260/0x260 [ 1503.776589] ? __lock_is_held+0xb6/0x140 [ 1503.780678] __alloc_pages_slowpath+0x2214/0x2870 [ 1503.785552] ? warn_alloc+0x110/0x110 [ 1503.789371] ? __lock_is_held+0xb6/0x140 [ 1503.793462] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1503.799007] ? should_fail+0x14d/0x85c [ 1503.802912] ? __isolate_free_page+0x4c0/0x4c0 [ 1503.807535] ? __might_sleep+0x95/0x190 [ 1503.811534] __alloc_pages_nodemask+0x617/0x750 [ 1503.816211] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1503.821245] ? fs_reclaim_acquire+0x20/0x20 [ 1503.825568] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1503.831240] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1503.836984] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1503.842547] alloc_pages_current+0x107/0x210 [ 1503.846964] ion_page_pool_alloc+0x17f/0x270 [ 1503.851388] ion_system_heap_allocate+0x154/0xa90 [ 1503.856249] ? ion_system_heap_free+0x250/0x250 [ 1503.860931] ? ion_alloc+0x306/0x900 [ 1503.864661] ion_alloc+0x29b/0x900 [ 1503.868555] ? ion_dma_buf_release+0x50/0x50 [ 1503.872987] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1503.878562] ? _copy_from_user+0xdd/0x150 [ 1503.882739] ion_ioctl+0x17b/0x329 [ 1503.886299] ? ion_alloc.cold+0x28/0x28 [ 1503.890280] ? __might_sleep+0x95/0x190 [ 1503.894425] ? ion_alloc.cold+0x28/0x28 [ 1503.898419] do_vfs_ioctl+0xd5f/0x1380 [ 1503.902329] ? selinux_file_ioctl+0x46c/0x5d0 [ 1503.906843] ? selinux_file_ioctl+0x125/0x5d0 [ 1503.911352] ? ioctl_preallocate+0x210/0x210 [ 1503.915787] ? selinux_file_mprotect+0x620/0x620 [ 1503.920549] ? iterate_fd+0x360/0x360 [ 1503.924352] ? nsecs_to_jiffies+0x30/0x30 [ 1503.928542] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1503.934116] ? security_file_ioctl+0x8d/0xc0 [ 1503.938536] ksys_ioctl+0xab/0xd0 [ 1503.941993] __x64_sys_ioctl+0x73/0xb0 [ 1503.945905] do_syscall_64+0xfd/0x620 [ 1503.949714] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1503.954918] RIP: 0033:0x45b349 [ 1503.958109] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1503.977245] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1503.984982] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1503.992357] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1503.999640] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1504.006928] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1504.014292] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1504.024409] active_anon:277257 inactive_anon:205 isolated_anon:0 [ 1504.024409] active_file:4230 inactive_file:7175 isolated_file:0 [ 1504.024409] unevictable:0 dirty:88 writeback:0 unstable:0 [ 1504.024409] slab_reclaimable:17155 slab_unreclaimable:128707 [ 1504.024409] mapped:58843 shmem:255 pagetables:26189 bounce:0 [ 1504.024409] free:850708 free_pcp:532 free_cma:0 [ 1504.043010] CPU: 0 PID: 3071 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1504.061517] Node 0 active_anon:1060240kB inactive_anon:808kB active_file:16kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208920kB dirty:24kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1504.065981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1504.065987] Call Trace: [ 1504.066013] dump_stack+0x197/0x210 [ 1504.066036] warn_alloc.cold+0x7b/0x173 [ 1504.066057] ? zone_watermark_ok_safe+0x260/0x260 [ 1504.094241] Node 0 DMA free:10380kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1504.103287] ? __lock_is_held+0xb6/0x140 [ 1504.103329] __alloc_pages_slowpath+0x2214/0x2870 [ 1504.103362] ? warn_alloc+0x110/0x110 [ 1504.106255] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1504.109549] ? __lock_is_held+0xb6/0x140 [ 1504.109571] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1504.109585] ? should_fail+0x14d/0x85c [ 1504.109605] ? __isolate_free_page+0x4c0/0x4c0 [ 1504.113857] Node 0 DMA32 free:67388kB min:36168kB low:45208kB high:54248kB active_anon:1057792kB inactive_anon:808kB active_file:16kB inactive_file:28kB unevictable:0kB writepending:24kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27808kB pagetables:70432kB bounce:0kB free_pcp:1628kB local_pcp:420kB free_cma:0kB [ 1504.118400] ? __might_sleep+0x95/0x190 [ 1504.118424] __alloc_pages_nodemask+0x617/0x750 [ 1504.118458] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1504.145408] lowmem_reserve[]: 0 0 1 1 1 [ 1504.149154] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1504.149179] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1504.149200] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1504.154320] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1504.157905] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1504.157927] alloc_pages_current+0x107/0x210 [ 1504.157949] ion_page_pool_alloc+0x17f/0x270 [ 1504.157969] ion_system_heap_allocate+0x154/0xa90 [ 1504.163347] lowmem_reserve[]: 0 0 0 0 0 [ 1504.167115] ? ion_system_heap_free+0x250/0x250 [ 1504.167140] ion_alloc+0x29b/0x900 [ 1504.167162] ? ion_dma_buf_release+0x50/0x50 [ 1504.172959] Node 0 DMA: 27*4kB (UME) 8*8kB (UME) 7*16kB (UME) 14*32kB (UM) 7*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10396kB [ 1504.176590] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1504.176606] ? _copy_from_user+0xdd/0x150 [ 1504.176626] ion_ioctl+0x17b/0x329 [ 1504.181455] Node 0 DMA32: 2008*4kB (UMEH) 1770*8kB (UMEH) 610*16kB (UMEH) 991*32kB (UEH) 47*64kB (UMH) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 67440kB [ 1504.210448] ? ion_alloc.cold+0x28/0x28 [ 1504.210473] ? __might_sleep+0x95/0x190 [ 1504.210489] ? ion_alloc.cold+0x28/0x28 [ 1504.210505] do_vfs_ioctl+0xd5f/0x1380 [ 1504.210525] ? selinux_file_ioctl+0x46c/0x5d0 [ 1504.215877] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1504.219149] ? selinux_file_ioctl+0x125/0x5d0 [ 1504.219166] ? ioctl_preallocate+0x210/0x210 [ 1504.219183] ? selinux_file_mprotect+0x620/0x620 [ 1504.224065] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1504.227724] ? iterate_fd+0x360/0x360 [ 1504.227743] ? nsecs_to_jiffies+0x30/0x30 [ 1504.227766] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1504.233064] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1504.238291] ? security_file_ioctl+0x8d/0xc0 [ 1504.238311] ksys_ioctl+0xab/0xd0 [ 1504.238332] __x64_sys_ioctl+0x73/0xb0 [ 1504.244339] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1504.269822] do_syscall_64+0xfd/0x620 [ 1504.269845] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1504.269857] RIP: 0033:0x45b349 [ 1504.269873] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1504.269880] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1504.275751] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1504.279846] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1504.279855] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1504.279864] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1504.279873] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1504.279881] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1504.555189] 11659 total pagecache pages [ 1504.564393] 0 pages in swap cache [ 1504.569042] Swap cache stats: add 0, delete 0, find 0/0 [ 1504.576489] Free swap = 0kB [ 1504.586346] Total swap = 0kB [ 1504.593092] 1965979 pages RAM [ 1504.598661] 0 pages HighMem/MovableOnly [ 1504.603964] 341741 pages reserved [ 1504.609419] 0 pages cma reserved 22:57:22 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000040)={0xff, 0x2, 0x4, 0x100000, 0x1f, {0x77359400}, {0x0, 0xb, 0x80, 0x33, 0x3, 0x9, "f3120795"}, 0x0, 0x1, @userptr=0x4, 0x6}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0xffffffffffffff40, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, 0x0, 0xffffffffffffff40, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_GET_XSAVE(r7, 0x9000aea4, &(0x7f00000004c0)) r8 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x20400, 0x0) r11 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r11, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r11, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r11, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r11, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r11, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) write$binfmt_script(r11, &(0x7f0000000b40)=ANY=[@ANYBLOB='#'], 0x1) setsockopt$sock_int(r11, 0x1, 0x8, &(0x7f0000000140)=0xda6, 0x4) sendto$inet(r11, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xd38, 0x13c, 0x0, 0x27) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r11, 0x84, 0x76, &(0x7f0000000180)={0x0, 0x4}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r10, 0x84, 0x13, &(0x7f0000000280)={r12}, &(0x7f00000002c0)=0x8) r13 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r13, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r8, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:22 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000020600000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1504.711553] xt_check_match: 6 callbacks suppressed [ 1504.711570] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:22 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000340)='/dev/dlm-monitor\x00', 0x103f00, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, r1}) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r3, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) write$binfmt_script(r3, &(0x7f0000000b40)=ANY=[@ANYBLOB="03"], 0x1) r4 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r4, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r4, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r5 = socket$inet6(0xa, 0xa, 0x3c) connect$inet6(r5, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r5, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f00000002c0)=0xd05, 0x4) sendto$inet(r3, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xd38, 0x13c, 0x0, 0x27) r6 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r6, &(0x7f0000000180)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$SIOCPNADDRESOURCE(r8, 0x89e0, &(0x7f0000000080)=0x7) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000140)=0xda6, 0x4) sendto$inet(r2, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xd38, 0x13c, 0x0, 0x27) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0x82, &(0x7f0000000140)=@assoc_value={r9}, 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000d40)=ANY=[@ANYRES32=r9, @ANYBLOB="00805da4e7bd73f6aa850c58fb1cbce8ff015147013adad7dba2acc6b1fe0c2424851acee5fcd23bce359e62e8f7b5f5bc046546450556a8052f1fbb806a6dab91311b5dcc7ffff2bd8a767c84c942f3fd186d454be45f44a998c3f17acda61330b0f29146553c8c3252e71cf4bfb1e5d8e040d7dd5d33d290bf9ab9ac008a0ff30000000000bece5a8b6d0fe9bb5db614aa099afa03f46043152b94e3f27d6ad50d9171a3a653d8b65480dde2290b4a9bfac0a3413a9ffb6b611f1510dc08541e802146689a6c4e1940d18c86e082d53ce6575d67bf870d9f8d248ff4ce67664d1637b48476969bb49be10fd1ece35233d38187bc404a7277b8835f8b064b0000000000000000000022e4059da08bdb39e861acfcb0941867d7f358e8a2795ac2e0"], 0x9b) r10 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r10, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r10, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r10, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r10, 0x84, 0x73, &(0x7f0000000240)={r9, 0xffff, 0x20, 0x63f8fd9b, 0x1f}, &(0x7f0000000280)=0x18) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000b80)=ANY=[@ANYRES32=0x0, @ANYBLOB="dd0000008a79bb8485d72ec3438a10ca0814c0c5aa383b7a3d0bad59c07149869325218ebd1b2ea4507c0f2dd14bbed86424768cf391f54901cda8a019c3be78dddf0000a69aabb79dec779ccdf8dfdb5868a528f02199b978d840139ff2fc8c2b4ffeb524e6e408bae6c178dd72f1169cde7e2796f53dfa8f1603e0c5d82e1816e6aca96889789b82fffa091c2796af9097f3c785ce48dbc9bac1c7dfd02c9cd8de18ec3097c546736836869c45dd40e6f3241170ff9482f7327039d02822e92407bda97c1fe007f776a9a194d2151081c8b97b3285d79c983cd77f4a8c8d0f4a0adb32136fc72e2cc1d0221dbbe6406b0b1fbd2b7a3ea7214724d8708f6144194d53b38ff601e01abbecca36dc26728d23a4d7fa102897ef1b6b365200342d20de209a0298dc6384f2a5b2fd2f40fc27fe9997e0090000007e86e8639f7b416b00a71c2f86d93fb59b23040fec27ca4ccbeeceb9450b24f47cd9ccb55632fd0638d271c59878db6eb9d285c7ac7e4a95c00d392dba9df67d90bedb858a498f5effc18fc803a248359e040db811f84e3f2a948c0b6832de1c9429e989b4bf29"], &(0x7f0000000040)=0xe5) [ 1504.775598] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:22 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f00000001c0)={0x80000001, 0xffffffffffffffff}) [ 1504.825529] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1504.838852] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1504.852989] CPU: 0 PID: 3332 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1504.860844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1504.870230] Call Trace: [ 1504.872851] dump_stack+0x197/0x210 [ 1504.876521] warn_alloc.cold+0x7b/0x173 [ 1504.880526] ? zone_watermark_ok_safe+0x260/0x260 [ 1504.885398] ? compaction_deferred+0x16a/0x3b0 [ 1504.890015] ? try_to_compact_pages+0x44/0xae0 [ 1504.894725] __alloc_pages_slowpath+0x2214/0x2870 [ 1504.899635] ? warn_alloc+0x110/0x110 [ 1504.904524] ? __lock_is_held+0xb6/0x140 [ 1504.908610] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1504.914170] ? should_fail+0x14d/0x85c [ 1504.918079] ? __isolate_free_page+0x4c0/0x4c0 [ 1504.922777] ? __might_sleep+0x95/0x190 [ 1504.927308] __alloc_pages_nodemask+0x617/0x750 [ 1504.932010] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1504.937055] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1504.942623] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1504.948379] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1504.953946] alloc_pages_current+0x107/0x210 [ 1504.958394] ion_page_pool_alloc+0x17f/0x270 [ 1504.962840] ion_system_heap_allocate+0x154/0xa90 [ 1504.967717] ? ion_system_heap_free+0x250/0x250 [ 1504.972417] ? ion_alloc+0x306/0x900 [ 1504.976155] ion_alloc+0x29b/0x900 [ 1504.979868] ? ion_dma_buf_release+0x50/0x50 [ 1504.984305] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1504.989873] ? _copy_from_user+0xdd/0x150 [ 1504.994052] ion_ioctl+0x17b/0x329 [ 1504.997609] ? ion_alloc.cold+0x28/0x28 [ 1505.001752] ? __might_sleep+0x95/0x190 [ 1505.005753] ? ion_alloc.cold+0x28/0x28 [ 1505.009769] do_vfs_ioctl+0xd5f/0x1380 [ 1505.013708] ? selinux_file_ioctl+0x46c/0x5d0 [ 1505.018239] ? selinux_file_ioctl+0x125/0x5d0 [ 1505.023033] ? ioctl_preallocate+0x210/0x210 [ 1505.027444] ? selinux_file_mprotect+0x620/0x620 [ 1505.032335] ? iterate_fd+0x360/0x360 [ 1505.036157] ? nsecs_to_jiffies+0x30/0x30 [ 1505.040416] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1505.045952] ? security_file_ioctl+0x8d/0xc0 [ 1505.050380] ksys_ioctl+0xab/0xd0 [ 1505.054031] __x64_sys_ioctl+0x73/0xb0 [ 1505.057924] do_syscall_64+0xfd/0x620 [ 1505.061747] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1505.066951] RIP: 0033:0x45b349 [ 1505.070145] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1505.089053] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1505.096777] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1505.104156] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1505.111919] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1505.119388] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 22:57:22 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000000700000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:22 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x3a00}) 22:57:22 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) r1 = accept(r0, &(0x7f0000000200)=@in={0x2, 0x0, @local}, &(0x7f0000000280)=0x80) ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000000300)) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000000080)={0xf000000, 0x9, 0x556a, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x9909d4, 0x10000, [], @string=&(0x7f0000000000)=0xff}}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r2, 0x40bc5311, &(0x7f0000000100)={0x1, 0x0, 'client1\x00', 0xffffffff80000005, "d4fa42eb1ff56d70", "9348f2306ca2b774a82b15318c7595fe882e8e160f02daa33d8c8c7e8d8bd907", 0x8000, 0x9}) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) [ 1505.126684] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c 22:57:22 executing program 1: arch_prctl$ARCH_GET_CPUID(0x1011) set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) r1 = accept4$netrom(0xffffffffffffffff, &(0x7f0000000040)={{0x3, @default}, [@null, @bcast, @default, @default, @bcast, @netrom, @netrom, @null]}, &(0x7f0000000280)=0x48, 0xc0000) sendto$netrom(r1, &(0x7f0000000140)="f57514f8b2187b69a75dc4f0b3ca3d08280fc11a9edeb0e31e28a0795878479621a96aa6d8c6d984883621a8b6a67244cdbc9bf1c2aa61fe193d9af4219d5c698013e3f4", 0x44, 0x0, &(0x7f0000000200)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x6}, [@default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @bcast]}, 0x48) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x8000010010005, 0xffffffffffffffff}) [ 1505.291338] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1505.303855] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1505.304633] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1505.342432] CPU: 0 PID: 3351 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1505.350281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1505.359653] Call Trace: [ 1505.362262] dump_stack+0x197/0x210 [ 1505.365917] warn_alloc.cold+0x7b/0x173 [ 1505.369918] ? zone_watermark_ok_safe+0x260/0x260 [ 1505.374784] ? compaction_deferred+0x16a/0x3b0 [ 1505.379382] ? try_to_compact_pages+0x44/0xae0 [ 1505.383417] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1505.384137] __alloc_pages_slowpath+0x2214/0x2870 [ 1505.398467] ? warn_alloc+0x110/0x110 [ 1505.402293] ? __lock_is_held+0xb6/0x140 [ 1505.406424] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1505.411992] ? should_fail+0x14d/0x85c [ 1505.415956] ? __isolate_free_page+0x4c0/0x4c0 [ 1505.420581] ? __might_sleep+0x95/0x190 [ 1505.424585] __alloc_pages_nodemask+0x617/0x750 [ 1505.429413] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1505.434575] ? fs_reclaim_acquire+0x20/0x20 [ 1505.438946] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1505.444518] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1505.450264] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1505.455835] alloc_pages_current+0x107/0x210 [ 1505.460267] ion_page_pool_alloc+0x17f/0x270 [ 1505.464707] ion_system_heap_allocate+0x154/0xa90 [ 1505.469574] ? ion_system_heap_free+0x250/0x250 [ 1505.474401] ? ion_alloc+0x306/0x900 [ 1505.478131] ion_alloc+0x29b/0x900 [ 1505.481687] ? ion_dma_buf_release+0x50/0x50 [ 1505.486123] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1505.491680] ? _copy_from_user+0xdd/0x150 [ 1505.495988] ion_ioctl+0x17b/0x329 [ 1505.499540] ? ion_alloc.cold+0x28/0x28 [ 1505.503519] ? __might_sleep+0x95/0x190 [ 1505.507530] ? ion_alloc.cold+0x28/0x28 [ 1505.511528] do_vfs_ioctl+0xd5f/0x1380 [ 1505.515437] ? selinux_file_ioctl+0x46c/0x5d0 [ 1505.519936] ? selinux_file_ioctl+0x125/0x5d0 [ 1505.524555] ? ioctl_preallocate+0x210/0x210 [ 1505.529044] ? selinux_file_mprotect+0x620/0x620 [ 1505.533930] ? iterate_fd+0x360/0x360 [ 1505.537729] ? nsecs_to_jiffies+0x30/0x30 [ 1505.541894] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1505.547619] ? security_file_ioctl+0x8d/0xc0 [ 1505.552042] ksys_ioctl+0xab/0xd0 [ 1505.555509] __x64_sys_ioctl+0x73/0xb0 [ 1505.559399] do_syscall_64+0xfd/0x620 [ 1505.563219] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1505.568404] RIP: 0033:0x45b349 [ 1505.571656] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1505.590655] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1505.598486] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1505.605881] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1505.614814] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1505.622195] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1505.629464] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c 22:57:23 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000030800000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1505.653789] warn_alloc_show_mem: 3 callbacks suppressed [ 1505.653795] Mem-Info: [ 1505.680022] active_anon:276704 inactive_anon:202 isolated_anon:14 [ 1505.680022] active_file:4230 inactive_file:7193 isolated_file:0 [ 1505.680022] unevictable:0 dirty:124 writeback:0 unstable:0 [ 1505.680022] slab_reclaimable:17161 slab_unreclaimable:128689 22:57:23 executing program 1: set_mempolicy(0x2, &(0x7f0000000180)=0x10000, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) socket$phonet_pipe(0x23, 0x5, 0x2) utimensat(r2, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)={{0x0, 0x7530}, {r3, r4/1000+30000}}, 0x100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000200)={0x3, 0x70, 0x0, 0x9, 0x51, 0x3, 0x0, 0x1, 0x1001, 0xf, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x58, 0x0, @perf_config_ext={0x1, 0x9}, 0x48, 0x1000, 0x80000001, 0x4, 0x100, 0x81, 0x8}, r8, 0x10, r10, 0x3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x1004) ioctl$TUNSETCARRIER(r6, 0x400454e2, &(0x7f00000000c0)) [ 1505.680022] mapped:58835 shmem:255 pagetables:26180 bounce:0 [ 1505.680022] free:853116 free_pcp:494 free_cma:0 [ 1505.757596] Node 0 active_anon:1058332kB inactive_anon:808kB active_file:16kB inactive_file:100kB unevictable:0kB isolated(anon):56kB isolated(file):0kB mapped:208920kB dirty:108kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1505.807585] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1505.859159] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:23 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000030a00000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1505.934591] Node 0 DMA free:10428kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1506.089762] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1506.124610] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1506.129926] Node 0 DMA32 free:94340kB min:36168kB low:45208kB high:54248kB active_anon:1055884kB inactive_anon:808kB active_file:16kB inactive_file:100kB unevictable:0kB writepending:108kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28128kB pagetables:70696kB bounce:0kB free_pcp:1856kB local_pcp:444kB free_cma:0kB [ 1506.161915] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:23 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x404482) ioctl$EVIOCGSND(r1, 0x8040451a, &(0x7f0000000080)=""/21) r2 = inotify_init1(0x0) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000100)={0x0, 0x0}) process_vm_readv(r3, &(0x7f0000000380)=[{&(0x7f0000000340)=""/61, 0x3d}], 0x1, &(0x7f0000002540)=[{&(0x7f00000003c0)=""/63, 0x7ffff002}], 0x2, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = dup(r4) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000000000)=0xc) keyctl$get_persistent(0x16, r6, 0xfffffffffffffff9) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f00000006c0)={0x40, 0xe6, {r3}, {r6}, 0x7, 0x8}) r8 = socket$inet_udplite(0x2, 0x2, 0x88) r9 = dup(r8) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000000000)=0xc) keyctl$get_persistent(0x16, r10, 0xfffffffffffffff9) r11 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0x0, r12) r13 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r13, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0x0, r14) r15 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0x0, r16) getgroups(0x9, &(0x7f0000000700)=[r12, 0x0, r14, 0x0, 0xffffffffffffffff, 0xee00, r16, 0xffffffffffffffff, 0xee01]) r18 = inotify_init1(0x0) fcntl$setown(r18, 0x8, 0xffffffffffffffff) fcntl$getownex(r18, 0x10, &(0x7f0000000100)={0x0, 0x0}) r20 = socket$inet_udplite(0x2, 0x2, 0x88) r21 = dup(r20) getsockopt$sock_cred(r21, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000000000)=0xc) keyctl$get_persistent(0x16, r22, 0xfffffffffffffff9) r23 = getgid() r24 = openat$userio(0xffffffffffffff9c, &(0x7f0000000740)='/dev/userio\x00', 0x4600, 0x0) r25 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r25, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r25, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r25, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r26 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r26, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r26, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r26, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r27 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r27, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r27, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r27, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r28 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r28, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r28, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r28, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r29 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r29, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r29, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r29, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r30 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r30, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r30, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r30, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r31 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r31, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r31, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r31, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r32 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r32, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r32, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r32, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r33 = inotify_init1(0x0) fcntl$setown(r33, 0x8, 0xffffffffffffffff) fcntl$getownex(r33, 0x10, &(0x7f0000000100)={0x0, 0x0}) process_vm_readv(r34, &(0x7f0000000380)=[{&(0x7f0000000340)=""/61, 0x3d}], 0x1, &(0x7f0000002540)=[{&(0x7f00000003c0)=""/63, 0x7ffff002}], 0x2, 0x0) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000780)=0x0) lstat(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r37 = inotify_init1(0x0) fcntl$setown(r37, 0x8, 0xffffffffffffffff) fcntl$getownex(r37, 0x10, &(0x7f0000000100)={0x0, 0x0}) process_vm_readv(r38, &(0x7f0000000380)=[{&(0x7f0000000340)=""/61, 0x3d}], 0x1, &(0x7f0000002540)=[{&(0x7f00000003c0)=""/63, 0x7ffff002}], 0x2, 0x0) r39 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r39, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r39, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r39, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) getsockopt$inet6_IPV6_XFRM_POLICY(r39, 0x29, 0x23, &(0x7f0000000880)={{{@in6=@dev, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@ipv4={[], [], @multicast2}}}, &(0x7f0000000980)=0xe8) r41 = getegid() r42 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r42, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r42, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r42, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000b00)={&(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000440)=[{&(0x7f00000004c0)="90c4e5aee206cab76b4c7740d9cc8ebb0d082508555ed962249a424c184220b205db1b4f4a498c8fe12bbea9d3dccfe91cb281850384a54691e38f49006c176aad2608eaf5c3a2291500c24dddb46c01171cd48c0911f12fc59ed46125e0c19466abe79bdde358c63ab08b7098027df42ec584eace5d317b23ebf5f04551d0f183ef5286fc3dc233ede54262819657401613958c2434a2844ffc99edca27695d39c86427e585d423b42d7b4f467416aaa1b47017fd218d376b116c7a2c3bd4a373ca5ddf6bcca43b96edc095d4321ecc57dce7cf900f24caead67983a70d853d", 0xe0}, {&(0x7f00000005c0)="60ab1695acbc47d47ff8cbb7e8d2e8654692021afca5ca49641ffdc57826f3e11fd2aae350007a2dbc32f7347c8275a91354e9a2515f505b15f296524e25a7099c87eff2175d88be516aff94346b3699821a6319a2d918f6edb2b702501297ee48a173244eb41a93c7f917cffaa8c6d1e2ff93d4b89773729ed1e53fa57736b9bc8ac237f0b57ec7d6f750b595f6e66bba6cd7b33b19babe5cd633bb71e9c4a2f8eef89e15a8b4a294de688d15748b91c3451e184eabbe2f3e4e9b38f018d9d2d121606caf13310239e578e607ffac", 0xcf}, {&(0x7f00000003c0)="9dde7513babf096f884b3b6fb55a6b95769a5775b64301d6daf0e6bd294f95e86456827d5494eb8b29331958e3897d", 0x2f}], 0x3, &(0x7f00000009c0)=ANY=[@ANYBLOB="1c0004000000000000001000022b0000", @ANYRES32=r7, @ANYRES32=r10, @ANYRES32=r17, @ANYBLOB="0000000007000000000000000100000002000000", @ANYRES32=r19, @ANYRES32=r22, @ANYRES32=r23, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r24, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r25, @ANYBLOB="34000000000000000100000001000000", @ANYRES32, @ANYRES32=r26, @ANYRES32=r27, @ANYRES32=r28, @ANYRES32=r29, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r30, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r31, @ANYRES32=r32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r34, @ANYRES32=r35, @ANYRES32=r36, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r38, @ANYRES32=r40, @ANYRES32=r41, @ANYBLOB="0000000018000000000000000100000001000008", @ANYRES32=r1, @ANYRES32=r42], 0x130, 0x400c0}, 0x4801) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r44 = dup(r43) ioctl$PERF_EVENT_IOC_ENABLE(r44, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x400000, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r46 = dup(r45) ioctl$PERF_EVENT_IOC_ENABLE(r46, 0x8912, 0x400200) r47 = syz_open_dev$mice(&(0x7f0000000c40)='/dev/input/mice\x00', 0x0, 0x145800) ioctl$LOOP_GET_STATUS64(r47, 0x4c05, &(0x7f0000000c80)) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r49 = dup(r48) ioctl$PERF_EVENT_IOC_ENABLE(r49, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r51 = dup(r50) ioctl$PERF_EVENT_IOC_ENABLE(r51, 0x8912, 0x400200) ioctl$DRM_IOCTL_ADD_CTX(r51, 0xc0086420, &(0x7f0000000140)={0x0}) ioctl$DRM_IOCTL_GET_CTX(0xffffffffffffffff, 0xc0086423, &(0x7f0000000180)={r52, 0x1}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r54 = dup(r53) ioctl$PERF_EVENT_IOC_ENABLE(r54, 0x8912, 0x400200) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000200)={0x14010005, 0xffffffffffffffff, 0x0, r54}) 22:57:23 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000011e00000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1506.229748] lowmem_reserve[]: 0 0 1 1 1 [ 1506.246281] ptrace attach of "/root/syz-executor.4"[8187] was attempted by "/root/syz-executor.4"[3493] [ 1506.267810] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1506.356985] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1506.367648] lowmem_reserve[]: 0 0 0 0 0 [ 1506.400095] Node 0 DMA: 27*4kB (UME) 12*8kB (UME) 7*16kB (UME) 14*32kB (UM) 7*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10428kB 22:57:23 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r1 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r1, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r1, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0x82, &(0x7f0000000140)=@assoc_value={r2}, 0x8) r3 = syz_open_dev$vcsu(&(0x7f0000000180)='/dev/vcsu#\x00', 0x37b, 0x880) ioctl$RTC_ALM_SET(r3, 0x40247007, &(0x7f0000000200)={0x7, 0x24, 0x12, 0x1e, 0x4, 0x3, 0x1, 0x0, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) r8 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r8, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r8, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r8, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) ioctl$VIDIOC_QUERYBUF(r5, 0xc0585609, &(0x7f0000000e00)={0x6c, 0xb, 0x4, 0x2000000, 0x0, {r6, r7/1000+30000}, {0x5, 0x1, 0x2, 0x0, 0x1f, 0x1f, "164c9b9c"}, 0x6ca, 0x3, @userptr=0x5000000, 0x81, 0x0, r8}) r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000e80)='batadv\x00') r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140)='devlink\x00') sendmsg$DEVLINK_CMD_GET(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000f40)={0x30, r11, 0xc91add0bf88807dd, 0x0, 0x0, {0x17}, [@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004050}, 0x0) sendmsg$BATADV_CMD_GET_HARDIF(r10, &(0x7f0000000f80)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x34, r9, 0x0, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x40}, @BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x20004000) setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f00000006c0)={r2, 0x8000, 0x93, "d0fdd90c275da4e7bd73f6aa850c58fb1cbce8ff015147013adad7dba2acc6b1fe0c2424851acee5fcd23bce359e62e8f7b5f5bc04654645054fa46911ab56a8052f1fbb806a6dab91311b5dcc7f6bf2829fe37f715d56717fddbd8a767c84c942f3fd186d454be45f44a998c3f17acda61330b0f29146553c8c3252e71cf4bfb1e5d8e040d7dd5d33d290bf9ab9ac008a0ff3"}, 0x9b) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000040)={r2, 0x2}, &(0x7f0000000080)=0x8) r12 = inotify_init1(0x0) fcntl$setown(r12, 0x8, 0xffffffffffffffff) fcntl$getownex(r12, 0x10, &(0x7f0000000100)={0x0, 0x0}) process_vm_readv(r13, &(0x7f0000000380), 0x0, &(0x7f0000002540)=[{&(0x7f00000003c0)=""/63, 0x3f}], 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r15 = dup(r14) ioctl$PERF_EVENT_IOC_ENABLE(r15, 0x8912, 0x400200) ioctl$KDFONTOP_SET(r15, 0x4b72, &(0x7f0000000280)={0x0, 0x0, 0xe, 0xe, 0x118, &(0x7f0000000a00)="8a4f79acec961863586bf6a34b8d33fecc0d3d9c908a8792750258b123cac303cfbe13c32892083717af2a1d011f1d075ead96c9d06a975a1d647ab3416a03381cea5e105170d3b9505a99c8ed31902d9c17f21b858a806106f7bc882bcb204da37e56c209e7ffbb145087768e3ef83c8784f2476acc4d476312ca7caa207a7a24e80b0cc997ec22b98091cb7a1dea539961831fe5b060d56cdd2af6970f5534501d528cf46e1a1986068367a3cd79a5b05d2f206d0f6ff96e30e08273aed6471abf29fcdb951054963c9df37d443249c05121b910e4958220a316664dfd206a0dd22a33234f7f4b58a97162187473cefa1a724f3a1f0885f02c500d826104de4c84c60dcd1533f5c99950a749ca86597d664fda252bca0482daec68acc0e1534272a2a71047dfb1eda93c2224b37c4f4c16efcc04146e95e6ac898bba075e6e7599f99df2dedea055b5e8194b0c6b073de4261c1c7c2f25ffa63663672ad00566998ac6bf2c8aee2393761b14ef9476312335afc9fb8f78fbae63f50d6ee5bf87c2f91a3d0d511f83e818ce41a046b630dd248c6a98c704a8dbf191b70b78ecea69c898810369498f35b23052d40c9b8865c130d43bd5ae63ddfa807b9b9f2bc34abde0bb50f7485f6d5f22fec6dcb0e31370e1ce459be93ee0db8c30e029f8ae4315ac4f74257500ac85f683c864fbc0c852024466738ae6bffd1e29eb01c441d16219fb5c1c88fb102d273ce957059584202c3316be0d4291e84151d2098f9c821f6042184d95d88a812cda2ed2c004bfb23208d733198602dbe97d9666b0c55eaee5dd2729043607efe84ec8471831444f8df07a747de5388b1e36a99ff656b79012b235e08790f64981f19a289d13a3361a5046bf00f17b449ae6d7f3643545e65e42d232a62825cc64152b76446c1e8bc985d4686f83fe9b593944d962a08eed76fd3e51175e42a3dec348391403dc854d2201646f404cbddefb7322b01ade27cb17d4f6e9ffeb5488be74d727afb59128ad08975a5b29ea094378410199ee1f3a78bb68556acfac56aa1b34c2593163fa5daf4991522ba21c06d9fcb418135546705e80f9906927a1eba391b12271f1cf296a558bb9db93a1d5133172c4be81fbc2446b5449e0856586841cc9e0be3b3045d79b6d38eef0cf2afb99df932ff3d68187238cc2f765f45ef16461ca38aee805e5ad1a308614714952a7939cf8511ca223703d1635dfd5e8bd031d5ca691b53e7d3963627c5ef542d2ed6b10b54b476230f7aca92d9e694e62273f7b2511eb73b0681853b1b0866b739aebdd66bc7da76375bd256b18e765a44c1646c6ab0af22d6351bd94a60b09934e9fae8da2447aacf08803b767d2ce8fea53d3508df1c6a74cf19762e062f7a4335fe9a8d0ce36ff281b4273f72ba9892e71debe7b8ad23fbf10305b61636122071e"}) syz_open_procfs(r13, &(0x7f0000000240)='net/tcp6\x00') [ 1506.464779] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1506.490704] Node 0 DMA32: 3383*4kB (UEH) 3502*8kB (UEH) 1141*16kB (UEH) 1070*32kB (UEH) 14*64kB (UH) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 95708kB [ 1506.537254] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1506.574529] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1506.639870] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1506.648516] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1506.728079] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1506.786694] 11683 total pagecache pages [ 1506.796045] 0 pages in swap cache [ 1506.802884] Swap cache stats: add 0, delete 0, find 0/0 [ 1506.808562] Free swap = 0kB [ 1506.814036] Total swap = 0kB [ 1506.817409] 1965979 pages RAM [ 1506.821904] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1506.823567] 0 pages HighMem/MovableOnly [ 1506.837686] 341741 pages reserved [ 1506.845553] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 1506.845640] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1506.851373] 0 pages cma reserved [ 1506.871469] CPU: 1 PID: 3493 Comm: syz-executor.4 Not tainted 4.19.100-syzkaller #0 [ 1506.879418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1506.888792] Call Trace: [ 1506.891437] dump_stack+0x197/0x210 [ 1506.895095] warn_alloc.cold+0x7b/0x173 [ 1506.899101] ? zone_watermark_ok_safe+0x260/0x260 [ 1506.900011] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1506.903978] ? __lock_is_held+0xb6/0x140 [ 1506.904019] __alloc_pages_slowpath+0x2214/0x2870 [ 1506.904051] ? warn_alloc+0x110/0x110 [ 1506.922235] ? __lock_is_held+0xb6/0x140 [ 1506.926318] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1506.931882] ? should_fail+0x14d/0x85c [ 1506.935788] ? __isolate_free_page+0x4c0/0x4c0 [ 1506.940390] ? __might_sleep+0x95/0x190 [ 1506.944383] __alloc_pages_nodemask+0x617/0x750 [ 1506.949070] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1506.954102] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1506.959649] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1506.965584] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1506.971141] alloc_pages_current+0x107/0x210 [ 1506.975563] ion_page_pool_alloc+0x17f/0x270 [ 1506.979984] ion_system_heap_allocate+0x154/0xa90 [ 1506.984863] ? ion_system_heap_free+0x250/0x250 [ 1506.989559] ? ion_alloc+0x306/0x900 [ 1506.993305] ion_alloc+0x29b/0x900 [ 1506.996861] ? ion_dma_buf_release+0x50/0x50 [ 1507.001446] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1507.006999] ? _copy_from_user+0xdd/0x150 [ 1507.011301] ion_ioctl+0x17b/0x329 [ 1507.014849] ? ion_alloc.cold+0x28/0x28 [ 1507.018830] ? __might_sleep+0x95/0x190 [ 1507.022820] ? ion_alloc.cold+0x28/0x28 [ 1507.026819] do_vfs_ioctl+0xd5f/0x1380 [ 1507.030732] ? selinux_file_ioctl+0x46c/0x5d0 [ 1507.035239] ? selinux_file_ioctl+0x125/0x5d0 [ 1507.039747] ? ioctl_preallocate+0x210/0x210 [ 1507.044296] ? selinux_file_mprotect+0x620/0x620 [ 1507.049070] ? iterate_fd+0x360/0x360 [ 1507.050573] ptrace attach of "/root/syz-executor.4"[8187] was attempted by "/root/syz-executor.4"[3496] [ 1507.052900] ? nsecs_to_jiffies+0x30/0x30 [ 1507.052924] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1507.052945] ? security_file_ioctl+0x8d/0xc0 [ 1507.076578] ksys_ioctl+0xab/0xd0 [ 1507.080051] __x64_sys_ioctl+0x73/0xb0 [ 1507.083963] do_syscall_64+0xfd/0x620 [ 1507.087781] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1507.092998] RIP: 0033:0x45b349 [ 1507.096198] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1507.115124] RSP: 002b:00007ff249f47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1507.122856] RAX: ffffffffffffffda RBX: 00007ff249f486d4 RCX: 000000000045b349 [ 1507.130149] RDX: 0000000020000200 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1507.137439] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1507.145156] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1507.152571] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1507.179850] CPU: 0 PID: 3505 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1507.187701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1507.197072] Call Trace: [ 1507.199696] dump_stack+0x197/0x210 [ 1507.203351] warn_alloc.cold+0x7b/0x173 [ 1507.207342] ? zone_watermark_ok_safe+0x260/0x260 [ 1507.212212] ? __lock_is_held+0xb6/0x140 [ 1507.216327] __alloc_pages_slowpath+0x2214/0x2870 [ 1507.221336] ? warn_alloc+0x110/0x110 [ 1507.225153] ? __lock_is_held+0xb6/0x140 [ 1507.229239] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1507.234805] ? should_fail+0x14d/0x85c [ 1507.238719] ? __isolate_free_page+0x4c0/0x4c0 [ 1507.243363] ? __might_sleep+0x95/0x190 [ 1507.247366] __alloc_pages_nodemask+0x617/0x750 [ 1507.252060] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1507.257105] ? fs_reclaim_acquire+0x20/0x20 [ 1507.261457] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1507.267020] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1507.272872] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1507.278472] alloc_pages_current+0x107/0x210 [ 1507.282931] ion_page_pool_alloc+0x17f/0x270 [ 1507.287494] ion_system_heap_allocate+0x154/0xa90 [ 1507.292486] ? ion_system_heap_free+0x250/0x250 [ 1507.297203] ? ion_alloc+0x306/0x900 [ 1507.300970] ion_alloc+0x29b/0x900 [ 1507.304557] ? ion_dma_buf_release+0x50/0x50 [ 1507.309041] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1507.314634] ? _copy_from_user+0xdd/0x150 [ 1507.318834] ion_ioctl+0x17b/0x329 [ 1507.322535] ? ion_alloc.cold+0x28/0x28 [ 1507.326557] ? __might_sleep+0x95/0x190 [ 1507.330558] ? ion_alloc.cold+0x28/0x28 [ 1507.331895] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1507.334551] do_vfs_ioctl+0xd5f/0x1380 [ 1507.334575] ? selinux_file_ioctl+0x46c/0x5d0 [ 1507.334590] ? selinux_file_ioctl+0x125/0x5d0 [ 1507.334609] ? ioctl_preallocate+0x210/0x210 [ 1507.363583] ? selinux_file_mprotect+0x620/0x620 [ 1507.365981] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1507.368389] ? iterate_fd+0x360/0x360 [ 1507.368410] ? nsecs_to_jiffies+0x30/0x30 [ 1507.368431] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1507.368452] ? security_file_ioctl+0x8d/0xc0 [ 1507.391924] ksys_ioctl+0xab/0xd0 [ 1507.395395] __x64_sys_ioctl+0x73/0xb0 [ 1507.399312] do_syscall_64+0xfd/0x620 [ 1507.403370] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1507.408571] RIP: 0033:0x45b349 [ 1507.411798] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:57:24 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x3c00}) 22:57:24 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000002000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:24 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r0, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r0, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$MON_IOCQ_RING_SIZE(r2, 0x9205) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) set_mempolicy(0x3, &(0x7f0000000380)=0xfa8, 0xffff) r3 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0x82, &(0x7f0000000140)=@assoc_value={r4}, 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f00000006c0)={r4, 0x8000, 0x93, "d0fdd90c275da4e7bd73f6aa850c58fb1cbce8ff015147013adad7dba2acc6b1fe0c2424851acee5fcd23bce359e62e8f7b5f5bc04654645054fa46911ab56a8052f1fbb806a6dab91311b5dcc7f6bf2829fe37f715d56717fddbd8a767c84c942f3fd186d454be45f44a998c3f17acda61330b0f29146553c8c3252e71cf4bfb1e5d8e040d7dd5d33d290bf9ab9ac008a0ff3"}, 0x9b) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000240)={0x2, 0x1, 0x1b92e8b0, 0x6747, r4}, &(0x7f0000000280)=0x10) ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, &(0x7f0000000ac0)={0x581, 0x9, &(0x7f0000000440)=[0x9, 0xd6, 0xc44, 0xfffffc9a, 0x80000000, 0xfffffffe, 0xffff5fe6, 0x9, 0x8], &(0x7f0000000a00)=[0x2, 0x1f, 0x283, 0xe78], &(0x7f0000000a40)=[0x2, 0x7, 0x9], &(0x7f0000000a80)=[0xad, 0x5], 0x0, 0x9}) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f00000002c0)={r5, 0x3c3}, &(0x7f0000000340)=0x8) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f00000000c0)=0x828e, 0x4) r6 = gettid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000080)='/dev/ion\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r6, r3, 0x0, 0x9, &(0x7f0000000040)='/dev/ion\x00', r7}, 0x30) ioctl$ION_IOC_ALLOC(r3, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000200)=@assoc_value={0x0, 0x5}, 0x8) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$IMCLEAR_L2(r9, 0x80044946, &(0x7f0000000180)=0x7) connect$inet6(r9, &(0x7f00000003c0)={0xa, 0x4e20, 0x2, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x1}, 0x1c) [ 1507.430864] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1507.438627] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1507.445911] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1507.453410] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1507.460698] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1507.468013] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1507.503757] CPU: 1 PID: 3506 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1507.511619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1507.521256] Call Trace: [ 1507.523923] dump_stack+0x197/0x210 [ 1507.527673] warn_alloc.cold+0x7b/0x173 [ 1507.531773] ? zone_watermark_ok_safe+0x260/0x260 [ 1507.536686] ? compaction_deferred+0x16a/0x3b0 [ 1507.541295] ? try_to_compact_pages+0x44/0xae0 [ 1507.543757] warn_alloc_show_mem: 1 callbacks suppressed [ 1507.543762] Mem-Info: [ 1507.545929] __alloc_pages_slowpath+0x2214/0x2870 [ 1507.545962] ? warn_alloc+0x110/0x110 [ 1507.562549] ? __lock_is_held+0xb6/0x140 [ 1507.566649] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1507.572263] ? should_fail+0x14d/0x85c [ 1507.576190] ? __isolate_free_page+0x4c0/0x4c0 [ 1507.580795] ? __might_sleep+0x95/0x190 [ 1507.584786] __alloc_pages_nodemask+0x617/0x750 [ 1507.589474] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1507.594510] ? fs_reclaim_acquire+0x20/0x20 [ 1507.598844] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1507.604399] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1507.610237] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1507.615808] alloc_pages_current+0x107/0x210 [ 1507.620230] ion_page_pool_alloc+0x17f/0x270 [ 1507.624770] ion_system_heap_allocate+0x154/0xa90 [ 1507.629633] ? ion_system_heap_free+0x250/0x250 [ 1507.634329] ? ion_alloc+0x306/0x900 [ 1507.638039] ion_alloc+0x29b/0x900 [ 1507.641605] ? ion_dma_buf_release+0x50/0x50 [ 1507.646033] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1507.651584] ? _copy_from_user+0xdd/0x150 [ 1507.655853] ion_ioctl+0x17b/0x329 [ 1507.659414] ? ion_alloc.cold+0x28/0x28 [ 1507.663412] ? __might_sleep+0x95/0x190 [ 1507.667422] ? ion_alloc.cold+0x28/0x28 [ 1507.671411] do_vfs_ioctl+0xd5f/0x1380 [ 1507.675328] ? selinux_file_ioctl+0x46c/0x5d0 [ 1507.679842] ? selinux_file_ioctl+0x125/0x5d0 [ 1507.684366] ? ioctl_preallocate+0x210/0x210 [ 1507.688807] ? selinux_file_mprotect+0x620/0x620 [ 1507.693575] ? iterate_fd+0x360/0x360 [ 1507.697392] ? nsecs_to_jiffies+0x30/0x30 [ 1507.701549] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1507.707114] ? security_file_ioctl+0x8d/0xc0 [ 1507.711538] ksys_ioctl+0xab/0xd0 [ 1507.715007] __x64_sys_ioctl+0x73/0xb0 [ 1507.718908] do_syscall_64+0xfd/0x620 [ 1507.722712] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1507.727909] RIP: 0033:0x45b349 [ 1507.731110] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:57:25 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000032600000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1507.750013] RSP: 002b:00007f17cfa52c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1507.757752] RAX: ffffffffffffffda RBX: 00007f17cfa536d4 RCX: 000000000045b349 [ 1507.765029] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1507.772310] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 1507.779670] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1507.787007] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bfd4 22:57:25 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r1, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r1, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) socket$inet6(0xa, 0x3, 0x5) r2 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r2, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) io_setup(0x539dfee, &(0x7f0000000000)=0x0) r4 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r4, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r4, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r7, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r7, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r7, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) r10 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r10, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r10, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r10, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) r13 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r13, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r13, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r13, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r14 = open(&(0x7f0000000440)='./file0\x00', 0x44900, 0xc8) r15 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r15, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r15, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r15, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r17 = dup(r16) ioctl$PERF_EVENT_IOC_ENABLE(r17, 0x8912, 0x400200) io_submit(r3, 0x7, &(0x7f0000000e00)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x8, 0x8, r4, &(0x7f0000000a00)="6f7f07514f2f34f4fda838a7dba4efb2e1ed423c6e1db1a0cf455cec5b2fc65e17a528a6952b0de30426b6b72353585b89bebee7d4768a650427a429c651d64c62d62c662b1d64fa00e6c45e8b40e34e862981f11caa9b67fa67c073f30a91c77934906cfb636b13953211044f5b735a1b7e429d6b74dc4fadd7eb31f215ff7f058104141e425cecd43fdf4fc77c48546acf9c02b8a27e452a949f305afeefdd518eeba9893050400bf4dfa6820cb4b4e19d944e259a953dfc566ce80cb40f7c863a399d95ad6403e9db2974b6214f691d2711ed648dd50679610d36b6ebea05c96d9e6bb2ed", 0xe6, 0x2}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x5, 0x7, r1, &(0x7f0000000140)="4f6daa5a24520a8af204e1e5bdbdba49c89df7b16fcaf49611233f59515c34308fe211223b502c36ab749942f03e33df194f97ba402e2752810ba14c105061c0ab33c98bba36625446a559b293331b7b64e8e1d5d87d34e8ad4d7ca5ba5ac2b0b5cec17286208dee385c8b005a0ca26d4a", 0x71, 0xfffffffffffffffa, 0x0, 0x1, r6}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x2, 0x3, r1, &(0x7f0000000b00)="51c94a183e173c589762bb76cb3ca73ebd266e7f837577021dc108f02be58206d4b5d7d7af96545db166b5438a9658e453743dccd6dfd87277b17d5960b7182a8dd4d9bab8a60a44be361611a3ee32b7404090a86e013483c8e7d4a32f2e7448209a068b9de0cd6bf7d02dbc40511b743c5ae23071d4cc46800c83c9d26fdc718743338a92b8ad7f49be0fc4bc138237cc97821f6602dba050d7d4ea508f70658f32f2cc672257b1117646d3c23b062b32219ee3c38bc2eb961b8aa32af4c877ead34a1c2ee1cd91757f53b14291fa912cd03bef7109ec385f0da48c48e030480d613a49721e5a315c921dff540cb3", 0xef, 0x7, 0x0, 0x2}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x1ff, r7, &(0x7f0000000240)="39966c137af1eefb8c624cd3", 0xc, 0x3, 0x0, 0x4, r9}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x7, 0x6, r10, &(0x7f0000000340)="365842c5012613ec7fb185c7f889b4265eed357dd3d169b4f6dcb41028bd9c302cd9d37975c1887dd523868bee4f30a86867fe532b28dc581bd6bc675b688ddf2f8a41d4e5da9f3b7ed8986db00ba141bf33948bba860359bcc50c29cb66ffa0ff354a8fe4e61ad0bc8f6ab16c", 0x6d, 0x7fffffff, 0x0, 0x1, r12}, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x3, 0x6, r13, &(0x7f0000000c00)="7529ed71b9a2fb878119bf7726da8e4fa2e0216dfe0fdb09e5c49fc33c8868a9c6a6ad770e848e1fdb3f8fbd89a5e6c1d685b74d388fe3b39234698ee6959b406fc6cb6f319df7b4d6f78bcf1ac1e808e5df5d0143f428ea6f8560586a4a4534a6017844512f857e1ecac478b008ca1228b43fddcc3362d8e1e4e2926e00c4ebc843198b663ae8b4252bc3785b77827d72332e9536", 0x95, 0x81, 0x0, 0x1, r14}, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x6, 0x13e, r15, &(0x7f0000000d00)="9cc700e4ee22c0df07dca5ffd19da620f31b5f3227bff250d6c740b8c0eef8f2f49bb4e0cd7e3ccdb03a5852b5dfe7bde2b1771510f8649f13a471aeb3ec143bf654c3f5b4f13dff4e72c366a79bd96d39a55163a6626003b23fc52105cca770b720345239673f8ecfe5a6f85aceed8c40ea610fae5603bf606bc3d6edd69e7c8a2aa2984a285b7ed65f3877f94ab7767b42beaf1b75e5ea9d08617fa09df804988f2ba1e19d", 0xa6, 0x101, 0x0, 0x2, r17}]) connect$inet6(r2, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) [ 1507.819989] active_anon:276745 inactive_anon:202 isolated_anon:0 [ 1507.819989] active_file:4231 inactive_file:7206 isolated_file:0 [ 1507.819989] unevictable:0 dirty:93 writeback:0 unstable:0 [ 1507.819989] slab_reclaimable:17160 slab_unreclaimable:128585 [ 1507.819989] mapped:58853 shmem:255 pagetables:26196 bounce:0 [ 1507.819989] free:794163 free_pcp:453 free_cma:0 [ 1507.884594] Node 0 active_anon:1058420kB inactive_anon:808kB active_file:20kB inactive_file:152kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208920kB dirty:48kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1507.915723] Node 0 DMA free:10428kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1507.948354] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1507.954335] Node 0 DMA32 free:104264kB min:36168kB low:45208kB high:54248kB active_anon:1056072kB inactive_anon:808kB active_file:20kB inactive_file:152kB unevictable:0kB writepending:48kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28064kB pagetables:70760kB bounce:0kB free_pcp:240kB local_pcp:0kB free_cma:0kB [ 1507.995943] lowmem_reserve[]: 0 0 1 1 1 [ 1508.000623] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 22:57:25 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000032a00000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1508.059993] lowmem_reserve[]: 0 0 0 0 0 [ 1508.073630] Node 0 DMA: 27*4kB (UME) 12*8kB (UME) 7*16kB (UME) 14*32kB (UM) 7*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10428kB [ 1508.144136] Node 0 DMA32: 3730*4kB (UMEH) 4458*8kB (UEH) 1422*16kB (UMEH) 1126*32kB (UMEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 110328kB [ 1508.193829] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1508.195280] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1508.225696] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1508.243744] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1508.272378] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1508.273647] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1508.288466] CPU: 1 PID: 3514 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1508.296538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1508.305909] Call Trace: [ 1508.308525] dump_stack+0x197/0x210 [ 1508.312187] warn_alloc.cold+0x7b/0x173 [ 1508.316184] ? zone_watermark_ok_safe+0x260/0x260 [ 1508.321052] ? compaction_deferred+0x16a/0x3b0 [ 1508.325762] ? try_to_compact_pages+0x44/0xae0 [ 1508.330384] __alloc_pages_slowpath+0x2214/0x2870 [ 1508.335270] ? warn_alloc+0x110/0x110 [ 1508.339092] ? __lock_is_held+0xb6/0x140 [ 1508.339101] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1508.339111] 11666 total pagecache pages [ 1508.343176] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1508.343193] ? should_fail+0x14d/0x85c [ 1508.343212] ? __isolate_free_page+0x4c0/0x4c0 [ 1508.343232] ? __might_sleep+0x95/0x190 [ 1508.343253] __alloc_pages_nodemask+0x617/0x750 [ 1508.343272] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1508.343291] ? fs_reclaim_acquire+0x20/0x20 [ 1508.343305] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1508.343326] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1508.381139] 0 pages in swap cache [ 1508.383674] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1508.383697] alloc_pages_current+0x107/0x210 [ 1508.383717] ion_page_pool_alloc+0x17f/0x270 [ 1508.383737] ion_system_heap_allocate+0x154/0xa90 [ 1508.392622] Swap cache stats: add 0, delete 0, find 0/0 [ 1508.393620] ? ion_system_heap_free+0x250/0x250 [ 1508.405396] Free swap = 0kB [ 1508.408309] ? ion_alloc+0x306/0x900 [ 1508.408328] ion_alloc+0x29b/0x900 [ 1508.408351] ? ion_dma_buf_release+0x50/0x50 [ 1508.433976] Total swap = 0kB [ 1508.435141] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1508.435160] ? _copy_from_user+0xdd/0x150 [ 1508.459537] ion_ioctl+0x17b/0x329 [ 1508.463366] ? ion_alloc.cold+0x28/0x28 [ 1508.467357] ? __might_sleep+0x95/0x190 [ 1508.471361] ? ion_alloc.cold+0x28/0x28 [ 1508.475357] do_vfs_ioctl+0xd5f/0x1380 [ 1508.479267] ? selinux_file_ioctl+0x46c/0x5d0 [ 1508.483788] ? selinux_file_ioctl+0x125/0x5d0 [ 1508.488325] ? ioctl_preallocate+0x210/0x210 [ 1508.492740] ? selinux_file_mprotect+0x620/0x620 [ 1508.497496] ? iterate_fd+0x360/0x360 [ 1508.501311] ? nsecs_to_jiffies+0x30/0x30 [ 1508.505601] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1508.511142] ? security_file_ioctl+0x8d/0xc0 [ 1508.515574] ksys_ioctl+0xab/0xd0 [ 1508.519043] __x64_sys_ioctl+0x73/0xb0 [ 1508.522946] do_syscall_64+0xfd/0x620 [ 1508.526757] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1508.531990] RIP: 0033:0x45b349 [ 1508.535183] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1508.554206] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1508.562032] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1508.569407] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1508.576690] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1508.583970] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 22:57:26 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000022c00000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1508.591343] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1508.601483] 1965979 pages RAM [ 1508.605270] 0 pages HighMem/MovableOnly [ 1508.609570] 341741 pages reserved [ 1508.625672] 0 pages cma reserved 22:57:26 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000013400000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:26 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, &(0x7f0000000040)) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:26 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x24403, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)) [ 1508.794274] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1508.827273] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1508.856830] CPU: 0 PID: 3534 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1508.864687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1508.874170] Call Trace: [ 1508.876891] dump_stack+0x197/0x210 [ 1508.880644] warn_alloc.cold+0x7b/0x173 [ 1508.884644] ? zone_watermark_ok_safe+0x260/0x260 [ 1508.889533] ? __lock_is_held+0xb6/0x140 [ 1508.893758] __alloc_pages_slowpath+0x2214/0x2870 [ 1508.898756] ? warn_alloc+0x110/0x110 [ 1508.902577] ? __lock_is_held+0xb6/0x140 [ 1508.906797] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1508.912402] ? should_fail+0x14d/0x85c [ 1508.916322] ? __isolate_free_page+0x4c0/0x4c0 [ 1508.920951] ? __might_sleep+0x95/0x190 [ 1508.924961] __alloc_pages_nodemask+0x617/0x750 [ 1508.929708] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1508.934798] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1508.940369] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1508.946121] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1508.951688] alloc_pages_current+0x107/0x210 [ 1508.956135] ion_page_pool_alloc+0x17f/0x270 [ 1508.960605] ion_system_heap_allocate+0x154/0xa90 [ 1508.965498] ? ion_system_heap_free+0x250/0x250 [ 1508.970374] ? ion_alloc+0x306/0x900 [ 1508.974120] ion_alloc+0x29b/0x900 [ 1508.977734] ? ion_dma_buf_release+0x50/0x50 [ 1508.982175] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1508.987740] ? _copy_from_user+0xdd/0x150 [ 1508.991917] ion_ioctl+0x17b/0x329 [ 1508.995485] ? ion_alloc.cold+0x28/0x28 [ 1508.999624] ? __might_sleep+0x95/0x190 [ 1509.003624] ? ion_alloc.cold+0x28/0x28 [ 1509.007779] do_vfs_ioctl+0xd5f/0x1380 [ 1509.011703] ? selinux_file_ioctl+0x46c/0x5d0 [ 1509.016238] ? selinux_file_ioctl+0x125/0x5d0 [ 1509.020763] ? ioctl_preallocate+0x210/0x210 [ 1509.025209] ? selinux_file_mprotect+0x620/0x620 [ 1509.030038] ? iterate_fd+0x360/0x360 [ 1509.033872] ? nsecs_to_jiffies+0x30/0x30 [ 1509.038059] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1509.043621] ? security_file_ioctl+0x8d/0xc0 [ 1509.048064] ksys_ioctl+0xab/0xd0 [ 1509.051648] __x64_sys_ioctl+0x73/0xb0 [ 1509.055669] do_syscall_64+0xfd/0x620 [ 1509.059527] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1509.064753] RIP: 0033:0x45b349 [ 1509.067980] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1509.086910] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1509.094669] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1509.096205] warn_alloc_show_mem: 2 callbacks suppressed 22:57:26 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cachefiles\x00', 0x400000, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0xffaf) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000180)={0xe, 0x3, 0xfa00, @id_resuseaddr={&(0x7f0000000480)=0x1, r3, 0x0, 0x1, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21}, {0xa, 0x0, 0x0, @mcast1}, r3}}, 0x48) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) openat$autofs(0xffffffffffffff9c, &(0x7f0000001300)='/dev/autofs\x00', 0x83, 0x0) write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f00000012c0)={0x12, 0x10, 0xfa00, {&(0x7f0000001280), r3, r5}}, 0x18) r6 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nvme-fabrics\x00', 0x0, 0x0) ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000080)={0x3, 0x0, &(0x7f0000000200)=""/4096, &(0x7f0000000100)=""/83, &(0x7f0000001200)=""/72, 0x2000}) [ 1509.096209] Mem-Info: [ 1509.101963] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1509.101972] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1509.101984] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1509.101993] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c 22:57:26 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000033800000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1509.179888] active_anon:276780 inactive_anon:204 isolated_anon:1 [ 1509.179888] active_file:4234 inactive_file:7176 isolated_file:0 [ 1509.179888] unevictable:0 dirty:49 writeback:0 unstable:0 [ 1509.179888] slab_reclaimable:17163 slab_unreclaimable:128673 [ 1509.179888] mapped:58898 shmem:255 pagetables:26229 bounce:0 [ 1509.179888] free:731078 free_pcp:415 free_cma:0 [ 1509.242687] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1509.297233] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1509.309905] Node 0 active_anon:1058460kB inactive_anon:816kB active_file:40kB inactive_file:32kB unevictable:0kB isolated(anon):4kB isolated(file):0kB mapped:208940kB dirty:32kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1509.309912] Node 0 DMA free:10428kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1509.309948] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1509.309974] Node 0 DMA32 free:116140kB min:36168kB low:45208kB high:54248kB active_anon:1056112kB inactive_anon:816kB active_file:40kB inactive_file:32kB unevictable:0kB writepending:32kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27968kB pagetables:70892kB bounce:0kB free_pcp:1376kB local_pcp:876kB free_cma:0kB [ 1509.310017] lowmem_reserve[]: 0 0 1 1 1 [ 1509.419858] CPU: 1 PID: 3680 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1509.427716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1509.437090] Call Trace: [ 1509.439813] dump_stack+0x197/0x210 [ 1509.439872] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1509.443555] warn_alloc.cold+0x7b/0x173 [ 1509.443579] ? zone_watermark_ok_safe+0x260/0x260 [ 1509.478460] ? __lock_is_held+0xb6/0x140 [ 1509.482579] __alloc_pages_slowpath+0x2214/0x2870 [ 1509.487484] ? warn_alloc+0x110/0x110 [ 1509.491309] ? __lock_is_held+0xb6/0x140 [ 1509.495490] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1509.501054] ? should_fail+0x14d/0x85c [ 1509.504963] ? __isolate_free_page+0x4c0/0x4c0 [ 1509.509668] ? __might_sleep+0x95/0x190 [ 1509.513672] __alloc_pages_nodemask+0x617/0x750 [ 1509.518379] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1509.523553] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1509.529153] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1509.534999] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1509.540614] alloc_pages_current+0x107/0x210 [ 1509.545104] ion_page_pool_alloc+0x17f/0x270 [ 1509.549541] ion_system_heap_allocate+0x154/0xa90 [ 1509.554405] ? ion_system_heap_free+0x250/0x250 [ 1509.559073] ? ion_alloc+0x306/0x900 [ 1509.562815] ion_alloc+0x29b/0x900 [ 1509.566361] ? ion_dma_buf_release+0x50/0x50 [ 1509.570790] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1509.576344] ? _copy_from_user+0xdd/0x150 [ 1509.580504] ion_ioctl+0x17b/0x329 [ 1509.584049] ? ion_alloc.cold+0x28/0x28 [ 1509.588039] ? __might_sleep+0x95/0x190 [ 1509.592033] ? ion_alloc.cold+0x28/0x28 [ 1509.596007] do_vfs_ioctl+0xd5f/0x1380 [ 1509.599948] ? selinux_file_ioctl+0x46c/0x5d0 [ 1509.604474] ? selinux_file_ioctl+0x125/0x5d0 [ 1509.608974] ? ioctl_preallocate+0x210/0x210 [ 1509.613509] ? selinux_file_mprotect+0x620/0x620 [ 1509.618284] ? iterate_fd+0x360/0x360 [ 1509.622094] ? nsecs_to_jiffies+0x30/0x30 [ 1509.626243] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1509.631786] ? security_file_ioctl+0x8d/0xc0 [ 1509.636212] ksys_ioctl+0xab/0xd0 [ 1509.639673] __x64_sys_ioctl+0x73/0xb0 [ 1509.643584] do_syscall_64+0xfd/0x620 [ 1509.647387] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1509.652587] RIP: 0033:0x45b349 [ 1509.655787] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1509.674696] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1509.682417] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1509.689698] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1509.696987] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1509.704507] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1509.711784] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1509.841711] lowmem_reserve[]: 0 0 0 0 0 [ 1509.845774] Node 0 DMA: 27*4kB (UME) 12*8kB (UME) 7*16kB (UME) 14*32kB (UM) 7*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10428kB [ 1509.862166] Node 0 DMA32: 2208*4kB (UMEH) 5017*8kB (UMEH) 1804*16kB (UMEH) 1176*32kB (UEH) 65*64kB (UMH) 58*128kB (UH) 9*256kB (U) 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 129864kB [ 1509.879105] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1509.890351] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1509.899347] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1509.908488] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1509.917953] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1509.926994] 11673 total pagecache pages [ 1509.931542] 0 pages in swap cache [ 1509.935014] Swap cache stats: add 0, delete 0, find 0/0 [ 1509.940770] Free swap = 0kB [ 1509.943808] Total swap = 0kB [ 1509.949579] 1965979 pages RAM [ 1509.953164] 0 pages HighMem/MovableOnly [ 1509.963117] 341741 pages reserved [ 1509.966618] 0 pages cma reserved 22:57:27 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x3f00}) 22:57:27 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r1, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) write$binfmt_script(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="23abcd0b55e564728710e61c34446d32b169a48d172070cc54f5cf85ef004f747583c23c5d67ba71b31321e83032532b8379028897b9bad881d1ffbd50ea3a0b9d84db8bb9c26068b1e89a528a9a727ff4d36c223244d79273f7125f296f7d0b5916e619ef50bfeb9fd8165fd3da080235bc770c8e9e4e97b26a5a76f0f5621c6652f76708c638949edf4fc6d988b876e97c779ec51a51"], 0x1) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000140)=0xda6, 0x4) r2 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0xfff, 0x181000) ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f00000004c0)={[], 0x7, 0x20, 0x4, 0x0, 0x3, 0xd000, 0x4000, [], 0x1}) setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000040)={@dev={0xac, 0x14, 0x14, 0x25}, @empty}, 0xc) 22:57:27 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$TIOCSSOFTCAR(r4, 0x541a, &(0x7f0000000040)=0x9) 22:57:27 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000003900000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:27 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu\x00', 0x460000, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffc3}) 22:57:27 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(r2, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x0, 0x0) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) r5 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r5, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r5, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r6 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r6, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r6, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r6, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r7 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r7, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r7, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r7, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r8 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r8, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r8, &(0x7f0000000100)={0x0, 0xfffffe57, 0x0}, 0xc100) writev(r8, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000340)='/dev/qat_adf_ctl\x00', 0x180, 0x0) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000380)='/dev/video35\x00', 0x2, 0x0) r9 = socket$inet_smc(0x2b, 0x1, 0x0) r10 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) renameat2(r10, &(0x7f0000000280)='./file0\x00', r12, &(0x7f00000002c0)='./file0\x00', 0x4) sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000240)={&(0x7f0000000080), 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x50, r4, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xc3}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x800}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfffffff8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x10001}]}, 0x50}, 0x1, 0x0, 0x0, 0x20040000}, 0x20000041) r13 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r13, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r13, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r13, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r13, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r13, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) write$binfmt_script(r13, &(0x7f0000000b40)=ANY=[@ANYBLOB='#'], 0x1) setsockopt$sock_int(r13, 0x1, 0x8, &(0x7f0000000140)=0xda6, 0x4) sendto$inet(r13, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xd38, 0x13c, 0x0, 0x27) setsockopt$inet_tcp_TCP_CONGESTION(r13, 0x6, 0xd, &(0x7f0000000300)='hybla\x00', 0x6) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:27 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) r1 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r1, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r1, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) ftruncate(r1, 0x5) [ 1510.174830] xt_check_match: 12 callbacks suppressed [ 1510.174849] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1510.255280] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1510.275728] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1510.354486] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1510.369972] CPU: 1 PID: 3707 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1510.377881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1510.387261] Call Trace: [ 1510.389890] dump_stack+0x197/0x210 [ 1510.393551] warn_alloc.cold+0x7b/0x173 [ 1510.397554] ? zone_watermark_ok_safe+0x260/0x260 [ 1510.402431] ? compaction_deferred+0x16a/0x3b0 [ 1510.407156] ? try_to_compact_pages+0x44/0xae0 [ 1510.411781] __alloc_pages_slowpath+0x2214/0x2870 [ 1510.416847] ? warn_alloc+0x110/0x110 [ 1510.420669] ? __lock_is_held+0xb6/0x140 [ 1510.424754] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1510.430412] ? should_fail+0x14d/0x85c [ 1510.434387] ? __isolate_free_page+0x4c0/0x4c0 [ 1510.439002] ? __might_sleep+0x95/0x190 [ 1510.443003] __alloc_pages_nodemask+0x617/0x750 [ 1510.447849] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1510.453079] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1510.458901] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1510.464636] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1510.471072] alloc_pages_current+0x107/0x210 [ 1510.475625] ion_page_pool_alloc+0x17f/0x270 [ 1510.476071] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1510.480064] ion_system_heap_allocate+0x154/0xa90 [ 1510.480091] ? ion_system_heap_free+0x250/0x250 [ 1510.480110] ? ion_alloc+0x306/0x900 [ 1510.480127] ion_alloc+0x29b/0x900 [ 1510.480148] ? ion_dma_buf_release+0x50/0x50 [ 1510.480171] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1510.480189] ? _copy_from_user+0xdd/0x150 [ 1510.480209] ion_ioctl+0x17b/0x329 [ 1510.509353] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1510.510961] ? ion_alloc.cold+0x28/0x28 [ 1510.510984] ? __might_sleep+0x95/0x190 [ 1510.511000] ? ion_alloc.cold+0x28/0x28 [ 1510.511018] do_vfs_ioctl+0xd5f/0x1380 22:57:27 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000003c00000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1510.511035] ? selinux_file_ioctl+0x46c/0x5d0 [ 1510.511050] ? selinux_file_ioctl+0x125/0x5d0 [ 1510.511065] ? ioctl_preallocate+0x210/0x210 [ 1510.511082] ? selinux_file_mprotect+0x620/0x620 [ 1510.511105] ? iterate_fd+0x360/0x360 [ 1510.511121] ? nsecs_to_jiffies+0x30/0x30 [ 1510.511147] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1510.520737] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1510.520851] ? security_file_ioctl+0x8d/0xc0 [ 1510.571385] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1510.573442] ksys_ioctl+0xab/0xd0 [ 1510.573462] __x64_sys_ioctl+0x73/0xb0 [ 1510.573483] do_syscall_64+0xfd/0x620 [ 1510.580365] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1510.583278] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1510.583293] RIP: 0033:0x45b349 [ 1510.583307] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1510.583319] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1510.656072] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1510.663365] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1510.670878] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1510.678169] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1510.685456] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1510.694208] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1510.706403] CPU: 0 PID: 3718 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1510.714227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1510.723599] Call Trace: [ 1510.726216] dump_stack+0x197/0x210 [ 1510.729912] warn_alloc.cold+0x7b/0x173 [ 1510.733811] warn_alloc_show_mem: 2 callbacks suppressed [ 1510.733816] Mem-Info: [ 1510.733913] ? zone_watermark_ok_safe+0x260/0x260 [ 1510.739391] active_anon:276774 inactive_anon:205 isolated_anon:0 [ 1510.739391] active_file:4237 inactive_file:7185 isolated_file:0 [ 1510.739391] unevictable:0 dirty:140 writeback:0 unstable:0 [ 1510.739391] slab_reclaimable:17163 slab_unreclaimable:128613 [ 1510.739391] mapped:58853 shmem:255 pagetables:26217 bounce:0 [ 1510.739391] free:786962 free_pcp:302 free_cma:0 [ 1510.741690] ? __lock_is_held+0xb6/0x140 [ 1510.741735] __alloc_pages_slowpath+0x2214/0x2870 [ 1510.741798] ? warn_alloc+0x110/0x110 [ 1510.746761] Node 0 active_anon:1058636kB inactive_anon:820kB active_file:48kB inactive_file:72kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208940kB dirty:92kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1510.780405] ? __lock_is_held+0xb6/0x140 [ 1510.780426] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1510.780441] ? should_fail+0x14d/0x85c [ 1510.780458] ? __isolate_free_page+0x4c0/0x4c0 [ 1510.780478] ? __might_sleep+0x95/0x190 [ 1510.780498] __alloc_pages_nodemask+0x617/0x750 [ 1510.780519] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1510.794860] Node 0 DMA free:10436kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1510.820967] ? fs_reclaim_acquire+0x20/0x20 [ 1510.820983] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1510.821000] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1510.821012] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1510.821033] alloc_pages_current+0x107/0x210 [ 1510.821062] ion_page_pool_alloc+0x17f/0x270 [ 1510.862109] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1510.879533] ion_system_heap_allocate+0x154/0xa90 [ 1510.879556] ? ion_system_heap_free+0x250/0x250 [ 1510.879572] ? ion_alloc+0x306/0x900 [ 1510.879590] ion_alloc+0x29b/0x900 [ 1510.879610] ? ion_dma_buf_release+0x50/0x50 [ 1510.879633] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1510.941406] ? _copy_from_user+0xdd/0x150 [ 1510.945575] ion_ioctl+0x17b/0x329 [ 1510.949134] ? ion_alloc.cold+0x28/0x28 [ 1510.953115] ? __might_sleep+0x95/0x190 [ 1510.957235] ? ion_alloc.cold+0x28/0x28 [ 1510.961239] do_vfs_ioctl+0xd5f/0x1380 [ 1510.965145] ? selinux_file_ioctl+0x46c/0x5d0 [ 1510.969653] ? selinux_file_ioctl+0x125/0x5d0 [ 1510.974152] ? ioctl_preallocate+0x210/0x210 [ 1510.978573] ? selinux_file_mprotect+0x620/0x620 [ 1510.983347] ? iterate_fd+0x360/0x360 [ 1510.987193] ? nsecs_to_jiffies+0x30/0x30 [ 1510.991398] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1510.996983] ? security_file_ioctl+0x8d/0xc0 [ 1511.001522] ksys_ioctl+0xab/0xd0 [ 1511.005017] __x64_sys_ioctl+0x73/0xb0 [ 1511.008908] do_syscall_64+0xfd/0x620 [ 1511.012727] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1511.017927] RIP: 0033:0x45b349 [ 1511.021139] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1511.040042] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1511.047766] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 22:57:28 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000004000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1511.055045] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1511.062337] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1511.069609] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1511.076883] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1511.090208] CPU: 1 PID: 3723 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1511.098061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1511.107450] Call Trace: [ 1511.110066] dump_stack+0x197/0x210 [ 1511.110821] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1511.113733] warn_alloc.cold+0x7b/0x173 [ 1511.113754] ? zone_watermark_ok_safe+0x260/0x260 [ 1511.113768] ? __lock_is_held+0xb6/0x140 [ 1511.113802] __alloc_pages_slowpath+0x2214/0x2870 [ 1511.137206] ? warn_alloc+0x110/0x110 [ 1511.141041] ? __lock_is_held+0xb6/0x140 [ 1511.145131] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1511.150693] ? should_fail+0x14d/0x85c [ 1511.154606] ? __isolate_free_page+0x4c0/0x4c0 [ 1511.159214] ? __might_sleep+0x95/0x190 [ 1511.163214] __alloc_pages_nodemask+0x617/0x750 [ 1511.167914] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1511.172957] ? fs_reclaim_acquire+0x20/0x20 [ 1511.177291] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1511.182841] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1511.188571] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1511.194134] alloc_pages_current+0x107/0x210 [ 1511.195288] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1511.198566] ion_page_pool_alloc+0x17f/0x270 [ 1511.198584] ion_system_heap_allocate+0x154/0xa90 [ 1511.198606] ? ion_system_heap_free+0x250/0x250 [ 1511.213729] Node 0 DMA32 free:93412kB min:36168kB low:45208kB high:54248kB active_anon:1056188kB inactive_anon:820kB active_file:48kB inactive_file:72kB unevictable:0kB writepending:92kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28128kB pagetables:70844kB bounce:0kB free_pcp:1444kB local_pcp:708kB free_cma:0kB [ 1511.217300] ? ion_alloc+0x306/0x900 [ 1511.217319] ion_alloc+0x29b/0x900 [ 1511.217340] ? ion_dma_buf_release+0x50/0x50 [ 1511.226157] lowmem_reserve[]: 0 0 1 1 1 [ 1511.251252] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1511.251268] ? _copy_from_user+0xdd/0x150 [ 1511.251288] ion_ioctl+0x17b/0x329 [ 1511.251306] ? ion_alloc.cold+0x28/0x28 [ 1511.251327] ? __might_sleep+0x95/0x190 [ 1511.251344] ? ion_alloc.cold+0x28/0x28 [ 1511.251362] do_vfs_ioctl+0xd5f/0x1380 [ 1511.251379] ? selinux_file_ioctl+0x46c/0x5d0 [ 1511.251395] ? selinux_file_ioctl+0x125/0x5d0 [ 1511.251412] ? ioctl_preallocate+0x210/0x210 [ 1511.251426] ? selinux_file_mprotect+0x620/0x620 [ 1511.251446] ? iterate_fd+0x360/0x360 [ 1511.276205] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1511.276825] ? nsecs_to_jiffies+0x30/0x30 [ 1511.276848] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1511.337225] ? security_file_ioctl+0x8d/0xc0 [ 1511.341629] ksys_ioctl+0xab/0xd0 [ 1511.345091] __x64_sys_ioctl+0x73/0xb0 [ 1511.348995] do_syscall_64+0xfd/0x620 [ 1511.352795] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1511.357973] RIP: 0033:0x45b349 [ 1511.361160] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1511.380058] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1511.387759] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1511.395026] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1511.402285] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1511.409543] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1511.416814] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1511.451239] CPU: 1 PID: 3715 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1511.459090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1511.468499] Call Trace: [ 1511.471122] dump_stack+0x197/0x210 [ 1511.474789] warn_alloc.cold+0x7b/0x173 [ 1511.478791] ? zone_watermark_ok_safe+0x260/0x260 [ 1511.483653] ? compaction_deferred+0x16a/0x3b0 [ 1511.488247] ? try_to_compact_pages+0x44/0xae0 [ 1511.492956] __alloc_pages_slowpath+0x2214/0x2870 [ 1511.497847] ? warn_alloc+0x110/0x110 [ 1511.501676] ? __lock_is_held+0xb6/0x140 [ 1511.505754] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1511.511319] ? should_fail+0x14d/0x85c [ 1511.515230] ? __isolate_free_page+0x4c0/0x4c0 [ 1511.520082] ? __might_sleep+0x95/0x190 [ 1511.524064] __alloc_pages_nodemask+0x617/0x750 [ 1511.528744] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1511.533761] ? fs_reclaim_acquire+0x20/0x20 [ 1511.538079] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1511.543621] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1511.549337] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1511.554874] alloc_pages_current+0x107/0x210 [ 1511.559289] ion_page_pool_alloc+0x17f/0x270 [ 1511.563696] ion_system_heap_allocate+0x154/0xa90 [ 1511.568535] ? ion_system_heap_free+0x250/0x250 [ 1511.573205] ? ion_alloc+0x306/0x900 [ 1511.578127] ion_alloc+0x29b/0x900 [ 1511.581675] ? ion_dma_buf_release+0x50/0x50 [ 1511.586093] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1511.591632] ? _copy_from_user+0xdd/0x150 [ 1511.595777] ion_ioctl+0x17b/0x329 [ 1511.599311] ? ion_alloc.cold+0x28/0x28 [ 1511.603282] ? __might_sleep+0x95/0x190 [ 1511.607247] ? ion_alloc.cold+0x28/0x28 [ 1511.611219] do_vfs_ioctl+0xd5f/0x1380 [ 1511.615100] ? selinux_file_ioctl+0x46c/0x5d0 [ 1511.619586] ? selinux_file_ioctl+0x125/0x5d0 [ 1511.624093] ? ioctl_preallocate+0x210/0x210 [ 1511.628615] ? selinux_file_mprotect+0x620/0x620 [ 1511.633379] ? iterate_fd+0x360/0x360 [ 1511.637182] ? nsecs_to_jiffies+0x30/0x30 [ 1511.641332] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1511.648168] ? security_file_ioctl+0x8d/0xc0 [ 1511.652575] ksys_ioctl+0xab/0xd0 [ 1511.656022] __x64_sys_ioctl+0x73/0xb0 [ 1511.659919] do_syscall_64+0xfd/0x620 [ 1511.663727] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1511.668932] RIP: 0033:0x45b349 [ 1511.672126] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1511.691024] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1511.698726] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1511.705988] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1511.713248] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1511.720509] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1511.727767] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c 22:57:29 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000014000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1511.749154] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 22:57:29 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x4000}) 22:57:29 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$VIDIOC_S_EXT_CTRLS(r2, 0xc0205648, &(0x7f0000000140)={0xa30000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x990906, 0xfffffffe, [], @string=&(0x7f0000000040)}}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$KVM_S390_UCAS_UNMAP(0xffffffffffffffff, 0x4018ae51, &(0x7f0000000180)={0x80000001, 0x8, 0x56a061f7}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) prctl$PR_GET_FPEMU(0x9, &(0x7f0000000200)) [ 1511.813838] lowmem_reserve[]: 0 0 0 0 0 [ 1511.817883] Node 0 DMA: 27*4kB (UME) 13*8kB (UME) 7*16kB (UME) 14*32kB (UM) 7*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10436kB [ 1511.850893] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1511.933905] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1511.952206] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1511.968042] Node 0 DMA32: 77*4kB (EH) 2536*8kB (UEH) 1808*16kB (UEH) 1172*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 4*1024kB (U) 0*2048kB 0*4096kB = 92084kB [ 1511.988538] CPU: 0 PID: 3725 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1511.996386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1512.005751] Call Trace: [ 1512.008365] dump_stack+0x197/0x210 [ 1512.012028] warn_alloc.cold+0x7b/0x173 [ 1512.016028] ? zone_watermark_ok_safe+0x260/0x260 [ 1512.020891] ? compaction_deferred+0x16a/0x3b0 [ 1512.025490] ? try_to_compact_pages+0x44/0xae0 [ 1512.030106] __alloc_pages_slowpath+0x2214/0x2870 [ 1512.034987] ? warn_alloc+0x110/0x110 [ 1512.038800] ? __lock_is_held+0xb6/0x140 [ 1512.042877] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1512.048432] ? should_fail+0x14d/0x85c [ 1512.052333] ? __isolate_free_page+0x4c0/0x4c0 [ 1512.056929] ? __might_sleep+0x95/0x190 [ 1512.060901] __alloc_pages_nodemask+0x617/0x750 [ 1512.065565] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1512.070577] ? fs_reclaim_acquire+0x20/0x20 [ 1512.074888] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1512.080416] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1512.086116] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1512.091648] alloc_pages_current+0x107/0x210 [ 1512.096052] ion_page_pool_alloc+0x17f/0x270 [ 1512.100457] ion_system_heap_allocate+0x154/0xa90 [ 1512.105296] ? ion_system_heap_free+0x250/0x250 [ 1512.109957] ? ion_alloc+0x306/0x900 [ 1512.113661] ion_alloc+0x29b/0x900 [ 1512.117194] ? ion_dma_buf_release+0x50/0x50 [ 1512.121601] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1512.127130] ? _copy_from_user+0xdd/0x150 [ 1512.131282] ion_ioctl+0x17b/0x329 [ 1512.134816] ? ion_alloc.cold+0x28/0x28 [ 1512.138782] ? __might_sleep+0x95/0x190 [ 1512.142748] ? ion_alloc.cold+0x28/0x28 [ 1512.146925] do_vfs_ioctl+0xd5f/0x1380 [ 1512.150823] ? selinux_file_ioctl+0x46c/0x5d0 [ 1512.155332] ? selinux_file_ioctl+0x125/0x5d0 [ 1512.159832] ? ioctl_preallocate+0x210/0x210 [ 1512.164251] ? selinux_file_mprotect+0x620/0x620 [ 1512.169007] ? iterate_fd+0x360/0x360 [ 1512.172804] ? nsecs_to_jiffies+0x30/0x30 [ 1512.176952] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1512.182483] ? security_file_ioctl+0x8d/0xc0 [ 1512.186892] ksys_ioctl+0xab/0xd0 [ 1512.190343] __x64_sys_ioctl+0x73/0xb0 [ 1512.194225] do_syscall_64+0xfd/0x620 [ 1512.198030] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1512.203207] RIP: 0033:0x45b349 [ 1512.206391] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1512.225292] RSP: 002b:00007f6e444d6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1512.232988] RAX: ffffffffffffffda RBX: 00007f6e444d76d4 RCX: 000000000045b349 [ 1512.240246] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1512.247504] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 1512.254773] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1512.262038] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bfd4 [ 1512.287592] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1512.318624] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB 22:57:29 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000024400000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1512.346298] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1512.389369] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1512.407223] warn_alloc_show_mem: 2 callbacks suppressed [ 1512.407235] Mem-Info: [ 1512.412091] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1512.425713] active_anon:276786 inactive_anon:205 isolated_anon:0 [ 1512.425713] active_file:4237 inactive_file:7197 isolated_file:0 [ 1512.425713] unevictable:0 dirty:51 writeback:0 unstable:0 [ 1512.425713] slab_reclaimable:17167 slab_unreclaimable:128853 [ 1512.425713] mapped:58913 shmem:255 pagetables:26167 bounce:0 [ 1512.425713] free:785616 free_pcp:463 free_cma:0 [ 1512.429924] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1512.476763] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1512.505987] 11688 total pagecache pages [ 1512.517733] 0 pages in swap cache [ 1512.518971] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1512.527524] Swap cache stats: add 0, delete 0, find 0/0 [ 1512.540528] Free swap = 0kB [ 1512.543594] Total swap = 0kB [ 1512.546620] 1965979 pages RAM [ 1512.575868] 0 pages HighMem/MovableOnly [ 1512.584274] 341741 pages reserved [ 1512.594163] 0 pages cma reserved [ 1512.595522] Node 0 active_anon:1058484kB inactive_anon:820kB active_file:48kB inactive_file:120kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208940kB dirty:28kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 22:57:30 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x4200}) 22:57:30 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) r3 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r3, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r3, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) pwrite64(r3, &(0x7f0000000680)="327b6ce97f796f3e38e3122b55ce1d5ca79f40dcbf670b377a800fc3cd0873534f9766f6a0b9d31e037422974b337e809666060780c91ea30af080f88eb110b210dd6bae04a9d43e6dbdfda6ce3ea693a55502d7fc2bb15644a9e2cec8367efbb35420b9f0c008f03883e116a06734631ddc1fbfd0de09f2de02967ade6c9b7cecb88b35d14582062da2e4aac22a4c42b6a73eb34e4266fcdec337d73cee73d733a7021f62120d8ead2fb29ad51f9ae877b5b0b2f12b8c9749f4ee952f8cc619fe93517a9d0d83ce18f8f757f32e426785108c408634d2cf969b6e2950774a1a44849c2d76b10e912919fa172808ac7ac6b009c7f3c94d1c3ccb160573490986286dfe7164b6706e0428e6559c88884fc6ebbeb013f7858a2f836a2c4e4fd3e669b0e61c8ae3258432aaf0f4ddb9edd8f94d8a83286da5e53dd29853b79a183f0db223a327635571ded09be522b3bc4131be55a5e890597b557895cb185b0063f57c31ada580b1fd07319c042e782ebf8e67f1d3793bc96ad032366fb5b4b0cf1b37eb0d45d6a5f7b064ac6c325cf426c1e712ef54b898cad74dbe9985b9b7fe3abdceb6c08471a01c0ca7e31f5916851c8469c7eaa9fdd326f92efb078a153dcdf4c62f4c1c1fa261cf18301ab846c6e77c59645f6842523ab5f4783b32b5380e4bd6db6ae5f7d05bd81b5a278a74bbdbabb6a19a5e2fefce491a532793ed6dd0ee46de02e8df0ec2bdc5af06d3b4389bb596976fc74a6c587b2e074bf7f9868771f5cddfa6f028d3f00a8c2604031ae571b54ce1a17fcb86792c85da9e999eff9e0680c5eaf6021ec1d27cb3205c92bacaeead3fd243e247598789fd500aefbc9ea8d51f57ce925f68a4eb9935b8a8033559f015b1b72c7d16f46a0ca1cb7e57f45e918d4d59cddef2c982a233354636213f6cd76379b0e8315c3b1d420e05042c95169829f60588d4f48cd72c4d5d543c95cae272dab549feda701a9e54cada3d3e5988f29a3656080fce633cee3319ecb3960d560ffda5f84af79cb535327e73b12baae26e70f41f5fb7a388746bdf4cff251dd1e2d69393b057499a61a862deca18b4a8eddc1f81e4f073c27c652381a1380a8e802802b052f53bccecb3cbec2f33a5f295636550d222358e5f7e9613b17c02b17686c4421a5a04701f489f829f2cfdef32a8e48191558e86185f4f0866fa4a120733ce34c646c6bca68500b83b5263b040470a2eaf2311859fd0da7b4ebbcda4e2fe15c995f33a6d1c2158ea52e4d43a35ead66d0ad223f979c5cbe27886fe3232979f7745801cbb7343f95ac467cf2cd4578084177fefd9843fc35ad27ea7f1a54c7e1da00ce8d89042d985ea3a4b936fe1e7e60309e8495de231cb10b895515d6a698d78c583130c096b05faf86cb34dbf6252647c5391dcf719916206e343ad45bdb2b8e5715a87af29ad02c0aa8e71fee23b77cfb060207e2ccba6b5c2b27c14d54d7dec7b89ff4a59e9b0ed552931e2f81ae06dad8292d42f24518e9ce744d01859c90d54eac66eca6def1c61f982d25fdf9d41e4782cfaf35523398a2cde01f2ffd4b9e97bf4e94e96e768e22921c9f093e3cc197bf4423b9650ab19ae1d99c23835fa1b0b0c2741d0482d61bdcdb5ee1f56bbf73e8702930e3633855306bc6403f2e570bd987863d1633d71f535515872f3f9a1794e2d0de7070439120e1cb1070d14cff9c841dd6b2ff1d6768404b522093a41a08193783375ffec03bfedf8db500faab4c7b5d78f5c9e05ee1f3c5d330f1af9b859422aaa72d15ce56336f0bf8d82bf6196e023afa7fa30d948351ab13f9011beb7dbecbe78e5328444bbfdbdab926e052afabb6b252ea75ce9d21ce51be02969bc19370c80be436427d7da42117d22e3b41147e150fc700a5839ef78116c95c956a5bac9930ced43cf16650f36e6dc46208ed9be6dd8e17709fd82d7f0477b66e0176aefcef1f76352237943891f98062ec02f6ac9f69eaf1182e9955a6a887a89a23af34c4adfd84491f8097a5a2c16862784323a3322b8fceb3df559806b881ce781c9ccad50782903861eb8bab548fe4ee649396ab4795a184b602b1f9a6fcaa3bc2b27fd96b87499cd4a1643a75ec2d97dca18493a21ed965b02ad74092479939750165bd03886beb3a2b42bd66cfb529cee1141fd313de4bb073e7c5b44a0593bf62e4fecd526c753bbbd2768a1019160d6f9c478a2662ba100c694dbcbe85cc5cc23bb8005c7526094aa9ff33572271f3105ec71912389293fbf640effdacea2a9e8333f1d5015eba75e82c61c787f53bd893d9b5e42b251dddfe746fcc54d5a80732f8a5e8cdf4a00c46cd07bb03a011bdd231a29454a3e5ab037a22bda5ee581f966dde37f2adcb2a3af554fe853102a0fad4461aaa370954a5ed35811797ca86cc56000b9eeeb12ae43fc5f726b7d6832aed67141199769ebd135aa8a39e437f55318d1131d51805a462aa6960c73055988bb636e63b924050d822f6056e8b3fd9d9d40de519a4ee71d31a29ddc65fa8e87510589de30a79c55a4249a0939a4f24a540c4eeeecc81c0d7624857ec56ae704c570dadbea5df5ffc8e9357ac5d6d6e5c738905e07f2107148a381c0eb216a28aaa04124856fafa3574c789dd2910261d2d5c81448b6c17fc5a5dffe7e4aa4180d88536bc62b376f407df8643dcba2bcc1df1a3f6ffd6f4dec70f681b880af1b8b7331a8c466e0edd68d95e74681d921874200208d4fd8d21a563d2240357d6a70351c6ea2ed1f3978abf4a31da336fdf113780fb2a77b27a5f4e7eb38e9804e3d69fe3cc6db5a2aa9dd77dd5a4c5a2a112994bb5c208984d7636ab9a4ae2d93022a53fdb2acebe3c0b349d1ffc0503861fff4666c337f31240856e58923e71f56992c1b47f3cf53a64e8a1ea631a8de007a080ffde961519da3728152730fa7c4ae24994f17e8b67c41c842aaec687dbd390aa82500a09d5e8bc3b244dd1f1107b4cfeb61b4661a95c2361910027d3b61305ff4c7399b8610539e158be3d3009310ba831c86331dc366ff1af4ac9a91ed334fa7268453a011420f583b368f1b5f270bbb4036924a19d5cdbb4ddc3b302053c6913d6f05d32349b4b4194c6e4bb3abcc29604cb4e7d1f425dfcc2868bd88c14b0816006fe556f02a4761a6e1d15c33c5caec928ec1236a41416bac190bacc948483c8a482aa65a1779f8386f74545773d3160c572bafb2c2503a9d140a77815430b0565b4032a9075afb0f6d949a0ba265fbb79252893682d38df5e948200f88172ef637ccb319b90787d9e07e4f4293a079e8ba96fc28dc56b847c62778d8cc7619a95d135d134d3b47037523e12b9dc4cc2a0e23cdbee1ac66427bbd52e506693a49d298bc329e9c139e8ace40eb0e909b638f40aaab5cd8b97e2e270ce1ffa74c3894aa4148e4c485dcb15f02c70e39041c841c8a47bcd42e121c5654ef8613ae50a7dbee9a95b9ddb804e5d062774b00ed135d209be687461bae41217bbf14e021cc7a8db1f3a32a71407545dc2d12344e70af634e5568130363a2b1767235c85ce07b3219ebfac21bc7a57fdd720daf1c771eb73b425efbd159f7b754770123efdf7282ecd40285b808854094f0f61dcf8fd4ec274d24fe320c5fa7121a550c77de37477121bbbd0e4326b21e4b4ef38821e1a92af61454e103f2a8e4fef0c1036c92fa67e28105e5dac851ccd57e22058d1ec7a6e44dfc983bd622d69209f74b5c322b24a46acf4e62d1567e004e5d099c79e7465145cdbc7c8a4849fa0b79fcb52ce31d2cae4bc825f3d6317a4ebe35ef10eb098b8fb1ee5a6e990d6f3339a5bae2a74ef900b24e23230b23dbe7c7156a3c9d25b4a5bb5af466152f563f859c7323b0bfb0716a191c4151dbffdb9b133f8fe18ccce750c5022ea99483549687ef82f172a7909fa31fc3cabd32b26b5aa7f950ffd539d6fe4ce8f8456eb07cb4f09b676cf05cab691c0ca2837ed74ed7d6b067a8cca02aee7590478b9c07f78cb4e5c4166eaecbdf0369926ddc07e79b3801a289b28d67d619f0f0fb6788d83bb2c73bc1a3ee4dc35657491bb714fc182f1b45bcb71c1e19f0524aa6fd85d57e45bfc8ce01df5c692cd6e1c43c8dc0899ee668aef73160b99683e1df952f4594d54f92a04ed91ead3accccdcea74f33393b255c074e5f512f09ecba2a794f81c484c243845d29226113b9a36d13c5e47c887a189fb60432d0c7508128c15309aad266f3cc1c7444529355124bff2a214dc1ecf0d9769f09941282250824b132fbe81d8c65152c4012405f6b7cd88701ba37ac9ae47d6a2bbfa73b250d0e00312359594e5b8b2f2dbe31c4a70916f9e8f1210364df4367759ab3d8861985ef91a5263625a4bf7126b64ba6c749ed055683c18331a7f82b22f81b5df05a2a463c7176b1b8d8375a82e7b99cd630816a4505a6a027e1f9fbfa6ba0eacc11cda04db8ab2081abf3cd5279f31e63b9c1a54645231e615f2ff1169c9d4e8fc1949059ec1e5578969b440a4e048a12d2d88b766757f7a88b5a2bb229fe3b0caccab7860c68d19374179cad0db426ba121ca99853b0ff30885416acefc33122c40c887ba7af4ac46f4caaea6ff62f30961ea1fcd14946dc0818e83c0d0727e4c3038ef5841c03bfbbbe332168d175a9d9e41800340a98b635502401e6fbe1266eb072d2bfe4ac8c3aef924c6de05968e3798f56e4fd3ba488b740de641f94ca1af160c12b3c2cfe7bf5e50949afc19873c337238a933f02e429bbc14990d4ff0c8355845ea2e8bdbaa1e25d1f24c7311b80dff0ac1676bf0c75a73f41774de3c1485cb95ecc1d7f2daca09dcb35c912b986ab2da8cf25ad5bbe92a4ab8e6bd834294a60949174855c3bede15d25b42c50401e43da0646e0a17d08b5994d04409b506c46a2db1401e770265127ae9fe68dfc9c3a87b0b4ad0546093bb2326e86826f649df4503ddf4e8e2ab97a4def84eba005226a1e2a2a47754844529e0428838a67ef41ca635bb9a9f3cbe8d9c4e68c0236c820a9680afe0b1f622b458ba0131965dc84f64e1d036e728515a09f5e3a2494ff5b3a0d4c423f226313be61823a46833a394be0f7c10cfb9361b921e0c93522be83082cf6751b0f891bcbd4c9cd3506330b981f94180069de1198fc51d783950fbbfb4dcd2b14dd91f45a59c44f2bb2035a0564d24a3ba36571162e470acb215dda5220fcb295224b41a3cbd298a9284043eee4ca6cccd548e05245b5b5498fce3227d31c7d875ed5fcbb260e46a68c9fba9bbf2f27fc0ff07f262344c205a571ed52f2f60bd37a9202026aa1b43e3a54e5a8425090d298732ec096185827b5b9b112c18d0f4fa4c746b8dda1297bf9f140bf86c0c59b7f8648ecb0d6f11ef0cf474972fea5d55c1dba23e671b143983331023cdc129ab82d1651ffadcccca1c98d8436d6712a1b525856c3635ab2a04c9e95fe6c88fd29825942fef790ec3354738027f900a949089a99ade4e4583aa6ca96c7e8b4b83c685a9165aebdd5453a4da44e44e43c1250c9f2bf6b024a5644f4688778bccd614b725dc33d4dde7296f085b9fd998b1a077505e039386b8c4c8a0750acf2a79e6beb034c4fa5dfdca2e382e1d8e4289e1ee9c54152390acdde711ad58dce6fd47dfac3fc419f269728b6314acb94df2b5167bd19e48d2ebef43e0ad220a2bc6135c7db1524386f6be3140b559e0f338743f19a98ca4192985a5b35a82db8ed20f1fd0ad53de137cfd3f787a0284dce4118c35d2d4c276d55a39a5b4b5a6edc3", 0x1000, 0x1) r4 = accept4$rose(r2, &(0x7f0000000040)=@full={0xb, @dev, @null, 0x0, [@netrom, @netrom, @remote, @remote, @null]}, &(0x7f0000000080)=0x40, 0x800) recvmmsg(r4, &(0x7f0000000600)=[{{&(0x7f0000000140)=@nl, 0x80, &(0x7f0000000200), 0x0, &(0x7f0000000240)=""/254, 0xfe}, 0x4}, {{&(0x7f0000000340)=@pppoe={0x18, 0x0, {0x0, @dev}}, 0x80, &(0x7f00000003c0)=[{&(0x7f00000004c0)=""/72, 0x48}], 0x1, &(0x7f0000000540)=""/171, 0xab}, 0x3f}], 0x2, 0x2, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:30 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000015000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:30 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$EVIOCGEFFECTS(r2, 0x80044584, &(0x7f0000000300)=""/210) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$TCSETXW(r4, 0x5435, &(0x7f0000000000)={0xad, 0x8, [0x100, 0x2, 0x8, 0x9, 0x101], 0x2}) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) [ 1512.835214] Node 0 DMA free:10436kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1512.880556] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1512.915531] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1512.915687] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1512.938782] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1512.949481] Node 0 DMA32 free:105408kB min:36168kB low:45208kB high:54248kB active_anon:1055896kB inactive_anon:824kB active_file:36kB inactive_file:164kB unevictable:0kB writepending:40kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27968kB pagetables:70520kB bounce:0kB free_pcp:480kB local_pcp:0kB free_cma:0kB [ 1512.957664] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1513.049868] CPU: 1 PID: 4002 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1513.050851] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1513.057730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1513.057736] Call Trace: [ 1513.057760] dump_stack+0x197/0x210 [ 1513.057785] warn_alloc.cold+0x7b/0x173 [ 1513.082687] ? zone_watermark_ok_safe+0x260/0x260 [ 1513.083388] lowmem_reserve[]: 0 0 1 1 1 [ 1513.087554] ? compaction_deferred+0x16a/0x3b0 [ 1513.087572] ? try_to_compact_pages+0x44/0xae0 [ 1513.087602] __alloc_pages_slowpath+0x2214/0x2870 [ 1513.105646] ? warn_alloc+0x110/0x110 [ 1513.109462] ? __lock_is_held+0xb6/0x140 [ 1513.112469] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1513.113534] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1513.113551] ? should_fail+0x14d/0x85c [ 1513.113576] ? __isolate_free_page+0x4c0/0x4c0 [ 1513.153309] ? __might_sleep+0x95/0x190 [ 1513.157298] __alloc_pages_nodemask+0x617/0x750 [ 1513.161983] ? lockdep_hardirqs_on+0x415/0x5d0 [ 1513.166577] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1513.171614] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1513.177182] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1513.182943] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1513.188495] alloc_pages_current+0x107/0x210 [ 1513.192916] ion_page_pool_alloc+0x17f/0x270 [ 1513.197616] ion_system_heap_allocate+0x154/0xa90 [ 1513.202489] ? ion_system_heap_free+0x250/0x250 [ 1513.207181] ? ion_alloc+0x306/0x900 [ 1513.211024] ion_alloc+0x29b/0x900 [ 1513.214763] ? ion_dma_buf_release+0x50/0x50 [ 1513.219209] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1513.224755] ? _copy_from_user+0xdd/0x150 [ 1513.228917] ion_ioctl+0x17b/0x329 [ 1513.230055] lowmem_reserve[]: 0 0 0 0 0 [ 1513.232470] ? ion_alloc.cold+0x28/0x28 [ 1513.232495] ? __might_sleep+0x95/0x190 [ 1513.244430] ? ion_alloc.cold+0x28/0x28 [ 1513.244892] Node 0 DMA: 27*4kB (UME) 15*8kB (UME) 7*16kB (UME) 14*32kB (UM) 7*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10452kB [ 1513.248413] do_vfs_ioctl+0xd5f/0x1380 [ 1513.248430] ? selinux_file_ioctl+0x46c/0x5d0 [ 1513.248448] ? selinux_file_ioctl+0x125/0x5d0 [ 1513.277165] ? ioctl_preallocate+0x210/0x210 [ 1513.281621] ? selinux_file_mprotect+0x620/0x620 [ 1513.286402] ? iterate_fd+0x360/0x360 [ 1513.290220] ? nsecs_to_jiffies+0x30/0x30 [ 1513.294390] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1513.299943] ? security_file_ioctl+0x8d/0xc0 [ 1513.304365] ksys_ioctl+0xab/0xd0 [ 1513.307823] __x64_sys_ioctl+0x73/0xb0 [ 1513.311725] do_syscall_64+0xfd/0x620 [ 1513.315526] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1513.320728] RIP: 0033:0x45b349 [ 1513.323928] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1513.342867] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1513.350586] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1513.357865] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1513.359787] Node 0 DMA32: 2777*4kB (UMEH) 3287*8kB (UEH) 1820*16kB (UEH) 1186*32kB (UEH) 413*64kB (UMEH) 101*128kB (UMEH) 53*256kB (U) 70*512kB (UEH) 49*1024kB (U) 2*2048kB (U) 0*4096kB = 247516kB [ 1513.365133] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1513.365142] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1513.365150] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1513.420059] CPU: 0 PID: 4004 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1513.427921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1513.437297] Call Trace: [ 1513.439909] dump_stack+0x197/0x210 [ 1513.443563] warn_alloc.cold+0x7b/0x173 [ 1513.447560] ? zone_watermark_ok_safe+0x260/0x260 [ 1513.452423] ? compaction_deferred+0x16a/0x3b0 [ 1513.457029] ? try_to_compact_pages+0x44/0xae0 [ 1513.461652] __alloc_pages_slowpath+0x2214/0x2870 [ 1513.466542] ? warn_alloc+0x110/0x110 [ 1513.470381] ? __lock_is_held+0xb6/0x140 [ 1513.474465] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1513.480019] ? should_fail+0x14d/0x85c [ 1513.483933] ? __isolate_free_page+0x4c0/0x4c0 [ 1513.488827] ? __might_sleep+0x95/0x190 [ 1513.492834] __alloc_pages_nodemask+0x617/0x750 [ 1513.497534] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1513.502583] ? fs_reclaim_acquire+0x20/0x20 [ 1513.506932] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1513.512496] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1513.518229] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1513.523799] alloc_pages_current+0x107/0x210 [ 1513.528346] ion_page_pool_alloc+0x17f/0x270 [ 1513.532808] ion_system_heap_allocate+0x154/0xa90 [ 1513.537696] ? ion_system_heap_free+0x250/0x250 [ 1513.542388] ? ion_alloc+0x306/0x900 [ 1513.546129] ion_alloc+0x29b/0x900 [ 1513.549711] ? ion_dma_buf_release+0x50/0x50 [ 1513.554151] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1513.559754] ? _copy_from_user+0xdd/0x150 [ 1513.563929] ion_ioctl+0x17b/0x329 [ 1513.567490] ? ion_alloc.cold+0x28/0x28 [ 1513.571490] ? __might_sleep+0x95/0x190 [ 1513.575488] ? ion_alloc.cold+0x28/0x28 [ 1513.579478] do_vfs_ioctl+0xd5f/0x1380 [ 1513.583385] ? selinux_file_ioctl+0x46c/0x5d0 [ 1513.587908] ? selinux_file_ioctl+0x125/0x5d0 [ 1513.592418] ? ioctl_preallocate+0x210/0x210 [ 1513.594687] warn_alloc_show_mem: 1 callbacks suppressed [ 1513.594696] Mem-Info: [ 1513.596990] ? selinux_file_mprotect+0x620/0x620 [ 1513.597013] ? iterate_fd+0x360/0x360 [ 1513.597033] ? nsecs_to_jiffies+0x30/0x30 [ 1513.602782] active_anon:276726 inactive_anon:206 isolated_anon:0 [ 1513.602782] active_file:4234 inactive_file:7208 isolated_file:0 [ 1513.602782] unevictable:0 dirty:46 writeback:0 unstable:0 [ 1513.602782] slab_reclaimable:17168 slab_unreclaimable:128606 [ 1513.602782] mapped:58877 shmem:255 pagetables:26136 bounce:0 [ 1513.602782] free:834780 free_pcp:386 free_cma:0 [ 1513.604979] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1513.604997] ? security_file_ioctl+0x8d/0xc0 [ 1513.605016] ksys_ioctl+0xab/0xd0 [ 1513.609884] Node 0 active_anon:1058444kB inactive_anon:824kB active_file:36kB inactive_file:164kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208940kB dirty:40kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1513.613555] __x64_sys_ioctl+0x73/0xb0 [ 1513.613576] do_syscall_64+0xfd/0x620 [ 1513.613597] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1513.617800] Node 0 DMA free:10468kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1513.651538] RIP: 0033:0x45b349 [ 1513.651555] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1513.651563] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1513.651577] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1513.651587] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1513.651595] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1513.651604] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1513.651612] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1513.659463] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1513.690213] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1513.749788] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1513.835940] Node 0 DMA32 free:247844kB min:36168kB low:45208kB high:54248kB active_anon:1055912kB inactive_anon:820kB active_file:36kB inactive_file:184kB unevictable:0kB writepending:84kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27872kB pagetables:70528kB bounce:0kB free_pcp:1496kB local_pcp:664kB free_cma:0kB [ 1513.898996] lowmem_reserve[]: 0 0 1 1 1 [ 1513.907940] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1513.965449] lowmem_reserve[]: 0 0 0 0 0 [ 1513.975475] Node 0 DMA: 27*4kB (UME) 18*8kB (UME) 7*16kB (UME) 14*32kB (UM) 7*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10476kB [ 1513.983888] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1514.024082] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1514.033475] Node 0 DMA32: 2777*4kB (UMEH) 3325*8kB (UEH) 1824*16kB (UEH) 1189*32kB (UEH) 413*64kB (UMEH) 101*128kB (UMEH) 53*256kB (U) 70*512kB (UEH) 49*1024kB (U) 2*2048kB (U) 0*4096kB = 247980kB [ 1514.043946] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1514.087138] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1514.098520] 11707 total pagecache pages [ 1514.107585] 0 pages in swap cache [ 1514.111557] Swap cache stats: add 0, delete 0, find 0/0 [ 1514.116949] Free swap = 0kB [ 1514.120718] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1514.130151] Total swap = 0kB [ 1514.143477] 1965979 pages RAM [ 1514.146651] 0 pages HighMem/MovableOnly [ 1514.150467] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1514.163597] 341741 pages reserved [ 1514.167185] 0 pages cma reserved [ 1514.170923] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1514.200026] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1514.223047] 11707 total pagecache pages [ 1514.239528] 0 pages in swap cache 22:57:31 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/nf_conntrack\x00') preadv(r4, &(0x7f0000000100)=[{&(0x7f0000000640)=""/4093, 0xffd}], 0x1, 0x2) ioctl$DRM_IOCTL_RES_CTX(r4, 0xc0106426, &(0x7f00000004c0)={0x1, &(0x7f0000000480)=[{0x0}]}) ioctl$DRM_IOCTL_NEW_CTX(r3, 0x40086425, &(0x7f0000000500)={r5, 0x2}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r1, 0xc010641d, &(0x7f0000000280)={r5, &(0x7f0000000100)=""/173}) r6 = openat$ion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ion\x00', 0x80, 0x0) ioctl$ION_IOC_ALLOC(r6, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000)) 22:57:31 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000025000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:31 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) r3 = socket$inet6(0xa, 0x3, 0x3c) ioctl$VIDIOC_G_INPUT(r2, 0x80045626, &(0x7f0000000180)) connect$inet6(r3, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) mlockall(0x0) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r3, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000480)="a9", 0x1}, {&(0x7f0000000200)="20d315aa619cb538554abe385a037dbbf035fe50a5ac8c035e1c1317c106d6b827208cb852ed6dbd193046531d26f8039f71b205b503291c5f3d41a67ade63188b823b1ca308bb151b366c127f16950f98fa749b17ef1a4c9b7df307509d3e00d73d108abe2e17d7b0a852e7bc0a6e6a97e5b2a1f54b70dd5b7f230aa37cfdd0974ac02d84af3270", 0x88}, {&(0x7f0000000680)="6afb7e61718d5de1a79c9bed800a2abf1c8c844883b6d4139e13e1b13850738349c7785f414bfae7c99466ef784c5c4f7a2e993bdbdcd50bfbfd208d5c26ad47c779647404e03c150ca723e4215a517b32dbd13192bd46dd78a6fb6a6d8244dcec04ee691ff41ccdf33b846563024ba9ee52af59d20a9c2eb1bb8db4862c4f9633a4e7de8f52afd5125c9e19985c151577a58d1346c9172c812cea1d581b6ef222f55b8e1317d8f5e615d8d0eb45348f5b518ac0eb89569ed4f5e7762328bcec9198ec4ccabbc3fe3d8577d5e3db6d7081ab9713639b21e9daf91681fc8d7ed7c24d36d47d3f052db03fce2d165a842eed2942fc0076e4fc930414da876d9f4e1b0d73e8133dee588f876e57adad231263a87687fb01e8194d7d5a0a5c3b2ef52a4b1ec967a0a1353451c2665cb40dfe457236a6f0dc62ad7549b1d7da38dce6c6d8bcf20b05c42792c74bbf2bbf03afe264f1418f993f19d57193e71420ccf52b108433f8e2afe576cb16eeed694dc581342166305f4a0fb79829ef1a7a839ddfe79a", 0x183}, {&(0x7f00000004c0)="7f8db70e9b7257c3c0ada8e14439dc9157e9bcb01a901e4b62cafc28df45a8b3b9d6e8aeeb9e6408c99481b45fbaec0a2774119633c130ee2513784ce03e764269b71d609dfe82a76e818ad10114fb9a257cf3c803bfb06a0a70bfa3c5430e2b625d3538d9a039332c3d1c9fb08f3663cd799c948d19fd1e557cc00757995bde1a954a8527b968dcbba824bb74f9f267d58db2f1e00c11d3dc8cdf", 0x9b}, {&(0x7f0000000580)="f3613ab5b242e0e9bc67f1de46563abfe908fc3cfdec3422d364150f9014ff5fb503523abca3cfad148bd7a19d754127a2ac7861d6bc9f716526e1a0c446dfd62ee79602d6f9f0b9f52570cdf20e0171650b5922f913fa01ff70ab1fcb6de6f4479516a73d00b914a4ea127a3400ee85d81f7137b4d79b54c545307ec6d928985603895b892e62204521747e29396985c08717d2625cea08416dc3deafb720712703a0360d0c0acfd81f0971aef63fe78e1480698f5a7028bdb0bf45313323e9d106099013d87aa5b5fbdbe7cc3ec7d0e68a2833f480f90724e8659cdbb17e1b8bb4c53f07f57534b6980bd586eac77426df", 0xf2}], 0x5) ioctl$IMGETDEVINFO(0xffffffffffffffff, 0x80044944, &(0x7f0000000140)={0xd89}) r4 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000002c0)='/selinux/status\x00', 0x0, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000000000)=0xc) keyctl$get_persistent(0x16, r7, 0xfffffffffffffff9) statx(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x6000, 0x40, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r9 = socket$inet_udplite(0x2, 0x2, 0x88) r10 = dup(r9) getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000000000)=0xc) keyctl$get_persistent(0x16, r11, 0xfffffffffffffff9) r12 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r12, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0x0, r13) r14 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r14, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0x0, r15) getgroups(0x4, &(0x7f0000000380)=[r13, r15, 0xee00, 0xee01]) lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000440)=0x0, &(0x7f0000000b80), &(0x7f0000000bc0)) r19 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r19, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r19, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r19, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) getsockopt$inet6_IPV6_IPSEC_POLICY(r19, 0x29, 0x22, &(0x7f0000000c00)={{{@in6=@initdev, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@mcast2}}, &(0x7f0000000d00)=0xe8) r21 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r21, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0x0, r22) r23 = socket$inet_udplite(0x2, 0x2, 0x88) r24 = dup(r23) getsockopt$sock_cred(r24, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000000000)=0xc) keyctl$get_persistent(0x16, r25, 0xfffffffffffffff9) stat(&(0x7f0000000d40)='./file0\x00', &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r27 = socket$inet_udplite(0x2, 0x2, 0x88) r28 = dup(r27) getsockopt$sock_cred(r28, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000000000)=0xc) keyctl$get_persistent(0x16, r29, 0xfffffffffffffff9) r30 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r30, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0x0, r31) r32 = socket$inet_udplite(0x2, 0x2, 0x88) r33 = dup(r32) getsockopt$sock_cred(r33, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000000000)=0xc) keyctl$get_persistent(0x16, r34, 0xfffffffffffffff9) lstat(&(0x7f0000000e00)='./file0\x00', &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_DIRENTPLUS(r4, &(0x7f0000001900)=ANY=[@ANYBLOB="a0040000000066c6936d18ccabb9c543ef000002000000000000000200000000000000030000000000000000100000000000002eee0000000000007d00000007000000040000000000000001000000000000000600000000000000030000000000000001000000000000000100000000000000d300000004000000a00200000300000001800000", @ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="ff7f000000000000000000000000000000000000050000000000000009000000070000002f6465762f696f6e00000000000000000200000000000000000000000000000081ef0000000000000700000000000000b9950000fcffffff0300000000000000040000000000000000000000000000000400000000000000c20f0000000000000600000000000000080e000003000000760e000006000000dc0d0000", @ANYRES32=r11, @ANYRES32=r16, @ANYBLOB="9b2a000009000000000000000600000000000000f9ffffffffffffff1a000000060000006e4f646576402428656d3165746830776c616e315d6e6f6465760000000000000300000000000000200000000000000002000000000000000200000000000000315f000006000000000000000000bb591a61831e0000f9ffffffffffffff800000000000000001000000000000000180000000000000001000000000000000000000000000005f0700000200fccd89c0be0a4ac5c1d526e74807879e1f61a00480f34485c0a0e401ca0cc6ba1bb7cb0af1a25e442d32a9ebdc7f203b301a948d7eac2aac8a7fa361dcca01a32828d7b00edbae615fb06ac1eeb700bd392ae78608d0f8c64089d9428252a73978b1f51a9493fb0e459d97f4de0c158946616a1a33ab2bd1904eec3a9966f96c2f65f041522ec2214a2314963d39fe79c694eeaeea02078fc74be102b6609b004df0", @ANYRES32=r17, @ANYRES32=r18, @ANYBLOB="09000000f1230000000000000000000000000000040000000000000009000000ea5200002f6465762f696f6e0000000000000000030000000000000002000000000000008100000000000000e62200000000000001000080030000000300000000000000070000000000000000000000010000000700000000000000bf02000000000000060000000000000020000000be00000001000000fcffffff04000000", @ANYRES32=r20, @ANYRES32=r22, @ANYBLOB="000000ec0600000000000000040000000000000000040000000000000200000006000000263a0000000000000500000000000000020000000000000006000000000000000700000000000000ff0f0000050000000200000000000000000000000000000005000000000000000000000000000000040000000000000001000000000000000300000004000000000000000900000009000000", @ANYRES32=r25, @ANYRES32=r26, @ANYBLOB="ff000000ffff0000000000000600000000000000090000000000000009000000040000002f6465762f696f6e00000000000000000400000000000000000000000000000001000000000000000200000000000000000000100600000000000000000000000900000000000000ae230000000000002800000000000000bc090000000000000000000000000000ff7f00007f0000009b0700000500000003000000", @ANYRES32=r29, @ANYRES32=r31, @ANYBLOB="05000000fbffffff000000000000000000000000060000000000000000000000902d000003000000000000000300000000000000ffff000000000000ff7f000000000000ff070000040000000500000000000000ffffffff00000000980200000000000000000000000000000300000000000000c80000000000000008000000010000000100008002000000ff070000", @ANYRES32=r34, @ANYRES32=r35, @ANYBLOB="01800000ffff0000000000000600000000000000040000000000000009000000010000002f6465762f696f6e0000000000000000"], 0x4a0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1514.248849] Swap cache stats: add 0, delete 0, find 0/0 [ 1514.264808] Free swap = 0kB [ 1514.278823] Total swap = 0kB [ 1514.295193] 1965979 pages RAM [ 1514.305939] 0 pages HighMem/MovableOnly 22:57:31 executing program 0: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000140)={'macvtap0\x00', {0x2, 0x4e22, @loopback}}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = openat$cgroup_ro(r4, &(0x7f0000000200)='cpuset.memory_pressure\x00', 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x4) getsockname$tipc(r5, &(0x7f0000000080)=@id, &(0x7f0000000100)=0x10) ioctl$SNDRV_PCM_IOCTL_XRUN(r2, 0x4148, 0x0) prctl$PR_SET_FPEMU(0xa, 0x3) fsetxattr$trusted_overlay_redirect(r2, &(0x7f0000000040)='trusted.overlay.redirect\x00', &(0x7f00000000c0)='./file0\x00', 0x8, 0x2) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:31 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x6, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) syz_init_net_socket$llc(0x1a, 0x1, 0x0) get_mempolicy(&(0x7f0000000040), &(0x7f0000000080), 0xff, &(0x7f0000ffb000/0x4000)=nil, 0x6) connect$inet6(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ID(r2, 0x80082407, &(0x7f0000000140)) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/diskstats\x00', 0x0, 0x0) ioctl$EVIOCGABS3F(r3, 0x8018457f, &(0x7f0000000200)=""/175) syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x6, 0x40) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) [ 1514.332479] 341741 pages reserved [ 1514.343010] 0 pages cma reserved 22:57:31 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000035000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:32 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000200)='/dev/null\x00', 0x14300, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0x82, &(0x7f0000000140)=@assoc_value={r4}, 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f00000006c0)={r4, 0x8000, 0x93, "d0fdd90c275da4e7bd73f6aa850c58fb1cbce8ff015147013adad7dba2acc6b1fe0c2424851acee5fcd23bce359e62e8f7b5f5bc04654645054fa46911ab56a8052f1fbb806a6dab91311b5dcc7f6bf2829fe37f715d56717fddbd8a767c84c942f3fd186d454be45f44a998c3f17acda61330b0f29146553c8c3252e71cf4bfb1e5d8e040d7dd5d33d290bf9ab9ac008a0ff3"}, 0x9b) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000240)={r4, 0xfff8}, &(0x7f0000000280)=0x8) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000380)={r5, 0x80, &(0x7f0000000300)=[@in6={0xa, 0x4e23, 0x8, @mcast2, 0x7}, @in6={0xa, 0x4e23, 0x8001, @rand_addr="1112048976ae18949ca9508621ee169a", 0x100}, @in6={0xa, 0x4e23, 0xff, @local, 0x7}, @in={0x2, 0x4e20, @loopback}, @in6={0xa, 0x4e20, 0xfff, @remote}]}, &(0x7f00000003c0)=0x10) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='/dev/ion\x00', r2}, 0x10) fstat(r6, &(0x7f0000000140)) 22:57:32 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000025e00000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:32 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x5000}) 22:57:32 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000040)) write$sndseq(r2, &(0x7f0000000140)=[{0x8, 0x8, 0x9, 0x37, @tick=0x6, {0x40}, {0x4, 0x7}, @ext={0x81, &(0x7f0000000200)="c11505218022f1e7e8f5e04c728bcbff596a15bcf68286caaca6122e29702f02196062aa4e2ef461020ecabf2a498bfcd34dfd935d521ec796ef608a3314ce24d0b1b31f13fb57def31e9617445a2bb8fe23544f71f68bf97394452efc30e4117ab99f2636b1d73b9d2540b31765a768d19b17731d30356c06b61ba425f6dfe10a"}}, {0x81, 0x0, 0x8, 0x40, @tick=0x7f, {0x7, 0x3f}, {0x6, 0x5}, @raw8={"16601a0363677f27bf8130ed"}}, {0x8, 0x7f, 0x23, 0x3f, @time={0x4, 0x6}, {0x2, 0xe3}, {0x1, 0xff}, @quote={{0x3, 0x3}, 0x7}}], 0x54) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) r5 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r5, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r7, 0x40505412, &(0x7f00000002c0)={0x1, 0xffffff63, 0x7f, 0x0, 0xc}) getdents(r5, 0x0, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = dup(r9) getsockname$packet(r10, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r8, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r11, 0x440, 0x40000}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r11}) bind$xdp(r2, &(0x7f0000000080)={0x2c, 0x4, r11, 0xa}, 0x10) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:32 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000006000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1515.187234] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1515.257668] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1515.284157] CPU: 1 PID: 4164 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1515.292019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1515.301564] Call Trace: [ 1515.304192] dump_stack+0x197/0x210 [ 1515.307856] warn_alloc.cold+0x7b/0x173 [ 1515.311861] ? zone_watermark_ok_safe+0x260/0x260 [ 1515.316711] ? compaction_deferred+0x16a/0x3b0 [ 1515.321300] ? try_to_compact_pages+0x44/0xae0 [ 1515.325905] __alloc_pages_slowpath+0x2214/0x2870 [ 1515.330772] ? warn_alloc+0x110/0x110 [ 1515.335626] ? __lock_is_held+0xb6/0x140 [ 1515.339808] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1515.345362] ? should_fail+0x14d/0x85c [ 1515.349273] ? __isolate_free_page+0x4c0/0x4c0 [ 1515.353862] ? __might_sleep+0x95/0x190 [ 1515.357849] __alloc_pages_nodemask+0x617/0x750 [ 1515.362545] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1515.367584] ? fs_reclaim_acquire+0x20/0x20 [ 1515.371916] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1515.377460] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1515.383283] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1515.388834] alloc_pages_current+0x107/0x210 [ 1515.393247] ion_page_pool_alloc+0x17f/0x270 [ 1515.399267] ion_system_heap_allocate+0x154/0xa90 [ 1515.404130] ? ion_system_heap_free+0x250/0x250 [ 1515.408819] ? ion_alloc+0x306/0x900 [ 1515.412537] ion_alloc+0x29b/0x900 [ 1515.416134] ? ion_dma_buf_release+0x50/0x50 [ 1515.420667] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1515.426206] ? _copy_from_user+0xdd/0x150 [ 1515.430364] ion_ioctl+0x17b/0x329 [ 1515.433914] ? ion_alloc.cold+0x28/0x28 [ 1515.437909] ? __might_sleep+0x95/0x190 [ 1515.441902] ? ion_alloc.cold+0x28/0x28 [ 1515.446072] do_vfs_ioctl+0xd5f/0x1380 [ 1515.449962] ? selinux_file_ioctl+0x46c/0x5d0 [ 1515.454477] ? selinux_file_ioctl+0x125/0x5d0 [ 1515.459113] ? ioctl_preallocate+0x210/0x210 [ 1515.463536] ? selinux_file_mprotect+0x620/0x620 [ 1515.468297] ? iterate_fd+0x360/0x360 [ 1515.472111] ? nsecs_to_jiffies+0x30/0x30 [ 1515.476261] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1515.482418] ? security_file_ioctl+0x8d/0xc0 [ 1515.486850] ksys_ioctl+0xab/0xd0 [ 1515.490308] __x64_sys_ioctl+0x73/0xb0 [ 1515.494339] do_syscall_64+0xfd/0x620 [ 1515.498163] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1515.503358] RIP: 0033:0x45b349 [ 1515.506650] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1515.525560] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1515.533283] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1515.540554] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1515.547849] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1515.555132] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1515.562414] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1515.586129] xt_check_match: 7 callbacks suppressed [ 1515.586145] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1515.676233] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:33 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000036200000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1515.900079] warn_alloc_show_mem: 1 callbacks suppressed [ 1515.900085] Mem-Info: [ 1515.908128] active_anon:277232 inactive_anon:205 isolated_anon:4 [ 1515.908128] active_file:4238 inactive_file:7215 isolated_file:0 [ 1515.908128] unevictable:0 dirty:128 writeback:0 unstable:0 [ 1515.908128] slab_reclaimable:17152 slab_unreclaimable:128463 [ 1515.908128] mapped:58878 shmem:255 pagetables:26178 bounce:0 [ 1515.908128] free:673749 free_pcp:294 free_cma:0 [ 1516.026319] Node 0 active_anon:1060468kB inactive_anon:820kB active_file:72kB inactive_file:204kB unevictable:0kB isolated(anon):16kB isolated(file):0kB mapped:208972kB dirty:108kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1516.056554] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1516.080164] Node 0 DMA free:10412kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1516.108515] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1516.132389] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1516.137869] Node 0 DMA32 free:118484kB min:36168kB low:45208kB high:54248kB active_anon:1057920kB inactive_anon:820kB active_file:72kB inactive_file:204kB unevictable:0kB writepending:108kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27904kB pagetables:70540kB bounce:0kB free_pcp:1872kB local_pcp:700kB free_cma:0kB [ 1516.169929] lowmem_reserve[]: 0 0 1 1 1 [ 1516.174263] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1516.201104] lowmem_reserve[]: 0 0 0 0 0 [ 1516.205525] Node 0 DMA: 27*4kB (UME) 18*8kB (UME) 7*16kB (UME) 14*32kB (UM) 6*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10412kB 22:57:33 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010205, 0xfffffffffffffff7, 0x1}) 22:57:33 executing program 0: set_mempolicy(0x2, &(0x7f0000000040)=0xffffffffffffffff, 0x3) r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nvram\x00', 0x8840, 0x0) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100)='NLBL_MGMT\x00') sendmsg$NLBL_MGMT_C_REMOVE(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x38, r1, 0x10, 0x70bd26, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast1}, @NLBL_MGMT_A_DOMAIN={0xd, 0x1, '/dev/ion\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x80) r2 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:33 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r3, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) ioctl$VIDIOC_TRY_EXT_CTRLS(r2, 0xc0205649, &(0x7f0000000140)={0xff8ffff, 0x358, 0x89a, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x99096b, 0x2, [], @ptr=0x3}}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0)='batadv\x00') r7 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_GATEWAYS(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)={0x24, r6, 0x711, 0x0, 0x0, {0x9}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}}, 0x0) sendmsg$BATADV_CMD_TP_METER_CANCEL(r4, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r6, 0x902, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x40000) sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r3, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000200)={@in={{0x2, 0x4e21, @loopback}}, 0x0, 0x0, 0x45, 0x0, "1f65beff28939d03a9973d91a116d8a69fdb31ad179f35d2a12b0034a3d0970ab4fc2d4b2d59fd9690d23cd91c521c56ecb9e72606283a69738ed4b7b656b23b039897c366d2f3195377664c07d16a2b"}, 0xd8) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) r9 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x100) ioctl$TIOCCONS(r9, 0x541d) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:33 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x4, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x6) r1 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:33 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000026300000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1516.247010] Node 0 DMA32: 3457*4kB (UMEH) 4108*8kB (UMEH) 1901*16kB (UMEH) 1211*32kB (UEH) 4*64kB (UH) 8*128kB (UMH) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 117652kB [ 1516.263988] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1516.275646] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1516.340083] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1516.357638] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1516.365574] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1516.391616] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1516.417511] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1516.426543] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 22:57:33 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000006400000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1516.482441] 11707 total pagecache pages [ 1516.486571] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1516.492415] 0 pages in swap cache [ 1516.514628] CPU: 0 PID: 4293 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1516.515456] Swap cache stats: add 0, delete 0, find 0/0 [ 1516.522484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1516.522491] Call Trace: [ 1516.522517] dump_stack+0x197/0x210 [ 1516.522539] warn_alloc.cold+0x7b/0x173 [ 1516.522558] ? zone_watermark_ok_safe+0x260/0x260 [ 1516.522573] ? __lock_is_held+0xb6/0x140 [ 1516.522608] __alloc_pages_slowpath+0x2214/0x2870 [ 1516.522645] ? warn_alloc+0x110/0x110 [ 1516.547212] Free swap = 0kB [ 1516.547660] ? __lock_is_held+0xb6/0x140 [ 1516.564940] Total swap = 0kB [ 1516.565262] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1516.575797] 1965979 pages RAM [ 1516.580900] ? should_fail+0x14d/0x85c [ 1516.580922] ? __isolate_free_page+0x4c0/0x4c0 [ 1516.580943] ? __might_sleep+0x95/0x190 [ 1516.580961] __alloc_pages_nodemask+0x617/0x750 [ 1516.580983] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1516.581009] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1516.595801] 0 pages HighMem/MovableOnly [ 1516.596573] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1516.613742] 341741 pages reserved [ 1516.615889] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1516.615911] alloc_pages_current+0x107/0x210 [ 1516.615934] ion_page_pool_alloc+0x17f/0x270 [ 1516.632968] 0 pages cma reserved [ 1516.635094] ion_system_heap_allocate+0x154/0xa90 [ 1516.635121] ? ion_system_heap_free+0x250/0x250 [ 1516.635138] ? ion_alloc+0x306/0x900 [ 1516.635162] ion_alloc+0x29b/0x900 [ 1516.659901] ? ion_dma_buf_release+0x50/0x50 [ 1516.664364] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1516.670133] ? _copy_from_user+0xdd/0x150 [ 1516.674339] ion_ioctl+0x17b/0x329 [ 1516.677921] ? ion_alloc.cold+0x28/0x28 [ 1516.681945] ? __might_sleep+0x95/0x190 [ 1516.685961] ? ion_alloc.cold+0x28/0x28 [ 1516.689955] do_vfs_ioctl+0xd5f/0x1380 [ 1516.693975] ? selinux_file_ioctl+0x46c/0x5d0 [ 1516.698482] ? selinux_file_ioctl+0x125/0x5d0 [ 1516.703090] ? ioctl_preallocate+0x210/0x210 [ 1516.707506] ? selinux_file_mprotect+0x620/0x620 [ 1516.712286] ? iterate_fd+0x360/0x360 [ 1516.716207] ? nsecs_to_jiffies+0x30/0x30 [ 1516.720360] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1516.725931] ? security_file_ioctl+0x8d/0xc0 [ 1516.730350] ksys_ioctl+0xab/0xd0 [ 1516.733817] __x64_sys_ioctl+0x73/0xb0 [ 1516.737706] do_syscall_64+0xfd/0x620 [ 1516.741620] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1516.746822] RIP: 0033:0x45b349 [ 1516.750019] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1516.768944] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1516.776761] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1516.784038] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1516.791349] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1516.798631] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1516.805915] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c 22:57:34 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r0, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r0, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000200)={0x3, 0x3, 0x4, 0x40, 0x6, {}, {0x3, 0x9, 0x1, 0x0, 0x6, 0x3, "9fd36e57"}, 0xff, 0x1, @offset=0x80000000, 0x5, 0x0, r0}) ioctl$VIDIOC_S_AUDIO(r1, 0x40345622, &(0x7f0000000280)={0x1, "74c4b09aad27c50155a26d7bd308def621993df6a563bbcd2cb4d30663d4e1b0", 0x1, 0x1}) set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r2 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x80, 0x0) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="02070806100000002dbd7000fcdbdf25010015004e23000005001a0000000000000000000000000000000000ac1e01010000050000000000000000001d0016020800120000000200b36b6e008f0000000600fe80000000000000000000000000003cac14144100"/114], 0x80}}, 0x4040004) [ 1516.903933] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:34 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r2, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) r3 = socket$inet6(0xa, 0x1, 0x20) ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000200)={r2, r3, 0xdb, 0x28, &(0x7f0000000040)="176ad996d4343fe9139f1909fb716ff89c4dfe8658e4609ee43dee05fdcffc702d8717477f8ee126", 0xbb, 0x9, 0x101, 0x101, 0x3e26, 0x0, 0xffffdaa6, 'syz1\x00'}) set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r4 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCSIFBR(r7, 0x8941, &(0x7f0000000080)=@get={0x1, &(0x7f0000000340)=""/160, 0x1}) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r4, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1516.989857] Mem-Info: [ 1516.998508] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1517.024356] active_anon:277237 inactive_anon:203 isolated_anon:0 [ 1517.024356] active_file:4238 inactive_file:7202 isolated_file:0 [ 1517.024356] unevictable:0 dirty:135 writeback:0 unstable:0 [ 1517.024356] slab_reclaimable:17159 slab_unreclaimable:128386 [ 1517.024356] mapped:58863 shmem:255 pagetables:26205 bounce:0 [ 1517.024356] free:686169 free_pcp:449 free_cma:0 [ 1517.155176] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1517.155239] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1517.209841] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1517.220335] CPU: 0 PID: 4303 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1517.228195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1517.237663] Call Trace: [ 1517.240276] dump_stack+0x197/0x210 [ 1517.243928] warn_alloc.cold+0x7b/0x173 [ 1517.248043] ? zone_watermark_ok_safe+0x260/0x260 [ 1517.252913] ? __lock_is_held+0xb6/0x140 [ 1517.257018] __alloc_pages_slowpath+0x2214/0x2870 [ 1517.261901] ? warn_alloc+0x110/0x110 [ 1517.265722] ? __lock_is_held+0xb6/0x140 [ 1517.269910] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1517.275462] ? should_fail+0x14d/0x85c [ 1517.279374] ? __isolate_free_page+0x4c0/0x4c0 [ 1517.283984] ? __might_sleep+0x95/0x190 [ 1517.287986] __alloc_pages_nodemask+0x617/0x750 [ 1517.292681] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1517.297720] ? fs_reclaim_acquire+0x20/0x20 [ 1517.302059] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1517.307621] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1517.313357] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1517.319041] alloc_pages_current+0x107/0x210 [ 1517.323482] ion_page_pool_alloc+0x17f/0x270 [ 1517.327917] ion_system_heap_allocate+0x154/0xa90 [ 1517.332896] ? ion_system_heap_free+0x250/0x250 [ 1517.337590] ? ion_alloc+0x306/0x900 [ 1517.341330] ion_alloc+0x29b/0x900 [ 1517.344907] ? ion_dma_buf_release+0x50/0x50 [ 1517.349343] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1517.354893] ? _copy_from_user+0xdd/0x150 [ 1517.359072] ion_ioctl+0x17b/0x329 [ 1517.362750] ? ion_alloc.cold+0x28/0x28 [ 1517.366599] Node 0 active_anon:1060688kB inactive_anon:812kB active_file:72kB inactive_file:152kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208972kB dirty:136kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1517.366839] ? __might_sleep+0x95/0x190 [ 1517.366859] ? ion_alloc.cold+0x28/0x28 [ 1517.366879] do_vfs_ioctl+0xd5f/0x1380 [ 1517.395773] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1517.398826] ? selinux_file_ioctl+0x46c/0x5d0 [ 1517.398844] ? selinux_file_ioctl+0x125/0x5d0 [ 1517.398863] ? ioctl_preallocate+0x210/0x210 [ 1517.398880] ? selinux_file_mprotect+0x620/0x620 [ 1517.398900] ? iterate_fd+0x360/0x360 [ 1517.398920] ? nsecs_to_jiffies+0x30/0x30 [ 1517.438291] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1517.443844] ? security_file_ioctl+0x8d/0xc0 [ 1517.448356] ksys_ioctl+0xab/0xd0 [ 1517.451919] __x64_sys_ioctl+0x73/0xb0 [ 1517.455816] do_syscall_64+0xfd/0x620 [ 1517.459631] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1517.464825] RIP: 0033:0x45b349 [ 1517.468017] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1517.486919] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1517.494650] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1517.501931] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1517.509213] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1517.516509] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1517.524434] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1517.560143] Node 0 DMA free:10412kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1517.587799] CPU: 1 PID: 4315 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1517.595783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1517.605267] Call Trace: [ 1517.607859] dump_stack+0x197/0x210 [ 1517.611497] warn_alloc.cold+0x7b/0x173 [ 1517.615494] ? zone_watermark_ok_safe+0x260/0x260 [ 1517.620340] ? __lock_is_held+0xb6/0x140 [ 1517.624432] __alloc_pages_slowpath+0x2214/0x2870 [ 1517.629298] ? warn_alloc+0x110/0x110 [ 1517.633105] ? __lock_is_held+0xb6/0x140 [ 1517.637182] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1517.642727] ? should_fail+0x14d/0x85c [ 1517.646628] ? __isolate_free_page+0x4c0/0x4c0 [ 1517.651318] ? __might_sleep+0x95/0x190 [ 1517.655311] __alloc_pages_nodemask+0x617/0x750 [ 1517.660006] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1517.665131] ? fs_reclaim_acquire+0x20/0x20 [ 1517.669469] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1517.675110] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1517.680846] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1517.686404] alloc_pages_current+0x107/0x210 [ 1517.690912] ion_page_pool_alloc+0x17f/0x270 [ 1517.695441] ion_system_heap_allocate+0x154/0xa90 [ 1517.700312] ? ion_system_heap_free+0x250/0x250 [ 1517.704998] ? ion_alloc+0x306/0x900 [ 1517.708728] ion_alloc+0x29b/0x900 [ 1517.712290] ? ion_dma_buf_release+0x50/0x50 [ 1517.716716] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1517.722271] ? _copy_from_user+0xdd/0x150 [ 1517.726431] ion_ioctl+0x17b/0x329 [ 1517.729970] ? ion_alloc.cold+0x28/0x28 [ 1517.733959] ? __might_sleep+0x95/0x190 [ 1517.738047] ? ion_alloc.cold+0x28/0x28 [ 1517.742065] do_vfs_ioctl+0xd5f/0x1380 [ 1517.745988] ? selinux_file_ioctl+0x46c/0x5d0 [ 1517.750483] ? selinux_file_ioctl+0x125/0x5d0 [ 1517.755001] ? ioctl_preallocate+0x210/0x210 [ 1517.759410] ? selinux_file_mprotect+0x620/0x620 [ 1517.764292] ? iterate_fd+0x360/0x360 [ 1517.768200] ? nsecs_to_jiffies+0x30/0x30 [ 1517.772357] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1517.777908] ? security_file_ioctl+0x8d/0xc0 [ 1517.782332] ksys_ioctl+0xab/0xd0 [ 1517.785792] __x64_sys_ioctl+0x73/0xb0 [ 1517.789685] do_syscall_64+0xfd/0x620 [ 1517.793496] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1517.798695] RIP: 0033:0x45b349 [ 1517.801897] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1517.820815] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1517.828655] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1517.835943] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000004 [ 1517.843219] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1517.850511] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1517.858057] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c 22:57:35 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x6c00}) 22:57:35 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000026800000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1517.952724] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1517.964868] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1517.970846] Node 0 DMA32 free:107128kB min:36168kB low:45208kB high:54248kB active_anon:1058096kB inactive_anon:824kB active_file:60kB inactive_file:164kB unevictable:0kB writepending:0kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28096kB pagetables:70608kB bounce:0kB free_pcp:488kB local_pcp:12kB free_cma:0kB 22:57:35 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r1 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nvme-fabrics\x00', 0xc43, 0x0) request_key(&(0x7f0000000100)='ceph\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000180)='+em1\x00', 0xfffffffffffffffb) ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000080)=0x14) [ 1518.030640] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1518.052078] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1518.105488] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1518.105576] lowmem_reserve[]: 0 0 1 1 1 [ 1518.142895] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 1518.158860] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1518.162381] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1518.194182] CPU: 1 PID: 4322 Comm: syz-executor.4 Not tainted 4.19.100-syzkaller #0 [ 1518.199468] warn_alloc_show_mem: 1 callbacks suppressed [ 1518.199473] Mem-Info: [ 1518.202016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1518.202022] Call Trace: [ 1518.202046] dump_stack+0x197/0x210 [ 1518.202068] warn_alloc.cold+0x7b/0x173 [ 1518.202086] ? zone_watermark_ok_safe+0x260/0x260 [ 1518.202101] ? __lock_is_held+0xb6/0x140 [ 1518.202137] __alloc_pages_slowpath+0x2214/0x2870 [ 1518.202170] ? warn_alloc+0x110/0x110 [ 1518.202184] ? __lock_is_held+0xb6/0x140 [ 1518.202203] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1518.202220] ? should_fail+0x14d/0x85c [ 1518.202239] ? __isolate_free_page+0x4c0/0x4c0 [ 1518.202259] ? __might_sleep+0x95/0x190 [ 1518.202278] __alloc_pages_nodemask+0x617/0x750 [ 1518.202298] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1518.202317] ? fs_reclaim_acquire+0x20/0x20 [ 1518.207801] active_anon:277276 inactive_anon:206 isolated_anon:0 [ 1518.207801] active_file:4235 inactive_file:7180 isolated_file:0 [ 1518.207801] unevictable:0 dirty:32 writeback:0 unstable:0 [ 1518.207801] slab_reclaimable:17165 slab_unreclaimable:128644 [ 1518.207801] mapped:58871 shmem:255 pagetables:26158 bounce:0 [ 1518.207801] free:830212 free_pcp:139 free_cma:0 [ 1518.210105] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1518.210123] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1518.210138] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1518.210158] alloc_pages_current+0x107/0x210 [ 1518.210182] ion_page_pool_alloc+0x17f/0x270 [ 1518.210202] ion_system_heap_allocate+0x154/0xa90 [ 1518.210225] ? ion_system_heap_free+0x250/0x250 [ 1518.210249] ? ion_alloc+0x306/0x900 22:57:35 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000007000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1518.229880] Node 0 active_anon:1060644kB inactive_anon:824kB active_file:60kB inactive_file:64kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208972kB dirty:36kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1518.234705] ion_alloc+0x29b/0x900 [ 1518.234729] ? ion_dma_buf_release+0x50/0x50 [ 1518.234753] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1518.253099] lowmem_reserve[]: 0 0 0 0 0 [ 1518.257226] ? _copy_from_user+0xdd/0x150 [ 1518.270874] Node 0 DMA free:10412kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1518.274325] ion_ioctl+0x17b/0x329 [ 1518.274342] ? ion_alloc.cold+0x28/0x28 [ 1518.274362] ? __might_sleep+0x95/0x190 [ 1518.290510] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1518.317388] ? ion_alloc.cold+0x28/0x28 [ 1518.317408] do_vfs_ioctl+0xd5f/0x1380 [ 1518.317425] ? selinux_file_ioctl+0x46c/0x5d0 [ 1518.317440] ? selinux_file_ioctl+0x125/0x5d0 [ 1518.317454] ? ioctl_preallocate+0x210/0x210 [ 1518.317469] ? selinux_file_mprotect+0x620/0x620 [ 1518.317490] ? iterate_fd+0x360/0x360 [ 1518.317507] ? nsecs_to_jiffies+0x30/0x30 [ 1518.317527] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1518.317549] ? security_file_ioctl+0x8d/0xc0 [ 1518.337379] Node 0 DMA: 27*4kB (UME) 21*8kB (UME) 7*16kB (UME) 14*32kB (UM) 6*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10436kB [ 1518.338775] ksys_ioctl+0xab/0xd0 [ 1518.338797] __x64_sys_ioctl+0x73/0xb0 [ 1518.338815] do_syscall_64+0xfd/0x620 [ 1518.338837] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1518.351906] Node 0 DMA32: 3097*4kB (UMEH) 4214*8kB (UMEH) 1985*16kB (UEH) 1209*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 117508kB [ 1518.352760] RIP: 0033:0x45b349 [ 1518.365087] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1518.384245] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1518.384254] RSP: 002b:00007ff249f47c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1518.384267] RAX: ffffffffffffffda RBX: 00007ff249f486d4 RCX: 000000000045b349 [ 1518.384275] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000007 [ 1518.384282] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1518.384290] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1518.384297] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1518.403492] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1518.436040] CPU: 0 PID: 4341 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1518.445279] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1518.450178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1518.450183] Call Trace: [ 1518.450206] dump_stack+0x197/0x210 [ 1518.450226] warn_alloc.cold+0x7b/0x173 [ 1518.450242] ? zone_watermark_ok_safe+0x260/0x260 [ 1518.450256] ? __lock_is_held+0xb6/0x140 [ 1518.450292] __alloc_pages_slowpath+0x2214/0x2870 [ 1518.450332] ? warn_alloc+0x110/0x110 [ 1518.680930] ? __lock_is_held+0xb6/0x140 [ 1518.685011] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1518.690574] ? should_fail+0x14d/0x85c [ 1518.694481] ? __isolate_free_page+0x4c0/0x4c0 [ 1518.699073] ? __might_sleep+0x95/0x190 [ 1518.703064] __alloc_pages_nodemask+0x617/0x750 [ 1518.707809] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1518.712839] ? fs_reclaim_acquire+0x20/0x20 [ 1518.717316] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1518.722862] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1518.728635] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1518.734222] alloc_pages_current+0x107/0x210 [ 1518.738656] ion_page_pool_alloc+0x17f/0x270 [ 1518.743081] ion_system_heap_allocate+0x154/0xa90 [ 1518.747937] ? ion_system_heap_free+0x250/0x250 [ 1518.752613] ? ion_alloc+0x306/0x900 [ 1518.756354] ion_alloc+0x29b/0x900 [ 1518.759905] ? ion_dma_buf_release+0x50/0x50 [ 1518.764427] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1518.769990] ? _copy_from_user+0xdd/0x150 [ 1518.774151] ion_ioctl+0x17b/0x329 [ 1518.777692] ? ion_alloc.cold+0x28/0x28 [ 1518.781668] ? __might_sleep+0x95/0x190 [ 1518.785648] ? ion_alloc.cold+0x28/0x28 [ 1518.789626] do_vfs_ioctl+0xd5f/0x1380 [ 1518.793528] ? selinux_file_ioctl+0x46c/0x5d0 [ 1518.798051] ? selinux_file_ioctl+0x125/0x5d0 [ 1518.802557] ? ioctl_preallocate+0x210/0x210 [ 1518.807239] ? selinux_file_mprotect+0x620/0x620 [ 1518.812012] ? iterate_fd+0x360/0x360 [ 1518.815831] ? nsecs_to_jiffies+0x30/0x30 [ 1518.820080] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1518.825625] ? security_file_ioctl+0x8d/0xc0 [ 1518.830045] ksys_ioctl+0xab/0xd0 [ 1518.833502] __x64_sys_ioctl+0x73/0xb0 [ 1518.837666] do_syscall_64+0xfd/0x620 [ 1518.841482] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1518.846675] RIP: 0033:0x45b349 [ 1518.849868] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1518.869846] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1518.877565] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1518.884842] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1518.892133] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1518.899524] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1518.906802] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1518.914101] CPU: 1 PID: 4348 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1518.921919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1518.931401] Call Trace: [ 1518.934015] dump_stack+0x197/0x210 [ 1518.937670] warn_alloc.cold+0x7b/0x173 [ 1518.941672] ? zone_watermark_ok_safe+0x260/0x260 [ 1518.946536] ? compaction_deferred+0x16a/0x3b0 [ 1518.951342] ? try_to_compact_pages+0x44/0xae0 [ 1518.955964] __alloc_pages_slowpath+0x2214/0x2870 [ 1518.958051] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1518.960837] ? warn_alloc+0x110/0x110 [ 1518.960852] ? __lock_is_held+0xb6/0x140 [ 1518.960869] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1518.960885] ? should_fail+0x14d/0x85c [ 1518.960906] ? __isolate_free_page+0x4c0/0x4c0 [ 1518.972749] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1518.976034] ? __might_sleep+0x95/0x190 [ 1518.976060] __alloc_pages_nodemask+0x617/0x750 [ 1518.980357] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1518.985656] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1518.985677] ? fs_reclaim_acquire+0x20/0x20 [ 1518.985693] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1518.985715] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1518.990206] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1518.994345] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1518.994367] alloc_pages_current+0x107/0x210 [ 1518.994387] ion_page_pool_alloc+0x17f/0x270 [ 1518.994408] ion_system_heap_allocate+0x154/0xa90 [ 1519.004407] Node 0 DMA32 free:117728kB min:36168kB low:45208kB high:54248kB active_anon:1058096kB inactive_anon:824kB active_file:60kB inactive_file:4kB unevictable:0kB writepending:128kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28032kB pagetables:70876kB bounce:0kB free_pcp:1232kB local_pcp:564kB free_cma:0kB [ 1519.007227] ? ion_system_heap_free+0x250/0x250 [ 1519.007244] ? ion_alloc+0x306/0x900 [ 1519.007263] ion_alloc+0x29b/0x900 [ 1519.012247] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1519.020522] ? ion_dma_buf_release+0x50/0x50 [ 1519.020549] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1519.020563] ? _copy_from_user+0xdd/0x150 [ 1519.020581] ion_ioctl+0x17b/0x329 [ 1519.020597] ? ion_alloc.cold+0x28/0x28 [ 1519.020624] ? __might_sleep+0x95/0x190 [ 1519.026006] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1519.029967] ? ion_alloc.cold+0x28/0x28 [ 1519.029987] do_vfs_ioctl+0xd5f/0x1380 [ 1519.030004] ? selinux_file_ioctl+0x46c/0x5d0 [ 1519.030019] ? selinux_file_ioctl+0x125/0x5d0 [ 1519.030035] ? ioctl_preallocate+0x210/0x210 [ 1519.030050] ? selinux_file_mprotect+0x620/0x620 [ 1519.030080] ? iterate_fd+0x360/0x360 [ 1519.030102] ? nsecs_to_jiffies+0x30/0x30 [ 1519.036024] 11669 total pagecache pages [ 1519.041482] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1519.041500] ? security_file_ioctl+0x8d/0xc0 [ 1519.041518] ksys_ioctl+0xab/0xd0 [ 1519.041535] __x64_sys_ioctl+0x73/0xb0 [ 1519.041553] do_syscall_64+0xfd/0x620 [ 1519.041577] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1519.041587] RIP: 0033:0x45b349 [ 1519.041605] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1519.051482] lowmem_reserve[]: 0 0 1 1 1 [ 1519.055979] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1519.055995] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1519.056005] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1519.056013] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1519.056027] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1519.060872] 0 pages in swap cache [ 1519.064833] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1519.201175] CPU: 1 PID: 4317 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1519.204896] Swap cache stats: add 0, delete 0, find 0/0 [ 1519.207707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1519.211624] Free swap = 0kB [ 1519.216695] Call Trace: [ 1519.220057] Total swap = 0kB [ 1519.238841] dump_stack+0x197/0x210 [ 1519.238863] warn_alloc.cold+0x7b/0x173 [ 1519.238879] ? zone_watermark_ok_safe+0x260/0x260 [ 1519.238895] ? compaction_deferred+0x16a/0x3b0 [ 1519.238911] ? try_to_compact_pages+0x44/0xae0 [ 1519.238941] __alloc_pages_slowpath+0x2214/0x2870 [ 1519.238972] ? warn_alloc+0x110/0x110 [ 1519.243052] 1965979 pages RAM [ 1519.250888] ? __lock_is_held+0xb6/0x140 [ 1519.250909] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1519.250923] ? should_fail+0x14d/0x85c [ 1519.250942] ? __isolate_free_page+0x4c0/0x4c0 [ 1519.250960] ? __might_sleep+0x95/0x190 [ 1519.250980] __alloc_pages_nodemask+0x617/0x750 [ 1519.251002] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1519.258360] 0 pages HighMem/MovableOnly [ 1519.258371] 341741 pages reserved [ 1519.265673] ? fs_reclaim_acquire+0x20/0x20 [ 1519.265688] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1519.265705] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1519.265718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1519.265737] alloc_pages_current+0x107/0x210 [ 1519.265760] ion_page_pool_alloc+0x17f/0x270 [ 1519.265782] ion_system_heap_allocate+0x154/0xa90 [ 1519.273194] 0 pages cma reserved [ 1519.280362] ? ion_system_heap_free+0x250/0x250 [ 1519.280381] ? ion_alloc+0x306/0x900 [ 1519.280400] ion_alloc+0x29b/0x900 [ 1519.280421] ? ion_dma_buf_release+0x50/0x50 [ 1519.289883] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1519.291303] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1519.299087] lowmem_reserve[]: 0 0 0 0 0 [ 1519.304480] ? _copy_from_user+0xdd/0x150 [ 1519.304500] ion_ioctl+0x17b/0x329 [ 1519.304516] ? ion_alloc.cold+0x28/0x28 [ 1519.304536] ? __might_sleep+0x95/0x190 [ 1519.304550] ? ion_alloc.cold+0x28/0x28 [ 1519.304566] do_vfs_ioctl+0xd5f/0x1380 [ 1519.304582] ? selinux_file_ioctl+0x46c/0x5d0 [ 1519.304601] ? selinux_file_ioctl+0x125/0x5d0 [ 1519.375915] Node 0 DMA: 27*4kB (UME) 21*8kB (UME) 7*16kB (UME) 14*32kB (UM) 6*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10436kB [ 1519.378195] ? ioctl_preallocate+0x210/0x210 [ 1519.378217] ? selinux_file_mprotect+0x620/0x620 [ 1519.389820] Node 0 DMA32: 136*4kB (MEH) 48*8kB (MEH) 14*16kB (EH) 1206*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 1*2048kB (M) 0*4096kB = 42752kB [ 1519.391994] ? iterate_fd+0x360/0x360 [ 1519.392015] ? nsecs_to_jiffies+0x30/0x30 [ 1519.395460] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1519.399907] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1519.399925] ? security_file_ioctl+0x8d/0xc0 [ 1519.399942] ksys_ioctl+0xab/0xd0 [ 1519.399959] __x64_sys_ioctl+0x73/0xb0 [ 1519.399976] do_syscall_64+0xfd/0x620 [ 1519.400015] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1519.425264] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 22:57:36 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) munlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) 22:57:36 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r2, 0xc040564b, &(0x7f0000000040)={0x2, 0x0, 0x300a, 0x0, 0x3, {0x0, 0xabac}}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$VIDIOC_G_DV_TIMINGS(r4, 0xc0845658, &(0x7f00000002c0)={0x0, @bt={0xfffffffc, 0x3, 0x1, 0x1, 0x8, 0x3, 0x7, 0x10000, 0x10001, 0x2, 0x401, 0xfffffffd, 0x4, 0xfff, 0xc, 0x0, {0x2, 0x1}, 0x0, 0xf7}}) r5 = socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0x82, &(0x7f0000000140)=@assoc_value={r6}, 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f00000006c0)={r6, 0x8000, 0x93, "d0fdd90c275da4e7bd73f6aa850c58fb1cbce8ff015147013adad7dba2acc6b1fe0c2424851acee5fcd23bce359e62e8f7b5f5bc04654645054fa46911ab56a8052f1fbb806a6dab91311b5dcc7f6bf2829fe37f715d56717fddbd8a767c84c942f3fd186d454be45f44a998c3f17acda61330b0f29146553c8c3252e71cf4bfb1e5d8e040d7dd5d33d290bf9ab9ac008a0ff3"}, 0x9b) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r5, 0x84, 0xf, &(0x7f0000000200)={r6, @in={{0x2, 0x4e24, @remote}}, 0x80000, 0x200, 0x2, 0x9}, &(0x7f0000000080)=0x98) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r7 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r7, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r7, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) write$binfmt_script(r7, &(0x7f0000000b40)=ANY=[@ANYBLOB='#'], 0x1) setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000140)=0xda6, 0x4) sendto$inet(r7, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xd38, 0x13c, 0x0, 0x27) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r7, 0x84, 0x7c, &(0x7f0000000180)={0x0, 0x9, 0xdef}, &(0x7f0000000380)=0x8) [ 1519.425842] RIP: 0033:0x45b349 [ 1519.437208] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1519.438841] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1519.448411] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1519.450484] RSP: 002b:00007f1ef8b7cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 22:57:37 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000017000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1519.450499] RAX: ffffffffffffffda RBX: 00007f1ef8b7d6d4 RCX: 000000000045b349 [ 1519.450507] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000004 [ 1519.450515] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 1519.450523] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1519.450531] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bfd4 [ 1519.451904] warn_alloc_show_mem: 2 callbacks suppressed [ 1519.451909] Mem-Info: [ 1519.798410] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 22:57:37 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000007400000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1519.897827] 11660 total pagecache pages 22:57:37 executing program 1: set_mempolicy(0x1, &(0x7f00000000c0), 0x7) setxattr$trusted_overlay_redirect(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='trusted.overlay.redirect\x00', &(0x7f0000000100)='./file0\x00', 0x8, 0x0) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) openat$vimc0(0xffffffffffffff9c, &(0x7f0000000140)='/dev/video0\x00', 0x2, 0x0) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) writev(r2, &(0x7f0000000740)=[{&(0x7f00000002c0)="6fd8628b28961a4af720a6773542e5594f7f0dba508b9cf2c5f09e56678cccd63b73aca354bb163847141717d0a4520a6a4b6ccf302b38cc2f7b23cc06882fbd21098f5ce260e83efc27144297a7820a8d1f99028e4cd07b", 0x58}, {&(0x7f0000000500)="156a62b8a6382329eaa5abac2d183e6dfc5faf8b84f05fc42f", 0x19}, {&(0x7f0000000540)="2b2d65ce69e4ed32dc06af1829a97b48724d239e4ce41fb93bd928b7aadbf885f8dce4a1c5ac50ba5c089069f259892097e5dc0ad384d094e50fac4c7949ba48be8250818b4758dd0498a995b5f2681f0786a83931a52942270ffbd57e587fccb868843349b8fc8449fceca4663426d61c955b8a70d336a3faf5a087cc4e2c661dfc089296c8a782c2da4d984889cfd77e2d2fbe09687f14fb4cbf22584f6ff7e09b9aaa833b9a0b4fbe241dde85643008601148caf797af915e47b28a45102b9cf56f368dbc2de170ac52e3cbe2d295b536b50f911fd4ae23b4cd4a64c469b6", 0xe0}, {&(0x7f0000000640)="7ebb2db30229e24c7dd2d5afb7b3b4704a94844c58d3cba5034559957ab75b23ab9c17f0d92bb43028e652a05c02870a7ca0d0f92de9a30074aa5600c17059e572e652c4e1ee8ef1a591d4d305cb74394c5463594312540a7f3e08c022f5cd6a5a7e85eb0031bb", 0x67}, {&(0x7f00000006c0)="3fcc783678ce4b8b295010b9cdb24825b3275a09b73f5ef253db4fba58fe6439bb9e3f48a54df2925a89186a8a81b6a7bd1a5d42373cf7b599f792ab329ee4809c3331cbb54869cce3289d0f59ed9a79", 0x50}], 0x5) setsockopt$CAIFSO_REQ_PARAM(r3, 0x116, 0x80, &(0x7f0000000400)="dea2bb6f85bd282175a55d3c1ea2e7975e12a1697d6985936d52ce26f3f6ac41d468865510cc6a56a7ea1c5aa6d7be5e38d2206ae23976ef7a6fe1f51a256cdf1c6fefce0b2e0b6c2f1a9029a0303fc92223a67a215bdc16d266153fb6c6f9c5922c564528e6974e4806dfc23552187dd92af70d457b5d67b29dacf358f701efd5156699d436847e73b166309dd5e04a03c583beedba4bfa099d08b7dcc9199f8ffd35f1e9b0b8b5b82235257830ee69633c45bf7cede46d5e10d11ce54185c90257e5376c1a", 0xc6) fcntl$getownex(r1, 0x10, &(0x7f0000000100)={0x0, 0x0}) process_vm_readv(r4, &(0x7f0000000380)=[{&(0x7f0000000340)=""/61, 0x3d}], 0x1, &(0x7f0000002540)=[{&(0x7f00000003c0)=""/63, 0x7ffff002}], 0x2, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000000000)=0xc) keyctl$get_persistent(0x16, r7, 0xfffffffffffffff9) r8 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0x0, r9) lchown(&(0x7f0000000240)='./file0\x00', r7, r9) ptrace(0x8, r4) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}) r11 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/qat_adf_ctl\x00', 0x2, 0x0) ioctl$BLKRRPART(r11, 0x125f, 0x0) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r10, 0x84, 0x7, &(0x7f0000000180), &(0x7f0000000200)=0x4) [ 1519.951394] 0 pages in swap cache [ 1519.985970] Swap cache stats: add 0, delete 0, find 0/0 [ 1520.015256] ptrace attach of "/root/syz-executor.1"[8177] was attempted by "/root/syz-executor.1"[4479] [ 1520.020765] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1520.049529] Free swap = 0kB [ 1520.063636] Total swap = 0kB [ 1520.075203] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1520.076274] 1965979 pages RAM [ 1520.089881] CPU: 1 PID: 4441 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1520.089986] active_anon:277269 inactive_anon:202 isolated_anon:12 [ 1520.089986] active_file:4233 inactive_file:7173 isolated_file:0 [ 1520.089986] unevictable:0 dirty:20 writeback:0 unstable:0 [ 1520.089986] slab_reclaimable:17164 slab_unreclaimable:128494 [ 1520.089986] mapped:58862 shmem:255 pagetables:26223 bounce:0 [ 1520.089986] free:824879 free_pcp:206 free_cma:0 [ 1520.097843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1520.097849] Call Trace: [ 1520.097874] dump_stack+0x197/0x210 [ 1520.097900] warn_alloc.cold+0x7b/0x173 [ 1520.097939] ? zone_watermark_ok_safe+0x260/0x260 [ 1520.143218] 0 pages HighMem/MovableOnly [ 1520.143666] ? __lock_is_held+0xb6/0x140 [ 1520.157024] 341741 pages reserved [ 1520.160094] __alloc_pages_slowpath+0x2214/0x2870 [ 1520.160127] ? warn_alloc+0x110/0x110 [ 1520.160142] ? __lock_is_held+0xb6/0x140 [ 1520.160160] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1520.160176] ? should_fail+0x14d/0x85c [ 1520.160194] ? __isolate_free_page+0x4c0/0x4c0 [ 1520.160211] ? __might_sleep+0x95/0x190 [ 1520.160229] __alloc_pages_nodemask+0x617/0x750 [ 1520.173696] 0 pages cma reserved [ 1520.176390] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1520.176414] ? fs_reclaim_acquire+0x20/0x20 [ 1520.176434] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1520.221354] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1520.227085] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1520.231246] Node 0 active_anon:1060584kB inactive_anon:808kB active_file:52kB inactive_file:12kB unevictable:0kB isolated(anon):48kB isolated(file):0kB mapped:208952kB dirty:0kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1520.232639] alloc_pages_current+0x107/0x210 [ 1520.232665] ion_page_pool_alloc+0x17f/0x270 [ 1520.232685] ion_system_heap_allocate+0x154/0xa90 [ 1520.232706] ? ion_system_heap_free+0x250/0x250 [ 1520.278687] ? ion_alloc+0x306/0x900 [ 1520.282431] ion_alloc+0x29b/0x900 [ 1520.286020] ? ion_dma_buf_release+0x50/0x50 [ 1520.288989] Node 0 DMA free:10436kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1520.290450] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1520.290472] ? _copy_from_user+0xdd/0x150 [ 1520.290490] ion_ioctl+0x17b/0x329 [ 1520.290508] ? ion_alloc.cold+0x28/0x28 [ 1520.290529] ? __might_sleep+0x95/0x190 [ 1520.290546] ? ion_alloc.cold+0x28/0x28 [ 1520.290563] do_vfs_ioctl+0xd5f/0x1380 [ 1520.290581] ? selinux_file_ioctl+0x46c/0x5d0 22:57:37 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000039000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1520.290596] ? selinux_file_ioctl+0x125/0x5d0 [ 1520.290612] ? ioctl_preallocate+0x210/0x210 [ 1520.290626] ? selinux_file_mprotect+0x620/0x620 [ 1520.290646] ? iterate_fd+0x360/0x360 [ 1520.290661] ? nsecs_to_jiffies+0x30/0x30 [ 1520.290681] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1520.378174] ? security_file_ioctl+0x8d/0xc0 [ 1520.382619] ksys_ioctl+0xab/0xd0 [ 1520.386097] __x64_sys_ioctl+0x73/0xb0 [ 1520.390008] do_syscall_64+0xfd/0x620 [ 1520.393840] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1520.399048] RIP: 0033:0x45b349 [ 1520.402255] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1520.421169] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1520.425542] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1520.428916] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1520.428926] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1520.428940] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1520.428951] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1520.428961] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1520.503120] Node 0 DMA32 free:88840kB min:36168kB low:45208kB high:54248kB active_anon:1058136kB inactive_anon:808kB active_file:52kB inactive_file:12kB unevictable:0kB writepending:0kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28096kB pagetables:70864kB bounce:0kB free_pcp:1356kB local_pcp:768kB free_cma:0kB [ 1520.536672] lowmem_reserve[]: 0 0 1 1 1 22:57:38 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000029300000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:38 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_RESERVED(r1, 0x5601, 0x0) r2 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x1}) [ 1520.541608] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1520.569180] ptrace attach of "/root/syz-executor.1"[8177] was attempted by "/root/syz-executor.1"[4481] [ 1520.630928] xt_check_match: 6 callbacks suppressed [ 1520.631036] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1520.676681] lowmem_reserve[]: 0 0 0 0 0 [ 1520.702707] Node 0 DMA: 27*4kB (UME) 20*8kB (UME) 8*16kB (UME) 14*32kB (UM) 6*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10444kB [ 1520.754541] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1520.773940] Node 0 DMA32: 64*4kB (UEH) 79*8kB (UEH) 1074*16kB (UEH) 1202*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 57496kB [ 1520.804529] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1520.814031] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1520.827526] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1520.837059] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1520.846337] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1520.856428] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1520.858950] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1520.865720] 11666 total pagecache pages [ 1520.875658] 0 pages in swap cache [ 1520.880865] Swap cache stats: add 0, delete 0, find 0/0 [ 1520.886457] Free swap = 0kB [ 1520.890072] CPU: 0 PID: 4500 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1520.897892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1520.907260] Call Trace: [ 1520.909934] dump_stack+0x197/0x210 [ 1520.913599] warn_alloc.cold+0x7b/0x173 [ 1520.917597] ? zone_watermark_ok_safe+0x260/0x260 [ 1520.922568] ? compaction_deferred+0x16a/0x3b0 [ 1520.927170] ? try_to_compact_pages+0x44/0xae0 [ 1520.931791] __alloc_pages_slowpath+0x2214/0x2870 [ 1520.936678] ? warn_alloc+0x110/0x110 [ 1520.940616] ? __lock_is_held+0xb6/0x140 [ 1520.944699] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1520.950253] ? should_fail+0x14d/0x85c [ 1520.954160] ? __isolate_free_page+0x4c0/0x4c0 [ 1520.958767] ? __might_sleep+0x95/0x190 [ 1520.962763] __alloc_pages_nodemask+0x617/0x750 [ 1520.967464] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1520.972506] ? fs_reclaim_acquire+0x20/0x20 [ 1520.976851] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1520.982412] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1520.988148] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1520.993831] alloc_pages_current+0x107/0x210 [ 1520.998278] ion_page_pool_alloc+0x17f/0x270 [ 1521.002723] ion_system_heap_allocate+0x154/0xa90 [ 1521.007598] ? ion_system_heap_free+0x250/0x250 [ 1521.008943] Total swap = 0kB [ 1521.012283] ? ion_alloc+0x306/0x900 [ 1521.012303] ion_alloc+0x29b/0x900 [ 1521.012325] ? ion_dma_buf_release+0x50/0x50 [ 1521.012348] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1521.012366] ? _copy_from_user+0xdd/0x150 [ 1521.015489] 1965979 pages RAM [ 1521.019154] ion_ioctl+0x17b/0x329 [ 1521.019173] ? ion_alloc.cold+0x28/0x28 [ 1521.019194] ? __might_sleep+0x95/0x190 [ 1521.022848] 0 pages HighMem/MovableOnly [ 1521.027153] ? ion_alloc.cold+0x28/0x28 [ 1521.027170] do_vfs_ioctl+0xd5f/0x1380 [ 1521.027191] ? selinux_file_ioctl+0x46c/0x5d0 [ 1521.032953] 341741 pages reserved [ 1521.037047] ? selinux_file_ioctl+0x125/0x5d0 [ 1521.037065] ? ioctl_preallocate+0x210/0x210 [ 1521.037078] ? selinux_file_mprotect+0x620/0x620 [ 1521.037100] ? iterate_fd+0x360/0x360 [ 1521.040289] 0 pages cma reserved [ 1521.043754] ? nsecs_to_jiffies+0x30/0x30 [ 1521.043777] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1521.043797] ? security_file_ioctl+0x8d/0xc0 [ 1521.107060] ksys_ioctl+0xab/0xd0 [ 1521.110658] __x64_sys_ioctl+0x73/0xb0 [ 1521.114565] do_syscall_64+0xfd/0x620 [ 1521.119200] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1521.124393] RIP: 0033:0x45b349 [ 1521.127595] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1521.146505] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1521.154227] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1521.161505] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000006 [ 1521.168786] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1521.176167] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1521.183451] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1521.200493] warn_alloc_show_mem: 2 callbacks suppressed [ 1521.200499] Mem-Info: [ 1521.242237] active_anon:276669 inactive_anon:205 isolated_anon:0 [ 1521.242237] active_file:4233 inactive_file:7179 isolated_file:0 [ 1521.242237] unevictable:0 dirty:56 writeback:0 unstable:0 [ 1521.242237] slab_reclaimable:17147 slab_unreclaimable:128566 [ 1521.242237] mapped:58829 shmem:255 pagetables:26135 bounce:0 [ 1521.242237] free:891425 free_pcp:561 free_cma:0 [ 1521.306115] Node 0 active_anon:1058208kB inactive_anon:820kB active_file:52kB inactive_file:36kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208952kB dirty:24kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 22:57:38 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0xba03}) 22:57:38 executing program 4: pkey_alloc(0x0, 0x2) set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x434002, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000040)='NLBL_CALIPSO\x00') prctl$PR_GET_KEEPCAPS(0x7) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:38 executing program 1: set_mempolicy(0x2, &(0x7f0000000040)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) pselect6(0x40, &(0x7f0000000080)={0x4, 0x80, 0x7, 0x8, 0x3, 0xdadb, 0x7, 0x5f7}, &(0x7f00000000c0)={0x3, 0x100000001, 0xffff, 0x272, 0x7fffffff, 0x6, 0x3ff, 0x3}, &(0x7f0000000100)={0x9, 0x0, 0x5, 0x7, 0xfff, 0x7ff, 0x7, 0x10000}, &(0x7f0000000140), &(0x7f0000000200)={&(0x7f0000000180)={[0x3]}, 0x8}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205647, &(0x7f00000002c0)={0x40f39fffb16ee1a2, 0x7, 0x5, 0xffffffffffffffff, 0x0, &(0x7f0000000280)={0x990af8, 0x1000, [], @p_u16=&(0x7f0000000240)=0x2d58}}) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0x82, &(0x7f0000000140)=@assoc_value={r4}, 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f00000006c0)={r4, 0x8000, 0x93, "d0fdd90c275da4e7bd73f6aa850c58fb1cbce8ff015147013adad7dba2acc6b1fe0c2424851acee5fcd23bce359e62e8f7b5f5bc04654645054fa46911ab56a8052f1fbb806a6dab91311b5dcc7f6bf2829fe37f715d56717fddbd8a767c84c942f3fd186d454be45f44a998c3f17acda61330b0f29146553c8c3252e71cf4bfb1e5d8e040d7dd5d33d290bf9ab9ac008a0ff3"}, 0x9b) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000002740)={r4, @in6={{0xa, 0x4e20, 0x7f, @mcast2, 0x81}}, 0x2, 0x6, 0x3, 0xa0000000, 0x6d}, &(0x7f0000002800)=0x98) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0x82, &(0x7f0000000140)=@assoc_value={r6}, 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f00000006c0)={r6, 0x8000, 0x93, "d0fdd90c275da4e7bd73f6aa850c58fb1cbce8ff015147013adad7dba2acc6b1fe0c2424851acee5fcd23bce359e62e8f7b5f5bc04654645054fa46911ab56a8052f1fbb806a6dab91311b5dcc7f6bf2829fe37f715d56717fddbd8a767c84c942f3fd186d454be45f44a998c3f17acda61330b0f29146553c8c3252e71cf4bfb1e5d8e040d7dd5d33d290bf9ab9ac008a0ff3"}, 0x9b) r7 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r7, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r7, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) write$binfmt_script(r7, &(0x7f0000000b40)=ANY=[@ANYBLOB='#'], 0x1) mq_timedreceive(0xffffffffffffffff, &(0x7f0000002a80)=""/146, 0x92, 0xfff, &(0x7f0000002b40)) setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000140)=0xda6, 0x4) sendto$inet(r7, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xd38, 0x13c, 0x0, 0x27) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r7, 0x84, 0x1b, &(0x7f0000002840)={0x0, 0x99, "b39964a2df7b13967fd41843bf0c7bbb32d4753ce1c38ff2efad993f2eee9daa5cb206a6d079a5e959d528dd998329cd0a72796ed3a370c93bd1eba23eaf9bb60368ce76e744779135394484b4f3efa061df40d3b93da4e50e0deedabf77e3ab54d6d8e070f49001acf8bd3086af46e0048e91311ee3fa763e558bfcb609a1c46d587fe208e09f9e628489f8334e587f382328816779f2a2a1"}, &(0x7f0000002900)=0xa1) sendmsg$inet_sctp(r3, &(0x7f0000002a40)={&(0x7f0000000300)=@in6={0xa, 0x4e20, 0x7, @empty, 0xa5e}, 0x1c, &(0x7f00000026c0)=[{&(0x7f0000000340)="b808e76ba1a827bfc31911d1bdc7725dc92ec4be1824fea7aa2d127fae9d6af2a4e734d1372ad7f315061f087c5bc17d419a5aca6ba8736f5fdddfc089b532369682f253449bb0d6f10c4e9180604ceac41ca3f351f1ed6d5e6bef98779f0284b43ae70540654336d76692", 0x6b}, {&(0x7f00000003c0)="080fd692f4fe1a44b0f1541122b52b22f9d5c0d01159e3906517bb2f7546adfd2cd2877eb946e2957d055956e0c6d3ae51871aae0b30918efdd50abee88f3cf7202a6f048d02cab555a145d18805853295056eeb1887cff40b7d53f78297c70943575357c4d5163cd8", 0x69}, {&(0x7f0000000440)="648c255afe1456e0548d01c99d05eb9ae6f544e25e50d67736ad5207138e9b525300b865829114d1904785b8f3e18ebcc3ca09df4e8257f994461dd89cda3797899d73a876d97ccc2d48ed31b22bd99d4cbd0e8f51ac5da2eab1a8a6bedcdd37729c74d1eab8838df79e9c2b10d85f0dfa58d8938bc1bbc67c209db90fed92b69fec44cdf787c60ac6f003737321e46a0e68dfb1c6b68880e63bc3784551dc78878c59406036271ebbbf2f036c7dcb172d11b1c2fed8ccbb4ec4d1cb91ffa5f2e3d0c95ab00dc3f170dd62bc85837adb7002256ef606076f2ce749f6ca8cae8d0e5b1c8710ca29122529528f3b4454b8fda21f552fa60fcf104646dc67321111eef9e2077e34e3a2518bc4b24b341ac5dccf8d676c9fb93c19ecc769c528706471b55245ca50c128de7c9b18b04f8b68f644560d2696e1fc84f3f4f983fed95e9853a85a333c4b56992f97bc4fcbeb80966a79691a8ef255b1dea5c9edaee0e8c6d17b26df6f1c0eb358c281efba9d3771af7b1bd1ad857a8543844c29216ebba510b190fe44c9a2311dc8c579d206a4885cb3b72bc1b58ac9df15011b1d4ef7e9bd0549a46a9dbc521d669a6c5a57fb8003e71abea2d182e92767a273cc5baad8b6c6e4f8955abe0f926082a2820cf38363301645742a66e5c2ce502ae3ee6974e7a128f3ab41ef756d4c8c2da2f240e147c42596e75c1d113f6d02819056776d28c4182aef772129f3d7acf4226187579cf70ed905b39de9342042b8a48bfa8caf7ddeee864dc56daa7bc43ecfe658f3adad736f3a554e2ba931f1b9f621146d7b76eb139582fa8454e70076d6f65bf55f5cebb287940f2cb06c6ff2af05500dbbc4787e706f46e2b2a843cfd949c6de0bb4d977b6e752bb0560d6108b0df0382914feace57f16c20bfc772eb7dd3186aff0ff13563d5de94ef6659fb16a8f41fb052991a78de3d2b710c82df4bb9bb4f84d57f5020d886dfac424774a92ca98f5d4d2d3412fc8208652777bd3d95603b14952a5b45cd7dfad4b6f6f3438abdfc831289d0b7ef057e83542710e4efdd1539968df7b2b272a38e691de091a79cd3b88255bbe0618dd4043da804ca883881febc3f1f6abc5e6fabf68ab9915455721f6a71c9cf7237a4cf0a5c53280fbfcb21e74e4f5f67aacb6a14550ed5df5b41035be3d984c7a777d386d360eaf1eb68dd1a69223659341cb304f3288e8e455d866db209529e59bf162b8a40c74e11f9a22311737ad8833aa1c6e6b3f3eba7c31507f2a38dec5ce571d10269bf303358e373b958de2030ab6057f76081675852e0a233c5eacd68d810b45318b3100fabb641fb883fd3ec17880fe770ddc826c2f1e2cc71110c0e1307cb4de148103791310a68059bbb50ca4d37b98e98e7e67b44148966e568ef5a872c54275d8c008937f5ce9539548d06ce9505fc00537bad69d3ed37d387e4591d352ec36059b7db55646c72d40f03f44e3b7a6dcf7803a4f03e3594cb5ba57467c62eab88d98a988373c1c4603dde6499c1b89b39bf5e39edb111f26e56be8f943cfe7432d3f3d7935cca59ab65ebae57fbafd8c861d477ba6fc9509458e8618772571940f3f814ce740e1d3321319bb331b5d2f0701919d7910b865fd1a33ae6f5a3e5298316829a5c0b97f87096f0048d70647af617fab7a4ad117886758f1b67b566c630cd4e11abcaad06ed986faf1fdf436db3ebcbe33e29027c9e0f16abb4fd8c0d3bb8d200996e2ae64ccc641078c3feb05b92d8d12bd8cff6f7ec0081c0233761b142e57b4549fd3cb40ddeb0e1276ac051abb0dbd1004763668ffe13517441b5bba30072e9241e005a67909b54a9c7f009d9051872987f6f6617692bc5f8a8032fa3284a1a897b5239568a3b5ec9623636d61dbb0d5479b375ac51b8b0e29d7b06d497d06ba8d4b4d10a3cf8a21d802bcfb7ac59e918aacb2939efec0ff07a5100f3c323f98f341ce2b89468023be86da666178f403ddd8f7ad5f0a61f84dde2b03b3af115d06aee0aad1d4f4c0479c474d419de7e25806f9ff86a86d7ee6b66565ee50510c6e36abc9328940e9033e51b9e43bbd3a52d4b60acae9b2950a6917fbd9def04b1a3db0fd8b0dd8278f167b4feddea033cfc0743224e4522d2733ef3a4764c9a74b6f027935c588920a4aeba043387bf0b34baa59c1e8313f9ea7ad00d5202d759302b5f8e07fe0ac24219dc8e94f34f5a452a1e7d7f5be945f1e8279b1a1f8078343ab0205490e554819ff99ae73cd3716ee43183dda68f8626fe46b01e0389a28dde308c7af6cebce2f0f6a43e6bcd938c5c992a176217757de9d39b1d00b65becb9cf2d882b567dbfe264b5e3f1598e4a8fc267206a86bdb4c1f83ef98b4104ae0b6ddf6fc25ebabe9d30fa28fc13083ec19c9a315a3dc0375db85c676698d7d0f64b4e405626a0b6cd3ace1954ce715b3c531e1aaaeb27e137ed206cc7b9e0e85e7d0c5fd0410c5116aa89852efa8b11858e3abfa6816792847e379929e59b256cae3336dbc5974d7946ee6c1ae9abfd3d75b6bec41deff6e56c0825df426c022253153b2e626757ae66abe0903bd9d5de2a6639ccfb86cf8dd2be9f3e516a3091e6729de81fd8065d7af07c35e8406f3c16c0b224c41cb642e2df162c86c0be22e20044beddea5688aa079bff13d115f45e2e9fcc6b1062aea3f727279fdba3d6c429c56c1bef6587c2e8b39fa925cb42d138494e140e70ef858cf00e8ad4e083d64c927f23f8f3eba815ea06efbac823b7bf9820a4fc25c561c8da84a4f7bd1fcbc982e367cdec071564a6407f43930a203b2a40569101c7b0fdf202d4028e4de4e7862cd6d39587adf4bfbd05877053247da27f652eef0151e58a9b0f65692c22ab7a0bbafb3c17589816075f660ac55508ba0eba20fda3c83bf38ce1cd06a9c0ae4acd5451d51273afc3f9847fb762cf01a0647f08f8d75bf49af551efb4d5a6eb43bc45ecfe848ca098926b4d7173c434b7b0ba9316fa01f13d06aa9f4096cf63193b4568bb70471656d537cb8b53cf009368a8b8652685fc1a635843fc6582661caa9ebd3a4f2d48ea6671e4f5b2543385aeb20dc79d22dd084417dd608b7325d92e92a59e6a8a7cc9c37ff9c92217b3f322054af73aabb61973a97d88f8a032b656dd97fd2c79a034982821544639d33baa58e5a7cfa222755cac6c0d6227b85670be1673667da4ff5b812e8250b505420cda8b959dc6978ff0c1a392de229430012a23bc200b7ae1ada33e36f5b663f5b7cbf258e463b00ebedf206c4603a56ed0af70fe2861d190c20e4cf959c7db4925f54589b232e0778dda6cce347f2ee1f160d02fa360e1139570636533006681c523e8717cbc15ca7e3d90ba2fb6fb007d48080c5de86e1c26a2a7dcb65d8e37272b3c4e27787cf5a93149edde790a2ef5c00056dbd2769c464d2e2226dbcc3318216e3b0d0dcc774bd0b276ec24e22ba586b86b429d9f12e0948709874c354a9d4b48e8714990a950943e2cbb325c62c11c5bc3914247b53d44cf61e7274fff21774046a12390c7c473cc0818700f4f4799ce7d6ab865b21e8277bede9a70f66a7f3ef608f37da37a2071a2689d57846605ce774da3a09e6fbb89d74a9dcab4e50d5fe91df8d60f8695505df2cf39476d75b7f96e5919f08df2723a9c813df5b571b148bf2663e464c49c9aee414df81ff98acd27b6e29d7d054acff2a2119e47105fe17198fb8c230ae98f97ee8a624cb05fffca04d22d29e438661f2860f9caae45abd499ebfafdf3b9419d64985b8b88f04eb1c74c667a18e8bcacd0196eae0ec8d7a2d06d6bee25f203d9022f7879052fe2c7bd965ee29952363b10ec92e6389db26d43daa5cd8fd52dd8fa65609ff606b93f979065e11c1f91ebbbc5b51b798182499d5cab0d814134f45d43ea8deea18f63ea1e0749a9798e5c5bf5adf155615b9047b0a9d9fbf2f3320463af99001da97085cd412373e993ba2c807989b0fd092303cd2447dd4482878d4411827cfa7c62be2d6e27a7e9a697d5fae3a0432d77ab90ce76acea0fd46244d7beb3cbf527b65415bf659356ed4ff3835ad2ab9f1883cf36e35f20a818f286e222b86adc7fecec8a992f6131ef35fbd4423e3f1944637a03810c5a408e69b48741a93b9c7e1db62aadf94afd130978adbe40d102a281a24eca30e6e71d2bcbb21adf7e3e6c3893f3f2dc518b35043f93e4ac51769caedd88148c834371ed261169eaee44fbaadb500158655c9b7b67219c8bdc342e31ac8d49a72af9fe0ae5eacb752bc05d54b029a2e82ba36810b0805c1bfc19be8d306159e7fc2055b33e779b34b9b0a3f93f5aa13e51057a4f675ef0eae1f88ee3113f1dd55190a4c6169f5195e5748e5b6ab8fa69074f2ba9c77c7598c2b39ba00385f1e1f3a002269715427d6eb098301142ecf914a8de7ed34b423de2c1fe1b23f79fdfd735cf7a9777f950a122dccc346da69ed8f7f2b6bd4bc7201853ea68b2ec013e7fbf24ae7f4331c7e638779d8d7a81837e84dd0fa7aa4cb35a744b94719a9f7285d5db545770cda7db9e3a69743fbbcf8ba6d9cf4d5a093b2f5fa005241016fdb5d113139ea1d0a50c51309170faa1f8b4e962aa4e2fdc08209a199586c65df511b6f9f003b2bd158c2af5f57e0307528fd796de245498da4df3733dc21c17d8ea2f7c7a3038f9513bded16c238f43f33a325b769fd15dd3d26c2de7c3d51821137eee64b4c7eee6e19b282683871029f4e37c508bdbaacb1767ce2ba815b67baa4c4378edb20a543a522785be0acfab5b820c5e1c451697deca50efe0bb1ce8ec17dad2d272d4524b9c4283d8751b03c96affec0b0101aa5dba45d08958b573d35b7f700adede342a94c6a8962113b9282646faa952e384e56dd4086bf4277b8352e721e7565e18a8723aafba210022c97315cee7a2437936e4220990678edc77a49960a160127407af4c9c8fcd3f783fa5171ee7d0d01fbe50b4ba950206fc49435317318fc917a4aea7dfc034bf98e224b0629db1f38e283ebc98343843fe49acf362903f240708aa2c1721b4f869541f33bc0e14e54ac7c87dbee4380bc746bc1f8197f9bc4c18ce16f947c53d8d8daeea45864153cb2b1fdcc4b3dd2e3b13e2ee623b5750c69b74bc7e455b0de21f125cf3f949ddf67df8ef57e717e2cbcba1353ad5b779d05872b3804a81f97dee56573231d36db64ada8f53b2f64a7ca46e31167b5ca6e72eec05b09973c1ccc30f0546fc7067a0f7c634ca2e880317693a4cee1febd052458d9df55b48ed3c1451c1ba6d298440ea969d6ea75a00d76888fdad46d102f49c13b0566736f667c46a5b46bc68902ac7f2180f8890fbbf275443965219a8b64835ee3235268585812642fab17e43239bf033296a5fa7456ecd7917d36b69cf2c529830c7e007df95136c30bc996a5366a8bf502738b2be3a7722d25deec9e19c0869eeb98630c0b0a9566da17401ecd632639dbf95ca4f34779eedf83366dfe611054ad7bb2fae12bab102b6c4219eca1ea27e9a5d23e8119b8c8d3cf29b09d55f5502d72b1b2cfe2727c51c239b4c4c766a876562b30ceccccb0bfa20ca4f5172f112dac3103f5010cecce22627be5eed07bdc64fef7c090687e308f6d4a1f31f4bf2d4fe335e99658869232683af2c966d7ea07821d943ef34a43d318bcfdd2d2a75d3b26dda426874f8be588b50bee1f439bf1cbad9b343da66158aacbabf8e9aae20ac4a23d57e5efcf9459e8e142c3e5a365c9218d868482a411f96eb95c69ffd4a6", 0x1000}, {&(0x7f0000001440)="8748c60ba26d4a0b34e6c289", 0xc}, {&(0x7f0000001480)="f743e840da0df0d7202b3453f1d56b0e25351960ab33dfe783250b30ee0b0828a0403b087ed6a9ba69b7e1223c27f2eac63f4da3caffbb18f0e92b939832ba9695b161d4141eadb3a48f625d43392b687f745579aa2123d62d2430e394ae2f251e90da8cfced86fb41a536fa25c92e030bbc702415d5debe55f2e37a4eff90e34224e830a1432fcc3230b6b4d08c4320e8e560a812cd6fd429ae267230ac7b9ff0fcea06e20acf6ec21e026a800a9e6103fab1166879af7d6aa6c70dd6c1e2f0238837ee055553", 0xc7}, {&(0x7f0000001580)="4928dad80d98dd8c89ac6d68d2b9470f458c93633b3a35e225c6ee8c997d41bb21189932388b66aaa22a553d5507182332537475b41eb09b621d331cd2b60b473a4c36f8ebe80e9df8530763109d5641ab2cdc01915d846a6f7e8245be436ae2082f825763603a056fe7206208e2796dea77c7379c48d69ed0cbda809cadde1a6d381299afb4e8cb756d9dabc3e41e2f8465d0cf650f10f1a27a5796c03c96b3c31c7cf8bb3a2fb3f6b4a33c0b545e67de12f4816e214b84ab50a84c43dd20664791f601fa710fed35139d", 0xcb}, {&(0x7f0000001680)="6e1d58a05aa3cbc439a1ae34773c7e0c2a1eff54e5e25e4a8263793bc91bbe943529c678c0ab3b6d2dcfab71b8741ea49499b7f5b908c5d8f13074061068d138e97347268dd9cfce28460bba3cdbb2f2ea3cce72db769924d08e69b7f957c78b47a7930c201c4fcdc95af5e6fe6efa53d9eaca8f8f9b52594537ebee02bcd1dda52a8ad53e02a6871d4b435aabb12ebc9640ec8d36a1a3cfb4695a3e12db2ea0862ec7ac944c78f1e7be8814f81ad1c23fe36cbf1e705fa8d01f65dc6d47cba8e2c4dcf6bd7e60a7f8d00c4f7b8e82e4105283763b3cde8a4529524dad377e4461a2e3b22884205b7a6abc758b4cf6740c40891b39e66c356199287550636534c74cf9e0c3b1988f2271c249314b9700aad17a9cda860b4b398e1a58559a12ac315b02940314077cdb5cef7528501600396c23ec42efaf46299ef4c04797337497781405f449ec07fcda6015493f340369a02818b3d0f9b8b389ee1e87acafdba011aeff1e57168a21bb944bc1c9c589a949121316be7d53c77b715d5fadeb64f9a1f7a151728b76e17c26f04356b775a8ee5265ae4c9a8413a7f8b1c27e6a76cbdbcc7ff172dbd8b1da3048cbac596f5ba74761decdd7df9c89e8dd524e21e9e57137e134d38e0f43323c98f83ffed6ef1c1113efa9676e45f02413b38b2bd925bb7f6077cc9962f5b4a8d4936c7be9276ad166098ce55a60ea52ddd8942e70e2f6b75153d52f43d4326402f6ec11434e34840c797265805b97df60f4f530b5302f364b6c3f961b3ddb0972ef16d7a95ff4777e8cbe4f3630d21193b234a47568187e186eb011fbcbd5ee9c0d8a7454dadf090a06efbbfbf532edfdf9a65aa221c24183bb7e94325962bd665a06b9daf9a06694e17da198ee9af65d67805dfbb270c2d3bf512baa2372ec2ad27e527ffeb096b1a9164b7da655823659158fa1e8f014e03e7d1ac3ca1e61358c747054b2994da8f68a96ac661b91299f9237a116eeb3677e2d9aa03a9170e74c4ca2fbd3b001c67c872dd4472e203f55ca1da3017af24f15953084ba894acfc4e247c1191249b5011b9b4ecc4ff3bab0c10c0118ef1665b2827ecc19e8ff4bf7aa576e534eb5d6c1b27eff62390ed24ac295f4082a2a428ada195d5167e75aee77da4008b3a671874acadc458f28b7aa6e5a394b43a7a003ad1acaa1ed489ddfa9a9b0b5f233b8fedae67294f34b3e0072be3ba0d4bfccbb9f7fdd6cb77b1f4891a705739b5f1b09c6c9cdc174bb13006db2ea35fb3469a9e8f97df5dd101ead7e809667d65d04c26f975549173333c105f2eaf812b68bfb951e4857066bcc768d18f9411108c7b03736ce4cb93ce9e13c4f116561996cff0d15b868fa6753f2651ce1ea2902c926fb81621babefcf9437b19b9ccb51533808fd0e506d1f64950c3fc59254dfa09caf19442cb33a0d4d2e58129de6923a27ddf34d28fc98bf660a3068a95f50f43389611a5602c6519a19933cdf8a30eaaa50c2c2319fd2071248998510193e19ebf1485f4e757b9ae61a50fffb87131d3e21adbf90ed64bb24265781a31ca9b02ce9077ab4f3cb20310e198ba66d43878d2d1dbaa4f9f5422b12b60c6f24e0393f2120da754c1870157847d735aae6cb5aa0e206a8cbe7aa29d81612dfad7ac027f81f2a4f0670c25352f4e8aee6eecbb5d36a622b37b441bd3659cdc9011cbd7bb690137a45046572d1303abb8394c346456a8f300a1f97f09b1649b1cbf67ae9a1a503535e58ced35060cf52acfcc11b52a6a4d508d5c24ee7b7af4c337dfa6a8485a364d3a4787925ad28b5a6341d1eb673e4638de8c781be830baceb8f88c5be8a5968ba2638519eab47575cc7ce22cd2a9bacc7e9139d3c1467ede151ad71d7240af052de27d22fec9aff036953ae1c7603e89945407c2edc6911443d1539d9707a0f84a7147d31277071ba825b33aab62063b43fc3cb887c6dda5c44053a0c2c80f3b3cc4004c006be3799676a13597f71425ca607e7efb94f8adb1b6e16247c2796d183921884116155864d7e6e41c3c01897a3506bfc02aadae29eeda59b45ff567676b4b37c71faa189ced85cfa94fdcbf5644df719d6a4d51b9e9e8a0f122b04eb1d2004a2854c45e5359f63e31f9ae1637d064d54e7c8a6afb1be30b3a8efbc093c97c740d1afc102be789088ccdcaad09f1a06921eef39be6ee5555484bf9da077ca04d1cfe96d45578f95db77f254cf0d199d6e8095705926eecaa33046479c967e4a4ed7b1333e348ab56ee6757710b6743311f57eefdea30503c861a2b623a6936fd4417a50a47f65f32c279976a8430e1fad99d0cfc1afb5e595c50c232a05d9dc5ec55cf80a46ee56fdce5e1fc5bbdf889d4517d875b3535c5cb8cde7bef68d2138efb4d79ef9598fc3e40d14fa8da7b87006b57eff37796775bc78b4e4b8d45e8587a9171e6a2b1ac356eaf84cb8a1c76988e11f82c20df97cd5094ae3667ac63ef00c4ebce6f93e6c16bbf7ec9647f81bb565f9c0a65c98820e6ea05125d058413d95ae947a66919b15d327714af9cd210d9ab1debf392f219c4621af3512eb37ccda72ce81b42abfe4b5cabc3767651a1b80b563c040313bdeca51ac9ee069fe3dd2426d1b42417148054f1d5ee56502fe23e4b0399e0e3a124a491c892f99e139ab2424fcc2bc76acc4309fea2851f2e0ed65df2c44237d868f539de095adcaf4f12d9790d183103071d30c3da315f1c6b23e4ab7b7c57b07bfb0feed8d0f7438441b41c9626fd260a0672dfe72bbfea201f814b43233ff3df391bc0f0ad8e0e0776f005b6a241d96202cf3a7835ddbf261055c24a43847434a9ec58cbc61ce28c07b86edd66778ee1866f0ea4e697f8e7be76a2afc1eba94ac8d7a7eafcb097c0beb463e149e5c43260644a191cd5beb18784c822002d79a6c499d25fe763f1baf247fb71c34c31f673c86fd2c2cc2dba2f5116c0bc33debe8a1e7dc3c0aeb676066ea03232350d5bf2dceb3eb3550c6e382f32b4cf5e961050f8bb4262536b1bf26a328ca27da17bd1ae93690c2b8d073699209511640364a64a869eefa20db4d33bc6ec21f9a70db5f60b67e042d60654b54855b75b357780d6a8a88f1eda2f9f172d46c26abf07fcf6672209f04f22723bf47cd2ad07516c30ec06d47fc78f2a57879a75f5a98b49bd5cb2eb872b0b0391fb540ffe92ab94b31cd84e22237eb6c4c4b7aa106a5630f5aa41459a7e500362ed949331f46d6d65c7e0c865834651ae1c3bac002c7a8a61b213620d2bffb0a23c0a58a5bd4f70abe19001654040336e2789de359c293b8023fed67ff203a32e78db0980acd694ba200c36b1dce295fdb0aab78d9f9e2d5382fd557bf5060200c479ca631be7611539f0b2c72e67478fc5abde70bbd88765985824733d1629ee6dd58ebc320396d50fb22c78e924242eb463310faf600069b0fcf0915a191b1f4fd9ffdfe65c188fe41207d4100a3d26696c6ccbeb9a6956c4fef8af01086a92b11e3a738f6399b59960c01d8b0174b20810344d795a5b6ae37115f27eaddd2d2bc9d24e5eaec517c6a78f8ac63de47caf03851305afec689d4e275a8d57535230311f5a8c55661fce8b38991ec0042ff90491c93c0ae03d4cf390a295a2d7ace13f7bafdf65965b525fa16014a2efb658de4c3217b00ebb24276db09b60a5f5b86b0e427a3615944bea0bb90bf9bc11fbdf4298722345936f16943f998b6938ad829650c86865c53e8faded4ca3ca65e21e6f8e958c5bab3e46c67188a5ec1fb1c5d95827706269c58fbc163e3f5e25502111c0a2b5cbf6a7d27e4a2318854aff70a71fce398e8e3d81aba7075077cb51721f0d3be92903bea777043258296feb38bb02dc3c8314a9275263caf3729d2f539bdbef61122d1e958c4d14c1aaa557197447a21f94d1f9d31323b751d9a4194dc3894c04a4d07fb6ea65912ae32cd2566eca8a868685011c6cf17a2c7e80a902abde62795bdd31d87b87cb90fbf89ccbb1a91aa84bcc4411635831cffa5f375725153b2922e30e4dd6cc7b1834eb1a68dceeddbc632b836249913f42257aad628b68a8ab3bcfd591848a090f5c99b69f114705df890d84278c2775fb2975744982c2db52ca27e8a08cd9dcfd55f6704ac41cce16383d4b3fbc16b1bc141399800b658162f096589c0fae19e15dc70069b1bea7376ffc02ee844b3cb90635f5a6fe46adeb8d017b82fd90bd19613c351be53ae49cfe6304617e957b89e7ff1bc9b966db63a22b6cdd9a8f79f4e1d062be1fcdef863621ef3b0e756148e05f08882923a7b28955defa647d3cd271197e192db9d5648488f2878b0a7fce515c894f225a54e3ed4b8409cb6e09e4cf3faed3762b320c2ee53df1f606893042f418c1093af376032f3d5a13e1f60eed1619199583c3f030e99a8dc8ad0a6f94d3feaf7bd29eba150079babcd6f8829465abbccd07ce1ebb0a4b1e2a934a1d2f45ae48584d51e61cd5f114da11da4d981ab4eff9622861ae2c779a10917ccca3aed4cc8cdbdcdcd15c64b8f0478767b1cc8e97d2759b96f74c7064450b97d5f349a6530223d1ecdacf02a72e2dd695f1a3c88c07b6af13b0cb8129704a44878f535aa4aa7ab730482ca9cae2f74b67a999b4f511d0d74dcd67ab28e3d8bed81a41f1847eb273bb7cedf46d85318de683dfcfbfa7e75d3640c6d77a917bdda49dc29b9d1669930e683330698bcd62a93e3c8534420e86e8089662e66d86618c81fe933aaf659c54294d8aca3f1ac823d59a1d8d18bb5a98580cf2508ddb33dfb30663eca2e19868d0b0a074f369d7fd8c772a5d69f669154f261ce6bc36f377133d68478b2f8119ebfcd2b6a5e6244615cc116ff162e59db250f7646d0bd1c49cdf61ea05248b5b44ac6a5e668bb9b1a7ce07a1ab5a884ff864bebe4a2f89bcd26f3f0a008b20c756dcddf4ee5e0af46fa9d8b79a08036aea5ef69ece9419001b75ed4b4ed309793ba96c1df35d379a8dffae1eb16890ff7d936c55e194b35f7b3329c05a9343d7d415f3bac70dba1caf2aaba33315f9e3a77fcc88a8b1ea842c8986be0645d2ea47bc59d51b5e853ee0c2ee80c80af681616ca4af0f07475a985a063eab1d62291365640d75d78b535cf4aca3088eebc2761888993fa063b882ee2246b0c07de3ee26f766cdbaadb4f9211f919688561cf1c3482b8f7338294a15b65ca7ceea5660d32fe844c61bc2a6b200ee72cd2bb00f29fec8cd2f26774a2e9d2a9ae4e8f8bcffbb0b46631aceeab5e9076dd924cc44df3a330b60fb5e85966d73843a14ad40621f6b8542a22e128e2bfc11de99dbd191fb0898387b3a4a1df22104ebfe1030eb63d0a0a8e1a11ac065e6bd7734a7a5b3337cbf7029eb4952bc2aea9e35624be24c5cad790c652c09dafc35f63a4b14447a48b66ed3ad56457dbdd714f2c4a2ba26eab68f47ec27f5058e74a55993a5d8e5ca1f5fe604823b67890b8f4b4ebe1b3787964a6ef0f45d4f181f726b3f90be8e57e634afa5954e792b658c3a68a07a760dcacd96e79842adca2e1df6beaab5a198e29b6f3b7784ce35fb3986be50223cd3e8e21c6665df5a085b3ea6e2ecd3b98d6eb6429db139fcb0540f21550d99e43de39552fc1167bba5e5e57d30f5bf4038e68a32cdd55ea29bf8f641f58ce5542dacd36e77d5bff3c779ed5f63c36d48db9288b9b56b8ad5b71ba2e875d8a45890eecc8e81065b7de393ea89b061285fd0ec826d8e708caa6b0b48c2895400019a087921d1a94104678572de3dc6fa90967c2725eec", 0x1000}, {&(0x7f0000002680)="b7756cd9117e24968a6c15343573f0d07c5da8fed23a948f58ecf9f5352154044518e2e853d11e6e91746fa6404205a28f19c7eb8e21a71292c49a9ea241", 0x3e}], 0x8, &(0x7f0000002940)=[@sndrcv={0x30, 0x84, 0x1, {0x81, 0xeaa, 0x8001, 0x1, 0x6, 0x7a, 0x643b8a59, 0xffff37a2, r5}}, @dstaddrv6={0x20, 0x84, 0x8, @empty}, @sndrcv={0x30, 0x84, 0x1, {0x7, 0xfffa, 0x2, 0x3, 0x8, 0xf5, 0x0, 0x81, r6}}, @sndrcv={0x30, 0x84, 0x1, {0x6, 0x2, 0x200, 0x8000, 0x5, 0xffffffc0, 0x4, 0xb4, r8}}, @dstaddrv4={0x18, 0x84, 0x7, @empty}, @dstaddrv4={0x18, 0x84, 0x7, @multicast1}], 0xe0, 0x4008010}, 0x4004) 22:57:38 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000000)=0x3) r1 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000040)={0x10010005, 0xfffffffffffffff7}) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) select(0x40, &(0x7f0000000080)={0xce, 0x7465, 0xcb5d, 0x7fff, 0x1, 0x8, 0x4, 0x8}, &(0x7f0000000100)={0x1, 0xa, 0x2, 0x1, 0x7fff, 0xffffffffffffffff, 0x0, 0x20}, &(0x7f0000000140)={0x67faa1a1, 0x6, 0x10001, 0x0, 0x3, 0x60d, 0x800000000000, 0x1}, &(0x7f00000001c0)={r2, r3/1000+10000}) 22:57:38 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000019800000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1521.338378] Node 0 DMA free:10444kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1521.413966] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1521.414251] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1521.429920] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1521.440952] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1521.464420] Node 0 DMA32 free:71192kB min:36168kB low:45208kB high:54248kB active_anon:1057864kB inactive_anon:820kB active_file:52kB inactive_file:36kB unevictable:0kB writepending:24kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28032kB pagetables:70812kB bounce:0kB free_pcp:1920kB local_pcp:660kB free_cma:0kB [ 1521.496950] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1521.502381] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1521.502415] CPU: 1 PID: 4509 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1521.502432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1521.502437] Call Trace: [ 1521.502462] dump_stack+0x197/0x210 [ 1521.502486] warn_alloc.cold+0x7b/0x173 [ 1521.502504] ? zone_watermark_ok_safe+0x260/0x260 [ 1521.502526] ? compaction_deferred+0x16a/0x3b0 [ 1521.544964] ? try_to_compact_pages+0x44/0xae0 [ 1521.549583] __alloc_pages_slowpath+0x2214/0x2870 [ 1521.554593] ? warn_alloc+0x110/0x110 [ 1521.558421] ? should_fail+0x14d/0x85c [ 1521.562318] ? __isolate_free_page+0x4c0/0x4c0 [ 1521.567008] ? __might_sleep+0x95/0x190 [ 1521.570995] __alloc_pages_nodemask+0x617/0x750 [ 1521.575679] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1521.580695] ? fs_reclaim_acquire+0x20/0x20 [ 1521.585056] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1521.590604] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1521.596332] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1521.601883] alloc_pages_current+0x107/0x210 [ 1521.606310] ion_page_pool_alloc+0x17f/0x270 [ 1521.610847] ion_system_heap_allocate+0x154/0xa90 [ 1521.615705] ? ion_system_heap_free+0x250/0x250 [ 1521.620379] ? ion_alloc+0x306/0x900 [ 1521.624106] ion_alloc+0x29b/0x900 [ 1521.627660] ? ion_dma_buf_release+0x50/0x50 [ 1521.632099] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1521.637648] ? _copy_from_user+0xdd/0x150 [ 1521.641810] ion_ioctl+0x17b/0x329 [ 1521.645368] ? ion_alloc.cold+0x28/0x28 [ 1521.649344] ? __might_sleep+0x95/0x190 [ 1521.653332] ? ion_alloc.cold+0x28/0x28 [ 1521.657307] do_vfs_ioctl+0xd5f/0x1380 [ 1521.661216] ? selinux_file_ioctl+0x46c/0x5d0 [ 1521.665737] ? selinux_file_ioctl+0x125/0x5d0 [ 1521.670232] ? ioctl_preallocate+0x210/0x210 [ 1521.674651] ? selinux_file_mprotect+0x620/0x620 [ 1521.679413] ? iterate_fd+0x360/0x360 [ 1521.683226] ? nsecs_to_jiffies+0x30/0x30 [ 1521.687393] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1521.692945] ? security_file_ioctl+0x8d/0xc0 [ 1521.697369] ksys_ioctl+0xab/0xd0 [ 1521.700941] __x64_sys_ioctl+0x73/0xb0 [ 1521.704833] do_syscall_64+0xfd/0x620 [ 1521.708654] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1521.713866] RIP: 0033:0x45b349 [ 1521.717061] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1521.735971] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1521.743707] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1521.750984] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1521.758269] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1521.765672] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1521.772962] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1521.781231] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1521.793199] CPU: 0 PID: 4511 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1521.801119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1521.810471] Call Trace: [ 1521.813064] dump_stack+0x197/0x210 [ 1521.816709] warn_alloc.cold+0x7b/0x173 [ 1521.820694] ? zone_watermark_ok_safe+0x260/0x260 [ 1521.825547] ? compaction_deferred+0x16a/0x3b0 [ 1521.830152] ? try_to_compact_pages+0x44/0xae0 [ 1521.834891] __alloc_pages_slowpath+0x2214/0x2870 [ 1521.839767] ? warn_alloc+0x110/0x110 [ 1521.843590] ? __lock_is_held+0xb6/0x140 [ 1521.847664] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1521.853209] ? should_fail+0x14d/0x85c [ 1521.857114] ? __isolate_free_page+0x4c0/0x4c0 [ 1521.861994] ? __might_sleep+0x95/0x190 [ 1521.865974] __alloc_pages_nodemask+0x617/0x750 [ 1521.870648] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1521.875677] ? fs_reclaim_acquire+0x20/0x20 [ 1521.880003] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1521.885536] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1521.891254] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1521.896810] alloc_pages_current+0x107/0x210 [ 1521.901233] ion_page_pool_alloc+0x17f/0x270 [ 1521.905642] ion_system_heap_allocate+0x154/0xa90 [ 1521.910504] ? ion_system_heap_free+0x250/0x250 [ 1521.915189] ? ion_alloc+0x306/0x900 [ 1521.918918] ion_alloc+0x29b/0x900 [ 1521.922466] ? ion_dma_buf_release+0x50/0x50 [ 1521.927317] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1521.932854] ? _copy_from_user+0xdd/0x150 [ 1521.937032] ion_ioctl+0x17b/0x329 [ 1521.940579] ? ion_alloc.cold+0x28/0x28 [ 1521.944565] ? __might_sleep+0x95/0x190 [ 1521.948550] ? ion_alloc.cold+0x28/0x28 [ 1521.952537] do_vfs_ioctl+0xd5f/0x1380 [ 1521.956442] ? selinux_file_ioctl+0x46c/0x5d0 [ 1521.960951] ? selinux_file_ioctl+0x125/0x5d0 [ 1521.965465] ? ioctl_preallocate+0x210/0x210 [ 1521.969889] ? selinux_file_mprotect+0x620/0x620 [ 1521.974657] ? iterate_fd+0x360/0x360 [ 1521.978460] ? nsecs_to_jiffies+0x30/0x30 [ 1521.982629] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1521.988175] ? security_file_ioctl+0x8d/0xc0 [ 1521.992588] ksys_ioctl+0xab/0xd0 [ 1521.996043] __x64_sys_ioctl+0x73/0xb0 [ 1521.999956] do_syscall_64+0xfd/0x620 [ 1522.003774] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1522.008983] RIP: 0033:0x45b349 [ 1522.012181] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1522.031191] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1522.038906] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1522.046197] RDX: 0000000020000040 RSI: 00000000c0184900 RDI: 0000000000000005 [ 1522.053470] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1522.061178] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1522.068455] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c 22:57:39 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000009a00000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:39 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1522.204320] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1522.225643] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1522.231731] CPU: 0 PID: 4520 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1522.239567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1522.248939] Call Trace: [ 1522.251557] dump_stack+0x197/0x210 [ 1522.255213] warn_alloc.cold+0x7b/0x173 [ 1522.259211] ? zone_watermark_ok_safe+0x260/0x260 [ 1522.264118] ? __lock_is_held+0xb6/0x140 [ 1522.268228] __alloc_pages_slowpath+0x2214/0x2870 [ 1522.273114] ? warn_alloc+0x110/0x110 [ 1522.276931] ? __lock_is_held+0xb6/0x140 [ 1522.281031] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1522.286594] ? should_fail+0x14d/0x85c [ 1522.290507] ? __isolate_free_page+0x4c0/0x4c0 [ 1522.295267] ? __might_sleep+0x95/0x190 [ 1522.299298] __alloc_pages_nodemask+0x617/0x750 [ 1522.303996] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1522.309038] ? fs_reclaim_acquire+0x20/0x20 [ 1522.314860] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1522.315398] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1522.320412] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1522.320429] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1522.320450] alloc_pages_current+0x107/0x210 [ 1522.320477] ion_page_pool_alloc+0x17f/0x270 [ 1522.350240] ion_system_heap_allocate+0x154/0xa90 [ 1522.355103] ? ion_system_heap_free+0x250/0x250 [ 1522.359781] ? ion_alloc+0x306/0x900 [ 1522.363515] ion_alloc+0x29b/0x900 [ 1522.367070] ? ion_dma_buf_release+0x50/0x50 [ 1522.371494] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1522.377041] ? _copy_from_user+0xdd/0x150 [ 1522.381290] ion_ioctl+0x17b/0x329 [ 1522.384829] ? ion_alloc.cold+0x28/0x28 [ 1522.388821] ? __might_sleep+0x95/0x190 [ 1522.392802] ? ion_alloc.cold+0x28/0x28 [ 1522.396795] do_vfs_ioctl+0xd5f/0x1380 [ 1522.400692] ? selinux_file_ioctl+0x46c/0x5d0 [ 1522.405200] ? selinux_file_ioctl+0x125/0x5d0 [ 1522.409696] ? ioctl_preallocate+0x210/0x210 [ 1522.414119] ? selinux_file_mprotect+0x620/0x620 [ 1522.418895] ? iterate_fd+0x360/0x360 [ 1522.422699] ? nsecs_to_jiffies+0x30/0x30 [ 1522.426872] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1522.432424] ? security_file_ioctl+0x8d/0xc0 [ 1522.436838] ksys_ioctl+0xab/0xd0 [ 1522.440301] __x64_sys_ioctl+0x73/0xb0 [ 1522.444210] do_syscall_64+0xfd/0x620 [ 1522.448051] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1522.453248] RIP: 0033:0x45b349 [ 1522.456460] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1522.475368] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1522.483084] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1522.490358] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1522.497637] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1522.504914] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1522.512188] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1522.540621] lowmem_reserve[]: 0 0 1 1 1 22:57:40 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000019a00000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1522.546077] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1522.637023] lowmem_reserve[]: 0 0 0 0 0 [ 1522.655169] Node 0 DMA: 27*4kB (UME) 20*8kB (UME) 8*16kB (UME) 14*32kB (UM) 6*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10444kB [ 1522.676620] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:40 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) syz_mount_image$ocfs2(&(0x7f0000000040)='ocfs2\x00', &(0x7f0000000080)='./file0\x00', 0xfffffffffffffff7, 0x4, &(0x7f0000000380)=[{&(0x7f0000000200)="791b00a0895e4f8d5db4cd270cc218782a299482ec1a5ad63d281ddfb9b1ec24c6e28399d280168062eb30a652b1d88d80cbcb7c77440af08a8609363408cc7ed403487ff28cdec5266374485d24fcf2df88a84f31740659aeeca4c783167036254bea0c0ccab364be270bf98fe16497cc912c83b2bc9fe0856cc9a465ec46afb014f2d443e890e761528c6a326c545449812389f759d6dd8176a756bb447b3448fd52c56e26681a97b8d293c3b9dd57", 0xb0, 0x1}, {&(0x7f0000000140)="c2634871664e10413370f2491bb9d8fcd7f95bf1f7010cb6c3b91fe7887d25a2efe6cad7b5071cca7d65e87b3fb66b38e6a790d088b85d3a057e56026a98a13d129605988f991bd8", 0x48, 0x2}, {&(0x7f00000002c0)="02efa89580f5870e713637eca2382b01e11770484e49ce441fdd9a17798e59f64cc7f04aad5bdff4c081d4cf5e75262920ecbdc28e16b071cb080683bde9126dc8dc1a4c2e4c6b2fcd9a60e577", 0x4d, 0x7ff}, {&(0x7f0000000340)="d883b7ef61", 0x5, 0xfe8e}], 0x81, &(0x7f0000000440)='/dev/ion\x00') rename(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)='./file0\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) ioctl$TIOCGDEV(r2, 0x80045432, &(0x7f00000004c0)) [ 1522.702928] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1522.703965] Node 0 DMA32: 133*4kB (EH) 2281*8kB (UEH) 1860*16kB (UEH) 1196*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 87772kB 22:57:40 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000039b00000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1522.821914] (syz-executor.4,4552,1):ocfs2_parse_options:1499 ERROR: Unrecognized mount option "/dev/ion" or missing value [ 1522.837846] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1522.861793] (syz-executor.4,4552,0):ocfs2_fill_super:1225 ERROR: status = -22 22:57:40 executing program 5: set_mempolicy(0x0, &(0x7f00000000c0)=0x2, 0x0) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) [ 1522.869326] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1522.894991] warn_alloc_show_mem: 1 callbacks suppressed [ 1522.894996] Mem-Info: [ 1522.907204] active_anon:276777 inactive_anon:280 isolated_anon:0 [ 1522.907204] active_file:4223 inactive_file:7183 isolated_file:0 [ 1522.907204] unevictable:0 dirty:46 writeback:0 unstable:0 [ 1522.907204] slab_reclaimable:17150 slab_unreclaimable:128999 [ 1522.907204] mapped:58900 shmem:330 pagetables:26205 bounce:0 [ 1522.907204] free:822946 free_pcp:298 free_cma:0 [ 1522.912562] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1522.957710] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1523.021608] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1523.035177] Node 0 active_anon:1058648kB inactive_anon:820kB active_file:12kB inactive_file:52kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208976kB dirty:44kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1523.078963] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1523.139909] Node 0 DMA free:10444kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1523.144493] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1523.198067] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1523.209110] (syz-executor.4,4552,0):ocfs2_parse_options:1499 ERROR: Unrecognized mount option "/dev/ion" or missing value [ 1523.218838] Node 0 DMA32 free:87220kB min:36168kB low:45208kB high:54248kB active_anon:1056008kB inactive_anon:820kB active_file:12kB inactive_file:48kB unevictable:0kB writepending:36kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28160kB pagetables:70796kB bounce:0kB free_pcp:1876kB local_pcp:1372kB free_cma:0kB [ 1523.221488] (syz-executor.4,4552,0):ocfs2_fill_super:1225 ERROR: status = -22 [ 1523.269895] lowmem_reserve[]: 0 0 1 1 1 [ 1523.274027] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1523.281143] 11686 total pagecache pages [ 1523.319902] 0 pages in swap cache [ 1523.339158] Swap cache stats: add 0, delete 0, find 0/0 [ 1523.372053] Free swap = 0kB [ 1523.388030] Total swap = 0kB [ 1523.403324] lowmem_reserve[]: 0 0 0 0 0 [ 1523.403621] 1965979 pages RAM [ 1523.407380] Node 0 DMA: 27*4kB (UME) 20*8kB (UME) 8*16kB (UME) 14*32kB (UM) 6*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10444kB [ 1523.428703] 0 pages HighMem/MovableOnly [ 1523.438168] 341741 pages reserved [ 1523.442469] 0 pages cma reserved [ 1523.503864] Node 0 DMA32: 45*4kB (MEH) 2214*8kB (UMEH) 1894*16kB (UMEH) 1212*32kB (UMEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 87940kB [ 1523.554330] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1523.619962] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1523.630590] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1523.642411] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1523.652740] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1523.661600] 11678 total pagecache pages [ 1523.665691] 0 pages in swap cache 22:57:41 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_stats\x00', 0x0, 0x0) sendmsg$nfc_llcp(r1, &(0x7f0000000340)={&(0x7f0000000100)={0x27, 0x1, 0x0, 0x0, 0x1f, 0xfe, "23cdbc806d75150862c39da93e18ba037a87d94126c082f4b8243870ce2312a47e4e2006c67fc8c98b2fd842bbf8db128d00f026eb756a6da227233de6f0e6", 0x33}, 0x60, &(0x7f0000000180)=[{&(0x7f0000000200)="264f48efaf92d9e0ce92c6580c4bb46cbb4309d3f5faa635f6039d4d84afd4834a7198b1228d433417dda86635af98dcb010e0d723f64a4bedaa6129ce426c64805666ca7f0766c4d764fda915e7b996a9f70d026392e4e7525d687f67b92b7fc4c9f179e03c4c86631d44ad09f444c5b7bba6aeb046d0c24fc97454a95001fc1b96012bbc915443114615689e4bb8a4076773e5550e3beb967f6b50bd0c3dfd02fc38d99d6c29e02d9f77213da8d3e515b26fcdf72c9abcac18519d252bd90d4dceb80458880ebc869666ea6aa9c36f32ae67ff52847cf280", 0xd9}, {&(0x7f0000000080)="4eac7fc1697fac7c31bc6860f151", 0xe}], 0x2, &(0x7f0000000300)={0x18, 0x128, 0x2, "213e7e87"}, 0x18, 0x400c040}, 0x801) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r3, 0xc0105303, &(0x7f0000000380)={0x8, 0x8, 0x81}) [ 1523.669481] Swap cache stats: add 0, delete 0, find 0/0 [ 1523.675066] Free swap = 0kB [ 1523.678382] Total swap = 0kB [ 1523.681799] 1965979 pages RAM [ 1523.684990] 0 pages HighMem/MovableOnly [ 1523.693727] 341741 pages reserved [ 1523.697213] 0 pages cma reserved [ 1523.774164] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1523.793708] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1523.809816] CPU: 0 PID: 4685 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1523.817659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1523.827027] Call Trace: [ 1523.829621] dump_stack+0x197/0x210 [ 1523.833256] warn_alloc.cold+0x7b/0x173 [ 1523.837229] ? zone_watermark_ok_safe+0x260/0x260 [ 1523.842071] ? compaction_deferred+0x16a/0x3b0 [ 1523.846649] ? try_to_compact_pages+0x44/0xae0 [ 1523.851236] __alloc_pages_slowpath+0x2214/0x2870 [ 1523.856174] ? warn_alloc+0x110/0x110 [ 1523.859968] ? __lock_is_held+0xb6/0x140 [ 1523.864036] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1523.869565] ? should_fail+0x14d/0x85c [ 1523.873466] ? __isolate_free_page+0x4c0/0x4c0 [ 1523.878068] ? __might_sleep+0x95/0x190 [ 1523.882047] __alloc_pages_nodemask+0x617/0x750 [ 1523.886736] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1523.891763] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1523.897334] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1523.903061] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1523.909137] alloc_pages_current+0x107/0x210 [ 1523.913611] ion_page_pool_alloc+0x17f/0x270 [ 1523.918033] ion_system_heap_allocate+0x154/0xa90 [ 1523.922881] ? ion_system_heap_free+0x250/0x250 [ 1523.927676] ? ion_alloc+0x306/0x900 [ 1523.931405] ion_alloc+0x29b/0x900 [ 1523.934953] ? ion_dma_buf_release+0x50/0x50 [ 1523.939382] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1523.944942] ? _copy_from_user+0xdd/0x150 [ 1523.949117] ion_ioctl+0x17b/0x329 [ 1523.952787] ? ion_alloc.cold+0x28/0x28 [ 1523.956788] ? __might_sleep+0x95/0x190 [ 1523.960771] ? ion_alloc.cold+0x28/0x28 [ 1523.964767] do_vfs_ioctl+0xd5f/0x1380 [ 1523.968668] ? selinux_file_ioctl+0x46c/0x5d0 [ 1523.973188] ? selinux_file_ioctl+0x125/0x5d0 [ 1523.977700] ? ioctl_preallocate+0x210/0x210 [ 1523.982200] ? selinux_file_mprotect+0x620/0x620 [ 1523.987034] ? iterate_fd+0x360/0x360 [ 1523.990838] ? nsecs_to_jiffies+0x30/0x30 [ 1523.995006] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1524.000555] ? security_file_ioctl+0x8d/0xc0 [ 1524.004981] ksys_ioctl+0xab/0xd0 [ 1524.008446] __x64_sys_ioctl+0x73/0xb0 [ 1524.012358] do_syscall_64+0xfd/0x620 [ 1524.016161] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1524.021358] RIP: 0033:0x45b349 [ 1524.024567] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1524.043475] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1524.051196] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1524.058482] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1524.065749] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1524.073014] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1524.080273] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1524.159802] warn_alloc_show_mem: 1 callbacks suppressed [ 1524.159813] Mem-Info: [ 1524.168407] active_anon:276641 inactive_anon:205 isolated_anon:0 [ 1524.168407] active_file:4237 inactive_file:7187 isolated_file:0 [ 1524.168407] unevictable:0 dirty:73 writeback:0 unstable:0 [ 1524.168407] slab_reclaimable:17143 slab_unreclaimable:128480 [ 1524.168407] mapped:58824 shmem:255 pagetables:26111 bounce:0 [ 1524.168407] free:764513 free_pcp:244 free_cma:0 22:57:41 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0xbb03}) 22:57:41 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000140)={0x1, r2}) set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r3 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r4 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0) ioctl$KVM_GET_PIT(r4, 0xc048ae65, &(0x7f0000000040)) ioctl$ION_IOC_ALLOC(r3, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) 22:57:41 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="72617700000000000000029c00000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:41 executing program 4: set_mempolicy(0x4000, &(0x7f00000000c0)=0x7, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) syz_mount_image$ceph(&(0x7f0000000080)='ceph\x00', &(0x7f0000000140)='./file0\x00', 0x1, 0x5, &(0x7f0000000640)=[{&(0x7f0000000200)="48c5366b353051592c736f7540dfed4a85f67c172cfa46017101b6ec37a4f6eb33ff3d574c1f914bac38fc08200251b93bada4beb8415ff3d999b6828fe8747a196112912bfb90ee53c6bd8fc2fc99ba0c995d36617cb00d2d4e393fcf8b62088f19150558505b8b9335f801a7da1cfeb9af506c0b9394c979db907b7ca7df46b56085006922ec7b8fd2df02c8f0fbe118f5709a37c293e80f565da33821b58f12caaa02b94168296db10110317c00604c419163e2", 0xb5, 0xed}, {&(0x7f0000000180)="e3", 0x1, 0x5}, {&(0x7f00000002c0)="7ab879bac80879aed0d6768c1a00edf7c30d07fedc3f24128a199cbe661fc0cfacb2ecbae9b8d9cff33219fcdb08bd818ebd6f0a7e45746c41fd65a30dfd9c15ae87988b94f4b8d2bf48366b4f2dc50c0dd3d0d4ca2bbabc143647d7bbea3e9414ddb943957aa515fb06617c85f2d695e2f4941e9f4a196135c2ac84c95e96b519584eca91b78f45ac2d9a00ea90b6ceeb76b92a7cc4ac8d7affa287d913a19a62589dfdd7f19d0991e05f9283aea69563f2902cc4921d7f2defa8690676b90e833d5ff9d1188aeedd17325899b0014a3a5cc4de1bad46e7ce95f89184c9", 0xde, 0x9e4}, {&(0x7f00000004c0)="a38a5f703fd02bd92e26ecfbc8b182fc8506e3092aa3d0aafd722b0f12323d0f9c43ef8e5abbefeeb87f706fbfa08b309d31c424a982be98defc8bf18511d0ed42d12accf6910788512d0daa3a8d2bb9506946059af17012dc4b4e4843b3aaaa7f496603e60db22e2cf30743e046d2afc0a31405e43f97242767e88ce16b80ad0ce88f5acdd832325ac3cce23c01d60b9dca5db77d679f0e9722ce74a6c4dc65b2e6fc66394f25bcfb178211170f238efaf5f3d16c1fc0082718ea29a0bda499d7fff51f9f060de89cd45954e90f9593f4c4df9ce9cfcd37e0102b8d34e4946f38689d4c28bfb818015cd6167c6001fe68f77945eac4ac9239", 0xf9, 0x7649}, {&(0x7f00000005c0)="c8e6454191b6d26cfd81c9fa0132a3757697208764c25be4fd6f8c9efb3eb6347536376474774dbb8a8fda1c5551a3748ec4dddb6a48514f7188918712b62734bfe1455280ee53e995bd33867c549bd5cfafd270b1", 0x55, 0x4}], 0x41400, &(0x7f00000003c0)='cpusetppp1,\x00') ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) lstat(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = getgid() r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000000000)=0xc) keyctl$get_persistent(0x16, r7, 0xfffffffffffffff9) syz_mount_image$jfs(&(0x7f00000007c0)='jfs\x00', &(0x7f0000000800)='./file0\x00', 0x80000001, 0x7, &(0x7f0000002bc0)=[{&(0x7f0000000840)="939709f2b79f46196b24df446208696a80a89a2fb4aa5d9a8b5ada60c427231c2d8479f5ee20771beeb98ea3a8bdab2f45baa1d3701ed4147db83488aa3c25900e17382e266dfdb76f5f1d0a48abfe5165ced6b3ac05272db6d610dcc5dba5fb8901969dbaa7c03d678f32fda5d67b3827103a1dcc2448929551d0a425f50a83a4a4ab57156d70d68a91d3495cd8b1c56a1557be21ebd79df3c1dcf1759d878116", 0xa1, 0x8}, {&(0x7f0000000900)="cf213383bc602a314ec479194f700064c6b167c91b6f18150391c74bd7835cd77fa285ea37458296565436c585ce20d40786a15e79a4893b0ff5e5913853f0a59ac15bf80ebecc2ecdfcd3fae9d58fb3b2f9b02e4b26b5d07c70e9f3603e76f199a0a21fd4648396a9bbaff31b575debb34223d463010f77521c7cf4849eb9f32e801fbafdaef7f1540e94a48222050b8a27212bf0d17c6447461678e9ed7fd513e6afaece9401d12248a55bb0944ca79811394c6010924393f785a91fa987f028b809b4513b73c682edc3f282b8164cdc63cee9321b0db29d9b8788d957b423afeaa37419b4b9e85e0eedfda687f5015d9c48fa7d1cb9f617ea04aaa8b7a90a236f1578c6454c5af2c8b6eb01ac244df1e8bede5b24dd3cf940828a2fa4f6b5f27b480218af250442ea37751b22dd517a04dab5193d17b9f089849c8a51d49fdfce2f4854f432301af53c6447d369c16fd7782231cefab45c98030047a3f0c0d115113938aefc1aa4c0048c09660e58d36fd20361d395af6486b39ca870b2d7a48261fa856ddeaa99177294e3532ddd84c9d6601f8c6d5ca18083c26f5a704cd6bb0c0f919b91f135b9963ddfb7f825833ee9a711a33595692b3a5dfbf7aeb7cc77559b55ca7a12ec2d273a547d44124b0319cedb7458a04afce3b213f9d305056a0676a6dd4a526c3f6ef8a7ad6c31dbe4734db13f45c800963d136ba33f64607aa790a67b6d1ec5ee9eb0afcfe460e1344bda546c40d65b88667193c1ea8cdd23e663b4d65d044d345e4eaf78378b07c3206df72232caa8ee424de28bf968e34d4d378dca0382cf4847a58862efc760bcc0a5e5db76482926e82d1d8a9938e3a25b35835b004979d5b252704708b77139de2da950c400ab6c0cdb10663e8efa595a0949e469eb039a4b396bc844ba5d46e1db9f0ea9ee9f7fa9abe7d4f9c89fdfc1e41fecba3b58747b6c97fe0e234586ea5735476c0d611eacf67c55a892c6265ebd0b953adf50191f56b558e261faf04cb99c6442cc2f6921abd80d7073926bbe167cd265acaedea065d518055d2c2795f6482341929883b758e527837f188b9241e2b3106810a5f2eea7b74bd7759ac707a138bf00164b98be5936bf0d18eae99d16c732c2c31f7be829aa0ec6efab0d187fc188fb9fd4bc38a5639be776ab373922b10b91d996ece8d4d88d57042b48cb5346c11a6dd3f2ef5c316c1337763586ea32356810df11eada42d88b21a180b7596198f98afb60e2f667fdfa32ba3cf7ddcf5507eae3e128feeeb7b892d50e7347619e5a748737d68b3f6824898d8e35cfd13fc3e3dbe4f07e519668a01802f2b31aa117d45b74c21088bfe03857c02206316111ce66abb65d8bad7c02982ac090a0449e6503b6c7c6672f87e35cead2267a0edce4a1fd05ff06ebf43c68cbdda3ea2e062d31a110bf4565db1938362792d915774b2ec19610de4c07be0132a4e518487a944b02eee5566f174fcb351cd21c4aac2e3d85ec3b9e490b1032b8c4116e677dbea6d18ee2fcaf1331f622b3f6ca13f53b0ecd64e6129576cbeaf9e97867790b2816a9578c133deed2acbcee47c16587090b84a2bf41914d47835189f22a0891f17650a4acc4cfb5af0705358db765e52de94a0f5a2ef304bd5227341a0f99fef52d30c4b4f8569b06e00c9c3e4ae36da2bc2dbf387a06c8e049327311461a68e9cc09027b188a790afb4d864db3641aec86ade50a1840311a17846a73ca310d7dda41bc1d9b19a8d65ca274a4fa8c4839b03d21900b218dcdc53789e1cf69ae5c8d4de5daf8cf8bd4fd4debca5e25877ba89e390fce68aa6203906c6efee67796f8253decb970122e1cbf3e391ff79893b3a2b747c8b76a079b84d28114e97a154fe85efaab11db76ce483597771b165c5f0ca6a7e859dc3bc6ec6ad7385dac78f267b28b6991ad025e2bdb9c89cf8ab11a05510fd8eab3889ab45d2707c17bd2a1c9ddd97f4eaa383020675025edcbb06c5f7a4eba8abf60bc2085f716b305baea21f072f51569aff48c4ae525a17394e115049d41505bc64fac60e3ff65504194ac8af1a58d3d3e15d01ca647ae2b48fab6e34453a3ab1b8bb3a7e7e6adee164c69a44d071272eb560f6239c8d11cf15e0240aad554ac7ee5cfe9d6425401d07086c860f82faa1a5cfb075b20924c8a407ecb3770616fa3d7ef01056b75f9e2f06baec2ceaea1022326969ed00fb5dd42ae82c89a3673ab58dc50df7ebe5d9c497b681e774f9bc6f26eab4c90f0cd1c1355e865e5a04d4442acec1fc67e4848fd6fcceb0cc4721572ee7f43ecafa9db39897791d87150af350211f3e50363d6b309eaa77fef397ebeb6867a72b3f0b8588d047c228a5fdcf1f531d6b8a2ac7281fa4276fecdbcb58270164f0b0cee13874f0702076ce154a8de04b15f31c98a3d39a218da2f2207833ef32148876e5cc5376bcb82f2d5c08f9fc347aed8a0a1999f62a7130853b321c1405f4dccdbd8605cc3d3400ccfc5138a2971d3c6c7492123b63901705b8d8b820d34b9b0f7bdfe30bf4266c110f44dd00c4e75897b199342fae4c1ea6c6bf15d3db56986628090d575c60200c8b8878d9961d0dd8d8f1ffecb1ee2430ccf4dcd804a6bc6f80dd96b0c7340041d60fe7c4f7ab63e4c5b69f92fe03470754a912d764a454df9f0e6377e9a54b62676a5de5c7d2a6345a10077763002ea9f6c6f733b30eb7d9717786b50b25eeaf7d50390389a63ecc940a1b687b08dfd002d25268ca9f1cefe0b7f28a12acfda0983a2ed474eadb784e17a3ada7194b56f3f7f847a8e80eae2e48f8f497b028db8bcbbe065fbe3c45a0f25a310ea1a2d2b06e0f7f0e8347a880c0113ee1c32d3690fd3a6b857125286c5f950ceb9e8aabcc4515d704e13465aa85f26c0f8895c37aa39eb650d990af28c69882164d0a40026c46a7654fca1d176cf77874e886d06f71e98452462589cafe934237dd975eb1ec7e9c76232ecceec9260a9a1738ec1f29f37a3c39f6d976994a2cb05a3eb1f795c06d7700d02c88dda3430a042a3144c3a9333e2c03f2fea5c95f94d48f5b94a9c3b7c2d8ddf418750834010667596f849bf52baef481ae192e18ac702fab0e943aeddc88b3008dd95891b6d51da4142da114653273a16fc7b4b14aeee42ef7b71213034fe5692be6af2ccb2e2e464a44191785f92e4c096ed7936c86b3c0c7673425ad8afd37cb29d2a1f3274790a1cfb12cda88be0ed0a074389eceaee88ec7feaf6c36401660e150052d626c9fe65a2560fd080dcd198e2023e9b28ab64bae92d0dad940766b8c3d553a457a56590c587b2242c9d426a16321e9b57db2027b85ff792f03d31fd0bad07638aa93affa9f15b9a29fa36f00f4999aa11ce1b4c74ac6b5d74962a959954e432c7b3df6d4a68544df9891c5ccfd419f28bae0e05aa77489d6822bfc0c0d15cfc4d10ae40d8369c4d0a1b6f61861ba222537345e3c5c909be80e756f44c9f55cbcc205baf6693299306d88b71d6c56a50dec625d370515b8ca0202afd33fae5686415b89459ce9f5b9844f79335e023ce9d8250d3177dc163dd29fb38023e2c95b362111006acddbec478141e6925daad3075a72f4388bbbf778aec6c33a96e59c6f3712ad9c639a37ae8e2e149f071e68b95097eea1de490ba62c060272b7d4129e0681f9b4f28f172ee178c5cd3bf6ed282ab4687b570e69eb5a9447d044f516ec0eaf4cd71b60ae477032a4dda67f00d476d8c5d1a406ee184a39617d042220648795538d9ba05676622941dbbb8b4d6c7d9a3d7c0bd51eeca00ecd35622a15f91a52c9eef9cabf604d2a9f5e34f3571392f76299f98cf39d90702c12fbd16b11566e41a698da92b1850eb9618a4f8b6ec99b7b53e033696cf6565a60765acf3f2125f66a3331ccbd00b87922c472e5d1e6054d0d6fb2d3bd9cc471776f18944337b99936a37b1acf80b8e198c052f8f634c55bfe47468eecd56a9a785922b8772b882418adbe2f98e8668b747575d9bb66ee34b0afa37f90da74dd315a354cbf0394a0f627d76747af9aeda5ef4e87e3557dc62f627d7c5eea1b5b67c0634e8dc9fa758555efcc78bc0b18807f13940f6ac69dfc3341a0c4a86192ba0b08dba0bad10e36ceac04ab21c8598566b6ace6a02638245874e0dce1ee56971600f5a3c579f2b89e4e9ee3135161ef2f1797c80b85e8b96818ce92701dd57fc46dadeac39d867853ac1c970ca174b5ad9cee5cd61da9086c6013f56aeea3f7a4a6bab9559e3200a8cfcc0b22b353ac0f9f05a01f8bcd7af409b3e8b90cb58ee28953e0b5e388a6d230548aa3a5263b99845fd891740639d28b89902ec582d6e57d24fea13b2e9e8777b417a3f2c6f12d571f2ac4528d39d167b03248bba629db0bc72544ac8b1eb65937bf1a1dd2ef6e440d61bc451c8d0c65ba06fb3fbec06f3a74b90465e883fb4eb50d90d0ada912936aa900be32f1414d586b4f7f35bf660b82db22086301866af03ef2bcf099c873c22c389972ec8fda4230b1244b11698944b368a9db2ab36f93d245a7bb929df32920582de559c70839f9876b21b6d435f3a667585d042a06503ed514fb8beed53214c3997f2a7f31c466c06e2e88e7ce0165e229ab44b8b2d6861eacba6f72f2132853931a4dd5b7bc7c09efe8b5c615882002e96ac735b369f103585aea8239acf6d8288d8233c5ddf50acfb8220d04a5a636d31a9f14654d0e9ed8270d1660dbee9a1c8f1ec1f0d4aa6e0e633d5bfc864040caccb06b9e24b0eab1ee7aacb0ddad2a81b9eac18a06c4839b8532080287451b558bbff827253abfecc88f235830b97e50542fca7a2b9a683b4906dbdb1a962124c6e0bf70d640d1daf3bb354fc6e9c956c902b4f60bdab3dffe5acf1522d5c0e99faac3f711f1cbaeda3a6ff16caa313ec93d983fce8ded911f7bf5ec70e32acdb33b398380f604afeba0da78456e6d05449045dadb089067cef694ca85fce5c1c04dc673ece63f29f3853f84a4a19c2a5df3c9998fb8746543d0607895d8a2465bb88c749adfcd6bdf17dd6ddd83a5fb92c2dff445da1ee8c82f48202460846e90d12e506ceaa68f8555befb517bc3efeb86ff285aa7ed42cfdba3d12a317ccc2d27de9dfc075db1aa62cc61aca5cc1e35c0ca2f76ddcda040c10400919390b3388c2b2614ba79a9c72ec657db18b9219f5e4b71b753f032b3bdfc4846e1e4acfeeb977e81df8d3f2c765deaf5eee8be6e98487fb32efc77f4ceb6fc650b9644657f5becb525e886bf5c9edc86ef2add66ac007dfe1d218a6f3964d4aa611019b2b47c4d3d5f5e9b4a220f608581a15dcef48891eed0754a5f51bc5d536776c016cb0b4619cdb590f1977a56e6ce9668be401818b49e1a7a3b6d1e84481d5b774501636d7bd5602007e1c38998fdf697a012b0c66e223aff22a34dd10444ec02ffbcd930332aef0a74b6f48a44e7f9f3890002e2b73d48c5086d23b06143956f349439d5ae7954a7a242ddb7098dc48719f2ef8b19f5e7467770785481af8f36e57b7424208a26188ac30aa0f779bc1e356c51f92b1f8a31cbd4236bfe11ebd3c0a3b39880563c274fda2ed826d10e73cbb0dc7c28ffdde06c8862e42b46a9b57eca367d30add0eae2a17f94a99f9d403f36f962b138b16dc8c76f2611a244a69d6ec335a8bdf9fa098291a59e28c164398d3ea7d7a58aa792160d29f6a6a6784e8e756ed2b0ab68f5849173371cbe3fd2dbc11710cd9da3ebc0bc9d2cb7b8260372372a0a803ce4a49b6e7b3e794c2", 0x1000, 0xfff}, {&(0x7f0000001900)="bfdce447cc3bba9d2d99641bc62c2269ffd2b833f615a20a34587a438d382be0109718a872ab9ca315f83ffd8e6574c5a47f1d861fd6de3630e2dc99e22de987802bb639fabd4103fa6678a5ad761b65e44de55e837ab1209b57fca0e3f72ee37c2f33f118bd85cff63ccced3c19f1f978acf74d7c201c75acfdc1e307d990c02e3ab591993ad2bab9a5ec87386a1884338ea0f89f764ef8638f9ad4afe4e21abe6a211383a42d5cc5a6d0e2d2ae2889c8f1f3a3edad3d3f4e8e07a99a8f0ada805dae88782d5b04fd10bc07764d4b72dfff0f308ef55050096fe288ddf28a037bc81068ecd5123bf2eb8863cf9545d008a9d338c57852ec21", 0xf9, 0x6}, {&(0x7f0000001a00)="e197008dc4e830ed9212a7e8149e4b0a1ab6e43c61e218aae5b7b852221ad11885c4a8efaa63170fbae8b9161ee6484557b5068491d93680a4978488df36092b968dc49e5bd64a2f4c66b999efe42e68a4b9c546186437432f06cc5ac95d69469ac15d2aac43aaadee2e5a2e4fd49e7a53c5d38170b7f515d025673fc2c86a78cbb4b30b87d21365b94958a8795254b4ed0aab4d6ee2ac71e9b2568ce5add28f8cb8d7bbf193e4a6afa6d1a376106c8f4b687a98af45888421e53882da75cbe5cbff", 0xc2, 0x1}, {&(0x7f0000001b00)="87160c0c5d03087c6ddf1c9960691712c4d34b05545413f90d42c39b2a4c3df47042ec66eba1b41b7412aa62c0d805ab89179beee671d146fa0bee5c0fe128d954998f33126043ecfcf0e31adb2cc9c17d902141bf186c6aec564fa7c86600913ca4e35cd9aa2a629cf819ba8e6044cbcb5ac6f0f92404502188d1", 0x7b, 0x7}, {&(0x7f0000001b80)="2c8cae8052e17d41ab331d2198035f856f3057deee4489009182d30165dc94219387ecc7681953f554404e4dde066872e7677ab4af126c6d", 0x38, 0xcc1}, {&(0x7f0000001bc0)="378d0ff7e83ad2e16608434895e33ad662d9d5dfa444a60bb0e5a6d7615804030112b6dc72165a36a3b380fdac46b49ba5f4e9be7f5a925634147ec0edd3749ccb6e4392c34d2df5de2096443d6a1ee69d1d324231ff79576b1a23bdfe4c0bb61dd988a29a06e139e922b0cc8f44f2d149065f1f3d87964f8f1d9eab7c6ce94a16703ac23a9df89b994e2fb6e0fe341e3eede0a09a85691175e02ada7e85066f8d31f76c791de545f8196f6f73c482d6e6dd25f27205e5efccc95330542e2a5b35c92dae23594d4a52015aaca86cabec377062eae20b0594630bb4aaaa489a0e7b62f8a429c661739a7de71c94e644ae58044c2dc142a0b8575d08c7c07f91ceb0bf0c6518f0ff1f638e00a29297022cae63239cbb8796a92c9555aa022ed31e04cb7e8ea5ea5c0a42f315aca4bb22616c47ad783a9cc39de050a1ae58da96883a1f48ae9201cb494c49e5a4272d963d07433af745cfd5ff0944d9e09de5e4703a510a3dee7f6d5b03dd03d6138b32b888ad66417955f7751e90d2579d32bb033dd852c89ad636dcd7133f84e4fe465f15fc3c3a740f5fa385e1cab6cded0b9122476a4e7fb71ec97b8df2eeadca8a5bc4a12a05ae3db81092350ddfb2602b6d789bf89a051d67a6c8d274dd47ef1d11cd061027b911b65d2c7adaaf4637a0be4d7a5d5edbc625e1c02dcd313bcc895a26e8cce5fb786d29da9b0f23c178421e588366e926dafd2e199c29d42186708af2b40f2dedeaf01459d13218dabe24b0ac0145a1dd67bab4cac499b530725f2afcf20f078f366c300ca7d0a9ce38420e28d461006e8edd11ebbe570a214042113de932b41cd92ed8a55758f4c71dd2cecb163b223218b13b084c8d6fc3d7bc464a1031ae81948a1d41a9b5652e188e33cb3f8ad858d38c9b289e8d7e9d52ce60f72797d1222c2c6bf156d32c57589b12ce588fff87a1053ec41b260721ecd3a8ae548a9c4df90e8ae49e4af13bb880a8354c43c50b9077a23242029c24a4327473d7bb35229c6cf7c3667ef049313a338108c94ac5b2ac50ac5b31baae7a56dfab2e1af8e444d79bc1ea074bb6423c178c1d544602e1be6543490a82e8434f29fb7e76d9ee0bcacaf86ccc7d034ce2a554206333873b354215b47eda8486ab5c210feb27ace3fb1ec07f6f43fdca80db8cf59738cdf0aa07aef3c4658f13e69b12740222430e47356ff486188ab20ef2d1494e4aa51bf99266a5faeb8cca498131efb2f7a9c8c1ddd15df7909e96f6c011c89ed699de9fcd1057565a205079fa7b78b8c4751b716cecca4de65934db088040d52ad2ee7678b5d6fafb5aee96a2560850d5ce5ca10e839dfbc3ed055d0ef9b992781bba541267e7755e7c6d7009569b8dbc1b030596320599a0cfdfa7704dc6a0550b5978430a02eb62ef90914f30bd423d5a255531317612ffa8b90c7826157c9aaf020d5229b4d9b416419d00b8b7220384baf1509b5029bde313b0c7c5f4187bf656b2929c6c4a146d205db0ac64471c453d9861bdef64c5122444f8d67f6ec6edd2c5bc4b8db0aa108725a6c359da93b13b1a84a2bd1785ddd2313f1f795d28fd403c60d199c8a89efa3c01a7e1763c35952f526498bdd4aab07bf6827690905f647d8ca26a132702fdc1f3b321d02e0d060eab75e0002492635ea1cfdc792653522d5d2b43d46e269b4518f1b2f4f20300c61bd00dcac2182cbc61b8912b82ed8098a95b110cbe9ba94ca71f2b68130ca6d896bb1c4da4760ba13c49e073e590a79e2e34c08337f29d409f97e497c38237c4699ade2f42bb8aa25fa8bfbdc9df5f63194c587e34ec7c61bbcdb0b1ca93be8cf1f174a5156d97ead34cfb7c2e94fb5c23939dec4d621588249f81293a17634d75f91b5d9446a753dfb875af0ccef18d44bdefaa12406803ef26f177520ac56e87a752d967ec4c9fb1c4179fdc746fa05dcead3fffc82dfc2dbd95534c34c70a35cd9e17cbf481a091210a14fd776ad84507e273425a550d9d056e9e3d745b823d0c11ae11f283d84de84b5a9d1eb80dbc9e3945903779ff7116d1ffbd359a879d51b15b5f20348e166140fd990dfc932cc1caf8568c61aded506b89d44baf5d6a0752a1aa55916a5e70be0201f1ab74e8ed11766df4ef051db501a5e90001138af881a6dd6ccea5c1df6d0e6ab1f8b0794094d98a30512df867f8948c26806de7b7481c6c3a498b5b755f28cd85e8d0f4d966d22282dda0406ed9b897319a918f292d3ebb2d0985d5ea40d7359490a65778e47e4d24d7f7849dfab309312423bfbbcfee53cb4ce02905a38c27551818983b8107efa88a4c5768e71b239765bf3cadf76a231379f4c221d61049a2e659a7a117b285eb52314cf66826593b10cc96346ba886669f4de31c74348c103917cdcbbcbcbe98172a9ca7c2de0bd9393caf79b5be236269b91eea73fafcfd72fb58361959fa5a5d3635f8d87c332f3d4ff7c57f9fa20707583064e1fce839c93c00d41a79a4a816841e8040ec0f070057e9c9ee3609d15391d4f92e28f93b2d5e3ececdefcc79b1e69774d45f126b771480870a57f2b6edb3e58a927b810cbf2ac8f9c406b71587f0aa87dd7235735d7f8c10260a492d241aea21e2bf483ed0c8c64fad6531586da91dba8203596d58fa4036a82739d8c6369f435ac49268953d70183a04dbcf2d08aed9b66d20e5e109090ce1967486925d9852e416af1ff38953da9a45cc399b9d94434a1128acef5c53c2ffabf82d3f31eac2a575f54bc9558985df7de8ee6a8e74d593c73f517fc1bf20a523a90a37c8eeb4469f537b79970b5db9b587515f9676b33dbf2fc308a7c8f74ee54e7cfaef573f0cd5f49e088257da39c1f9f814a45e9e021e7043bb064812832b6b2781646c6adade0ac815bcf6220f7e6e82d0c5a7a6f8ec5d94c3cab0ef2a2d100107c848d7716e6d0ffea4d54b7f61e35464db04501367c7316a29311a9a6f5c4980e6606889df64e0e8466d9e8794ff393341cfecc6cbbf4a515bc147f68ad1fffe2e888ac9ecb5521dd23ad50f32578b05bf9e98d7e7eb13d67df5b835a63f245a897d0d0284f309b6d5e370df04195227d3cc720b7b4749b183b280185672d6bf7188d41a7fa5b85347d537404cd0d024c3cee575afa7196f89105874324934cf94941761bb1c576917fc412795cc34578f30d6cf6a36b83bb64402c8ddc8004621b84dc48761151daf48e0aad3d0a0ae46e5c0666611046a9eb7c282bf289846f8c1d2d38e2faa5b88d204cf41c483511d0b2f49e6b74405c536ace133e1d73befb01ba0f4e9cf8f1c01ca4925876d373cc12054a59daa5ff56954ea2268ebac953fe54dfba0906d6bfe4c943f1872ce9f66a15499e76438d10f5bd4916553cb073bfe14c006eda8902a8e37c20383e696a25deadb572d669e59452c02e9443fea4a311459f3aa3d9e76babfedbbc61505105a8037f8508843e6097a28313e6c12f4ae3153ba181277d25fe549aedf7fdc2b0ad874edfeb2947d7d5e7a249706c40729aa08183d57dfa24a5d4f02763d7d6e4b8582a1fd617324ded79c1c5e92efe115ec7e8a2a428e90df479516639eda64025eec3451727072488ca20110d198098b355cb2db5af323963f6aae9227bacd559912e0ae6b1aa97728784cfc4b40d152cf9c6231db1022f0616884406eb2a3eddbd0b8f27758134faf97a1815c8f7ccdf64843a62db6d0a316e31b7d8f0a334204bd3f5c97b57d8177006799d63b09417f5f61fc212ef41ed94313361872ae33ea7254cab7598054bc47c40b4c2e6e14cb57eb55d13ce9d8a610564e1f433b5d99dc8a5ed36fb911291b363cac756d9939e518e096f5e16e9e7a62647f3bfebb79f19d0b74d3bfc8eab649ad0e0867f5f78dc60ad0ed6a8db0b6052a56a55dde10951beeba4d98d7f09c735cffba8b70cf798b57d344e303e2f1ee44325e62ec9034c83baef40fa835b96bd6d527af7f8204a5889847a8b2955c7326d4a07e7e3bdd7521646b4c97c9899f7d27bcd22f10b56a4ac5685bd10cf4ada38b7c17a0bc06559de72012eacd2969ca61260067753de5d6a1c038bd23803850c8424fe234074dae44e47852623e7c617550dd06d133689ae569ba4cc23c83b9b6e16a522836a366c158dad651bb1a4f26c88e4f28d442e3e6b923c97a43b5fc470d4ec2b969024a4b3b91d3fb0ffb02e35f2888593a6cf8c9d2bc4d50418e04db1317c232204a50b2a650b6ff04cd2d6cba3a137b80de469b9e62f68bed392f43b16552d14ebb2da82932968f99fb4414a1d671380440598d310758c4ac6288620f150ca8c7c9139ab94e5e2c132f5b56270c94404b4ddab38054f4f2e499ebb3013287f46f02581c16c4062cbaf37aeadbc92887531bcd0106b6a9e7cbffdcfb950758b1b1b3ccbde946336d29533f926d91041f4631972c77ff5a7fe48d08a5c6295e54aa8e58461308c56024900ae8d2cd853ee6e2a8a1687bb8bd11d1a41c43a67719b1e1d4b58ee1e3c50e38cefa88343aef8a677e76e3483b3fd6fb8902c9b66a1fe1c6b93cf909d2611cc5118bc4da440bfd0f2f011cdea7b7178c8b0d17a12d46999604ae4753334db8db643fe5559621931d6b7ea6c42af9133ae6a01aee2486d04a969f1bf31e3e50f9855db1c531aabca48d699202d8a7e5e81b8850fe6f4dc36214c946423174fae90ffecfa94ff1c0a860097c28ecd88e78af9755e28585dd56c1ae72493eab3b91a8f41af62915bb7ad34587a475bd32e44a1f47bad9bda341d51a9adda6465a28ff978606d7d13d098711a1ed28255c6d859df55a2238e882df8c3b203514ebba632f5446ac63f932279feec69d22d34a64aa66510862b4084713ee0044415d8ef860ef73b62d84fca73c1160edd772b1c44b1128f04044274e9e89cd1665a8a05daf02312ca705b7687975b72c53996c8e54daa70f4b59ac5313796e41e6347802dceb1e7360ae337b6d68941570d1719146aa387dccc4fadec3597c16e6146361af2e6916f9c8b4314fc3e56d62f34c4092ab747f9aac07f0c8fa65fee8a2e8cb7ab1d858a9babb2ce68594937202ffc5231591db703b115a065a3327f0a6bbe56ad1685e066324f25f1069d52ce46bd5595a6dc777d0e823fc771d330fb877f8ebf5b9f2defefdce0722f3a253a8e38a0fac92ae9f9b50a4415fff193c55b8c3aca9899a6d86c2355fe02f1319aed66d6461dc3a1c65514f3d64f5f357154d3540748fd85c7d820a4dc997e71041398a8e68472467e151b9918344cd172ab14431dd16483772db53c69ee44dfaf3b14623d96185d6365dfe7b813a1751e3a455602160e6f62e014dbc8f322c53b7d89546826237254283e80a4e4b5924a99f6b1a7ae42707344370c10b94bbece19d652b669888f8c082f02b5896478a2705d8056def7f7da9dc080ca7a11d15752df6e31cde1ff140be697439b9e24b4e673eab78abb26f8da68f01cb852c3a2b8d5bff58f6ee2e50fac40e532fa825256ac8871e8b17841c5d51b5ff50c419f7d3ff49ea6507b54112c6154953679c3db8e25ab8fb836f47fb5920694cd8a7b5044f198f2f0f78c44771a8a91fda4eab56ca885b8bf1f5963897d6e1d9b2253b606c7dfa4e4d7b9d539da42b70de423841d010943f19617068625a7fac6a2a84b04f398bff4e30b951678ee7d3f838b556e19a6985c47f085dfced421f5ceb9c484ebcb12ac29aff75143cbcd37489e1b03984b93890bc21eabff96a3c23ccd56deb7d426b256b2f82e2fa8f22fa648d3f4d685c92", 0x1000, 0x73fbd3c7}], 0x2882, &(0x7f0000002c80)={[{@grpquota='grpquota'}, {@nointegrity='nointegrity'}], [{@euid_gt={'euid>', r3}}, {@defcontext={'defcontext', 0x3d, 'system_u'}}, {@euid_eq={'euid', 0x3d, r7}}, {@measure='measure'}, {@euid_gt={'euid>', r3}}]}) fchownat(r2, &(0x7f0000000440)='./file0\x00', r3, r4, 0x800) ioctl$TCSETA(r2, 0x5406, &(0x7f0000000780)={0x100, 0x400, 0x3, 0x3, 0x8, "64b02c742ecad74d"}) setsockopt$netlink_NETLINK_RX_RING(0xffffffffffffffff, 0x10e, 0x6, &(0x7f0000000040)={0xfffff337, 0x5, 0x51, 0xa656}, 0x10) 22:57:41 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f00000001c0)={0x10010002, 0xffffffffffffffff}) [ 1524.236408] Node 0 active_anon:1058104kB inactive_anon:820kB active_file:68kB inactive_file:68kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208960kB dirty:60kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1524.289052] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:41 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = accept4$netrom(r1, &(0x7f0000000040)={{0x3, @null}, [@default, @rose, @remote, @default, @remote, @rose, @null, @rose]}, &(0x7f0000000100)=0x48, 0x800) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2) set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r3 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r3, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) [ 1524.341618] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1524.364526] Node 0 DMA free:10444kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1524.373604] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1524.398140] CPU: 0 PID: 4701 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1524.405962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1524.415319] Call Trace: [ 1524.417925] dump_stack+0x197/0x210 [ 1524.421552] warn_alloc.cold+0x7b/0x173 [ 1524.425520] ? zone_watermark_ok_safe+0x260/0x260 [ 1524.430354] ? compaction_deferred+0x16a/0x3b0 [ 1524.434933] ? try_to_compact_pages+0x44/0xae0 [ 1524.439520] __alloc_pages_slowpath+0x2214/0x2870 [ 1524.444380] ? warn_alloc+0x110/0x110 [ 1524.448173] ? __lock_is_held+0xb6/0x140 [ 1524.452242] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1524.457774] ? should_fail+0x14d/0x85c [ 1524.461656] ? __isolate_free_page+0x4c0/0x4c0 [ 1524.466232] ? __might_sleep+0x95/0x190 [ 1524.470201] __alloc_pages_nodemask+0x617/0x750 [ 1524.474880] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1524.479902] ? fs_reclaim_acquire+0x20/0x20 [ 1524.484216] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1524.489750] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1524.495451] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1524.501001] alloc_pages_current+0x107/0x210 [ 1524.505447] ion_page_pool_alloc+0x17f/0x270 [ 1524.509862] ion_system_heap_allocate+0x154/0xa90 [ 1524.514709] ? ion_system_heap_free+0x250/0x250 [ 1524.519370] ? ion_alloc+0x306/0x900 [ 1524.523080] ion_alloc+0x29b/0x900 [ 1524.526621] ? ion_dma_buf_release+0x50/0x50 [ 1524.531048] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1524.536579] ? _copy_from_user+0xdd/0x150 [ 1524.540722] ion_ioctl+0x17b/0x329 [ 1524.544259] ? ion_alloc.cold+0x28/0x28 [ 1524.548240] ? __might_sleep+0x95/0x190 [ 1524.552211] ? ion_alloc.cold+0x28/0x28 [ 1524.556179] do_vfs_ioctl+0xd5f/0x1380 [ 1524.560061] ? selinux_file_ioctl+0x46c/0x5d0 [ 1524.564549] ? selinux_file_ioctl+0x125/0x5d0 [ 1524.569052] ? ioctl_preallocate+0x210/0x210 [ 1524.573467] ? selinux_file_mprotect+0x620/0x620 [ 1524.578224] ? iterate_fd+0x360/0x360 [ 1524.582018] ? nsecs_to_jiffies+0x30/0x30 [ 1524.586161] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1524.591690] ? security_file_ioctl+0x8d/0xc0 [ 1524.596096] ksys_ioctl+0xab/0xd0 [ 1524.599543] __x64_sys_ioctl+0x73/0xb0 [ 1524.603427] do_syscall_64+0xfd/0x620 [ 1524.607236] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1524.612415] RIP: 0033:0x45b349 [ 1524.615615] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1524.634509] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1524.642221] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1524.649509] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1524.656792] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1524.664076] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1524.671346] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c 22:57:42 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000000000a000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1524.689319] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1524.743685] Node 0 DMA32 free:88276kB min:36168kB low:45208kB high:54248kB active_anon:1056068kB inactive_anon:816kB active_file:84kB inactive_file:68kB unevictable:0kB writepending:96kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28096kB pagetables:70664kB bounce:0kB free_pcp:1148kB local_pcp:608kB free_cma:0kB [ 1524.864552] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1524.879889] lowmem_reserve[]: 0 0 1 1 1 [ 1524.879915] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1524.879950] lowmem_reserve[]: 0 0 0 0 0 [ 1524.941065] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1524.956769] CPU: 0 PID: 4712 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1524.964771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1524.974337] Call Trace: [ 1524.975313] Node 0 DMA: 27*4kB (UME) 23*8kB (UME) 8*16kB (UME) 14*32kB (UM) 6*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10468kB [ 1524.976952] dump_stack+0x197/0x210 [ 1524.976978] warn_alloc.cold+0x7b/0x173 [ 1524.977001] ? zone_watermark_ok_safe+0x260/0x260 [ 1525.005474] ? compaction_deferred+0x16a/0x3b0 [ 1525.010201] ? try_to_compact_pages+0x44/0xae0 [ 1525.014812] __alloc_pages_slowpath+0x2214/0x2870 [ 1525.019673] ? warn_alloc+0x110/0x110 [ 1525.023475] ? __lock_is_held+0xb6/0x140 [ 1525.027555] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1525.033226] ? should_fail+0x14d/0x85c [ 1525.037137] ? __isolate_free_page+0x4c0/0x4c0 [ 1525.041908] ? __might_sleep+0x95/0x190 [ 1525.045951] __alloc_pages_nodemask+0x617/0x750 [ 1525.050636] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1525.055669] ? fs_reclaim_acquire+0x20/0x20 [ 1525.060000] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1525.065650] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1525.071372] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1525.076912] alloc_pages_current+0x107/0x210 [ 1525.081337] ion_page_pool_alloc+0x17f/0x270 [ 1525.085771] ion_system_heap_allocate+0x154/0xa90 [ 1525.090624] ? ion_system_heap_free+0x250/0x250 [ 1525.095315] ? ion_alloc+0x306/0x900 [ 1525.099044] ion_alloc+0x29b/0x900 [ 1525.102605] ? ion_dma_buf_release+0x50/0x50 [ 1525.107017] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1525.112649] ? _copy_from_user+0xdd/0x150 [ 1525.116819] ion_ioctl+0x17b/0x329 [ 1525.120366] ? ion_alloc.cold+0x28/0x28 [ 1525.124356] ? __might_sleep+0x95/0x190 [ 1525.128343] ? ion_alloc.cold+0x28/0x28 [ 1525.132321] do_vfs_ioctl+0xd5f/0x1380 [ 1525.136224] ? selinux_file_ioctl+0x46c/0x5d0 [ 1525.140732] ? selinux_file_ioctl+0x125/0x5d0 [ 1525.145231] ? ioctl_preallocate+0x210/0x210 [ 1525.149644] ? selinux_file_mprotect+0x620/0x620 [ 1525.154420] ? iterate_fd+0x360/0x360 [ 1525.158229] ? nsecs_to_jiffies+0x30/0x30 [ 1525.162407] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1525.167966] ? security_file_ioctl+0x8d/0xc0 [ 1525.172392] ksys_ioctl+0xab/0xd0 [ 1525.175846] __x64_sys_ioctl+0x73/0xb0 [ 1525.179733] do_syscall_64+0xfd/0x620 [ 1525.183667] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1525.188862] RIP: 0033:0x45b349 [ 1525.192058] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1525.210982] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1525.218704] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1525.225987] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000006 [ 1525.233266] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 22:57:42 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000000001a200000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1525.240552] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1525.247837] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1525.282702] Node 0 DMA32: 139*4kB (EH) 44*8kB (UEH) 116*16kB (UEH) 1215*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 42604kB [ 1525.329869] warn_alloc_show_mem: 1 callbacks suppressed [ 1525.329874] Mem-Info: [ 1525.350560] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1525.361996] active_anon:276769 inactive_anon:204 isolated_anon:0 [ 1525.361996] active_file:4241 inactive_file:7162 isolated_file:0 [ 1525.361996] unevictable:0 dirty:33 writeback:0 unstable:0 [ 1525.361996] slab_reclaimable:17146 slab_unreclaimable:128453 [ 1525.361996] mapped:58855 shmem:257 pagetables:26172 bounce:0 [ 1525.361996] free:744299 free_pcp:322 free_cma:0 [ 1525.419766] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1525.449089] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1525.474988] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 22:57:43 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000000000b000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1525.487178] Node 0 active_anon:1058516kB inactive_anon:816kB active_file:84kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208960kB dirty:96kB writeback:0kB shmem:1028kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1525.515469] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 22:57:43 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0xeb0e}) [ 1525.545609] 11689 total pagecache pages [ 1525.554638] 0 pages in swap cache [ 1525.570979] Swap cache stats: add 0, delete 0, find 0/0 [ 1525.585409] Free swap = 0kB [ 1525.599053] Node 0 DMA free:10380kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1525.627095] Total swap = 0kB [ 1525.642693] 1965979 pages RAM [ 1525.646168] 0 pages HighMem/MovableOnly [ 1525.657807] 341741 pages reserved [ 1525.673253] 0 pages cma reserved [ 1525.684551] xt_check_match: 5 callbacks suppressed [ 1525.684567] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1525.714037] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1525.720660] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:43 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000000001b600000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1525.760928] Node 0 DMA32 free:38596kB min:36168kB low:45208kB high:54248kB active_anon:1055920kB inactive_anon:804kB active_file:52kB inactive_file:20kB unevictable:0kB writepending:12kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:27872kB pagetables:70636kB bounce:0kB free_pcp:1532kB local_pcp:752kB free_cma:0kB [ 1525.937039] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1525.955821] lowmem_reserve[]: 0 0 1 1 1 [ 1525.999990] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1526.045716] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING 22:57:43 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) write$FUSE_OPEN(r4, &(0x7f0000000040)={0x20, 0xffffffffffffffda, 0x3, {0x0, 0x9}}, 0x20) 22:57:43 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) ioctl$KVM_ASSIGN_SET_INTX_MASK(r1, 0x4040aea4, &(0x7f0000000040)={0x9, 0xffffffff, 0x6, 0x2, 0x100}) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) 22:57:43 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00') ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:43 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000000002bf00000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:43 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0xfeff}) [ 1526.188965] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1526.228127] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1526.265328] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1526.275291] CPU: 1 PID: 4951 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1526.283129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1526.292521] Call Trace: [ 1526.295142] dump_stack+0x197/0x210 [ 1526.298803] warn_alloc.cold+0x7b/0x173 [ 1526.302807] ? zone_watermark_ok_safe+0x260/0x260 [ 1526.307681] ? compaction_deferred+0x16a/0x3b0 [ 1526.312438] ? try_to_compact_pages+0x44/0xae0 [ 1526.317065] __alloc_pages_slowpath+0x2214/0x2870 [ 1526.321966] ? warn_alloc+0x110/0x110 [ 1526.325928] ? __lock_is_held+0xb6/0x140 [ 1526.330144] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1526.335698] ? should_fail+0x14d/0x85c [ 1526.339618] ? __isolate_free_page+0x4c0/0x4c0 [ 1526.344236] ? __might_sleep+0x95/0x190 [ 1526.348240] __alloc_pages_nodemask+0x617/0x750 [ 1526.353092] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1526.358152] ? fs_reclaim_acquire+0x20/0x20 [ 1526.362518] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1526.368080] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1526.373914] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1526.379598] alloc_pages_current+0x107/0x210 [ 1526.384037] ion_page_pool_alloc+0x17f/0x270 [ 1526.388596] ion_system_heap_allocate+0x154/0xa90 [ 1526.393476] ? ion_system_heap_free+0x250/0x250 [ 1526.398172] ? ion_alloc+0x306/0x900 [ 1526.401913] ion_alloc+0x29b/0x900 [ 1526.405482] ? ion_dma_buf_release+0x50/0x50 [ 1526.409919] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1526.415475] ? _copy_from_user+0xdd/0x150 [ 1526.419643] ion_ioctl+0x17b/0x329 [ 1526.423313] ? ion_alloc.cold+0x28/0x28 [ 1526.427332] ? __might_sleep+0x95/0x190 [ 1526.431343] ? ion_alloc.cold+0x28/0x28 [ 1526.435347] do_vfs_ioctl+0xd5f/0x1380 [ 1526.438301] lowmem_reserve[]: 0 0 0 0 0 [ 1526.439252] ? selinux_file_ioctl+0x46c/0x5d0 [ 1526.439267] ? selinux_file_ioctl+0x125/0x5d0 [ 1526.439286] ? ioctl_preallocate+0x210/0x210 [ 1526.454069] Node 0 DMA: 27*4kB (UME) 12*8kB (UME) 8*16kB (UME) 14*32kB (UM) 6*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10380kB [ 1526.456834] ? selinux_file_mprotect+0x620/0x620 [ 1526.456859] ? iterate_fd+0x360/0x360 [ 1526.456878] ? nsecs_to_jiffies+0x30/0x30 [ 1526.456899] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1526.456921] ? security_file_ioctl+0x8d/0xc0 [ 1526.473472] Node 0 DMA32: 3162*4kB (UMEH) 3687*8kB (UEH) 2032*16kB (UMEH) 1208*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 114272kB [ 1526.477568] ksys_ioctl+0xab/0xd0 [ 1526.477593] __x64_sys_ioctl+0x73/0xb0 [ 1526.477614] do_syscall_64+0xfd/0x620 [ 1526.477637] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1526.481991] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1526.485595] RIP: 0033:0x45b349 [ 1526.485611] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1526.485619] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1526.485634] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1526.485644] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1526.485657] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1526.485665] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1526.485673] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1526.611196] syz-executor.0: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1526.611425] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1526.622840] Mem-Info: [ 1526.639065] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1526.652130] active_anon:276753 inactive_anon:207 isolated_anon:0 [ 1526.652130] active_file:4233 inactive_file:7187 isolated_file:4 22:57:44 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x20800, 0x0) getsockopt$inet_sctp_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000000080), &(0x7f0000000140)=0x4) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) openat$pidfd(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self\x00', 0x92000, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r4 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r4, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) getpeername(0xffffffffffffffff, &(0x7f0000000200)=@l2={0x1f, 0x0, @fixed}, &(0x7f0000000280)=0x80) writev(r4, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) fcntl$notify(r4, 0x402, 0x2a) [ 1526.652130] unevictable:0 dirty:12 writeback:25 unstable:0 [ 1526.652130] slab_reclaimable:17130 slab_unreclaimable:128822 [ 1526.652130] mapped:58867 shmem:255 pagetables:26215 bounce:0 [ 1526.652130] free:857895 free_pcp:292 free_cma:0 [ 1526.665340] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1526.727051] syz-executor.0 cpuset=syz0 mems_allowed=0-1 [ 1526.764710] CPU: 0 PID: 4961 Comm: syz-executor.0 Not tainted 4.19.100-syzkaller #0 [ 1526.772593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1526.782162] Call Trace: [ 1526.783873] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1526.784795] dump_stack+0x197/0x210 [ 1526.784824] warn_alloc.cold+0x7b/0x173 [ 1526.784841] ? zone_watermark_ok_safe+0x260/0x260 [ 1526.784860] ? compaction_deferred+0x16a/0x3b0 [ 1526.795119] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1526.797369] ? try_to_compact_pages+0x44/0xae0 [ 1526.797412] __alloc_pages_slowpath+0x2214/0x2870 [ 1526.797445] ? warn_alloc+0x110/0x110 [ 1526.802201] 11674 total pagecache pages [ 1526.806269] ? __lock_is_held+0xb6/0x140 [ 1526.806290] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1526.806308] ? should_fail+0x14d/0x85c [ 1526.806326] ? __isolate_free_page+0x4c0/0x4c0 [ 1526.806346] ? __might_sleep+0x95/0x190 [ 1526.811866] 0 pages in swap cache [ 1526.819564] __alloc_pages_nodemask+0x617/0x750 [ 1526.819589] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1526.819610] ? fs_reclaim_acquire+0x20/0x20 [ 1526.819625] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1526.819650] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1526.825047] Swap cache stats: add 0, delete 0, find 0/0 [ 1526.829080] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1526.829103] alloc_pages_current+0x107/0x210 [ 1526.829130] ion_page_pool_alloc+0x17f/0x270 [ 1526.829148] ion_system_heap_allocate+0x154/0xa90 [ 1526.829171] ? ion_system_heap_free+0x250/0x250 [ 1526.833796] Free swap = 0kB [ 1526.837068] ? ion_alloc+0x306/0x900 [ 1526.837089] ion_alloc+0x29b/0x900 [ 1526.837115] ? ion_dma_buf_release+0x50/0x50 [ 1526.837138] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1526.837158] ? _copy_from_user+0xdd/0x150 [ 1526.842038] Total swap = 0kB [ 1526.846749] ion_ioctl+0x17b/0x329 [ 1526.846770] ? ion_alloc.cold+0x28/0x28 [ 1526.846793] ? __might_sleep+0x95/0x190 [ 1526.846812] ? ion_alloc.cold+0x28/0x28 [ 1526.851460] 1965979 pages RAM [ 1526.855308] do_vfs_ioctl+0xd5f/0x1380 [ 1526.855328] ? selinux_file_ioctl+0x46c/0x5d0 [ 1526.855346] ? selinux_file_ioctl+0x125/0x5d0 [ 1526.855362] ? ioctl_preallocate+0x210/0x210 [ 1526.855376] ? selinux_file_mprotect+0x620/0x620 [ 1526.855398] ? iterate_fd+0x360/0x360 [ 1526.860235] 0 pages HighMem/MovableOnly [ 1526.862997] ? nsecs_to_jiffies+0x30/0x30 [ 1526.863028] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1526.863046] ? security_file_ioctl+0x8d/0xc0 [ 1526.863064] ksys_ioctl+0xab/0xd0 [ 1526.863082] __x64_sys_ioctl+0x73/0xb0 [ 1526.868245] 341741 pages reserved [ 1526.872816] do_syscall_64+0xfd/0x620 [ 1526.872842] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1526.872854] RIP: 0033:0x45b349 [ 1526.872870] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1526.872882] RSP: 002b:00007f1ef8b9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1526.872897] RAX: ffffffffffffffda RBX: 00007f1ef8b9e6d4 RCX: 000000000045b349 [ 1526.872905] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 22:57:44 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ion\x00', 0x400501, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x60140, 0x0) ioctl$RTC_AIE_ON(r1, 0x7001) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:44 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000000003c000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1526.872918] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1526.880457] 0 pages cma reserved [ 1526.882806] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1526.882815] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1526.891322] Node 0 active_anon:1060600kB inactive_anon:820kB active_file:52kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208960kB dirty:0kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 22:57:44 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000000002c600000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1527.135701] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1527.136615] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1527.147900] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1527.196446] Node 0 DMA free:10380kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1527.237610] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1527.259130] CPU: 1 PID: 4962 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1527.267101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1527.276472] Call Trace: [ 1527.279083] dump_stack+0x197/0x210 [ 1527.282734] warn_alloc.cold+0x7b/0x173 [ 1527.286737] ? zone_watermark_ok_safe+0x260/0x260 [ 1527.291739] ? compaction_deferred+0x16a/0x3b0 [ 1527.296341] ? try_to_compact_pages+0x44/0xae0 [ 1527.296886] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1527.300967] __alloc_pages_slowpath+0x2214/0x2870 [ 1527.301003] ? warn_alloc+0x110/0x110 [ 1527.301018] ? __lock_is_held+0xb6/0x140 [ 1527.301035] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1527.301052] ? should_fail+0x14d/0x85c [ 1527.301069] ? __isolate_free_page+0x4c0/0x4c0 [ 1527.301089] ? __might_sleep+0x95/0x190 [ 1527.301110] __alloc_pages_nodemask+0x617/0x750 [ 1527.315731] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1527.319231] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1527.319251] ? fs_reclaim_acquire+0x20/0x20 [ 1527.319270] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1527.344331] Node 0 DMA32 free:88164kB min:36168kB low:45208kB high:54248kB active_anon:1057992kB inactive_anon:820kB active_file:52kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28032kB pagetables:70688kB bounce:0kB free_pcp:1384kB local_pcp:844kB free_cma:0kB [ 1527.346148] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1527.346163] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1527.346183] alloc_pages_current+0x107/0x210 [ 1527.364847] lowmem_reserve[]: 0 0 1 1 1 [ 1527.366087] ion_page_pool_alloc+0x17f/0x270 [ 1527.366106] ion_system_heap_allocate+0x154/0xa90 [ 1527.366127] ? ion_system_heap_free+0x250/0x250 [ 1527.414915] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1527.419502] ? ion_alloc+0x306/0x900 [ 1527.419525] ion_alloc+0x29b/0x900 [ 1527.419559] ? ion_dma_buf_release+0x50/0x50 [ 1527.426742] lowmem_reserve[]: 0 0 0 0 0 [ 1527.429219] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1527.429236] ? _copy_from_user+0xdd/0x150 [ 1527.429256] ion_ioctl+0x17b/0x329 [ 1527.429276] ? ion_alloc.cold+0x28/0x28 [ 1527.461773] Node 0 DMA: 27*4kB (UME) 12*8kB (UME) 8*16kB (UME) 14*32kB (UM) 6*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10380kB [ 1527.462325] ? __might_sleep+0x95/0x190 [ 1527.462343] ? ion_alloc.cold+0x28/0x28 [ 1527.462363] do_vfs_ioctl+0xd5f/0x1380 [ 1527.467272] Node 0 DMA32: 115*4kB (UEH) 1764*8kB (UEH) 2071*16kB (UEH) 1224*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 87836kB [ 1527.470751] ? selinux_file_ioctl+0x46c/0x5d0 [ 1527.470769] ? selinux_file_ioctl+0x125/0x5d0 [ 1527.470788] ? ioctl_preallocate+0x210/0x210 [ 1527.470802] ? selinux_file_mprotect+0x620/0x620 [ 1527.470822] ? iterate_fd+0x360/0x360 [ 1527.470838] ? nsecs_to_jiffies+0x30/0x30 [ 1527.470859] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1527.470876] ? security_file_ioctl+0x8d/0xc0 [ 1527.470894] ksys_ioctl+0xab/0xd0 [ 1527.470911] __x64_sys_ioctl+0x73/0xb0 [ 1527.470928] do_syscall_64+0xfd/0x620 [ 1527.470946] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1527.470962] RIP: 0033:0x45b349 [ 1527.481557] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1527.484330] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1527.484339] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1527.484353] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1527.484362] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1527.484371] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1527.484378] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 22:57:45 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000000001d400000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:45 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0), 0x2) openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0x8}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ocfs2_control\x00', 0x101800, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r6, &(0x7f0000000300)="fd5fd4d55daffa7827e80917f11a9c174cb91ede1a898a4a55483892bfcce92dd4b8cb3173a560673f640fae6200e6ca9872066ed1fbd772787db230a40f631386fde4bbc316dc10082b2a738960ca5ebbb375ae3a50e5f17e01b041fc764d3971416aafd31a8f1b7ccf6a8c423a75e3fc637220f547ea39a23a5d17f184ad78c9ed163ce49efe089d35cca62b46acdaa9a260f1fbb28b5d6e08fef45aab26cce18c2b43c1e3390a5861375cd5e7f461d265f5b49ebe720425faec4a432ff4cb3d38c4d3be1f49b8a23adc2f3d85", &(0x7f0000000040)="ac6c29a3c467481dc94d396b8faa35ce3b221bf38ba699a95f2112cf639faf8ab8bf306473c93ef41c4e44578988daf9e0159d84ab153960f1c762ef415203d127d1a1611f14b55abe26ef958556aae875a1c56cd79fc009d1057cbf9e3f76cea2448f3b519a1cad50eaccf3000000000000"}, 0x20) [ 1527.484391] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1527.488560] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 22:57:45 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) write$binfmt_elf32(r1, &(0x7f0000000200)={{0x7f, 0x45, 0x4c, 0x46, 0x8, 0x0, 0x40, 0x72, 0x2, 0x3, 0x6, 0x8c, 0x29f, 0x38, 0x204, 0x549, 0x100, 0x20, 0x1, 0x2, 0x4, 0x2}, [{0x6474e551, 0x81, 0x6, 0x3fe00, 0x4, 0xf3, 0x1, 0x200}, {0x0, 0x2, 0xb8c8a00, 0x5, 0x6, 0x7, 0x401, 0x9}], "d71213e8f5f5e8", [[]]}, 0x17f) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:45 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x400, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r2, 0x12, 0x2, &(0x7f0000000200)=""/4096, &(0x7f0000000040)=0x1000) [ 1527.809994] warn_alloc_show_mem: 1 callbacks suppressed [ 1527.809999] Mem-Info: [ 1527.818387] active_anon:276678 inactive_anon:204 isolated_anon:0 [ 1527.818387] active_file:4232 inactive_file:7189 isolated_file:0 [ 1527.818387] unevictable:0 dirty:48 writeback:0 unstable:0 [ 1527.818387] slab_reclaimable:17129 slab_unreclaimable:129188 [ 1527.818387] mapped:58833 shmem:255 pagetables:26163 bounce:0 [ 1527.818387] free:824354 free_pcp:467 free_cma:0 [ 1527.859887] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1527.860448] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1527.898077] Node 0 active_anon:1058540kB inactive_anon:816kB active_file:48kB inactive_file:52kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208952kB dirty:32kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 342016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1527.930057] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1527.970174] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1528.025214] Node 0 DMA free:10404kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1528.116620] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1528.129768] 11675 total pagecache pages [ 1528.134145] 0 pages in swap cache [ 1528.142666] Swap cache stats: add 0, delete 0, find 0/0 [ 1528.154196] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1528.154540] Node 0 DMA32 free:84884kB min:36168kB low:45208kB high:54248kB active_anon:1056092kB inactive_anon:816kB active_file:48kB inactive_file:52kB unevictable:0kB writepending:32kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28000kB pagetables:70924kB bounce:0kB free_pcp:752kB local_pcp:752kB free_cma:0kB [ 1528.169353] Free swap = 0kB [ 1528.209879] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1528.223590] CPU: 1 PID: 5080 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1528.231455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1528.240822] Call Trace: [ 1528.243447] dump_stack+0x197/0x210 [ 1528.247100] warn_alloc.cold+0x7b/0x173 [ 1528.251101] ? zone_watermark_ok_safe+0x260/0x260 [ 1528.255962] ? __lock_is_held+0xb6/0x140 [ 1528.260065] __alloc_pages_slowpath+0x2214/0x2870 [ 1528.264946] ? warn_alloc+0x110/0x110 [ 1528.267759] lowmem_reserve[]: 0 0 1 1 1 [ 1528.268753] ? __lock_is_held+0xb6/0x140 [ 1528.268775] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1528.268790] ? should_fail+0x14d/0x85c [ 1528.268810] ? __isolate_free_page+0x4c0/0x4c0 [ 1528.279163] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1528.282425] ? __might_sleep+0x95/0x190 [ 1528.282447] __alloc_pages_nodemask+0x617/0x750 [ 1528.282470] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1528.282489] ? fs_reclaim_acquire+0x20/0x20 [ 1528.282505] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1528.282523] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1528.282539] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1528.287558] lowmem_reserve[]: 0 0 0 0 0 [ 1528.291006] alloc_pages_current+0x107/0x210 [ 1528.291029] ion_page_pool_alloc+0x17f/0x270 [ 1528.291048] ion_system_heap_allocate+0x154/0xa90 [ 1528.291072] ? ion_system_heap_free+0x250/0x250 [ 1528.291090] ? ion_alloc+0x306/0x900 [ 1528.291110] ion_alloc+0x29b/0x900 [ 1528.291131] ? ion_dma_buf_release+0x50/0x50 [ 1528.291155] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1528.322577] Node 0 DMA: 27*4kB (UME) 15*8kB (UME) 8*16kB (UME) 14*32kB (UM) 6*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10404kB [ 1528.325648] ? _copy_from_user+0xdd/0x150 [ 1528.325671] ion_ioctl+0x17b/0x329 [ 1528.325691] ? ion_alloc.cold+0x28/0x28 [ 1528.332777] Node 0 DMA32: 1904*4kB (UMEH) 1228*8kB (UMEH) 2091*16kB (UEH) 1229*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 91184kB [ 1528.335036] ? __might_sleep+0x95/0x190 [ 1528.335056] ? ion_alloc.cold+0x28/0x28 [ 1528.335074] do_vfs_ioctl+0xd5f/0x1380 [ 1528.343470] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1528.346422] ? selinux_file_ioctl+0x46c/0x5d0 [ 1528.346438] ? selinux_file_ioctl+0x125/0x5d0 [ 1528.346457] ? ioctl_preallocate+0x210/0x210 [ 1528.346480] ? selinux_file_mprotect+0x620/0x620 [ 1528.353895] Total swap = 0kB [ 1528.356010] ? iterate_fd+0x360/0x360 [ 1528.363323] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1528.364797] ? nsecs_to_jiffies+0x30/0x30 [ 1528.364822] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1528.364841] ? security_file_ioctl+0x8d/0xc0 [ 1528.371523] 1965979 pages RAM [ 1528.374335] ksys_ioctl+0xab/0xd0 [ 1528.374355] __x64_sys_ioctl+0x73/0xb0 [ 1528.378315] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1528.381588] do_syscall_64+0xfd/0x620 [ 1528.381611] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1528.381621] RIP: 0033:0x45b349 [ 1528.381636] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1528.381644] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1528.381658] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1528.381666] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1528.381675] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1528.381683] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1528.381692] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1528.527988] 0 pages HighMem/MovableOnly [ 1528.688366] 341741 pages reserved [ 1528.692531] 0 pages cma reserved [ 1528.696232] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1528.717916] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 22:57:46 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = open(&(0x7f0000000000)='./file0\x00', 0x2c0, 0x20) fchmodat(r0, &(0x7f0000000040)='./file0\x00', 0x5) r1 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) 22:57:46 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000000003d800000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:46 executing program 0: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-control\x00', 0x41043, 0x0) r2 = socket$inet(0x2, 0x4, 0x4) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r3, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) write$binfmt_script(r3, &(0x7f0000000b40)=ANY=[@ANYBLOB='#'], 0x1) r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000440)='/dev/qat_adf_ctl\x00', 0x90002, 0x0) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x4000, 0x0) r6 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000240)={@dev, @remote, 0x0}, &(0x7f0000000280)=0xc) sendmsg$TEAM_CMD_OPTIONS_GET(r5, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000540)={0x3e8, r6, 0x400, 0x0, 0x25dfdbfb, {}, [{{0x8}, {0xf8}}, {{0x8, 0x1, r7}, {0x90}}, {{0x8}, {0x3c}}, {{0x8}, {0x7c}}, {{0x8}, {0x16c}}]}, 0x3e8}, 0x1, 0x0, 0x0, 0x2000802c}, 0x4) r8 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r8, 0x0, 0x0) getdents(r8, 0x0, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r11 = dup(r10) getsockname$packet(r11, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r9, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r12}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r12}) r13 = socket$inet6(0xa, 0x2, 0x0) r14 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r14, &(0x7f00000000c0)=""/45, 0x12c) getdents(r14, 0x0, 0x0) r15 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r13, 0x29, 0x22, &(0x7f0000000400)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8) r17 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r17, 0x0, 0x0) getdents(r17, 0x0, 0x0) r18 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r20 = dup(r19) getsockname$packet(r20, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r18, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r21}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r17, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r21}) sendmsg$NL80211_CMD_GET_MPP(r14, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x104080804}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, r15, 0x2, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x3fc00}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r16}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r22}]}, 0x38}, 0x1, 0x0, 0x0, 0x42008}, 0x4) r23 = socket$inet6(0xa, 0x2, 0x0) r24 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r24, &(0x7f00000000c0)=""/45, 0x12c) getdents(r24, 0x0, 0x0) r25 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r23, 0x29, 0x22, &(0x7f0000000400)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8) r27 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r27, 0x0, 0x0) getdents(r27, 0x0, 0x0) r28 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r30 = dup(r29) getsockname$packet(r30, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r28, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r31}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r27, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r31}) sendmsg$NL80211_CMD_GET_MPP(r24, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x104080804}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, r25, 0x2, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x3fc00}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r26}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r32}]}, 0x38}, 0x1, 0x0, 0x0, 0x42008}, 0x4) accept$packet(0xffffffffffffffff, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000580)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'netpci0\x00', 0x0}) r35 = socket$inet6(0xa, 0x2, 0x0) r36 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r36, &(0x7f00000000c0)=""/45, 0x12c) getdents(r36, 0x0, 0x0) r37 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r35, 0x29, 0x22, &(0x7f0000000400)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8) r39 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r39, 0x0, 0x0) getdents(r39, 0x0, 0x0) r40 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r42 = dup(r41) getsockname$packet(r42, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r40, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r43}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r39, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r43}) sendmsg$NL80211_CMD_GET_MPP(r36, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x104080804}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, r37, 0x2, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x3fc00}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r38}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r44}]}, 0x38}, 0x1, 0x0, 0x0, 0x42008}, 0x4) r45 = socket$inet6(0xa, 0x2, 0x0) r46 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r46, &(0x7f00000000c0)=""/45, 0x12c) getdents(r46, 0x0, 0x0) r47 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r45, 0x29, 0x22, &(0x7f0000000400)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8) r49 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r49, 0x0, 0x0) getdents(r49, 0x0, 0x0) r50 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r52 = dup(r51) getsockname$packet(r52, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r50, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r53}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r49, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r53}) sendmsg$NL80211_CMD_GET_MPP(r46, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x104080804}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, r47, 0x2, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x3fc00}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r48}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r54}]}, 0x38}, 0x1, 0x0, 0x0, 0x42008}, 0x4) r55 = socket$inet6(0xa, 0x2, 0x0) r56 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r56, &(0x7f00000000c0)=""/45, 0x12c) getdents(r56, 0x0, 0x0) r57 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r55, 0x29, 0x22, &(0x7f0000000400)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8) r59 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r59, 0x0, 0x0) getdents(r59, 0x0, 0x0) r60 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r62 = dup(r61) getsockname$packet(r62, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r60, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r63}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r59, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r63}) sendmsg$NL80211_CMD_GET_MPP(r56, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x104080804}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, r57, 0x2, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x3fc00}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r58}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r64}]}, 0x38}, 0x1, 0x0, 0x0, 0x42008}, 0x4) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000fc0)={'team0\x00', r58}) r66 = socket$inet6(0xa, 0x2, 0x0) r67 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r67, &(0x7f00000000c0)=""/45, 0x12c) getdents(r67, 0x0, 0x0) r68 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r66, 0x29, 0x22, &(0x7f0000000400)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8) r70 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r70, 0x0, 0x0) getdents(r70, 0x0, 0x0) r71 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r73 = dup(r72) getsockname$packet(r73, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r71, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r74}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r70, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r74}) sendmsg$NL80211_CMD_GET_MPP(r67, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x104080804}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, r68, 0x2, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x3fc00}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r69}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r75}]}, 0x38}, 0x1, 0x0, 0x0, 0x42008}, 0x4) r76 = socket$inet6(0xa, 0x2, 0x0) r77 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r77, &(0x7f00000000c0)=""/45, 0x12c) getdents(r77, 0x0, 0x0) r78 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r76, 0x29, 0x22, &(0x7f0000000400)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8) r80 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r80, 0x0, 0x0) getdents(r80, 0x0, 0x0) r81 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r83 = dup(r82) getsockname$packet(r83, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r81, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r84}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r80, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r84}) sendmsg$NL80211_CMD_GET_MPP(r77, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x104080804}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, r78, 0x2, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x3fc00}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r79}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r85}]}, 0x38}, 0x1, 0x0, 0x0, 0x42008}, 0x4) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000006540)={'hsr0\x00', 0x0}) r87 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r87, 0x0, 0x0) getdents(r87, 0x0, 0x0) r88 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r90 = dup(r89) getsockname$packet(r90, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r88, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r91}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r87, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r91}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000006640)={'veth1\x00', r91}) r93 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r93, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r93, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r93, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) getsockopt$inet6_mreq(r93, 0x29, 0x1b, &(0x7f0000006680)={@empty, 0x0}, &(0x7f00000066c0)=0x14) r95 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r95, 0x0, 0x0) getdents(r95, 0x0, 0x0) r96 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r98 = dup(r97) getsockname$packet(r98, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r96, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r99}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r95, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r99}) r100 = socket$inet6(0xa, 0x2, 0x0) r101 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r101, &(0x7f00000000c0)=""/45, 0x12c) getdents(r101, 0x0, 0x0) r102 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r100, 0x29, 0x22, &(0x7f0000000400)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8) r104 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r104, 0x0, 0x0) getdents(r104, 0x0, 0x0) r105 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r107 = dup(r106) getsockname$packet(r107, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r105, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r108}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r104, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r108}) sendmsg$NL80211_CMD_GET_MPP(r101, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x104080804}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, r102, 0x2, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x3fc00}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r103}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r109}]}, 0x38}, 0x1, 0x0, 0x0, 0x42008}, 0x4) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000006800)={'team0\x00', r103}) r111 = socket$inet6(0xa, 0x2, 0x0) r112 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r112, &(0x7f00000000c0)=""/45, 0x12c) getdents(r112, 0x0, 0x0) r113 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r111, 0x29, 0x22, &(0x7f0000000400)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8) r115 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r115, 0x0, 0x0) getdents(r115, 0x0, 0x0) r116 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r118 = dup(r117) getsockname$packet(r118, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r116, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r119}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r115, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r119}) sendmsg$NL80211_CMD_GET_MPP(r112, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x104080804}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, r113, 0x2, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x3fc00}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r114}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r120}]}, 0x38}, 0x1, 0x0, 0x0, 0x42008}, 0x4) r121 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r121, 0x0, 0x0) getdents(r121, 0x0, 0x0) r122 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r124 = dup(r123) getsockname$packet(r124, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r122, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r125}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r121, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r125}) r126 = socket$inet6(0xa, 0x2, 0x0) r127 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r127, &(0x7f00000000c0)=""/45, 0x12c) getdents(r127, 0x0, 0x0) r128 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280)='nl80211\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r126, 0x29, 0x22, &(0x7f0000000400)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8) r130 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r130, 0x0, 0x0) getdents(r130, 0x0, 0x0) r131 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r133 = dup(r132) getsockname$packet(r133, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r131, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r134}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r130, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r134}) sendmsg$NL80211_CMD_GET_MPP(r127, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x104080804}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x38, r128, 0x2, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x3fc00}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r129}, @NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r135}]}, 0x38}, 0x1, 0x0, 0x0, 0x42008}, 0x4) r136 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r136, 0x0, 0x0) getdents(r136, 0x0, 0x0) r137 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r139 = dup(r138) getsockname$packet(r139, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r137, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r140}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r136, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r140}) r141 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r141, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r141, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r141, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r141, 0x8933, &(0x7f0000006840)={'batadv_slave_0\x00', 0x0}) getpeername$packet(r1, &(0x7f0000006880)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000068c0)=0x14) r144 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nfsfs\x00') getdents(r144, 0x0, 0x0) getdents(r144, 0x0, 0x0) r145 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r147 = dup(r146) getsockname$packet(r147, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r145, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r148}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$sock_SIOCGIFINDEX(r144, 0x8933, &(0x7f0000000540)={'ip6gre0\x00', r148}) sendmsg$TEAM_CMD_OPTIONS_GET(r4, &(0x7f0000007000)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000006fc0)={&(0x7f0000006900)={0x6b0, r6, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [{{0x8, 0x1, r12}, {0x140, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x5}, {0x8, 0x4, 0x6}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r26}}}]}}, {{0x8, 0x1, r33}, {0xb4, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r34}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x5}, {0x8, 0x4, 0x40}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0xc, 0x4, [{0x101, 0x81, 0x87, 0x6}]}}}]}}, {{0x8, 0x1, r38}, {0x4}}, {{0x8, 0x1, r48}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8, 0x4, 0xfd}}, {0x8}}}]}}, {{0x8, 0x1, r65}, {0x84, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x5}, {0x8, 0x4, r69}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r79}}}]}}, {{0x8, 0x1, r86}, {0xb8, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x10001}}, {0x8, 0x6, r92}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8, 0x4, r94}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r99}}}]}}, {{0x8, 0x1, r110}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x5}, {0x8, 0x4, 0x100}}}]}}, {{0x8, 0x1, r114}, {0xf8, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r125}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x5}, {0x8, 0x4, r129}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8, 0x4, 0x65}}, {0x8}}}]}}, {{0x8, 0x1, r140}, {0x1a8, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r142}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x5}, {0x4}}, {0x8, 0x6, r143}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x5}, {0x8, 0x4, 0x5744}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x5}, {0x8, 0x4, 0x3855e618}}, {0x8, 0x6, r148}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x5}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}]}}]}, 0x6b0}, 0x1, 0x0, 0x0, 0x4004010}, 0x80bf5bfde60db545) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000140)=0xda6, 0x4) sendto$inet(r3, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xd38, 0x13c, 0x0, 0x27) setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x4) bind$inet(r2, &(0x7f00000003c0)={0x2, 0x4e23, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) write$binfmt_script(r2, &(0x7f0000000b40)=ANY=[@ANYBLOB='#'], 0x1) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000140)=0xda6, 0x4) sendto$inet(r2, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xd38, 0x13c, 0x0, 0x27) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000140)={0x0}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000200)={r149, 0x79, "abe57f36fc41755d6b4e9239caa3386e83fe34b270d431328d959c5f125acc482799684a21d918a5e6665a02722c3addd71bc943f3974fcc74614ef0b2c3eebd7a666aa0979c02171a94cb0ac20dcf3fee98209130baa696a577489fc5fb81b65e5a6f40be75a4f2cbf28d19d5a3f7c110039e7a8a41f3c908"}, &(0x7f00000002c0)=0x81) r150 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/mls\x00', 0x0, 0x0) ioctl$SNDCTL_DSP_STEREO(r150, 0xc0045003, &(0x7f0000000080)) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x8, 0xc, 0x0, r150}) [ 1528.737649] 11678 total pagecache pages [ 1528.766811] 0 pages in swap cache [ 1528.774778] Swap cache stats: add 0, delete 0, find 0/0 [ 1528.783941] Free swap = 0kB [ 1528.787312] Total swap = 0kB [ 1528.793112] 1965979 pages RAM [ 1528.807634] 0 pages HighMem/MovableOnly [ 1528.827976] 341741 pages reserved [ 1528.847451] 0 pages cma reserved 22:57:46 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0xfffe}) 22:57:46 executing program 4: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) openat$ion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ion\x00', 0x40, 0x0) r3 = socket$isdn_base(0x22, 0x3, 0x0) writev(r3, &(0x7f0000000080)=[{&(0x7f0000000480)="a9", 0x1}, {&(0x7f0000000140)="fe0c89d8f55624023d4043cad433f6783a2ce11caa", 0x15}, {&(0x7f0000000200)="e7ccf053acb2aaba0217c005fb8ef7c592404a27299dc046bb3ae79f36562cb92e16d1ff720cbd350e85135f16293cce110d61cbcc50cc20c168dceceb8be00199b69fb1f1b03dedaf2aad4a20085dde85bd2708a4be4f25c5b8fbb3edd02e7fe33fc2e43d89f2e2b4191b97ac7c0735db27230b26dabb00a8c2862a51af8c8b80288e357f6b93d84c1cd19a11c8570c1e139e36906d19d2479c6fec52a262cfa17263ce", 0xa4}, {&(0x7f00000002c0)="fbbce828b05a0f260af040601d605e9f083fb0974e56b8facc50b87d757d33ee02302f4531cd89a4a9038f7c1296a51c090ae34178cffa5fe4fd35e37e1b0d30e6197181d81f9891abba569adda98b838403c5801199eca6d64e2efa135ddcc217f6810247b5324bfdc41f2b1f9d637a419b44f31c6352a8e0bfe3536998200a92f87ae92871e937db515355d56b6294ba3295044e0dc9633450efbf1523b276ca8d392be2eb5ba55198cd5abe206ae89686a17484c37e024d003674d6", 0xbd}, {&(0x7f0000000740)="267ee8d74a2bd43b186ed2d71aee33ebe0980eca42d878910abf0a469ba150506c2d8bdb33a4dab2d812fa214f929d9afc3b186c598f202e2c83aefa58eb61c5d31a39ec71e01fc5f98a4f334f3230c41f298c188feaed5c64045abe322ccebdbd7199a8ea8f92eda5baf6b0f4825dcf2b2ac6ef76723925f8331ba0030df62ad94221da747c73cc6691423d1c79e0acbac41462faea3431ab554d690d2931bbea8fbf7f07193b5f7cac66f749f43ba721d0adde1ef5bc095e11ad14210743651a93e4c074b18afde580e2e72749fab14813804a72486f9e1adb9aaec7b655bfa0440b8b5a7257f3a4781ac4f20b9beddef76e55d6a6c9008c1e88200770bb43948d4b5e9e74dcb2b96065880da1578d692f40d14926ab69fa65ac6ee16b1547a21721d513eb6d7111d40977c6be85db4c8eb2ac1200cf8b4a27e9638c61ecffb3e9aab79e173a868a8c15ecd9420f9ea9384d3470d9241279388424c50cf123388c28", 0x163}], 0x5) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:46 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000000000e000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) 22:57:46 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000140)={0x1, r2}) set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r3 = openat$ion(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ion\x00', 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r4 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0) ioctl$KVM_GET_PIT(r4, 0xc048ae65, &(0x7f0000000040)) ioctl$ION_IOC_ALLOC(r3, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) 22:57:46 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000000003e000000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1529.190814] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1529.234304] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1529.252838] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1529.260366] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1529.281200] CPU: 0 PID: 5134 Comm: syz-executor.5 Not tainted 4.19.100-syzkaller #0 [ 1529.289044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1529.297213] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1529.298403] Call Trace: [ 1529.298428] dump_stack+0x197/0x210 [ 1529.298450] warn_alloc.cold+0x7b/0x173 [ 1529.298472] ? zone_watermark_ok_safe+0x260/0x260 [ 1529.308382] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1529.310045] ? compaction_deferred+0x16a/0x3b0 [ 1529.310065] ? try_to_compact_pages+0x44/0xae0 [ 1529.310101] __alloc_pages_slowpath+0x2214/0x2870 [ 1529.310136] ? warn_alloc+0x110/0x110 [ 1529.310150] ? __lock_is_held+0xb6/0x140 [ 1529.310170] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1529.351811] ? should_fail+0x14d/0x85c [ 1529.355714] ? __isolate_free_page+0x4c0/0x4c0 [ 1529.360308] ? __might_sleep+0x95/0x190 [ 1529.364292] __alloc_pages_nodemask+0x617/0x750 [ 1529.368972] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1529.374005] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1529.379554] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1529.385278] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1529.390834] alloc_pages_current+0x107/0x210 [ 1529.395256] ion_page_pool_alloc+0x17f/0x270 [ 1529.399669] ion_system_heap_allocate+0x154/0xa90 [ 1529.404546] ? ion_system_heap_free+0x250/0x250 [ 1529.409214] ? ion_alloc+0x306/0x900 [ 1529.412926] ion_alloc+0x29b/0x900 [ 1529.416469] ? ion_dma_buf_release+0x50/0x50 [ 1529.420879] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1529.426409] ? _copy_from_user+0xdd/0x150 [ 1529.430554] ion_ioctl+0x17b/0x329 [ 1529.434087] ? ion_alloc.cold+0x28/0x28 [ 1529.438058] ? __might_sleep+0x95/0x190 [ 1529.442029] ? ion_alloc.cold+0x28/0x28 [ 1529.445996] do_vfs_ioctl+0xd5f/0x1380 [ 1529.449877] ? selinux_file_ioctl+0x46c/0x5d0 [ 1529.454365] ? selinux_file_ioctl+0x125/0x5d0 [ 1529.458870] ? ioctl_preallocate+0x210/0x210 [ 1529.463271] ? selinux_file_mprotect+0x620/0x620 [ 1529.468029] ? iterate_fd+0x360/0x360 [ 1529.471835] ? nsecs_to_jiffies+0x30/0x30 [ 1529.475980] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1529.481510] ? security_file_ioctl+0x8d/0xc0 [ 1529.485913] ksys_ioctl+0xab/0xd0 [ 1529.489361] __x64_sys_ioctl+0x73/0xb0 [ 1529.493244] do_syscall_64+0xfd/0x620 [ 1529.497044] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1529.502345] RIP: 0033:0x45b349 [ 1529.505556] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1529.524470] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1529.532176] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1529.539443] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000004 [ 1529.546723] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1529.553986] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1529.561249] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1529.576385] CPU: 1 PID: 5148 Comm: syz-executor.1 Not tainted 4.19.100-syzkaller #0 [ 1529.584221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1529.593609] Call Trace: [ 1529.596236] dump_stack+0x197/0x210 [ 1529.599896] warn_alloc.cold+0x7b/0x173 [ 1529.603895] ? zone_watermark_ok_safe+0x260/0x260 [ 1529.608791] ? compaction_deferred+0x16a/0x3b0 [ 1529.613407] ? try_to_compact_pages+0x44/0xae0 [ 1529.618465] __alloc_pages_slowpath+0x2214/0x2870 [ 1529.623337] ? warn_alloc+0x110/0x110 [ 1529.627169] ? __lock_is_held+0xb6/0x140 [ 1529.631264] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1529.636932] ? should_fail+0x14d/0x85c [ 1529.640855] ? __isolate_free_page+0x4c0/0x4c0 [ 1529.642196] warn_alloc_show_mem: 1 callbacks suppressed [ 1529.642200] Mem-Info: [ 1529.645477] ? __might_sleep+0x95/0x190 [ 1529.645502] __alloc_pages_nodemask+0x617/0x750 [ 1529.645522] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1529.645541] ? fs_reclaim_acquire+0x20/0x20 [ 1529.653179] active_anon:276773 inactive_anon:206 isolated_anon:0 [ 1529.653179] active_file:4237 inactive_file:7177 isolated_file:0 [ 1529.653179] unevictable:0 dirty:46 writeback:0 unstable:0 [ 1529.653179] slab_reclaimable:17090 slab_unreclaimable:128908 [ 1529.653179] mapped:58885 shmem:255 pagetables:26186 bounce:0 [ 1529.653179] free:865357 free_pcp:537 free_cma:0 [ 1529.653326] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1529.657703] Node 0 active_anon:1058644kB inactive_anon:824kB active_file:88kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:209008kB dirty:4kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1529.661983] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1529.662001] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1529.662021] alloc_pages_current+0x107/0x210 [ 1529.662044] ion_page_pool_alloc+0x17f/0x270 [ 1529.662061] ion_system_heap_allocate+0x154/0xa90 [ 1529.662083] ? ion_system_heap_free+0x250/0x250 [ 1529.662102] ? ion_alloc+0x306/0x900 [ 1529.670620] Node 0 DMA free:10436kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1529.671462] ion_alloc+0x29b/0x900 [ 1529.671506] ? ion_dma_buf_release+0x50/0x50 [ 1529.806071] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1529.811610] ? _copy_from_user+0xdd/0x150 [ 1529.815757] ion_ioctl+0x17b/0x329 [ 1529.819291] ? ion_alloc.cold+0x28/0x28 [ 1529.823263] ? __might_sleep+0x95/0x190 [ 1529.827228] ? ion_alloc.cold+0x28/0x28 [ 1529.831198] do_vfs_ioctl+0xd5f/0x1380 [ 1529.835081] ? selinux_file_ioctl+0x46c/0x5d0 [ 1529.839584] ? selinux_file_ioctl+0x125/0x5d0 [ 1529.844072] ? ioctl_preallocate+0x210/0x210 [ 1529.848474] ? selinux_file_mprotect+0x620/0x620 [ 1529.853226] ? iterate_fd+0x360/0x360 [ 1529.857021] ? nsecs_to_jiffies+0x30/0x30 [ 1529.861192] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1529.866722] ? security_file_ioctl+0x8d/0xc0 [ 1529.871129] ksys_ioctl+0xab/0xd0 [ 1529.874587] __x64_sys_ioctl+0x73/0xb0 [ 1529.878471] do_syscall_64+0xfd/0x620 [ 1529.882280] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1529.887460] RIP: 0033:0x45b349 [ 1529.890648] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1529.909541] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1529.917238] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1529.924510] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000007 [ 1529.931770] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1529.939028] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1529.946288] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1529.955123] CPU: 0 PID: 5150 Comm: syz-executor.3 Not tainted 4.19.100-syzkaller #0 [ 1529.962935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1529.972410] Call Trace: [ 1529.975032] dump_stack+0x197/0x210 [ 1529.978676] warn_alloc.cold+0x7b/0x173 [ 1529.982671] ? zone_watermark_ok_safe+0x260/0x260 [ 1529.987522] ? compaction_deferred+0x16a/0x3b0 [ 1529.992109] ? try_to_compact_pages+0x44/0xae0 [ 1529.996703] __alloc_pages_slowpath+0x2214/0x2870 [ 1530.001570] ? warn_alloc+0x110/0x110 [ 1530.005366] ? __lock_is_held+0xb6/0x140 [ 1530.009421] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1530.014949] ? should_fail+0x14d/0x85c [ 1530.018831] ? __isolate_free_page+0x4c0/0x4c0 [ 1530.023407] ? __might_sleep+0x95/0x190 [ 1530.027391] __alloc_pages_nodemask+0x617/0x750 [ 1530.032071] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1530.037085] ? fs_reclaim_acquire+0x20/0x20 [ 1530.041400] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1530.046929] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1530.052769] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1530.058313] alloc_pages_current+0x107/0x210 [ 1530.062746] ion_page_pool_alloc+0x17f/0x270 [ 1530.067157] ion_system_heap_allocate+0x154/0xa90 [ 1530.072027] ? ion_system_heap_free+0x250/0x250 [ 1530.076707] ? ion_alloc+0x306/0x900 [ 1530.080421] ion_alloc+0x29b/0x900 [ 1530.083971] ? ion_dma_buf_release+0x50/0x50 [ 1530.088386] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1530.093953] ? _copy_from_user+0xdd/0x150 [ 1530.098103] ion_ioctl+0x17b/0x329 [ 1530.101669] ? ion_alloc.cold+0x28/0x28 [ 1530.105645] ? __might_sleep+0x95/0x190 [ 1530.109619] ? ion_alloc.cold+0x28/0x28 [ 1530.113598] do_vfs_ioctl+0xd5f/0x1380 [ 1530.117486] ? selinux_file_ioctl+0x46c/0x5d0 [ 1530.121993] ? selinux_file_ioctl+0x125/0x5d0 [ 1530.126487] ? ioctl_preallocate+0x210/0x210 [ 1530.130907] ? selinux_file_mprotect+0x620/0x620 [ 1530.135668] ? iterate_fd+0x360/0x360 [ 1530.139483] ? nsecs_to_jiffies+0x30/0x30 [ 1530.143640] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1530.149197] ? security_file_ioctl+0x8d/0xc0 [ 1530.153631] ksys_ioctl+0xab/0xd0 [ 1530.157104] __x64_sys_ioctl+0x73/0xb0 [ 1530.160994] do_syscall_64+0xfd/0x620 [ 1530.164814] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1530.170024] RIP: 0033:0x45b349 [ 1530.173217] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1530.192121] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1530.199844] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1530.207138] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1530.214413] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1530.221685] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1530.228963] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c 22:57:47 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000000003e300000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1530.316465] lowmem_reserve[]: 0 2545 2546 2546 2546 22:57:47 executing program 1: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r1 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r1, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r1, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0x82, &(0x7f0000000140)=@assoc_value={r2}, 0x8) r3 = syz_open_dev$vcsu(&(0x7f0000000180)='/dev/vcsu#\x00', 0x37b, 0x880) ioctl$RTC_ALM_SET(r3, 0x40247007, &(0x7f0000000200)={0x7, 0x24, 0x12, 0x1e, 0x4, 0x3, 0x1, 0x0, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) r8 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r8, &(0x7f0000000300)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmsg(r8, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(r8, &(0x7f0000000400)=[{&(0x7f0000000480)="a9772d9bea4824cc3854a62ffb84c4fb114d80fe462fd727b6f682cf0f9ccfe45f46ed18fc8af0505df86b4230370bfac91f7266fae5859a3608357c69f51cfa473ef19a9dc2aeb43f9ed68acc034cf841229fbbe3f57130fe2ad707c56a92dbe64e59aa78e24db8e9b50597ab0024ca2564fbdb50e7b8cfa5c7028d556977ad6a90adf768a5ac0505ab07f8256368c6e71dd4b5a1c2e3c9946b610ab2b324099beb706b6a510c134ad18c928be3af6cf20e5016c9a050e35e30716e4913c882272bbfc8f0e1ee9c31484af6953e7d967640eff8accacee6daf3f98051a3ee281555a41340273dcb0bd8cc8cd549676f3ec23cbca42d4b76a178376eefb3da036d60cb88b5cb9c0ae0135be1d4f598c564fbe97ad4b691f59ba4063b898482d9cde4497009884d75b1965874e9c4d5a7cf8a640433c02acd340a98eff73e5948611184c7c60da3b233367d58aaf4e407e2e2c506b871fd822ec231389734d23a2aa5dc197831d8fee19361e5b99d0b51e5b1f0cadf296b91aa9477fa72879b4a3a3040777cf778cee1de32619701d71cb5316c7234a910b497b5f1b2cd2a0d39e92b6b92e091b470da2cec0e1b1fd3ce1a15d559b3733b97b2ddb1dd2aa73c9e03f189b8dd48c9093daddcd2c3fd0e1a9d16046d85c8934d2f9094aa5fa7b8ff061cb753dea2637ac2a8d523c9791ae454ea2e8cb10ce4a3ad8937ed583cd653bdb05b965e658f9c5f06a43bb1e61cfa4cb9be2cb4ef264d10f37e5292576bfdc97b2e1f8b692f0b64f76287e67805df914273677a9c39bd1e4f73d3c1afd99ad18a210caee42ab5c87969f6f99d7423dbb72d436ef3a3dead8eda03274d2e8e7f107eb04fdc3e36d6d4022dbc5c2fe388aaa3234950588ef56362708189826b98d3c9ed4dabcb33582a7e55327e82686aac973a5d0292afd7175a9c57b4fc1e5ba7cb0a34e35e50526d40bdb51a224e5b89e74e8752c1b39ab250b178adfab91c73c04d3c012b244cb7745dde4f716203ffcddaa096186ed0403b323c3aaa79aa4a0e6d1231ce99f83788ba0dc86da01cdad25816c26bf8e523b287d7ee83b5d0c55599ddbd202f743a1bc3d107a9c9610dc62537af48eecdd174ee4e796943250b81af0da28c57955aea149010ede13eb973dbe959500afe5e77b32ad5a11a353555b48eb7684596eadc481c291f185d0d47c639fa5bcb2dffe859a9d4a0e184a640e30f0afe83f2096faef9c0129289688a5267e0d2dadadd0f8cb13f35827f0337d2edf6220a244dd8c135563051f6fcd7fdad7879ff3ef01975938bc6e47aee745d4701cfc5e5546f05903bbcde0120ad847c32658c1384a6d8f188544df337a25f806051a346fb980a4e84fee06b0d367bc81161e96072b2e7e47999ac93437749d11864fa4c03a2d333135660aa17bd421623e6654eeae956e51a0157cb876db3e9cb324641d132cda7aabd9dcaa51f090c1955d20c2618466a0ea5acbaeac5a46e00b8869ca9a337eb5d9406592a790678a1f0bbe729054abb4810f4fdf50c517d4dd312b2d382412d45b9f60464c107c0735b16ceced73484f37cdcc8b9a4a62bc997bbd1d23b993fc5cfed9a43d2f4d335570e76715b020664bedb0db88816bc97ec37d13d64f604b71fc73f3c38954ae554e45997209afb0ff102dc170986e2d72e4178a7e6131308afa29ba732e251ebdf6254c0589752bfca3bef7fd0fc60ba683c6016b16234216bdcf8975bebafd8ee4606a96c1993d1f096b435fa84279344b914dec8e56566e103592a7ed44c63c8b5c18e01fa873032b1087622f225747339d38fa89e7008695ce0b3d6f505ab7ecdf99182ab7aa264d9108af35b0a373da18a8183f696dc70a8ac88c5663a866e89c7d7dbdf7296d63e5167978b38463ae9f36fe4121229e92cced04e", 0xffe4}], 0x1) ioctl$VIDIOC_QUERYBUF(r5, 0xc0585609, &(0x7f0000000e00)={0x6c, 0xb, 0x4, 0x2000000, 0x0, {r6, r7/1000+30000}, {0x5, 0x1, 0x2, 0x0, 0x1f, 0x1f, "164c9b9c"}, 0x6ca, 0x3, @userptr=0x5000000, 0x81, 0x0, r8}) r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000e80)='batadv\x00') r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140)='devlink\x00') sendmsg$DEVLINK_CMD_GET(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000f40)={0x30, r11, 0xc91add0bf88807dd, 0x0, 0x0, {0x17}, [@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004050}, 0x0) sendmsg$BATADV_CMD_GET_HARDIF(r10, &(0x7f0000000f80)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x34, r9, 0x0, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x40}, @BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x20004000) setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f00000006c0)={r2, 0x8000, 0x93, "d0fdd90c275da4e7bd73f6aa850c58fb1cbce8ff015147013adad7dba2acc6b1fe0c2424851acee5fcd23bce359e62e8f7b5f5bc04654645054fa46911ab56a8052f1fbb806a6dab91311b5dcc7f6bf2829fe37f715d56717fddbd8a767c84c942f3fd186d454be45f44a998c3f17acda61330b0f29146553c8c3252e71cf4bfb1e5d8e040d7dd5d33d290bf9ab9ac008a0ff3"}, 0x9b) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000040)={r2, 0x2}, &(0x7f0000000080)=0x8) r12 = inotify_init1(0x0) fcntl$setown(r12, 0x8, 0xffffffffffffffff) fcntl$getownex(r12, 0x10, &(0x7f0000000100)={0x0, 0x0}) process_vm_readv(r13, &(0x7f0000000380), 0x0, &(0x7f0000002540)=[{&(0x7f00000003c0)=""/63, 0x3f}], 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r15 = dup(r14) ioctl$PERF_EVENT_IOC_ENABLE(r15, 0x8912, 0x400200) ioctl$KDFONTOP_SET(r15, 0x4b72, &(0x7f0000000280)={0x0, 0x0, 0xe, 0xe, 0x118, &(0x7f0000000a00)="8a4f79acec961863586bf6a34b8d33fecc0d3d9c908a8792750258b123cac303cfbe13c32892083717af2a1d011f1d075ead96c9d06a975a1d647ab3416a03381cea5e105170d3b9505a99c8ed31902d9c17f21b858a806106f7bc882bcb204da37e56c209e7ffbb145087768e3ef83c8784f2476acc4d476312ca7caa207a7a24e80b0cc997ec22b98091cb7a1dea539961831fe5b060d56cdd2af6970f5534501d528cf46e1a1986068367a3cd79a5b05d2f206d0f6ff96e30e08273aed6471abf29fcdb951054963c9df37d443249c05121b910e4958220a316664dfd206a0dd22a33234f7f4b58a97162187473cefa1a724f3a1f0885f02c500d826104de4c84c60dcd1533f5c99950a749ca86597d664fda252bca0482daec68acc0e1534272a2a71047dfb1eda93c2224b37c4f4c16efcc04146e95e6ac898bba075e6e7599f99df2dedea055b5e8194b0c6b073de4261c1c7c2f25ffa63663672ad00566998ac6bf2c8aee2393761b14ef9476312335afc9fb8f78fbae63f50d6ee5bf87c2f91a3d0d511f83e818ce41a046b630dd248c6a98c704a8dbf191b70b78ecea69c898810369498f35b23052d40c9b8865c130d43bd5ae63ddfa807b9b9f2bc34abde0bb50f7485f6d5f22fec6dcb0e31370e1ce459be93ee0db8c30e029f8ae4315ac4f74257500ac85f683c864fbc0c852024466738ae6bffd1e29eb01c441d16219fb5c1c88fb102d273ce957059584202c3316be0d4291e84151d2098f9c821f6042184d95d88a812cda2ed2c004bfb23208d733198602dbe97d9666b0c55eaee5dd2729043607efe84ec8471831444f8df07a747de5388b1e36a99ff656b79012b235e08790f64981f19a289d13a3361a5046bf00f17b449ae6d7f3643545e65e42d232a62825cc64152b76446c1e8bc985d4686f83fe9b593944d962a08eed76fd3e51175e42a3dec348391403dc854d2201646f404cbddefb7322b01ade27cb17d4f6e9ffeb5488be74d727afb59128ad08975a5b29ea094378410199ee1f3a78bb68556acfac56aa1b34c2593163fa5daf4991522ba21c06d9fcb418135546705e80f9906927a1eba391b12271f1cf296a558bb9db93a1d5133172c4be81fbc2446b5449e0856586841cc9e0be3b3045d79b6d38eef0cf2afb99df932ff3d68187238cc2f765f45ef16461ca38aee805e5ad1a308614714952a7939cf8511ca223703d1635dfd5e8bd031d5ca691b53e7d3963627c5ef542d2ed6b10b54b476230f7aca92d9e694e62273f7b2511eb73b0681853b1b0866b739aebdd66bc7da76375bd256b18e765a44c1646c6ab0af22d6351bd94a60b09934e9fae8da2447aacf08803b767d2ce8fea53d3508df1c6a74cf19762e062f7a4335fe9a8d0ce36ff281b4273f72ba9892e71debe7b8ad23fbf10305b61636122071e"}) syz_open_procfs(r13, &(0x7f0000000240)='net/tcp6\x00') 22:57:47 executing program 4: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x4301, 0x0) ioctl$USBDEVFS_GET_SPEED(r3, 0x551f) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$inet6(0xa, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0xc100) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000480)="a9", 0x1}], 0x1) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) r4 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) dup3(r4, 0xffffffffffffffff, 0x80000) [ 1530.345251] Node 0 DMA32 free:107472kB min:36168kB low:45208kB high:54248kB active_anon:1056184kB inactive_anon:816kB active_file:88kB inactive_file:52kB unevictable:0kB writepending:60kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28064kB pagetables:70720kB bounce:0kB free_pcp:1292kB local_pcp:760kB free_cma:0kB [ 1530.439178] lowmem_reserve[]: 0 0 1 1 1 22:57:47 executing program 3: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x3c) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0xb4fd4000) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff, 0x40000}) [ 1530.468528] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1530.495038] syz-executor.1: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1530.529459] kasan: CONFIG_KASAN_INLINE enabled [ 1530.538017] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 1530.546742] syz-executor.1 cpuset=syz1 mems_allowed=0-1 [ 1530.566860] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 1530.573141] CPU: 0 PID: 5278 Comm: udevd Not tainted 4.19.100-syzkaller #0 [ 1530.580270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1530.589741] RIP: 0010:path_openat+0x293/0x4500 [ 1530.594335] Code: 80 3c 02 00 0f 85 fa 34 00 00 48 8b 85 28 ff ff ff 48 8b 58 58 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 04 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 b7 [ 1530.595896] lowmem_reserve[]: 0 0 0 0 0 [ 1530.613248] RSP: 0018:ffff88804da37790 EFLAGS: 00010247 [ 1530.613260] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff81b0246e [ 1530.613266] RDX: 0000000000000000 RSI: ffffffff81b0247c RDI: 0000000000000004 [ 1530.613273] RBP: ffff88804da37910 R08: ffff8880489b0480 R09: 0000000000000002 [ 1530.613280] R10: ffffed1015d04732 R11: ffff8880ae823993 R12: 0000000000000000 [ 1530.613287] R13: ffff88804da37b38 R14: ffff88804da37b38 R15: ffff88804da37950 [ 1530.613297] FS: 00007efc9503f7a0(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 1530.613303] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1530.613310] CR2: 0000001b33522000 CR3: 000000007bda3000 CR4: 00000000001426f0 [ 1530.613326] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1530.622350] Node 0 DMA: 27*4kB (UME) 7*8kB (ME) 6*16kB (UME) 14*32kB (UM) 8*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10436kB [ 1530.622690] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1530.622695] Call Trace: [ 1530.622718] ? kernel_text_address+0x73/0xf0 [ 1530.630123] Node 0 DMA32: 3023*4kB (UMEH) 3207*8kB (UEH) 2167*16kB (UEH) 1181*32kB (UEH) 3*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 111172kB [ 1530.637277] ? __kernel_text_address+0xd/0x40 [ 1530.637294] ? __save_stack_trace+0x99/0x100 [ 1530.637316] ? path_lookupat.isra.0+0x8d0/0x8d0 [ 1530.644988] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1530.652143] ? save_stack+0xa9/0xd0 [ 1530.652156] ? save_stack+0x45/0xd0 [ 1530.652166] ? kasan_kmalloc+0xce/0xf0 [ 1530.652178] ? kasan_slab_alloc+0xf/0x20 [ 1530.652188] ? kmem_cache_alloc+0x12e/0x700 [ 1530.652207] ? getname_kernel+0x53/0x370 [ 1530.659780] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1530.667984] do_filp_open+0x1a1/0x280 [ 1530.668000] ? mark_held_locks+0x100/0x100 [ 1530.668018] ? may_open_dev+0x100/0x100 [ 1530.675010] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1530.682151] ? find_held_lock+0x35/0x130 [ 1530.682166] ? cache_grow_end+0xa4/0x190 [ 1530.682184] ? __lock_is_held+0xb6/0x140 [ 1530.682203] do_open_execat+0x140/0x660 [ 1530.689596] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1530.705185] ? unregister_binfmt+0x170/0x170 [ 1530.705197] ? kmem_cache_alloc+0x32a/0x700 [ 1530.705211] ? memcpy+0x46/0x50 [ 1530.705225] open_exec+0x47/0x80 [ 1530.705239] load_elf_binary+0x879/0x53a0 [ 1530.705259] ? lock_downgrade+0x880/0x880 [ 1530.712701] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1530.715233] ? search_binary_handler+0x130/0x570 [ 1530.715249] ? find_held_lock+0x35/0x130 [ 1530.715270] ? notesize.isra.0+0x80/0x80 [ 1530.882473] ? lock_downgrade+0x880/0x880 [ 1530.886620] ? kasan_check_write+0x14/0x20 [ 1530.890848] search_binary_handler+0x179/0x570 [ 1530.895443] __do_execve_file.isra.0+0x1227/0x2150 [ 1530.900379] ? prepare_bprm_creds+0x120/0x120 [ 1530.904902] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1530.910439] ? getname_flags+0x277/0x5b0 [ 1530.914509] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1530.919885] __x64_sys_execve+0x8f/0xc0 [ 1530.923855] do_syscall_64+0xfd/0x620 [ 1530.927650] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1530.932843] RIP: 0033:0x7efc94723207 [ 1530.936639] Code: 77 19 f4 48 89 d7 44 89 c0 0f 05 48 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 f7 d8 64 41 89 01 eb df b8 3b 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 02 f3 c3 48 8b 15 00 8c 2d 00 f7 d8 64 89 02 [ 1530.955554] RSP: 002b:00007ffe8db34068 EFLAGS: 00000202 ORIG_RAX: 000000000000003b [ 1530.963360] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00007efc94723207 [ 1530.970632] RDX: 0000000001138bf0 RSI: 00007ffe8db34160 RDI: 00007ffe8db35170 [ 1530.977901] RBP: 0000000000625500 R08: 0000000000003009 R09: 0000000000003009 [ 1530.985204] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000001138bf0 [ 1530.992465] R13: 0000000000000007 R14: 0000000000fa7030 R15: 0000000000000005 [ 1530.999738] Modules linked in: [ 1531.003487] 11710 total pagecache pages [ 1531.007605] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1531.011551] CPU: 0 PID: 5277 Comm: syz-executor.1 Tainted: G D 4.19.100-syzkaller #0 [ 1531.020164] 0 pages in swap cache [ 1531.028174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1531.028180] Call Trace: [ 1531.028202] dump_stack+0x197/0x210 [ 1531.028224] warn_alloc.cold+0x7b/0x173 [ 1531.031817] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 1531.041031] ? zone_watermark_ok_safe+0x260/0x260 [ 1531.041047] ? compaction_deferred+0x16a/0x3b0 [ 1531.041062] ? try_to_compact_pages+0x44/0xae0 [ 1531.041082] __alloc_pages_slowpath+0x2214/0x2870 [ 1531.041104] ? warn_alloc+0x110/0x110 [ 1531.047046] Swap cache stats: add 0, delete 0, find 0/0 [ 1531.047335] ? __lock_is_held+0xb6/0x140 [ 1531.055739] Free swap = 0kB [ 1531.056665] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1531.068212] Total swap = 0kB [ 1531.071168] ? should_fail+0x14d/0x85c [ 1531.071186] ? __isolate_free_page+0x4c0/0x4c0 [ 1531.071205] ? __might_sleep+0x95/0x190 [ 1531.079398] 1965979 pages RAM [ 1531.079961] __alloc_pages_nodemask+0x617/0x750 [ 1531.079979] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1531.079998] ? fs_reclaim_acquire+0x20/0x20 [ 1531.093253] 0 pages HighMem/MovableOnly [ 1531.098108] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1531.098124] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1531.098141] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1531.110037] 341741 pages reserved [ 1531.113581] alloc_pages_current+0x107/0x210 [ 1531.113602] ion_page_pool_alloc+0x17f/0x270 [ 1531.120048] 0 pages cma reserved [ 1531.121413] ion_system_heap_allocate+0x154/0xa90 [ 1531.121433] ? ion_system_heap_free+0x250/0x250 [ 1531.177751] ? ion_alloc+0x306/0x900 22:57:48 executing program 5: set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x141000, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xfffffffffffffff7}) 22:57:48 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000000003e800000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1531.181466] ion_alloc+0x29b/0x900 [ 1531.185025] ? ion_dma_buf_release+0x50/0x50 [ 1531.189472] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1531.195056] ? _copy_from_user+0xdd/0x150 [ 1531.199247] ion_ioctl+0x17b/0x329 [ 1531.202804] ? ion_alloc.cold+0x28/0x28 [ 1531.206788] ? __might_sleep+0x95/0x190 [ 1531.210787] ? ion_alloc.cold+0x28/0x28 [ 1531.214763] do_vfs_ioctl+0xd5f/0x1380 [ 1531.218659] ? selinux_file_ioctl+0x46c/0x5d0 [ 1531.223256] ? selinux_file_ioctl+0x125/0x5d0 [ 1531.223270] ? ioctl_preallocate+0x210/0x210 [ 1531.223282] ? selinux_file_mprotect+0x620/0x620 22:57:48 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000040)={&(0x7f0000ffc000/0x4000)=nil, 0x4000}) set_mempolicy(0x2, &(0x7f00000000c0)=0x1, 0x2) r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x10010005, 0xffffffffffffffff}) 22:57:48 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="7261770000000000000001ec00000000000000000000000000000000000000000200000003000000300200000000000000000000a000000000000000000000009801000098010000980100009801000098010000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000007000a00000000000000000000000000000000000000000003000534554000000000000000000000000000000000000000000000000000002ffff0000ffff0000000000000000000000000000ac1414bb000000000000000073797a6b616c6c65723100000000000063616966300001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000004feffffff"], 0x1) [ 1531.223296] ? iterate_fd+0x360/0x360 [ 1531.223309] ? nsecs_to_jiffies+0x30/0x30 [ 1531.223324] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1531.223337] ? security_file_ioctl+0x8d/0xc0 [ 1531.223348] ksys_ioctl+0xab/0xd0 [ 1531.223360] __x64_sys_ioctl+0x73/0xb0 [ 1531.223373] do_syscall_64+0xfd/0x620 [ 1531.223388] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1531.223397] RIP: 0033:0x45b349 [ 1531.223408] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1531.223414] RSP: 002b:00007f17cfa73c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1531.223425] RAX: ffffffffffffffda RBX: 00007f17cfa746d4 RCX: 000000000045b349 [ 1531.223432] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1531.223439] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1531.223445] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1531.223451] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1531.223474] CPU: 1 PID: 5285 Comm: syz-executor.3 Tainted: G D 4.19.100-syzkaller #0 [ 1531.223482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1531.223486] Call Trace: [ 1531.223507] dump_stack+0x197/0x210 [ 1531.223524] warn_alloc.cold+0x7b/0x173 [ 1531.223537] ? zone_watermark_ok_safe+0x260/0x260 [ 1531.223550] ? compaction_deferred+0x16a/0x3b0 [ 1531.223564] ? try_to_compact_pages+0x44/0xae0 [ 1531.223585] __alloc_pages_slowpath+0x2214/0x2870 [ 1531.223606] ? __save_stack_trace+0x99/0x100 [ 1531.223621] ? warn_alloc+0x110/0x110 [ 1531.223635] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1531.223650] ? should_fail+0x14d/0x85c [ 1531.223667] ? __isolate_free_page+0x4c0/0x4c0 [ 1531.223684] ? __might_sleep+0x95/0x190 [ 1531.223701] __alloc_pages_nodemask+0x617/0x750 [ 1531.223718] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1531.223733] ? mark_held_locks+0x100/0x100 [ 1531.223745] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1531.223763] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1531.223777] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1531.223795] alloc_pages_current+0x107/0x210 [ 1531.223815] ion_page_pool_alloc+0x17f/0x270 [ 1531.223833] ion_system_heap_allocate+0x154/0xa90 [ 1531.223854] ? ion_system_heap_free+0x250/0x250 [ 1531.223870] ? ion_alloc+0x306/0x900 [ 1531.223888] ion_alloc+0x29b/0x900 [ 1531.223906] ? ion_dma_buf_release+0x50/0x50 [ 1531.223925] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1531.223945] ? _copy_from_user+0xdd/0x150 [ 1531.223962] ion_ioctl+0x17b/0x329 [ 1531.223978] ? ion_alloc.cold+0x28/0x28 [ 1531.223995] ? __might_sleep+0x95/0x190 [ 1531.224112] ? ion_alloc.cold+0x28/0x28 [ 1531.224129] do_vfs_ioctl+0xd5f/0x1380 [ 1531.224147] ? selinux_file_ioctl+0x46c/0x5d0 [ 1531.224164] ? selinux_file_ioctl+0x125/0x5d0 [ 1531.224177] ? ioctl_preallocate+0x210/0x210 [ 1531.224192] ? selinux_file_mprotect+0x620/0x620 [ 1531.224210] ? iterate_fd+0x360/0x360 [ 1531.224228] ? nsecs_to_jiffies+0x30/0x30 [ 1531.224247] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1531.224263] ? security_file_ioctl+0x8d/0xc0 [ 1531.224279] ksys_ioctl+0xab/0xd0 [ 1531.224295] __x64_sys_ioctl+0x73/0xb0 [ 1531.224312] do_syscall_64+0xfd/0x620 [ 1531.224330] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1531.224341] RIP: 0033:0x45b349 [ 1531.224356] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1531.224365] RSP: 002b:00007f9fa7530c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1531.224379] RAX: ffffffffffffffda RBX: 00007f9fa75316d4 RCX: 000000000045b349 [ 1531.224387] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1531.224396] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1531.224404] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1531.224413] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1531.251664] warn_alloc_show_mem: 2 callbacks suppressed [ 1531.251668] Mem-Info: [ 1531.251704] active_anon:276802 inactive_anon:201 isolated_anon:0 [ 1531.251704] active_file:4235 inactive_file:7223 isolated_file:0 [ 1531.251704] unevictable:0 dirty:27 writeback:0 unstable:0 [ 1531.251704] slab_reclaimable:17106 slab_unreclaimable:128775 [ 1531.251704] mapped:58874 shmem:255 pagetables:26231 bounce:0 [ 1531.251704] free:846076 free_pcp:204 free_cma:0 [ 1531.251733] Node 0 active_anon:1058748kB inactive_anon:804kB active_file:80kB inactive_file:216kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:209108kB dirty:0kB writeback:0kB shmem:1020kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 339968kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1531.251737] Node 0 DMA free:10436kB min:220kB low:272kB high:324kB active_anon:2448kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1531.251771] lowmem_reserve[]: 0 2545 2546 2546 2546 [ 1531.251790] Node 0 DMA32 free:112148kB min:36168kB low:45208kB high:54248kB active_anon:1056300kB inactive_anon:804kB active_file:80kB inactive_file:204kB unevictable:0kB writepending:100kB present:3129332kB managed:2609736kB mlocked:0kB kernel_stack:28288kB pagetables:70900kB bounce:0kB free_pcp:816kB local_pcp:364kB free_cma:0kB [ 1531.251826] lowmem_reserve[]: 0 0 1 1 1 [ 1531.251843] Node 0 Normal free:0kB min:12kB low:12kB high:12kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:1140kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1531.251875] lowmem_reserve[]: 0 0 0 0 0 [ 1531.251892] Node 0 DMA: 27*4kB (UME) 7*8kB (ME) 6*16kB (UME) 14*32kB (UM) 8*64kB (UME) 4*128kB (UME) 2*256kB (ME) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (ME) 0*4096kB = 10436kB [ 1531.251960] Node 0 DMA32: 3135*4kB (UEH) 3204*8kB (UEH) 2196*16kB (UEH) 1176*32kB (UEH) 6*64kB (UH) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 112092kB [ 1531.252026] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1531.252083] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1531.252093] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1531.252103] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1531.252113] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1531.252117] 11699 total pagecache pages [ 1531.252124] 0 pages in swap cache [ 1531.252132] Swap cache stats: add 0, delete 0, find 0/0 [ 1531.252136] Free swap = 0kB [ 1531.252140] Total swap = 0kB [ 1531.252146] 1965979 pages RAM [ 1531.252150] 0 pages HighMem/MovableOnly [ 1531.252154] 341741 pages reserved [ 1531.252158] 0 pages cma reserved [ 1531.265057] xt_check_match: 9 callbacks suppressed [ 1531.265071] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1531.266824] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 1531.305965] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=0 [ 1531.305973] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 1531.306010] CPU: 0 PID: 5294 Comm: syz-executor.5 Tainted: G D 4.19.100-syzkaller #0 [ 1531.306019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1531.306023] Call Trace: [ 1531.306044] dump_stack+0x197/0x210 [ 1531.306065] warn_alloc.cold+0x7b/0x173 [ 1531.306084] ? zone_watermark_ok_safe+0x260/0x260 [ 1531.306099] ? compaction_deferred+0x16a/0x3b0 [ 1531.306115] ? try_to_compact_pages+0x44/0xae0 [ 1531.306139] __alloc_pages_slowpath+0x2214/0x2870 [ 1531.306163] ? warn_alloc+0x110/0x110 [ 1531.306179] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1531.306194] ? should_fail+0x14d/0x85c [ 1531.306211] ? __isolate_free_page+0x4c0/0x4c0 [ 1531.306231] ? __might_sleep+0x95/0x190 [ 1531.306250] __alloc_pages_nodemask+0x617/0x750 [ 1531.306269] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1531.306287] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1531.306317] ? cpuset_nodemask_valid_mems_allowed+0x63/0x90 [ 1531.306332] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1531.306351] alloc_pages_current+0x107/0x210 [ 1531.306368] ion_page_pool_alloc+0x17f/0x270 [ 1531.306385] ion_system_heap_allocate+0x154/0xa90 [ 1531.306404] ? ion_system_heap_free+0x250/0x250 [ 1531.306419] ? ion_alloc+0x306/0x900 [ 1531.306436] ion_alloc+0x29b/0x900 [ 1531.306455] ? ion_dma_buf_release+0x50/0x50 [ 1531.306472] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1531.306485] ? _copy_from_user+0xdd/0x150 [ 1531.306500] ion_ioctl+0x17b/0x329 [ 1531.306516] ? ion_alloc.cold+0x28/0x28 [ 1531.306533] ? __might_sleep+0x95/0x190 [ 1531.306548] ? ion_alloc.cold+0x28/0x28 [ 1531.306562] do_vfs_ioctl+0xd5f/0x1380 [ 1531.306577] ? selinux_file_ioctl+0x46c/0x5d0 [ 1531.306591] ? selinux_file_ioctl+0x125/0x5d0 [ 1531.306606] ? ioctl_preallocate+0x210/0x210 [ 1531.306621] ? selinux_file_mprotect+0x620/0x620 [ 1531.306636] ? iterate_fd+0x360/0x360 [ 1531.306650] ? nsecs_to_jiffies+0x30/0x30 [ 1531.306666] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1531.306680] ? security_file_ioctl+0x8d/0xc0 [ 1531.306693] ksys_ioctl+0xab/0xd0 [ 1531.306706] __x64_sys_ioctl+0x73/0xb0 [ 1531.306722] do_syscall_64+0xfd/0x620 [ 1531.306739] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1531.306750] RIP: 0033:0x45b349 [ 1531.306763] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1531.306771] RSP: 002b:00007f6e444f7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1531.306785] RAX: ffffffffffffffda RBX: 00007f6e444f86d4 RCX: 000000000045b349 [ 1531.306793] RDX: 00000000200001c0 RSI: 00000000c0184900 RDI: 0000000000000003 [ 1531.306803] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 1531.306810] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1531.306818] R13: 0000000000000360 R14: 00000000004c4806 R15: 000000000075bf2c [ 1531.481222] ---[ end trace 8361ea4a96a97958 ]--- [ 1531.481244] RIP: 0010:path_openat+0x293/0x4500 [ 1531.481256] Code: 80 3c 02 00 0f 85 fa 34 00 00 48 8b 85 28 ff ff ff 48 8b 58 58 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 04 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 b7 [ 1531.481262] RSP: 0018:ffff88804da37790 EFLAGS: 00010247 [ 1531.481272] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff81b0246e [ 1531.481279] RDX: 0000000000000000 RSI: ffffffff81b0247c RDI: 0000000000000004 [ 1531.481285] RBP: ffff88804da37910 R08: ffff8880489b0480 R09: 0000000000000002 [ 1531.481292] R10: ffffed1015d04732 R11: ffff8880ae823993 R12: 0000000000000000 [ 1531.481299] R13: ffff88804da37b38 R14: ffff88804da37b38 R15: ffff88804da37950 [ 1531.481309] FS: 00007efc9503f7a0(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 1531.481316] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1531.481323] CR2: 00007fff151cdcf0 CR3: 000000007bda3000 CR4: 00000000001426f0 [ 1531.481333] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1531.481340] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1531.481346] Kernel panic - not syncing: Fatal exception [ 1531.482983] Kernel Offset: disabled [ 1532.554405] Rebooting in 86400 seconds..