8b5fb4427a7db4c1022c1fdbc1ae87c72b2d984dd3ccd5e663419d86b328ff6451dfa9c7d104321f63195d36df3c0a1bd86f1adf531aacd3c3f919cfc30cc02d91b1e72d9f5f3a962afdf7f09d5c5c837275628e75cddcd234b8fb59bac9d22b4a16de274a7c434ecd36a62f2f9887eecfa130a6c2b8a15b3f676cca21bf3a2ac340f0e89c30a8f2fcf3f576900d36e50be01f2bc2fe7e15c273d998d70d28773a6a7160bd54bf75b752ec60b85f0688fa8da7b0118e321fca1c485c1ac3cb08e846f00da73fd26108ac2fc6bed4ca987d8416261de9d7ecf0d4b235a6d22abb6c52ea3f2950c69024653d3147692b2f5d9f83ae82332a000028edfb1d497e18d29407ecb69c3b7f9be0bfb91aeeb23606de16b5f81a42da290474c90247ef8dbc53562f9457b5a7ba6996e48e666f113f9bc549006d7cde0f24dec52a18162a903a8fe7c529ecd594b7912f5c52184d25198b19e637e48cc77573aeb5f19f1cef2b86878f71a0340a053476317d870eebbca8577158c44c5983a51206976c036314b450a8e631940e5a6441e1487fbcc538b038f55e6916a0167eadda09b6f9a68a194a72ca5235f72d8cccc90debf7883d5f42041866832d63c4aa131ad504713b7b03a063b86bb078bb3c916e3107afa5a626b48fe51905dfcfd666c43a0a26dac72151ae9dc0eb24e68e9228728718389526f86fba1aa7531cb7a4e2e5807720c2a7fd2ef94ad", "fcf6410a407ecd80c099feec5e81e6fdb17e6373965e382c63a4e37f3987ae7ad431e0a1592fbe19ec2faa3d3434c3bd3f8a455bdf3841701ff788d164258b82d168aa8a630426e7bce1a7143b1142d669e536493ace96bf597aaf8f6a8e751354d4db8ca4a87796a5465580375a78bf7af30d1e8ee8584896ba3782765a6ba744e10a344627df4076b45c9f59d281a374eb166116eac664f882fe4840498170bfa369d397f19188f085f9c86fef2873786ab39261e666499be575733b9c392f4329b09a4a5a1e23dcc41cef7d32d32ecfbcb98f458a09e32576d72e21cfb465fe3ada935fa35f69a1fdfc46034c4cdcd9bbaafbcf199a9528bb7d5717d93b3d506ab7bd00e2ed0d4262f4ec357158bed338a7d08eaf7ea8f3bec00f77207d51eafd27ea4cd8c0990b0022b28c84aa09e8f7dc976788d2b1aff899ac848808d834d13d3b34d8732994519889d4f2053d56694a37b4a382f1507f99a1d3470dd485540996b71c3af540fea7521fb2da0537d3cdb651da0b71db20a0d127d1c8c0a6e1e421184a3de94f6d881775c347be49c643b437ef255b931581b6ebd2e576699570e9b3af9c64c777cbcbc097836cd0d99438c54f5909800a883a68c2378c8b51dba24e2b6bde5e272a3b0b75ed5998baeae6cb95a028b13fde5dd42476f24356b885e2d08d98390b07412f88b9920699aa75fc0037079546205cb9dc18196db77b227fa40dbbd6af24b02d5323dd6ffebafed1b79328137ee9aff3c12522d5b74921cbe911eaf0f210506d731ee4bd2d9dc957f94ad6b4f5dd3165dbec942c701f4e1af0db4237ab9a4422b6538326622a44ad4002f2fc83e6465cd21a013398748ab58123438b4f6bf722b945bf52e8c89ff5ef489e99247de0d9ce2daf36187527e60ff3f7a0865ed505eb8e084aeb3cc45959bb5de0d73fec3d00451827f351a6b85ed6e23d3a29bdc72ea94e5b9fdfaab8496ff6df7706355a35aad841ab6639e03ce5fe50d58bbf94e182b180996f698ba774029895aaa096761d323aa2ef310eaad617dc0edf372f55c7ebdd5ab8cf70a935851b3754488bb0f979356f6c41668d89278c8f0f8f4be1509083204adc08e6eea9a04c225f4c668267071f980559efdb6fec306d66e1c7f0f4df8f468eabd4cd3761c820311f22d91d1f98c1fc6db762ecd3b13be17db2b7c64fd66bef67b48503feb502b11d5df3a4edde1f2a279b4d4555f06f1cb7b590ee3ada68033a332a17014b5fe218a00a2fbc7ad31578b589539ebcd60a6584d715a613afdcafb9c1a3ef3a33e25e0ec3c2da8726719ccd834faf796114df423e9c82712a054a3b4f2761d6dbfd05d5022ea3643696c6f23eb0f487c926e7353ae2ac0e62b713ebaec11ff1a7b3915da1289365ba88b3c890c37020ad1f64dd3566f97e5727203406692c5ec4cb0914cc31814d446b7e0d0dfcfce70314df0f1dca53caa73291bf97093215c97852826edbe15ec2980874c44cd0ca872dd53ac01a22f106639af9178caecb8e428a57b9334b9814295f386d0643680a50bad8b4dfb7c90dbefda4bff733f40df5bd96cb247dcbf8eb94756f5cb222652f04413b62a2a8dcf1e2bac361c33fa062ddddd766a583fc33ec4b1d1a0a119bcc563785c85d5a442b0ec38b3d487cee3be552180385c662cacd8bfbf84e897e5598b291ea2404ccd4b29fc07fd295bfbde6fa447134f6fcdf876e7eda76cdcefeb64a9455166c042b850e90d8d47268a3f414e471fb213549c707e24f487dc6ad9f1f65eb14d02913e26f26719bb00dea20aaf65c594a241085f71643a4561c8bf9b26328d160f8fcb5ed03ed74031c5d4a8ae85e75b904886f77bee7dfbed45e59d434ee7451c74d407d765de27a6a1da4f26cfbbd1122150e7010f39b8d02bd975243978e046785d294be893e97b09601b451e94f240a744b87cb4c87438358d70e264e44c7a700d1821e10a8d582b19687a943823aae35e0bd2aaf9230a58129cdd1b7f5ec12a807b9837ee32b43baef3054a4601f57b1e270af5fee845d6bed9c1868daf1b6ca7e538efaad503a9cb38b567fc8442ef46fffe4157042b1777377e97e4c9df93613b1867f26d6b0e79fc07a51cfe9817ce10e622f94aa7ccd28cc2a8b85aafde50288abd2897b5f25bb63e23f733b42c6e165bed5ebfcc4ed2d5e4679ce834f6f4bd51e771a80532261fce1078d07f6beeff39df8743e290493846c946dd87017731d38ddd9867166bbfafdc8532eda7b16d040e67d8f9acefbd95965791539434914da3d525f590cd26483c4e5d26fe692e091bb7041ac90a51f7ea4b4f7569b33e391fe6151bbd6db45e908ac0760b07596cfeeda2f0257ec56a2cb35899e482ff74ad87a207330d9e3011c4f0a1571e175c0c6e7ed7cfd93a3100b6e6edd5555a268e253fc791b01b9c19633d2dc4a3feeaf411c12803fddeeeef927a53511af3261a75510a48f544bdd8e0249d1e68230cc9091c1a3071e2489d8ac14158f3f6d4cabac82e6612041d0af51e874cb70fd81f95b08d0f8d74c4d0644400ff466a1e5916baabaabe771cf7b6fcb63d7ddc9b09545e97f0a6cf651f77491337ccd7fcc726bdce21e1978f667b6a221381f566c805ba033118521e611987d42bcea3c42dc978b79ba79f236b2b09e25be3a5f587f936feb52be368c5424ddce25d396cd05bf8c9ff61a8e7df45eb880c612f2cb70bc36af15aa10335e5a7454a02debf3b269454da64a58515fdd579eacb93febe5667dde0b821c7a8f20b68fe705a0fefe5e98837db1e58d5f2f79e229dc21eeef26d65550292807055edbd3aecd5eff57169fc417c786327034d6db15ced9e2f3d8fa92ce5d2602d37b15f1d9a005afafbbd47c923772c8e9f703c5f800efcc3b2f09eed4fe39a9aaa007b2f31efff82e4a96a484832ecb164b73357ff34ab755d31c222d22d0f01c19690276886348d66bf5d01ecbe74721e1f60e158a30af611de7aa0aeb43037c12b38723c0ca28f6fcbbc5ef7467605a4dda432422a9112dd85b78a618bf6b0536000d709458d77300e7914c4f9f3d195c1a9cbd19718f4143e991337b8723eaccced0f3e34bd0a4f72e9c6b0fa8d8878d35f06b716ed2704104144880a4becb74169be7c1947d3d44bf89b06f06e06061909c22c8965b6e400a28299c2f8a41578615160c6d1f4f40e1ac31961331b40dbe8b49449d4dd98719f7b06d695267f9d21e0a0d19b15d144b2b6bb25e4351dd9086d24e60cc979c38d10f35477e3758d4591b9a68d22037a925f08dbfcfdc7d7d52f2e2cd401441cbd682737228f3bc8184e4b155f20c6678ab7779ff5ff365ea4f85a754f3d9980efcee4254bff336f6864e82d7db5be30349ca4bbcf25464877ef72142c484fecdb39d3bc26ea59b5ccea9c5073a7cd793066018e83bdad199d7ea3944ed1c5c7ff1fd42a197b1ab90966a3de5e4fa1e2507aaab72efd98dee07f04a50cc2b442b3f228cf6b97004cff1daa7b34a69fcbbbe8d3bb7576f6999d5d5461a1411ad2f1248e6fc5b043d30b570b9959c1afae00143b71a24e8fad74c2808d8dedb85f0f65741c9718c29615fb934374fb61fd4c04109bfc82fbf977fd84af8fe18daf256ae882dee63086d788c724c5f2a301fb583f4c3a7aeb03bfd353c8958f8f78df94f1995c52db7512b1f50e12557b306e29d09a5e25cc9979653bd9449cb07f847099d7bd3da0856c3ef8b5604afae14a034610b3eb6f7fcee863e4f120b65d2d84803f467935c177a9df619700e1ba35136cc06d8b918d0dcc2f47d5d0e99fac0283108055443d410604e821b59122c9ebce58ac379a8baa5219aec4601e2c82ff3edaeee018d1412c8ba7346c9e60a1ab38aed51074b47f41384b9e023c57562d74da6bd8d6f770a6a2e1e8d14f83e7c61e82415b71fdaedcee249d7df038b137dcbda05f0b7cacb3073d87cd60a225b06ff1950fec119cdd02807a890ba331d41e5c78a3d465a7f416dc73643d864a3c6b4688d50f4a5904023ceba9f34594952b37e04ff35c5510aa35cd898daa4be8f624b49d3ec439a6fbd9dbbac71aab650065b0cdc2ee8a1a46c6ff25d163263f967e0cdb06b8e29124f57eea0e87f23d67ce042968b501789ee106f4ab48bc26608d3d1e511ae095d6a372eb2d9f126c5a8f4f9953b9cb58e17e68ac3864571392890fb6a3e9359b7b5425cb3670e1be011a47ef9702e0828f876482a052b927bafe00353890c0c340a7ff7459699a75575f892ed6319f1ba1bbe36b8b6ccd57abf88818e27466144af1c3aea93ea3cbf0280d6c148b6442ab4c743f5050b36bfefbab492dfbeba16814004c1014944e8fdb98a54ceb3f374847271a44c79c158f83d37f4d71c30c55b81d8e373eaac89c2106dca80aa164ad6bfe9b580369c006dd766fed782ed5ae282385e89d0fbff59d4d772344bfdcfa70c54da8131ecc00fcf8acb74adc0ec9c6a88cc4f6de0eb265644d51ee31b9b5eaf811ec09d021799248ff2d189865412470866d7aedadcfbce0089363ccd5a3e908fe2b8bc8e2f6a8b50c22cd1ef732261b291bbcd4e0eb5fc6a04c10282e40eb9f20ac708437dec4f5b75f55fb446770a81adfcde74967016745f6a03a9034e7b8d12e9e8d0745c4eb2abbd40dce63778cdd0b277f40683c4dcc46337a7b0c6ca754c1632a72149c6f97e7bedd7df17fac826bd35fe236ddebc41a7f2867589c709eacc1cfdced54fc0d59cc3c6772e64963619ae500effb6caa66be1865ee3e995d021ef4c94aed8c78da56e79f893ae9fed4193b367db72c81dc9a2b261335f584281e5d7fb18aad3998b021c25d74f9d0f0e9f72d2889a0cd125f3ee2db3d3ae6031f2349554b3a6387baf243e6a194eb67809f0b5959e23c4b723932ab0ebdfe20a953e3d2745a1edcdd1ac8bf7fa3d008d6f0c958a76687eaace755ce214bec8c41fc6b6ef82add592ea14d23cfc5ada8aebdebf5d2ee5e6c60de8a357e6543638bf447c6942fb850d7461143a7c2d67040fad796855e4ed4773cef4cdc23b531523b11d967f2f1b58bcef5cf2237edd5b3212b8c5c8bf6aac8415d0555f25ce5250b0ae047031454db32690f4810da083747173c7683c24ee8e7de136651d4d02ef2910968045f2edcd26357b1ed329bb5daf4f1485991043e9992dbfd7a4a4f97752a3228f05a7db83b933a13821598cc5cdd4b5a2ffa24c7f76a09848f4e988cff86b0fbf8fe3ed56b94aaf8bb6214bde7cf6a5c27e27e391f9fbfe53cfcfec140a5d8dfc9dfa46a57e76ace94969b306959812feb7d638caa154974bd4bf317a2f1b641542dd2c6bba12c76be10d36a50bec0c3358cbb9ae867381be1b1b788d0278e3ec21b7704c61fbea604d2ce5139b3f4b6acb32c2dbcea0a4c95fe524933e1804b81710bf37e6f0557f53f721643267190183f01ddaa1fd16e42e46e69eaffe07213db5c961cb8ddbd70d21acc6e621c478cf9c49f7b7740b8294f68953e8cdc17913fa64cb74b45a0335cfc4f7f5add57345a82a947dec00f16aea5b627ff9150e0315fe1bc9b12888fd61d9f89bc081ded0ac9962f942fbab22ed758994a32376789b6513f7a5052e7e0e98d8ddf722da65fac573b49c33445cd81197722bce6d4f23965c8a8ca99d401063a07ce5d0551a669df906b1d5042ccb4e8a02ae42e59843d855ef78a3355be35ea44cb8b670e667d01b996de575cb12006a3a60a0b36cd37adeecf08cd07493256843981606b1d9da047712e6ca4358c22351c284ec5799"})
ioctl$VIDIOC_S_JPEGCOMP(r1, 0x408c563e, &(0x7f0000000180)={0xfffffffffffff4e8, 0x9, 0x3, "0cc1214550e56708807c18f1433400caf3bc33c85d575e82378bbc2534137cf86ceaaa6956165a0c6e680341c2fc67759154977f60ed31353fc54459", 0xb, "84efde2b92e2d69203966a6e72b838a00babdb617a85d1cad1188e44009ee1ae796895921eb4c21714bebad15cad23aed2f64f3a5b6e675d61fdc412", 0x50})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040)={<r2=>0x0, <r3=>0x0, <r4=>0x0}, &(0x7f0000000140)=0xc)
r5 = shmget(0x2, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil)
shmctl$IPC_SET(r5, 0x1, &(0x7f0000000240)={{0xfffffffffffffffa, r3, r4, r3, r4, 0x115, 0x2847}, 0x3, 0x8001, 0x2, 0x8, r2, r2})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:10 executing program 1:
syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x7, 0x200001fffe)

23:55:10 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:10 executing program 2:
perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f00000000c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$chown(0x4, r0, 0x0, 0x0)

23:55:10 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x2, 0x0)
ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0)
r2 = syz_open_pts(r0, 0x0)
syz_open_pts(r2, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[], 0x0)
ioctl$TCSETA(r2, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r2, 0x5412, &(0x7f0000000040)={0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000, 0x0, 0x2})

23:55:10 executing program 4:
openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(0xffffffffffffffff, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:55:10 executing program 3:
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendto(r0, &(0x7f0000000500)="981ee3b2560f5c774554d3bd896548f99c9717f07d61e0221edb4f6474d9eb445c9f61a82fc6d095b401f77e587a23fb3033f65e57bb63c13cc29063a5c3fd116fa1fb66854c8cded04a632d99485b34e6217fbd22d52756429291c462a52f9c158c3645343d41f94ea4785123adef83c15cf35a7c308eba2ff2c0b7de4ab0bb511e0e2b454ed1083bb62693542314c1ca8d78af26dd2f8eb0f5ac78061707543ec5b465cb6d2366fe8a421165a1c6f61e6f021598aa6b18004f6d151735fe7058ffd5fa49b5bed41f5aff329f974f313ff24078f36fbee7bc0ff8e745d8a82126f1c97ab5b9fc96b37d7baed6e1b2d260af1b312476c47e44819658e49a28530ce4d44124bf832dc9ddedf7bbf4fbb63fa6b7bc904e3237dd401a467226998c5575a8ae63a8304d724271acee018389856c020125159725af1a9ff0840a502827fb82816005fe495a809be5521d67326c52ff9fb33d02fdc4381b7ec6072ed000f921eaf88275dbc2150d6fb15332ff11a8b19f88cd5447aa277f7cc83693bac61a1e17ab3fb47a11c8f6301da4e592853d743e540edd3f3ffd955c271d282709e3a560ca48c7f666c7d0de26e4117713f6f67ac2d89a106e024cf4168815f6056550f358e70e2b16dd5f18200826375af1050cc799d8633c7bc832f1e10ee5898ae5b78e809cc3755a7412d8b6e827efec0d3796fa7ad10f64178f9af5f2ff28b061a5d8c4a777a263e2564bd15e319fb245bb3d7fcbe4c93007d0ede9fe1e32c0a479a504c59905300806efa2e2a0fa6dac6896eb5898cb054fa1363864d1cbbff5b845c4896c22a505f61d2df44786e08b9ee118563fd13e44eadcdadeff51500556af10b4485298f6a5e30e00cb6717ea9e4bd8a593b6127a81489c978e9f7251e16659620849a2a5d7f7ec32c3edbd7875d20f01f13da12b9cf31bb6543380a4f98be0edae8aa22b2fa482520f4988a1c735f29e0988f78b338455802603493c2bb703d2e8b5e75470a1060bd753f8bfcd23e7a13d1ed7943e63d1c47856691d4b5b99a2131a630e1c5605a2d873023a0b95bd0f4db821d27b29df0a27eca451d9a5b961795b51767d3161ec116e2bc5f95043dca7c71078f98b4942b73075ad8e71fb54eb3ec862a6673c1b3e10723997e863eb82a9fd174edf98c30892c4e8612292820c1646b42683e80ac580e7f1192f0942ceeeb9fde9904580012b5b21b05d65461f1dbf36ffded7901da6090c95a4e14791886dde69cc7d9b56400fc64e477b2617d628bf6982cb261cfba17476f6fd7e1223e9922ae248145abf703fd97bd1585b71d8877eb95b4e23a7332058368ddeb1e6a520f236d25252096b72994aabcd611f96663d86b75491cfb5e9c5f80c4b7d1034641ca635c0d2f171106b0cd861b3051507b2e2486349b5caa8715938d8e111b0bf35397f2dacbc186205535cb375148900f85f3a571d1de31e14b13fcad07ca8458c064658f176be1f1ee15e6ff38427299902b2819da836817428495f906606fb53887621a4c9f52ac718852661dc1e0ff004c8bfb3f49ffc7f5c9c6491702dd64f1b75e83375e28cc9ddd681e531d00f48bbef7720b470165f3029490f4f259023e8ddf6c2de4a82b29a6a7b4cc19073ce0cae1e96c4ec785c3a9f13f11d25caf5a1e79df1dcf15ab93a8069a1b729dfb057d78f9b3a4b0e20f1d1102a9ab5c26359985b9f73ac89d068ead53049dd4a0400379dba6af40abe72f03e84749a18afda1d46f30320964f1e5a14951fb60c5c08d9f9ae8f6ae6e37a0ec99f5531b1fbce999c97ca5ac3335246e763843cdf63b78b8f77355de098f7f2663c6da0bc854ddf605a675a0ed618842880b8d018e792121eabea368c4205839c8dcb19658c6ac62ad706c682dc0eca5d7af4742252592a4f95a60301bf8527d2df83af9938cf0fefac584679a138be16bfe2e7ab07b00887565f3bdbdd0dba7e48f5aaca9b92fda6a89561ff875b841488d8b1ccf860031b063517e26b1685ec244ad9de5266d0b6b05aad4e9aefbcac2938d14b4dddacad1dd8cd0a89c37c4e585ab51270f5d8d8bbf65cfb6c8637f12eead1b5a13be9b501a97f422eb1b07c5d9d284617829c8edeca3142513a990815ad33039b7b003a419578968c4c9d6d387eb2e1efa41d33b81ece4361b4d36a3b77ddb06b571cbc43caebb3fac130f8ce08a52e16360ade98e2a8f72b43c55485d2d3dd423ca2703010501f06e2640238b41cecbf1c53e4101cfaa2981a6736a1a3d2cc48d4ce10e0a2af37db15e7ab6e2ab3a95cd187d60bad0908551c389de66883a8f872272d0d8f775a2be0038e92682773b14e09fafd157e5abd3b7cad03701f43cc4e139b4fde17d627d1bb157a8fd405546e81a8e4fc5fdffaf03de7c94259c9e31a2683ab50562cab37534d1d570f2167c3c5e023006597e860456280296afece5f6df98c2c0dbb2b95cf4740537bf59d7e31ac934b2b32dc982dfd3eee11f652c5a03252ca428e7cf04d8a253a7828a58218f21732f032d10cb63e24615e6239c634b96e032def3533c4fe05f13a410903b2bc2ff054bb1ce5966142ab53a92f4dd4c4498cec66691b8249c81fea83b76083967450a6a03d61f7fa21efc178f5981501747b03de1ca7e4068bd354ce9ae17166db3b66e28a22fc4a30ab0a1761e860fe0c688ea1004782740a862509f5d7d38194679e4d73af09834762800f06c36db4e434a1c15f40d70a791cd5abae9379eba11560f3e4f22e3509efb2265e7ebd174fe7fd1f6422c21c6a79dc9299f20ad2dcf1c9f865694d132f040316d26f4a1c405fdb42a4a2de8e572af30590cc06158fee2c9516b0aa571ff21f7355a19938e1ab2e96486285514817cc645d227b508dff19dd7d399c77c3f786c506523036cae43d79f54e5b0e99d974cf58129eefb0caff99756d24f3e8d6a6db7cf3b9b465af32826dcd61f4fe6bf26a2bccdcb28e7acf3da0022397f6fb2385feb89bc42cede733ecdbce3078d4d0b01d13ccce2042bf6592f012207e6883c026b69eb531c6ee60a3ba1bca53d5da204e6bc7f9e0b45fb9e5c59b0847de64684698480392e586a530d7b14238634f3f2b5aa87dd1dfd63adcc77679ad4ce91e807ca4598d504d3c09cb9e9d5fbd990ef8e555c9c558f0523b9dbfa985ed21d404c01f1762534cf4d968f8df7b5778b465db694832bfb9987e2150e1fe766ec054a46755f3a6c45367d1c624e7f3f773e1d74a7d34418b288785494e94a1e1b07f83a627a1e42cc414d186bacfd318ed89cb335436307b25d93bb0dc3703d8422fc50b2b1cbe852b2f45b4654663cb4459ae9f4d0090e10e1b9acaa0e210624530ccff2e7dd1094c2eee8d49d16e24c80817aab2f71c1fb83fa219f391d737097651cc3ad14d32f49957ee1711b8a98cc4d873cda585810a453a1b5e76a67f0a6e222f1085cc1ac9d5670e642831611cc8c92fbc533886c40728d1d331fadc45d8415b1cf9d5bdf3e2c1ce024c021a8300f2e37f95f333d75f0516ce4969d4faf759e3613153faf099be12ca30aaf716acd842b47e00a1bfa4e2ec3f42fc667f78d2904e7dd38118d9552bc9fed3221c54cd8f096b549aa9469607d014991955f29fee99653161f04b49a1b3c770337ba2895682186adc912d62e5b6bed2e9ea5dd4e873b3127220c8b8c907072b09680e35da9b1948539cdcd99dd35766d720e6f2e781f92e272a71a0ec13b7af74bf68ac1d8c2e96af8685cb66514058342a1a394d7596359515069bb1b2cd06a68f1b15417c04d1e6a761bd4ad7edb894267f7d8dd87dd708efd8a72f1ac96811aad64ad5be8b5509bbccf9fe05604bb760d4638d5ba93a6b72a0d5584aa802aaf959a40f7b5fb83b50e4f4e14d6acfc3413a9ea714458454d7927bd069a3238a2265be52c316910ddfb635c759a894133daff4dbd49905a6d197552425a3923b92d92150622e540e5de04fcfd915e7f2a299f8271c59b991a375e433668dada7123b4868b3f256839c8d0af327a1e844383cc1a0b9d6655eb5fa2542600e36874fc6c71c1a336cabf0411999c77e75eb5d0c758bce41de9cbb6da2fe84c64fd9b9f730701bc28457aeafbaef80b4995ff4430ed3be705a5ac4580c8535245946bef64d8d84a5125b6f50b677e9b6a548d65527415d3b89fc15ec1523903bb9fcedd51fca8d695fe62389a347122b2cad4177d578529094a138a95942d0748414bf777f158578c9f3ab15b9c9ea22df0b214b25dee1c891acd4a7d20bf305145c871aad6c4c9ac78f9911aed94610222ef84595cfd890305ae247c499ef8b0ab0db06deb12f0d1fcaadfa6929551f7fd814d3343d4937ec48f01eae511bdb306bf2947c78bd108d91f1a98bb27cd062a89e6b1eaa9a06ed471d5b9fd423d298fff0107f751fba77250298e665855c75b50021561699eeb48584466de3989ba192402b9b7ef723dc87e2517473121de0a5cc59e6cad64d2374a2f8516db7f1e814027d9a91ec284deb88263dc243080e44a392dec140961733242719be7e14bf0e570b30c25ba68e25d8ee89e97bf612dae3e0bda0c4bb918957c375b6ffc2a0eb15ed9462a7e93f1b260310ab8329a8af2ff8c5f4acbb0ddef946c66c96f0c86f27378ca2e2b2af390e92f1aaf9ab993bdc05a786e924a2b6674140c9a3ae21cd04421a545a2d9aec26db45caf93b426b853f943a5b6a78926a8352b4d157c97931b8e3b09d02733c2ce500fbbceb9f71a5913c91bd416464246c79f456a05b850e5dbde2c02b13cdfd5322f97db7e5d5afe5ec530f256049bd58bc0c081798078e2172b945eefc1165d31546f9808d442b3852b8d8b0b580fdc685db01c0c4f2e014c199bd2dd0c002aceb780fa0352151c31e5368518703e5ae699dd1798f5d0a6baff8f4ac4208743dc1e03df4001d1acd97fe0439424a937bec0dafcad0ccd21351d86348123f3812b3f66a9821942f24c152d301440473328845d0dc6f67a57d85499abf167d2fafbeaf233c399fc44f78eadd6cafc42524b582e5b3a88711fbd034ef480bc6400a8852f4cf5c6344dabb6de5efced295801e163e7e5002e304551ab2245d23a8244c3dd6b163ebc45796c4792fae48e4fef1f301d048268b53fd892b85d0fe75d246bf0578ce53caa32c9573f186f614c2ed12848868c1dc8e961c612fef0d432682122b87f0addbc35fbcf13236ed30142531222aeb80d9a8b00fc86642a62a887902ac6368635dffbf5ca0aa74ee1ca2810e4aa79f2631d0393e0edf77899bcc13eefa462f8f7f618248e6a831c64ee2215a7cde864048b64c8e22e1c1259b08eeff2a906f9d25b8dd272686bdb5388a806ae753ad2412cab5ad7a20edcd2bb0f5cc4ede2013f9843ec6e0b2f23ba5496e3dc4e24a91aaf511d4906c9187b3af0d3079f88d8b67ce9c94f080d26389b6c0871494bb7151d93c6257250af4d6a62ca23fe72d7ffaa8f802d5c003576a6f91e32e9f208b2251f979772868bddad5a8eb9f9b0c252b33d9e7aece3c373fb69be96e2646d396e5f887c20dddadd25a8ce74ec6f3ed0070c8f187d9c15a9096da546af5012265be74fcbe646e62d33110e11dc19c911115396e512dca6612a37dcfa208e976c11be28088b47772413f9bffc6307d4f0c1e2448636e2934e258d81b06934ebdb1f21ac737e3ba979a64281ada0922b2789b6f253fd761beeb21e4efbfef8250b1e7529b54f747bf6224028f0a1d74fee7311e1dff0124d27b944ec645de3c2b7ea87c337222", 0x1225, 0x40, 0x0, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x3773, 0x80)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00')
sendmsg$TIPC_NL_LINK_RESET_STATS(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1008000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, r2, 0x100, 0x70bd28, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0x28, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x4}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000010}, 0x40000)
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00')
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:10 executing program 5:
r0 = fcntl$dupfd(0xffffffffffffff9c, 0x406, 0xffffffffffffff9c)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1, 0x0, 0xfffffffffffffe72}, 0x4)

23:55:10 executing program 4:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, 0x0)

23:55:10 executing program 1:
syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x0)
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x61e0000000000, 0x10000)
setsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f00000000c0)=0x5, 0x4)

23:55:10 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
socket$inet6(0xa, 0x5, 0x0)
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000340), 0x10000014c)
socket$inet_sctp(0x2, 0x1, 0x84)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={0x0, <r2=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x1702000000000000}, 0x0, &(0x7f0000000140)={0x1b9}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
socketpair(0x1, 0x80000, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:10 executing program 4:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, 0x0)

23:55:10 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x3fffd, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYPTR64=&(0x7f0000000140)=ANY=[@ANYBLOB="5db47855c4e8faca459a4226a8d5ab88c242eb1993c0ce5e17345d0853999614f0dd7bebacee5797", @ANYPTR64, @ANYPTR=&(0x7f0000000080)=ANY=[@ANYRESHEX=r1, @ANYRES64=r1], @ANYRESDEC=r0]], 0xa2)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:55:10 executing program 1:
syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x40000, 0x0)
ioctl$VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000d00)={'syzkaller1\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000d40)={@initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x63, r1})

23:55:10 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000980)={&(0x7f0000000080)=@x25={0x9, @remote={[], 0x0}}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000100)="03d5146151789fab308069b588c529ada2d5b8d661d15742b2457ebbdc913323b6a4646cc9ec13ec9af685e9411d8779eccbf9cbaf3fc5e5f232379a44c2fd0dfd187c2e2ec88cf04dfdee81463e0446423970a53bbb552ddca94d0cce5ef728d8f8022a82f0d1f335f391b1ef935af760933e7aba61c0f606124709ba715d76b031500f06d11413f42bdd57d30bf7d630f0c7334b6275fd5ac92e33725dde2683c6d4f1b34c204fa2", 0xa9}, {&(0x7f00000001c0)="c3c174aed119fbcce7a6236d4a6ffa1b14c26e2e03119c10cdd26e71807981a935713819d177b22b01c059cfe832b67a9bea5acf2be491dfd03eab3bb81161436b1b98cfc6415e3869a8f4776e24526e165ce0b24de93642947f4af67fdf7b44d10b6041657854c1ce340c63c20019221f8452a867f327f7b3493c302a81c7db8084b8ddea265210b0f51ada5f9efb", 0x8f}, {&(0x7f0000000280)="c434f552bd9ca657f4206c4fca20574843803691e58ad0d0b3242502706ebf3799dd03bf9ea559af2f73ed3f8aa4521dc2dfc9340a2d983147b32db3b75dab2e4038ac6188ba63f2f95b23b8d40df2434f7bfbff92fc0096ae3ce51e726641f479e50d48574058728efbefd7a058058d2044513a3f8793bd07251eadc4c85f9bc4a22ed678be2b", 0x87}, {&(0x7f0000000340)="7dcb009f85966d7f55b241d1280deeff25d7d6415438f92f948d940c8d149566bef1e6e0e323d38e591a30b48ce68c389462f37e73370a59af5b1e1caea807f3735bcdc21c46d339395c47782d0f993ce491336ff50a54807834494d9eff0ae5ca9bc6d328d710b6fb6b0f559768ee4607584c2e1b710a6884d1f2b5b3f4433bfa3a7bf66d0f89f3c91ebc18f46e57fd0685ebaa8833f147554af336036f7ce4a58eb7f934e8e43bb2bb95ff", 0xac}, {&(0x7f0000000400)="e1b96cfa6736854178832da1d41aac1de2aab29cf97a33a72c04a62c38f929d8eb8e5a5219cfef504c94772dc0c58d86fc39d49fb9a5463bbc1f7eee92fbaea06aa43de36fb6fdb5f93d5364c27765b13d19af5eb35cba9325356c51321fecf13cbfc4d5bb11e30d1eb1a6c147a23d21e32a022eaa4c4b0f291f5bc1df6e0212f02fec25593ec14957542d0ce400ac352ebe3cf1b63fe7e5dc72ab2706c2d21652636d77e2858a74d74ad56c144a9c811ab6663b68e02e2425f72b604b0ef7cef218801661be82a73c9a8c4be09343a3a758699cb849b441d0a9e2095b5da76bb25f4da892534ec2d6ddff6051983f64d6", 0xf1}, {&(0x7f0000001280)="bcb6e87557bfa90bc16b0fd33ee5beb1d77d86914b2edab34948b4e11b6380487bebee622b9ed63e52ca35867d80a5a6b8803f679c7ec143d390ed49443b587baa61136f87dd7902fe9178b1abffaa435ff03e243f7bbd2448412a218ea92fe1358d78dc7e2e4881fdf3bf18def0d00d0ae19cf34087be26b524184715f593d1c7fe605e081d43a2c2dd517906019c68709fc6311c72769c1a52fcfd02c7d0442ae65f069b9294b49fa207d154db82045152048913b2ea695302f87f941d630cfc78f20aca898ca69422399ba6f18ca790a0da5db9b38b37ed60a35e8de4ff61fa8491110056cb40d7c61f7c37094be70fef530df02cc8ffb804659bdf0e2d10c5d82687fb3224778e61317c49680ff1bfc70a69ed8c09f7aac175f59ddaab91daaf8e3c8cb63e2f4bb137fae974b0af63edf556e6fd908bf1460e7080b8fc9c13c8093330bb3bd93841e7eb4fca260303de525ac4d1d1b0056e0d5d563ab7a47747d47ad7fb10bc9bf9320cdbfaa49617bacef060accf1d9ba911a1c3918cc9883d88c9f7e6b4f71fdefc04d56f48aca0b74facf2804b04684f634db3dba1560db7da82519a610997c8f367a23faa40fa289c5844eef6562c055345ea043a35610ce52abf80041d883ff4353e58f21f1edf8610bc704bd448d1431cc5a81f37f3dcaf037d15746ba6ef72948e790a589fbccde8652d63af4183fb4e3a73fb0127f7d52f809c54cfc18a1bb7fe4c850f95504dfed2d19f39c22be24b32b0a378d1edec306119ec5505a190680d1df10c505d56cad719021ec38e55de52521068f8182fc600c906ece999b2c1d0ce608eef618ae010301c8d7177a6bec7d294e3b9ec53aa1a6edc921b15414c4315eb8e21fdd820a9b1ae5a054fdb4e6f5c422082061df98f36eb21e7d1308e226837454ac7a42547b82987870d28413f2eeaf20db426d68a6c824a95e1010f4c5d1e00464cdb19fd0ebea94ac2ea8110d121e0cd73041b868d70f44aec1d3135bb114417feff25b27ea6b941a087092ad129ba1e7e3e8e2e00130eb1994b4a1e621090d6ba0dcc76f3b18fbea3ed745b5ebd353ffec3687af9e2035148554f2abc784d542b80e9e26b05a7d2ba0aafd562598188875b17885f78335bfbc6883cbf573418ab4ba5e3ed51d9b6a8001d4d0d7eeb91e16e5621a25ad9e4e30b8ce89e3a20584c261ff2c9c8bff14e3491cffdde266716e9861334a7abeea3f4f026d7c353aac455413624658754910adf26eea7c53db03a65d7e7e1f90b3d4ac5c2200ba60d775d04f620c2dd68f541b1461f054b0d54fbd5e0839262c96ff8780b6631eed1600eeba75b1c87b8a33e5849040195481bc6b3140ecb5aa37dcec57cb468399b9c6465c856aa0c9d5b8de1c2c2859a81a0c7f60c6675c6983ea55c79727eca716d2a300f79047b5d15e7fe25bfb81e47b13c5e66d7fc4957b20a90b4069eb85ddb56075771500e08a58d405364f2da5a3a564069e6888de7c6ef4808c78177610e981788d333c1059f188c315cf64b10c8afc8ba5858f7c9293d8e9657651ea75ecad38484529b5de0314500e49f61172d7ba6bc46998a4a0d0633de540d7377b414bc58b26d6ad6d1ee27a0ca4f954196f4b75a22796a29e4fa18fc17fbf723947a117fd906a588601b9d18d38803be3c3e5ecdfd0dab761ab7117fa7aef4ad97350b05fc1004d9702dc04aa049ebdb240a295a84ee389cfaef816d35922392213b6f65c368d1aa7ecc3e22bfd4ea3fb896f49bb37791ddceeab049fa07d06226c50faf36eefcd4c07fe48b63658b7f9844b49d91c39a5c5f25345c43c0ff6a23cb3a6d2481470b41341a61d5e76c2c61f7dd94c8669afb26d6c3fc65a909d85a6008be109fc92e6ecf1a1a3282a0f59f9dc6179be2e55b51e936ee42edcd051e9426bc6ce7179ab79e98ed548ca41c6bc745cd6687a4e4b2305c027932f48d98175e11c1ee6b4554bddb9538d695fbd2cc9c1bd0e6c9669d5a2be6f7fe68418d3cd8a4acfb2f13290147257b038cd991ea9bb4d9b2eb8893ed033b52f3e04fe55c302796bdfffaabac860f5dce150a961e4840ada7ffa7ce6054980ef4f4af3165404dbf0b42c9a7d9167015fbd0d3cd86135746bd740ef4438e5e2d65e2629dbc8d145d90e0871f7f31cf4f4614255dfba5924198b76ccd398b4bbd5236ec8e84ec10b9197c3d9bb76e385ed9081b31d6e048397f24c5d907b0cfc90e820890c7bf333fd504f58907998581ff2aa99f506c6e33d73708d3cb488d98fdf30d20d0ac401c1640fb424f0ff6a760347e417dfbfeb8b53fc9a447529f8c0de98073721fb61d758f4971f384c1f4538c2ee3d88144994fd631349dc5a317b038a493ea54704e91ec687f298b88dd430f31f155f730fca4c45950b8989f8b99abeba3646f1f06740fcbb9d9ede8dbb40b0ecb8b1877c121070c00de8bdb1cd145ca1f5276faae177ed096f5011ee8a3358ba4e8c063c72a3526c4c0d62e6b0d1e654ede05ec5dec46d529915b62e631241fa0fb8a8b220907fb3e31fed87d44f3ac5a6901a2a2457228998e842b94a82d5bf6b7de70fef1b5762d1d25a4cb816c2956a03ba3b10a29a291172970a4b44e3a9f846372abd1b2d2df3951948d5161516eaf00a35d30acf888b856acf2247c8c52d56d3e03b6739f2076ac53b6a7cb574a7cea207f00c080fdbfa92786f8394b785007e71cb770b51f35efe96afe2be68eeb9792e4637d45004fb7f825b7a5d8425a02f05234ec3d52b518ce75aa482dc617116318143e7bf7e9a5ec2c30b616b3e832d5a6aa58c2fc16dc671acf41a325299dda662c665ccadb74c3b2b1cc1896bb6d47e1787e1b2bc2dcf81d51e4c3c77c8c6c5ef73e5e280ce65131f8e6af50e992df9e4974dac22dccae55c7810a7cd12320482103b2a8c5405ba7934e89caa2aaae4aa1ed4188ee26921f89585fc037049e7c41bb5d4f438d3a9f9c5539b06af7826125191de6207657d58616ebf72c99c1038b59d2511009a0daa176bf4c1441423c159d7932130314ff29100a103ee527577ff40e578faf0a2cbec2fc2d2ac4239fa3c59a88ae8e73360901ca12378347bc21adf9bcb9bb71e995a7cb37fb5acb6a1c6b511049dc50f519c5c6a9ee9a1e07922f2f8d61acc02eaa298aaac115ca1857dee3c3498931f916b12989d29f4f4b35f3cab580d7d0baa6fd257ca76e37293d5e9af9907f8b73ea566002eb2bbcd8cde0fd45b74ab93b2d82d518bfad891023508f16c0ab71ebdde48a14bf099953ae152eb3b016a86261d64d959449e4414f2e039133a05c2dec5d6edc419d58c6c8728336890d0f355514fc47819accc9b1687f1e2571f948bd01a318b556556ea7fa43af42825d89faa6b7e781b7bcca0a8797034fe987e4cd4dd1284db7e388ae3d3608b63f98bc2c8407c2efaee3180df6212c7c337a8c98e8199d69ce762ec84557b1b21e32278544a04e76aa2e186ff38d330d4d48c34be6167a379eb8fb1615f30967f5ce7472a5179b162d9dd57a314fa639b46267fa02730695e194cbd9d8dca36c71102a3361297991babc06bbeb1300a56942cee58d8c111339539aa6825fe9b088a44319c398ba05db7ef0c50a33b35d85c064845b48ed2a22c59d4f9f4779bcadd8a2a2f397724695af43ac7111448f173077a404fb76336eb011a7abf8df05f6530ef905f4294a897ed044e49d4612822b601918dc79d3eef9c30710908b0477a3f12e6d518dab94f59ee281bd717cf0d8240a0522880aa1ffdecdbc2f5d43ab911a33571873d2fc028575efc6252f485f21158b453ec78d2b24d46a4565b9b7d217e1d2988395eb2f9b47e52c77280af4b93d703bcde837adba7142449e3dad28ea3a0a332bbb79dacd989047070c7bf4f8847cb555803d841dca8989de5543e1212af72f9dcbb980379173608a32dfa8192cfd7461fdd876ddb4b5a7ccbb1653d776b1c4876cdea36f06f793a8c6007dbd08df6c875424e2101ff498945f1eb46b8d0e050902f53b1c7b33629102eea7ee53cb7c691295e0e5377726911b60d2d775c980a3e56a98ed6f42a5895f91693e645907df5506624bb142295591cbbe58e3ef319b265dff1d1397275137766380d5b881119644e8a4b310356e87245339fb579ab6d2efe34f0cd14e62fea0d87e78a1345a102bc2cbf7f92650323e7db43511d3c7d99357dd8d53896bd7b2ff901885ea4ed9ea59d6968a946efa8593ef5ff557bc84a401b84109459487c492f5380b3381e29f01890bcf98fd46a538217d8b3fa40464569113ebb50511d0cf79094394986b41e7487de82513a964062d5dcd4cea0c2bf1e6d141e8b51a03d99ebe8d2bfc2624dab984fa01fb9e9575f062207a83b4f1f95d426f9ad149c186ae6d00159beb96c015f557d6ce021219da507d450e23ce9c9cd04a78cbfb5d2fb86402db94dc38043e6fce2c551103d48301fd130dbbd3f72756e4f587da512f43b32cdc5cbeebfa4ebc5b10e4fe0f1906746d2bc8a646879515c454c585b79bf73ef7cece2582008bfa05b1535851aed2836ccb7ee38ffc07af943f38d35d9f97cd118aa6b5d3565eee1ddf8de37aa42efd6a1395e3cf893b5853fb105fd3aa9ef4817d625e8482cf757066894019dfc54d517e067de4247779d1f4c746a5c64eadc3ca063230892bfc59516fbde3e7b14ca2c72a839bdc2f2ea9604d1d9d1e449d999a3421b9e6622816df256342ee13a8f1b8e77601f2734acc010e76938df96c1875fbc0380fc4e7cb4df0152ae3b0a69c9ee0546bce528855e208aeaa2c45d7c5de42e79aac5151781733e24e35a669298947727fa80b360277f2568fc1dd626d8468319ee4171bee7954a68ebdbd51b935df52fa0876821fec13d2a5fd6cd1f1d63d5e872cbf0d3c567026578e11c1bf9ab438bd6f70ce9f8e10e4c28f132c8b4c208545daae49d9e9d00491b58287ffacb103b4f06af6166f160447fb7ae77f7caad9cc733c4b8ec18235b20da5f68f38505242d38fa0c3d364291997586781ab8f3140af1b709f212706c35afc5f808aa499890e167f85c42822bc73003736f0a014dd7273bac2185ad3b18d7e39f5561fd92372286c6eaa67eaf538261edc739b87788afd43e2c947b3afb50b85abbd7a5f17ca22af9dd15fc0e4a4edf43b350a213cb34c3aae698b6db5d88a1323afea6ed8817d923a2d3237bbecf3339525b06b4d392c0538fd1687cc7f24feddf0395a2afc2786b6c0c2162c3d2abe66542076120ffdce59edef26eb804eea17fffa0cfb23fd09850851cd550ff3139c5376ec3dfcde3ffaf5a014b94691103f9808f47c6d31923f60c42234d569ae635b6b9cfe03adc606fa6e261d4d6fe7134822f0616188019f53473ad0a94b9cc45d5ed252cdcd9552162cb6d8eb1ac432008f1e2e475fb0b0d8f484a55b270eea273f78f0e8fc345e13a8a3c6eb716b4acbd46f9d18cac6b5d3772e7d4f81ffb758b4a35cf2e799d2f7eb80cabb86779de2f080abef03ce38aa10ed7afd62ce50b2efaae843c67c010c8e42a796f08fbb65b9a5fe6ce1f69bfc86298cf97623ae58d1a4543baa937260907525ce95e5ec7c9bb15dc183f9064674a915c6ec3d73d9b17269eee3f3d4a6d5ecfadce4c75c47a98c44659853b1629c9a52315713c859e694b84c757521b8eaa003fb791c9de3c6f6954833e1b7ed4c2fd597a8ff95a8c9a6d99489200c940653dff22622e443ae65a57585ccb319cc14238a1f60bd50a6a91d206fc45810799fc9e26a0a36", 0x1000}, {&(0x7f0000000500)="41c39b6d2462fbef46eb17a5115385d5f9dc91389a81dd863a28e2", 0x1b}, {&(0x7f0000000540)="2bf3695bde12a37518ef9e41d2f0e7f4a5a0e3da6358883809293b2345113807aaf776ec93ab6c37210517222208222c143030c760a3f05fb0d347765de358f54b78b8ffc24c40292e4bb6a8cd27805c7a96177226a40ef5cf37b60a336b79ce32f5177da7183ed94b86ad4bec71588703143b5b0466c24ef9245e204b98faed38c93c8c9e81c43366ba91e7d01ffc6769e640919f46bc3ccf5172dc", 0x9c}, {&(0x7f0000000600)="b3c7bf1635dfb0a353f0a58cf62f0e414d4f132fc14e6bdfcd7519affa9586f0ce02f4a3001a3fe0ceab339009b08d7705b9c174a243debaa23fb79472753660b85da2cd1a2af4cca9ddcfafbcf5065ead65d31820039663c477b535d7fc573d194802422a6fd0995ea3125ba3d6468326382af61621e40c119b363c0d28e5380ae507026bdc03accf73dad386bf0a6e96dafdc54482e5c298eef9f131e65408b24b42788f77107ce4e3552f6f84480b976d3c61b533205fe9ccf536281318f355cc18", 0xc3}, {&(0x7f0000000700)="dc7886234d86380aebc42e718ee7fe167a102959154134c289534908af033f293c10d23c7321c1ee9c4ae998210c0308a08e53760e508176", 0x38}], 0xa, &(0x7f0000000800)=[{0x60, 0x1, 0x80, "e800f3d495581cfac0c8511134c8157422db1b8bddfeadd4b3bb55b154768adf9b37095fa2416be387f4eee6b6bba50f74d00dd52191fd260df5f540563d92e9ec853d8f464d15ee428f4c"}, {0x100, 0x104, 0x3, "24a3fa1c4c02ba83b0f44d4dded791ff07c02196cc4b7b65a0b1830482c6bb89318bdd9f7ce3d4fed925bfc05c6ee636dfb4022772303413256e3cbc3d91f68304b21bc160b2a648bd8834e409d7f8a88d87441e0ac81291596b1d7e12973fe4378bd6973fc7d69677d86b360918fb0d98f6aff2123ac01581b05f70cc4942f36f25e87b7ba982b1312f7137633ce5b6677a387664e3199bc1a684ea7fa5469195625021cf4f49c9bd9e2db61ea8f7e8ff4d24da78c69630127a1d667e5479c1068a6f9aa1d9072b5cba7661619334a38ff23a08d9197ea3ab78d5ab2a3331f7986b7ef88108b8224d"}, {0x18, 0x10c, 0x1, "d28ec554b23110"}], 0x178}, 0x20040000)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:10 executing program 2:
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0xb, 0x0, 0x0)

23:55:10 executing program 4:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, 0x0)

23:55:10 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x0, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000))
ioctl$sock_netrom_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000140)={0x0, @bcast, @netrom={'nr', 0x0}, 0x6, 'syz1\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xc58, 0x5, [@default, @bcast, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f00000000c0)={0x4, @broadcast, 0x4e24, 0x2, 'wrr\x00', 0x23, 0x80000001, 0x3}, 0x2c)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
munmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000)

23:55:10 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_dev$sndpcmp(&(0x7f0000000240)='/dev/snd/pcmC#D#p\x00', 0x2, 0x8e1c0573a2f6f2e5)
ioctl$VIDIOC_QUERYSTD(r1, 0x8008563f, &(0x7f0000000040))
ioctl$IOC_PR_PREEMPT(r1, 0x401870cb, &(0x7f00000001c0)={0x5, 0x800, 0x9, 0x7f})
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{}, {<r2=>0x0}, {}]})
ioctl$DRM_IOCTL_NEW_CTX(r1, 0x40086425, &(0x7f0000000140)={r2, 0x1})
ioctl$RTC_UIE_ON(r1, 0x7003)
write$binfmt_aout(r0, &(0x7f0000000480)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996ae47f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5b564ddad42cc618582d2674f4d09000000fd8c77850f9e6107f875d717c499ae7c2debe8ad47e57c0c2c350d075a91f34f6fbd5853e36a1b19b05538a06f313e2d4a7937466cec08e9521dc2ee9987b32899f56c1adf439eeece7a717c0a4be57f33b964e1ba75fe4d831c84718c6d5a0b9a83d84f1342d0f657890cd901d1ed6fad3197a8977e062307488aaad1b7a3566ec9ed7bd3290bb7bd64f47c986231270c4ce64f487493c8c930929ef764e1ff6859384b893cef168a20ba8d02d86b847ff8d31fdcf53ae497b1f24dd9699d90a18b53a6fdc652b9c139788774c984270098418ecc8b418ec9a0542272d2", @ANYRES16], 0x9c)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})

23:55:10 executing program 1:
syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x100000001, 0x40000101)
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x80000, 0x0)
ioctl$RTC_AIE_OFF(r0, 0x7002)

23:55:10 executing program 2:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r0, r0)

23:55:10 executing program 4:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0))

23:55:10 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x80000001, 0x60000)

23:55:11 executing program 1:

23:55:11 executing program 2:
r0 = socket$inet6(0xa, 0x3, 0x20000000000a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x22, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000056fee80000000000000000000000000000000000000000000000000040004552524f5200000000000000000000000000000000000000000000000000c14000e57af108cc6c74028119fb719d84b855ae79c03bcd889e253bc4570000ff010000000000000000000000000001ff01000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000006272696467655f736c6176655f3000007663616e30000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d803490300000000000000000000000000000000000000000000000000005443504d535300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800b6fc0000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x1)

23:55:11 executing program 4:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0))

23:55:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
splice(r0, &(0x7f0000000000), r0, &(0x7f0000000080), 0x80000000, 0x8)
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f01906a2c7fc108d21e8ad46ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c817b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b, 0x200})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})
close(r1)

23:55:11 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0, 0x17a, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$TIOCCBRK(r2, 0x5428)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
fcntl$setsig(r0, 0xa, 0x3)
ioctl$EVIOCGNAME(r2, 0x80404506, &(0x7f0000000000)=""/44)

23:55:11 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x0)
r1 = fcntl$getown(r0, 0x9)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0xffffff4c, &(0x7f0000000980), 0x0, 0x0, 0xfffffffffffffea8, 0x20000001}, 0x0)
prctl$PR_CAPBSET_READ(0x17, 0x1b)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe9\xdc\x00', 0x200085})
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89f1, &(0x7f0000000080)='ip6tnl0\x00')
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00')
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r4, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, r5, 0x110, 0x70bd26, 0x25dfdbfc, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x24004050)
setsockopt$IP_VS_SO_SET_EDIT(r4, 0x0, 0x483, &(0x7f0000000380)={0x87, @local, 0x4e22, 0x1, 'ovf\x00', 0x24, 0x1, 0x25}, 0x2c)
setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000002c0)=0x4, 0x4)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r3, 0x12, 0x2, &(0x7f0000000300)=""/36, &(0x7f0000000340)=0x24)
r6 = syz_open_dev$mouse(&(0x7f00000003c0)='/dev/input/mouse#\x00', 0x1f, 0x0)
r7 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000400)='/proc/self/net/pfkey\x00', 0xc0, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r6, 0x8004e500, &(0x7f0000000440)=r7)
ioctl$EXT4_IOC_MIGRATE(r2, 0x6609)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
process_vm_readv(r1, &(0x7f0000001200)=[{&(0x7f0000000000)=""/182, 0xb6}, {&(0x7f00000000c0)=""/1, 0x1}, {&(0x7f0000002300)=""/4096, 0x1000}, {&(0x7f0000001140)=""/174, 0xae}], 0x4, &(0x7f00000022c0)=[{&(0x7f0000003300)=""/77, 0x4d}, {&(0x7f00000012c0)=""/4096, 0x1000}], 0x2, 0x0)

23:55:11 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100), 0x100000000000001d, 0x0, 0xc69e0ccb0441744c}, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84800)
ioctl$KVM_SET_XCRS(r1, 0x4188aea7, &(0x7f0000000080)={0x2, 0x1, [{0xffffffffffffffc1, 0x0, 0x80}, {0x80, 0x0, 0x9}]})

23:55:11 executing program 4:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0))

23:55:11 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070")
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000600))
readlink(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)=""/152, 0x98)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000002c0)={'veth0_to_team\x00', {0x2, 0x0, @local}})
r2 = syz_open_pts(r1, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x35b)
ioctl$TCSETA(r2, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r2, 0x5412, &(0x7f0000000040)={0x17})
ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f0000000000))

23:55:11 executing program 0:
mq_unlink(&(0x7f00000001c0)='/dev/ptmx\x00')
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffff9c, 0x84, 0x77, &(0x7f0000000000)={<r3=>0x0, 0x7, 0x8, [0x5, 0x185, 0x5, 0x6, 0x73, 0xa9fa, 0x5, 0x5]}, &(0x7f0000000080)=0x18)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000100)={r3, 0x6}, &(0x7f0000000140)=0x8)

23:55:11 executing program 1:
syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x6, 0x20000)

23:55:11 executing program 4:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:11 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCRSSL2CALL(r0, 0x89e2, &(0x7f0000000040)=@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0})
syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x0, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:11 executing program 5:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0)
ioctl$sock_inet_sctp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0))
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1020000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_getroute={0x1c, 0x1a, 0xc00, 0x70bd2a, 0x25dfdbff, {0x2, 0x0, 0x0, 0x3, 0xfd, 0x0, 0xfe, 0x9, 0x200}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x1)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:11 executing program 2 (fault-call:1 fault-nth:0):
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:55:11 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x0, 0x2)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r1, 0x40405514, &(0x7f0000000080)={0x2, 0x6, 0x6, 0x9, 'syz1\x00', 0x7fffffff})
setsockopt$inet_dccp_buf(r1, 0x21, 0xf, &(0x7f00000000c0)="687f6ddb4ae97a15ca9401700a6b615c1d9a1b3fe772190568c7c1e56f5eba94283740e8b87ac7", 0x27)
ioctl$KDDISABIO(r1, 0x4b37)
ioctl$VIDIOC_CROPCAP(r0, 0xc02c563a, &(0x7f0000000000)={0x0, {0xfffffffffffffe00, 0x0, 0x12a, 0x7f}, {0x7d, 0xc0000, 0xfffffffffffff9ff, 0x3e}, {0xff3, 0xfffffffffffff2c0}})

23:55:11 executing program 4:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
r2 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f0000000080)=0x3, 0x4)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:55:11 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:55:11 executing program 4 (fault-call:1 fault-nth:0):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:11 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040), 0x1000000000000176, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:11 executing program 5:
r0 = socket$kcm(0x10, 0x5, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:11 executing program 1:
r0 = openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/attr/current\x00', 0x2, 0x0)
r1 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x3, 0x2400)
ioctl$NBD_CLEAR_QUE(r1, 0xab05)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r1, 0xc0945662, &(0x7f0000000140)={0x7, 0x0, [], {0x0, @bt={0x2, 0xe79, 0x1, 0x3, 0xb5, 0x200, 0x0, 0x9, 0x100000001, 0x39087c41, 0x664, 0x6, 0x20, 0x4ee, 0x2, 0x24}}})
r2 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x0)
r3 = fcntl$dupfd(r2, 0x406, r2)
mkdirat$cgroup(r3, &(0x7f0000000000)='syz0\x00', 0x1ff)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f00000000c0)={0x4})

[ 1200.725070][T29164] FAULT_INJECTION: forcing a failure.
[ 1200.725070][T29164] name failslab, interval 1, probability 0, space 0, times 0
[ 1200.777560][T29164] CPU: 1 PID: 29164 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1200.786713][T29164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1200.796777][T29164] Call Trace:
[ 1200.800110][T29164]  dump_stack+0x172/0x1f0
[ 1200.804463][T29164]  should_fail.cold+0xa/0x15
[ 1200.809080][T29164]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1200.814915][T29164]  ? ___might_sleep+0x163/0x280
[ 1200.819782][T29164]  __should_failslab+0x121/0x190
[ 1200.824728][T29164]  should_failslab+0x9/0x14
[ 1200.829247][T29164]  kmem_cache_alloc_node_trace+0x270/0x720
[ 1200.835060][T29164]  ? __lock_acquire+0x55d/0x4710
[ 1200.840019][T29164]  __kmalloc_node+0x3d/0x70
[ 1200.844537][T29164]  kvmalloc_node+0x68/0x100
[ 1200.849049][T29164]  video_usercopy+0x454/0x10d0
[ 1200.853818][T29164]  ? v4l_s_fmt+0xa40/0xa40
[ 1200.858246][T29164]  ? v4l_enumstd+0x70/0x70
[ 1200.862673][T29164]  ? mark_held_locks+0xf0/0xf0
[ 1200.867456][T29164]  ? debug_smp_processor_id+0x3c/0x280
[ 1200.872936][T29164]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1200.872955][T29164]  ? __f_unlock_pos+0x19/0x20
[ 1200.872974][T29164]  ? __fget+0x35a/0x550
[ 1200.872990][T29164]  ? find_held_lock+0x35/0x130
[ 1200.873012][T29164]  ? video_usercopy+0x10d0/0x10d0
[ 1200.897129][T29164]  video_ioctl2+0x2d/0x35
[ 1200.901478][T29164]  v4l2_ioctl+0x156/0x1b0
[ 1200.905822][T29164]  ? video_devdata+0xa0/0xa0
[ 1200.910442][T29164]  do_vfs_ioctl+0xd6e/0x1390
[ 1200.915045][T29164]  ? kasan_check_read+0x11/0x20
[ 1200.919924][T29164]  ? ioctl_preallocate+0x210/0x210
[ 1200.925046][T29164]  ? __fget+0x381/0x550
[ 1200.929218][T29164]  ? ksys_dup3+0x3e0/0x3e0
[ 1200.933642][T29164]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1200.939911][T29164]  ? fput_many+0x12c/0x1a0
[ 1200.944351][T29164]  ? fput+0x1b/0x20
[ 1200.948178][T29164]  ? security_file_ioctl+0x93/0xc0
[ 1200.953299][T29164]  ksys_ioctl+0xab/0xd0
[ 1200.957473][T29164]  __x64_sys_ioctl+0x73/0xb0
[ 1200.962081][T29164]  do_syscall_64+0x103/0x610
[ 1200.966685][T29164]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1200.972582][T29164] RIP: 0033:0x457e29
[ 1200.976483][T29164] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1200.996095][T29164] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1201.004513][T29164] RAX: ffffffffffffffda RBX: 00007f7c2f181c90 RCX: 0000000000457e29
[ 1201.012490][T29164] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1201.020472][T29164] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
23:55:11 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0)
accept$packet(0xffffffffffffff9c, &(0x7f00000001c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000200)=0x14)
connect$packet(r1, &(0x7f0000000240)={0x11, 0x15, r2, 0x1, 0x1, 0x6, @random="10e34bf1fb01"}, 0x14)

23:55:11 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x2, &(0x7f00000000c0)=0x10000)

23:55:12 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='TIPCv2\x00')
sendmsg$TIPC_NL_NODE_GET(r0, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x11c, r1, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0xa8, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffffffffe01}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffffffffff9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x400}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1000}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}]}]}, @TIPC_NLA_NODE={0x3c, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xf2}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3f}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8000}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xc492}]}, @TIPC_NLA_MON={0x24, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x56a18a48}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xffffffffffffff7f}]}]}, 0x11c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

23:55:12 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
r2 = dup2(r1, r1)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000640)={0x2, 0x0, 0x2080, {0x0, 0x4000, 0x1}, [], "60148d3d0dcece1a08b6dea85338d0fe1801c9992679ce41147c704df930e016bfb13fdb8efea2162e4b3a5313979923dbd556f1631df94b58a59407a3352ff32a60aeba3cf89785b54814e399ff1b9c5fd9d3a4c3a77bd9fd34578b984e3297d98cc315712f2231373565f3746e2151077f783fe6dd61f78bfd72b0b90a53f36b8e7a798160b6ded90c98f812b6746f3c2e8790e0e785c50d160613a56d4c4a38c211ccfeef7876a7e6b21fb7912f9ffcbf7a13d46f8a678cee550cd72f3d7ea7472e88de411e446a7ee0f843c37eda8576688d189e675b9f8869428691e8229f784b3a4e54fff8afb7f6c8a9e8376627492937adb9cd2d81a007648e6d1f8fb08aa58012bfa9d8573327426dbe609556bf1f0a26d8ec75b1d2515c6dd8c7661225325ad5a2aa583dc879c295e10af5f1d0139218e6e862d7737c034d789618666fdb9342b4b3aec04d6ef290e11c0c3afc80749e04e38a75c314998bfe22b04a19bc0f84364285ce40e2a1eb7b537ef6faa4c36b0441e9f9fedba281fec61d58e49fc442daacfbb291cfba70ff031bf98e4c6cecffcd7548eaeff5bd404b60c70dc82453fc80c49fff4c221e30faf1be04bfad2566f51b3da4f63f40a03f76ccb26a685e41dacd4b3acff4da4ba2f8da44d3535a246939908927f9dd117359bb1890fc5829d05e5862db45689a6bc3f4557b79794b7471e14a46875e07562a55f890cf22c02349b19cb4fe5f6c8ceb8fe78e5704fdd91d49dfb9926d63dabbe3338285d1146568eaef95888c17330f3aafcb5e10426c4a1233fcedd053d1509fe73f0e6c8490608cd4e599b5f5267914b53018de9b60db5784b2688e476b7c20c8398e426d1feb40536c68d25bfd3bb114b3e388527757023e8edcd1cb91132f36d533c20d1a70353452ee391b22a1f3afd502e23b2605a0469972f09ff22e7ba8488965848482bd5dcd89f5d9dcaa399ab18bcccfd67ef9f68ae47050c8d37d811a31dd48972d51a2986bae62f146f545f25046bf3866cabeea88ff2d3f0e8655bd55b311024345298139af5180af8842a970e4ddefde755e7580b3b4e5a38605227a68f1c11b579369fe198ea753eacf0b643ead27af3707a88b2d9cea3333bd706c992342449c2ad8fd55eb3e60324bc09b23386f04f053311c197539d28885e919b20f3b1c0108fca5d607baf99ac91fecc83ab2120193397306d485d603b93542d88874b70e7fc71f27eeddc23c40d360662fe3d0bd92b0d9409ac10f60e36e888633aab5207b0123bedcc083e343c8ed19ab70f1e3b137a067cf348911ce4218b795eae6520e392a540cac2d2afc1de78d480efa46d2f75988188927c4f6aa36c20e55a4bfdb98765fc3cebfcd224485351f31912c2c44196a7480492b950a342bf3baeaf899785a870249399dd3c2aa5480864b2d351e3e7afbb248bd5066fc6d65a28fddc18094b1ada6a3a845b348e15e0dfec04ed3aa9e5804740654386aa5197a73e907fb83d6d095c5780611ca90035cd2cdc323b50ec945f978c24819c5f497c767cc999ab685392e2803fe636526801c66488f5bac2d310ff12a9841adeb8363aeb59199df93c014be92113940b1a5bd97c811348302aac1f5bec5a474cc97cdc0531a3cf174aafcbf2c417fcbf27ebce91c69d177902c606b22513571a90cfdc6c84aed958d49483e41e721b41871416b0577c771bf89cdf6648a6055ad344e4db23bcab485533b3b77d93388396657e34db76942f1d7fef5a25507934f8f66c57e1a7e348c1673f80097ec6f51f85b31910c68fa7a31c5e1e65d272ed90344a9fbbf141756a5ece26fdc32cb43e49b8668a5f0e47a812424c2769190798b5ea058ba810c8f9efab9f8a57e29de804531d48ffbb016de1c1a355bc4dc9346a2fb4efdd3078f79cd3c21332df6b4d20c25dd4d4c4f9b29bf344b7e66552642d8b0d046a8e954801bdffd8fd7eed49abb6a5641bf36cac7f3d22efeaa5d82f541e770c56620c162dd0db55ae9dde4d08820f26f34b12b473282a946f38f060f7fc4e5c23fd93189c7298b0f1a6f24bc0d91003c51c11a644d027384bfa928d080c032259fb64f81c60dc9c4f18f387ef1e1fe8c7c657695b41faaff606733ef87d2e47076450375ba41bd906eb204407318fd1f824e681528423b194e8259384b6a6abb6075a7a85bc1ffceeb703cd34917a155472da17e69e28da59e4120e7a3771fde04b4b3394e476948acb0c10ab88be57124f68cd9c98fc42cd072e4c878dea92f17fefa4f7cf0dde0b04562df74d81a8c77ceb9d7361da31ea0929944b0cda671fefaf63ed105e8935fc562250226847be501eec88670176735f0694784c266d9188fcb903ffae3f98fadba54c2050b25d33065bbda9f56ce1fdd74ab3755b98d25b9eb597036800cab1a102375c754406f6c0b417af1c2ccbc05f3876ac222991ce4822f23e013adc4704fe56748d167a9a160107685d36e39bd27053e45fb3b7df00f7354e06029ca52e5f0d8a33cb6e8067263e0dd93f30218be01073b62eab40f98b1536a295ccd67f49ba350e2312d20fe759ebf4c5f2398a48b21fb526b09cc80dcb9e1bcc02ed8a878caf02f8821f68bb12ef19d70dbfb4028d036a664a6b10d00d1ca27b09c226a40fa0aeb122a912fbf31624d040e8a48a78870972ea4ce74a6baa5fad6eae37735cb18729655787b1a62947c7923d850c1c65ae0058874a0e9827f1596911371ae795852618a2e6ee7ab7556a7d523f35d501103df2d63a933f7fcd383c5d3b080d114a206dcc1e2aa8ebbb4e761d25ce8d4460efd2ac3ed2720788199bb91a0aff2c104e1cfe7ab760152debd0a476690cdd70d38876b033e1d2cdfbc4b1d8eb02631b430eca83841f5fd2654b9d06164b5be667b8f198f398d6bedad6226d4cb920778b4accf74e6b3c7eee906f537745cd67681e87ca1c48368843eef5b16966c1f88ced0806135fb64e01c2761c72f4bae61a5ce246b46f2ec820c22df3cb341cd5628b20fc736420de47633f65ab5ab64c54b87d13a8a81303038754b5d91be2ac5de5b454cde88474b98170bca1aaceaf7774b08b2ca62ccdc282ae5e2094dabcc04fc154d697846abe60876dce98d23886960857dead7885506ed380267356a9e7bade73adf519a1b73165f18604e7786a100d2ffb4b0764e13acc4f75e0e58c1f3fe188c749738e0b68a24d92472599b1c719a77ea70e44c6d6bc59c2996d9fde168ed26dede73fbfe99c0c9c605dfbedae9d802a878760ad26fc9f4d72b09ffd5e89a5b0a2b5038aab256ae3f8eb5a094982eff98c6c774b35a55db9ebd2d3d1f23498d184956d6befb176055db685a05bedff3b6155c8daa6f0c52a0d3876549ab41884b2385df8424e1e143efa4b80b384bc01ba06b69b2dd2791fe068d96f36c8647d84ace9053d119d77f8d1095ceabdc2106bf44077971c083950bdc73186ed7b9e0bcff3cb7236a0eb340f31072b60a151f34a0f7480973b7d6f47835b2fb8f44ae4c248d639035e08bd7cd994249228df4854b7105578d94e378c00edb197bed62492cf072ebfd86bdb8ef5e4a679e010ff3adcf72c9fbd2527dc4bb264adf82225fc68c21905f22ec3a99b82b4412211edbb1f7c0d24a409bdaa8e69b9bcc8291642c5e6ca4cbb1c81e39072999d6c27b82ace9f33b5205a0019297707c43a400eaa4857ffac0e5a976cb66c48b2687aa44291221dc89c886878f9847aef721e8b33cb1477bd170075e3903f5633b7b16b7103242aaf9ad734b675864daad3174e28f5470a7149cedd47d0e7e6f0d4bca40ce0c80aee7af449e15df664f0d111d6a9f612edb38efcf446c81413cd91daccd3e0b5f97601d4f81961cc2827d40572c19162b3e6329623bbac4bd843519c6de7c5d02afeec79eb59dacf4879601163bd0e4881022a741ce6f385ae4cc454f2e25541a57ce06d36985f45b5fb5087a559e93d8e8a6e56076052e1babc7c959aab5cd795a93c65857d81566127ff172b9f6240d20eaaa8e136149e66e9b813208b3400b309c2ac020e02d0642254a59b463637318157777f99caf080af32e15e53612f04497e97c8274adcfb2b205651e4027ace1a550cd664669821fb0a0995ebe0e20106fa99c115e0fec90be45a666f0bae49958393b29ecfcf093da45f83c5642afc583b35a1b119d31c7fc259520168c08970f3d8bacf91b9e4542c3277af84ad03b2dd8c257a9b62d83c5254031adc2304078a40df439a1540e4298e0c396cbf353d06130efd1ad3044cb0e64946fd02e1c866d55af4a6b57d1a99cc05b434a554894b7b21d4188a6319ead014f6bdd7885658147c779f7aa6574d53d1a4de79c4b9f7dd9d8acb829aaf076167e37195daf3b1e9e25f01a5e88a07377be2afb7c9bb4ce234f213d63625cfdca5ef8252b08b659e3af7f2a94a444343d0683d52d6feb68f43cb4c2f9e78d158ddb7258a34f678324163a9ff1e1d3d0e0161601f9f622412b764de1054fa24104c5bc2ab3ecc138c7d61887a8c2523ac8534fe4f6379ff93acec05c783438db2f9cc1d63d6fab2c292582d628584ea76abe333868925f96c41a4541c995672b77632b3fc5a1ac3537fc5a9e1a68fedbdd5163f06d2aedebf0744c9e7c013fb77a7018067307efbe36adfe501d3e90964e32a1ef7e16ccca0c6b8fb1bb64e3c60660bc72268e3864fb1f9e83c4804f4a7a405aca74d9a3b503dde33c7927a5cc0156307926007402b8939c6a3c5fc4b75492dc3ac84b77dad33cd2e5a2f58ab6af48a2b30c9e43f69d93887c212fa7ab2cf0b3137cfa0f8ac368a3da894aadbe8adc9a5bbdd3544bdefa6acf6ec1b1e6c043a8ecb33616bfdafc2ba1b271d3468ad63b2321e4a1b1548cbf3350a0d1d449b705c75a4f168158a7031ec9cd0cabef2bb7c3fc0bae17f2d67dc8676b624dc066afb21ad45927af9ed35188da5db4c6aae6df1a0ee22dfd0a84c8607a35008a35724c4f354a4946950b462ed9ada541cd0b488ac5632914dc703d32564637f3d1b3c7ccf6ba49da474a30171a6425b665bfa9868e53577706862df7fd270a40feab8dad5467fabba5d5cc0789a58f7b28038b0aed7db0a93c7e384abcbf868f982224ccf662a4f18a40cdae086d284bc4620a564eb9cc891ea729b64b914a11f292f8fca155f513df1b2faec0dca9fa98ce2c98e27b56513d604e3ffe1febd9d8c337a75d512e248ab2947a5f37c765f85c069bee54b5e5ca17892952e54a04b5d2b7bfd6b3c50175c92295ac9e9c3342dc31d011a9fa31d8d198c30e0249b27200e433e873a253a79976b0f481f02933be520281587d3dea3ec5335cab3dcadcabdfd63c4f0da34aec891703bb3ac6475f2539106d12205e1db309811375f991b1017f29bf9df7d539e8716b3176d4b5a7f0367723e46f5c1d728866c1cee4e99e283be6251872bc4750c25e299e6e6c3d702e59899ef61644f034056482e0df1970b5f8d96d24f6dbfb398a743af6a79f952bbbb49852f0da5e0b3e9ebc5bedb3e1202219c63718cf638e991298abcd65b88634065115b262e0affd0b57ea556243053b977e343479da75e5ca21420a51e9381c5f09c1c0f4eff33e168c5a4132245212c828f1b7afb97fb3089492a768df5502cc505889f2eb513d58ca8ce755592be09b6c62d5b25be371cd8c254dcebeb88734519dbd77083861db4133d21f728919413379688bf03606a336140600cdc377eda399637e3c2ae9d805f1cc0fba754f92c6b9247de781152d03a1b0", "2d40b273759da054d3b9f2dc8467c2c58f9ed38242aea64de61a8879cac9b8371e142222f784a7caf85fb3d4e0b98da679a3cf34025d73c9e2aaa650ec27a3361821ed4a95330e5180c2670ba96e6b8ce6058ee09c20f2786f6455221a963a70747a90ccbe46c660b5a45396575a120ded2fc1f7eb7e6969558d867fede06d3082eb40bbb26cc397356b59b9642e1ee09bc15194028ea3f760676150bd4c89730bdf524799e1660510fe198724a06580abf8df2f74b9a0ab2ee752625b13ee3ba737eca9c224f159025ca665e985751c09b558dc5052f1676f29413a8fd9ba60dece27fe91f2b5421b50a7ebe6bdbfa3763cef19638513e9c8850b47cefee0cb1e49c49e8bbc41f5835edf75a194889680d093590dec4e95d5c3e3259bd769441e0ddcbdc107e103f924e56425a99ff5862bb76d0f809cab863225fb3306f29d138bc32e52b566f4dd58a43801eea6ccf5b519c3837ea47983f7961db39aa5e2b0cb75ebfe0fa9593a3e483ec043d221958cec4c130e08258a5412c0d4c8896c968c26d73cdbb26fced86e66985d956509f0103797aea64e0b6f610059fa5ada943413416f6099e2951dc24f039f6dac8cd1166b17fc6fff18a8aae7ecdd269986fd0d919254689db685d1a8c59e1829d3266c21239d99d623239eb1b6d2be917c137719d13f45307dfb84836cb32bcd2906c0deae4b71694bb0e34f54c513c16fc795780c4ed751419312f39d2829c1678bac9a50e69fb2c210842d44604d10cbd16d51d01524af7117f7b5440e60828651864548b13ee7a62f38eb64f26d17e32ac51aeb4cab86838b24f20aee7b4130d945e7ab39367b21e0f9548db0fbd40da7298e6023d2783276d41b8476603581834eb899a55c9074c2b81208797af035b7afe3d1bbd801843d28f379616e030f65c12834afa4951a75285a8d3b94ae87f73aa56aa5ff2710737b0b6fc48641df2314af6262d90946ea3fdde53e0fe1261c9ed4b1de5d25a36c3f0142ffea14c848f4f810fbbebe2b3d04be8833ce9b1514e21e8ee734cf427cdd03e0d5b25952cda779a77437a697df4b42cff62737ac7b4e5ac014518268653708efb946beb94ef60a31acfa063894f66d078b63d1f854346fbe423fa20f69756db3b97c56c623adbda4c27c93d9b251868fff6f3e51ad4f1838fef459384e1a1ea82495e454d24428a0fe35730b8fd2f3f0eaba9a8bf578d0a4ec2ebada01559be916467ba4a101377aaeb9a83c159c70f2eeba7e425e410fbf7aa855b45927ddbca86e011bec24bf646e665e33aa385cf96bff818ed39313de9ba481edbead2a4934088964a0babd230f1f831ea7902fa514a7360c540e12bf0bbb14478e29ff20b75fa56d1368b1e3ba03e879b62c13c9cc6c81a1ef2030d4c26b8d9699a49d1c1e98d78c254b79cd3535403fa47d36fd3baf478d660f17da4056cdc35a2e4fe13ca2b309c3e765572f14692b124c24e51653ccbbc6e0885e9a4ab18b093cbb0b20b537f76476580c581963c6ad1a2c40714bf8693d3c7ffde9f3f98e5e35be3abacd9845128cfd63aa673f091b9d6fe3bce504abea4a5076785077061e82701b1aab2125388fc8b7449ff0ca5e2f9afb3627114c12f3d24c9f5e2ac033cbe17e537041d0c9a389c0fe624f85ec458cd02abf512ce007100b0ff4e9ea589c434b75ad305bd3ba3f4d1516c661e6123bda440815318e2e1be1f68851f9f3c215a5054928ba5a0da8b71c9c30d6ffa132799ba8945d1df63a6cbbbb8726a2a9a67537cf7ce6631755e078578502bff431d9b0cd20cfc6cab51fcc5c45b3bbafedfb837c8e6aa2167279b4499cb80238138df11dc9cfa7989843b554b8d66a148f24d02b1c15b0bff0841d5975ee90c8c5eedabcca4bda83043f41275be0a3b1fa01f2cb9ec611b7e3f3348f8ad8daa005b561f27a14946c4c12b42ccfa441238d28297a9e53a2f47cfd707e880bfc8b89fb7feba4765aa74d0bf6e6ae593fcce254788ced35fad09794c93238dd12ba5ae0ed91c2ee1fe1dc88b4579a9da00beeb0660e14237008a80f4183ff78bd4b8c2d050f3925d3a45e2c7bcff0c8b781fb5121bfadb632c5a9c99a9ec4679563b40360848c86fb6acc2260725089fedd5ddae79cc48181dc5ba8d21aef315effa21174b95e4f7a76f6f085fa4443b0e93d66e13931c08984eec53e507bec44ea5501a2ba89e379b4d57d35c8912be10259cbed968bdc38587b53479dce6e037ede5c9052cc0b35e193b3efaaef0e932de4e387b248f09653503a748167ff5ddaae35b03a5904d62892244a0253e5072981415814fb3dfbf9c37b261e57e2f16609a37bf63665332b52174721099248b897a9b0b6e309ecb2b4a6245aac5c746c0c549f71f62b7179cd8087c3c19613d1f415ae86d7d47b1d4486f0f461b63b0feeaa956abafe6ec17f215fb8891efa2d66a7d9263471b59c5ba2cb6c9a4ff8517d3279330cbfa904124828c55ff83276e10874a254552a852acb85aff73dcf8aad889a38c8a48992e76b9cbc0448cea24a18bfa515320abac40b064c5c2b56ebc3816ff76bbfefa465e44d8f4a6eae59905a4bcb75e4f0216cf11a659f90cc147bf47382f3a8d373c5370fcfc37017a9f4162c0d3830238bc20c0b75acae02c40694b1a8810fba4c721d96b93522af4ad632b23fa5fb1a48a2466de7ba551d1ab7725f21e4a3d6943d79d0def4c2f7818adacf980ce72524af7070bd109a5a0da772667a02bd8df1f1f5cd803a500d6e6dff203e3808e3546d0210129c9b3618865507289a6b40c72ff8b3bf98a3d9c838182534be5df2eabeef9fe7c486aa8428e5937e9d8f1903a752897ac6da1cdaa6f5bf6668078f4099db7b61a271b28d57ce9936907336060ddf221f4d9748bd3b1396af5c39ad32a129ee9c34c1935bd04f27f8cae8d668e63fdbf71414ad523de4411cad9d85996e008312f6e0d2635cf1ded752704ebd44cd636aef9d6e2aef6391380475852f1b9852ff012270babb68cf8a5cb3a7197b470750b85d983f2be8cee2680a93a912b06e12a5790d044c78ed3b231fb0f0c6d70ffe129c5876e6a509ebfe1dfc52e785169e4cf741d5dd1b2c9ba342c8b8d79f1a60cba3c73ef12f24ae6a9811de2b65773580972bbca41d3979420e317578b70463f7a3c4b85ade6a03659665044356160ba28909e36cb40e5b9af28845020611a9790c3f422ed99c76878941cea9ccac35d73a46282f4567b592d9815dc1219e3cf7b542a6a20554710a0b917a8dfdd384d688a73667d07e51adcafa2d5300e278ba2feef902a9765c6a8085310bb2ac75470c662a84b6184ddb56a297e297c6e20a2957b36bd193322c7cf57988c97d5ba7be281cb2899b5adc8d076c9ab8545647cfc4bad27a0ee4bc666e6b248294637b0f485bc19adf39a258aff98d5f40b88154d39e5f9843621f14401de1e03cae8fdfb0d36a5a27fc94d190c189f754da0f63a135eb092865cbc6cd8ac5e215c70ece68ced2a2d7a6bd25e583fcc21eac572fe201ee565ddf745d56d3bce69ebfb915be7c2bb9004fa63b2aa37e13340acd9a0a94bd3b4c1b43bf1638b572c32243d319e7b494549e34157a32c3774de686e4a9b3284f849fbe752eee60d1333bd72ecdc9fca92eefdd4bd3c17240bd6c27af51df4f8d053dafa0b5b91cf3e7a6ff64b317df952813eb83832d83942d724f63e70c20431d80556b973b725df86854bdb6ae82050724a663830359abe9cbf3ef7b632f4938f8938abfa89689548818da2a950af972d8cd92cf55aaff7aa8772861864002b68cd727f21dfa1172379854b72f903d6f95d26ed185ea454a2b4cfe0a9f37fc922b711901ac59dbf656fc801e5c9ebb94851973e048d2cc33ce24a70e94b6a18440b051cff7346ad4c42665332e7adc9280fe244d1daacbe5b15b118ba42134a5fe6ca38d122895b281020e6fe8b0ead7ef5d0b77eed7d0d28fc60b120a16d943be3745f3a5983baccd7eb2a14ed162c8c7adefeba7a665342bde9ce727a867ac938543501618894b60f63193be935ee99f2f37e6b7c02e9d61b33fa7e2f07c0cb09c2c512cf930ca04ad958c175287f8af5ad6c9585c119af01e976458b4d777123038dd11002d30bf549a26e334ae9be6c28eb713a878020fb707d42d3f8056dc5852c4db085675c2b5dd53e53d595092e37abed4b5c0f37c60ef07220124709c12c8e85a4f68a1f2e9741abd29d3566fb979869b64ae323d25c13af0d6aca050ec87de04cb6630aedd6d02d02e96db2699604b5d5775235618f90392c7bd3eb2943f422ffde67a75910be5f6ff483039d0fd6417097d6fc2e5a3435bf2d94fa3b62a963dd1ec97e15e2ed9e5adee7f00e41cc9ef67b7e704fc61b390a42e413d2404c2a88e4424ed419c1812e1a8b653cfb0e6ce2a4c9419fa01c651f9df792c5e456f9c2a8450e135cd265b77441a40c5175f15a4471651e95749b566d627b72589c4292a904c711eec606002e2c7545d04fa5052be99576fa579757039eb4a877848d406901f01746b1eb4c267944160dc80476f35c9c4259dea73285ad9a5fe7bb53131ad29483a179e8a28084917ff96cb4106393394e164d84a0762cbe9fa79211c25b8364b17505644e949856de3bcdc8804460fa7d73ef343d3e523b24d8b7e456ec9acbbaad02993d03653102066c42d754811c6739bab1cf39174a252d1a9bef3ffd36c4203ffe216865e68169673690904bbbc886cc39086312e3052b414fe5a3c7b0d6930902d6c37af406172216c7474f67fffcc41394686a723f65dc20f63ddce962869e9773bd1cfd637d634476cfd1317ec47d83c35ba035286b8bcf750501495038aa51a172f9dd4a611316a8e5ebc2b0e051308c8af764c97ae1b12d99e1e8f8903640dd359d91b826d300803a3f2d3401b4e0e30ce17316eb1097a773a3a765ab2b43cfb210a347cc7d41243cb9d47df9e7053629f1a7950dda8cc6e36f9882e07470cf9a2488e78b28cca9527c7ee52ec7d96c54026dec0a797e4df7908c5852a23319c2378072d0c5f330662460dabb2f32ab841d366d808c01395163afb3a8e58d5ef49012d1cd86d0d6c263df92e7df3d68eb6d64bf0f49b3fcf3ab398298b3df1266158c7919d116b747d9394066dc357ebaae9437fa3a11e53eee9878be4c3408277c078205b75cc8cd39fb3396cc5db508b748601ce13053404de7246c62c852ab4bae86e50a824ae385411f6b71b4a49596cc2d968babfafb34cfdc72618f5b17e0346fc7e7d455f6db7199050545eed4c853761f1095a8c548427a06676c5534b0edc48cdc7adc18e8c23cea3671b1222d830be40f0fea3903dbc333fff723629f4787e4a2dfa8a088e692da87db846e4edcf06c086925bb4283b5a70a040fd598187ba40ee071aa93e2e636f9e4c8b76c97682e33d91e02faa80254a3c1b320158d3fda44ac74dc9aa1b5f12d85f37ba33fba73df592c6a371554a85c1dd201324b907cd7d9f85dfe28bd61dcf10d74914a6520fe27f3520393d643001948e3fbb09aa43d1166765b45d233700b6d1f61a134aca1a68cc603fe1b7394edb61aff48b1c74371d09efc067df0956b3b759e50d9c834e02612a46be4287e58781f999ce34fbd52e33a5334bca08605f7c59a1faa4bf8de0232d03e0827ac78f2fbd23bd0e95397658a06b706e78a3ac7f569d959505c518fed6248fae73be7f4aaff77e41efab7f5d5fbb4bc24748c722ad758c26995c0698a998176c92b650111f006f3d"})
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r0, 0x5412, &(0x7f0000000000)={0x17, 0x0, 0x0, 0x0, 0x18, 0x0, 0x3f, 0x0, 0x4, 0x0, 0x0, 0x4})

23:55:12 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x5421, &(0x7f00000000c0)=0x10000)

[ 1201.028452][T29164] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1201.036427][T29164] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 0000000000000004
23:55:12 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
ioctl$SCSI_IOCTL_DOORUNLOCK(0xffffffffffffffff, 0x5381)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:12 executing program 4 (fault-call:1 fault-nth:1):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:12 executing program 1:
openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x80001, 0x0)
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x888c1, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000040)={0x8001000, 0x10000000002, 0x3})
syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x0)

23:55:12 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x26001, 0x0)
ioctl$TIOCCBRK(r0, 0x5428)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:12 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x5450, &(0x7f00000000c0)=0x10000)

[ 1201.200195][T29595] FAULT_INJECTION: forcing a failure.
[ 1201.200195][T29595] name failslab, interval 1, probability 0, space 0, times 0
[ 1201.276229][T29595] CPU: 0 PID: 29595 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1201.285393][T29595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1201.295455][T29595] Call Trace:
[ 1201.298767][T29595]  dump_stack+0x172/0x1f0
[ 1201.303120][T29595]  should_fail.cold+0xa/0x15
[ 1201.307730][T29595]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1201.313564][T29595]  ? ___might_sleep+0x163/0x280
[ 1201.318435][T29595]  __should_failslab+0x121/0x190
[ 1201.323390][T29595]  should_failslab+0x9/0x14
[ 1201.327913][T29595]  __kmalloc+0x2dc/0x740
[ 1201.332178][T29595]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1201.337209][T29595]  __vb2_queue_alloc+0xf5/0xf40
[ 1201.342073][T29595]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1201.347650][T29595]  ? __sanitizer_cov_trace_switch+0x49/0x80
[ 1201.353551][T29595]  ? vim2m_queue_setup+0x266/0x370
[ 1201.358673][T29595]  vb2_core_create_bufs+0x2bc/0x790
[ 1201.363884][T29595]  ? vim2m_buf_prepare+0x280/0x280
[ 1201.369024][T29595]  ? __vb2_queue_alloc+0xf40/0xf40
23:55:12 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1, 0x0, 0xffffffffffffff0b}, 0x0)

23:55:12 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000840)={&(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x1, 0x4, 0x2, 0x0, {0xa, 0x4e21, 0x822, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x57}}}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000100)="f764081a3ce058137de0db47d14aec53aac512df77fa5419d1a680d2baac30a96fb5d371ece9e34368b90ea2fe1b4b6022df15328ce7ba52ea19eee6a0f56314aed42fd372b0e35dd5206560f2cfc23f525241c34c2c36236625cfde62280aab9b6341a80eff65791b4ff43eb7e03fb210ffaaba7dec25674b19a05ece200673900354a301aad362173534d8a2e65350d66546245ac5d1263ef17be4586d04613fc721a404b5e4b9b13c121ad247e21c011dbeca0566c942955625f242f50f699d61e0f08a8f285163eab656d8f3713b25315fe942a513ca49ebc22227a314b7d5217b48cdbfcb36d43b7e", 0xeb}, {&(0x7f0000000200)="64f21d4f99ffa4588b2bf5b9480d4e834f6d478099c7172ca2a3f9eaada3cebd4a3102ce5777e2ec", 0x28}, {&(0x7f0000000240)="41e62f38817c82067e1bdd1613470931cead9326fac88508700a43dc059216d8da27bfbee84cd0d21d8a3a1d74646591e09320fccb464333496bc89aefcb73174ea1668289db5b9b1421453065b0b7cac019e5def81da2178efcb1ca4addafee1b74085ebc48a866e1f85dd140e5044e589f181e375605f73942d28fc51375d0f61f4b7994c95906b91ca4e63f24256757fff2bdf461b832ba6ed81826cad0622201bfb9e6fb0aefc164900f337910268a6d6371bdbc6f765efdc363ebacfa638a81716019f594f4967be6fa25f104c54aea93af4a5122a84393628ef3ef852b9ca6c8de50", 0xe5}, {&(0x7f0000000340)="36101026fd151714230428b1f7adf34256aa14de78fec2eac2e73ea4d477b5cf97b7e3258ed4282c4e44b55bbea88884f05d88a25947896c3cddef6690bc9439d83eaaf6398e6032e9c73ff28c04acc77b7d7244bec35c4a463af16cadb63ea73b63a7a9f2024954f29673b16edd8521adf4983f857f825d4a92d4910fa28c58eaffe89bae8d4669fdbe7224aa1c6a887b1385458b92d01d3c3e400e814c05d9260cb4827322e9953656121a3cd41bac487d69d01c638b", 0xb7}, {&(0x7f0000000400)="611ac89ffd1c73627cd77d9fe6205760b8a0f8990c0a997ce17d349bc529c7e93c8378314d72ca01fe6d364ec32f97632358b36acc", 0x35}, {&(0x7f0000000440)="d5accc4c30f6412f4200b3ab90e9c9e8971872aca1c13eb67910c06c378175001676ef40aa6d3915471dc1604b54224734a407c962ada118bf31150f9de62e81fa8838581d14ef706b586f757da900392a486e901bc5ea160318cb82dae4d2d8e202826483197bf715c341fa4b2d6143949ee762bc46f7ea09aeb7dfb90dffb245936849e78b3b22cef42df1e4043c8b0aab868eb0500bddb8ce5a94aafc622edbee2dc5662091bc7d5a707aee8713b530f9aaf124b1b05d3b0b", 0xba}, {&(0x7f0000000500)="4e44efa7a34ee63a37369dd89cf5976f30cd8daece80d42d4b631c135a376ab78b18252dc7b52d8e02945fbf74e8a0ffee03f74d226338e91dc9df0774da7e2986b59c91c481ab1fb94fe3dcb8210d708516dea115d1f1b387f533ec37626bde4a57a200bde2430fc3c2fe6f5f0ccb5cf9e505104af0ff6635da9d8705da30", 0x7f}, {&(0x7f0000000580)="e6ab2050012cec2e1378d827aa043361157c207a3d1e67fe821fb6a9911dc13c62c71d37f3bcb86cb3f4544e2e3910f5e3fee0179a79a61ea3a80d71343da2d775220d9da94d7e2d358fdd266dae51c4e2d8", 0x52}], 0x8, &(0x7f0000000680)=[{0x40, 0x13f, 0x1, "64f310faed2efa44488befce833a0d25157c8ef74fe8d1ae0a5e1d416a0485faefbc063b6beba1cae9c2946cbb"}, {0x60, 0x0, 0x1200000000000, "47797bb91d2465cd334e033178dd37ae23fcc4c3a28b01c0db55fb968bc00684699152287b02893cd9b53356265c09ee89c0df585093691f04e76b40551061fd198d3db9b8037faebd785c3beabc"}, {0xe8, 0x110, 0x8, "797e5dc96366247b9e67f918d5f576c78344e6b5292e1e1621003628a3a1aa5153e16e1431c44f526c2c42f3a43eee37c1486caa335f964183d3613a7be7a9d47a3acad9b5fa6ee5c4b4c185b0ae100c59ed20c207b2bc65c1696ebc895fea0c1929d6ff57ee97ed66a4edc353ddd2bf6b102d85a565a63b48ec021a60760d8b0d9bf40fd5e50331120fcb65d3a05b1c0fa87affa77246fe94ef05aa4ba2ae9924e152794d3355f55082c87ca16b6df77f01e38e23754e9c9e7c385d7ff5a82e1154c1ff543c55950608b8a7c025d167efeda0bb"}], 0x188}, 0x8000)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

[ 1201.374149][T29595]  ? lock_acquire+0x16f/0x3f0
[ 1201.378829][T29595]  ? __video_do_ioctl+0x398/0xce0
[ 1201.383867][T29595]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1201.390142][T29595]  vb2_create_bufs+0x47e/0x7a0
[ 1201.394943][T29595]  ? vb2_request_queue+0x120/0x120
[ 1201.400071][T29595]  ? mark_held_locks+0xf0/0xf0
[ 1201.404847][T29595]  ? debug_smp_processor_id+0x3c/0x280
[ 1201.410343][T29595]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1201.415386][T29595]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1201.420949][T29595]  v4l_create_bufs+0xc0/0x180
23:55:12 executing program 5:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
pwrite64(r0, &(0x7f0000000080)="06849715434e3f2d9c3f3a0d6eea21a377f3e8fef3b0fd6d8646b14e2f92a6a79f06d0b1861f8eeba077db9b2fabebcbf7c6e4f08608f807d9ecc4e9e67dcfd3f20d258afb7e60af583d3b15d58d8dcd80a72c0b8e39b378ba1c8f4c93391f3128938378e63f4084d389aa915d7dd99d78f9de45d0801d7f95b4205649ed87f7e24f436b9c9a4565db45952c6a2b03ec850210c68d4ff1f6b5f24fdfe54d4beca3e7c6f1f17d20db9dd8d5a9458fb0c74199f886603e0475c98359fc2742f3a6c616ef0c0524424c2318d1a6c18b9ff77a68e4d376ef77cd664d45cce79259c4f265cb28", 0xe4, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

[ 1201.425640][T29595]  __video_do_ioctl+0x7f1/0xce0
[ 1201.430520][T29595]  ? v4l_s_fmt+0xa40/0xa40
[ 1201.434979][T29595]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1201.441236][T29595]  ? _copy_from_user+0xdd/0x150
[ 1201.446102][T29595]  video_usercopy+0x4c5/0x10d0
[ 1201.450868][T29595]  ? v4l_s_fmt+0xa40/0xa40
[ 1201.455319][T29595]  ? v4l_enumstd+0x70/0x70
[ 1201.459735][T29595]  ? mark_held_locks+0xf0/0xf0
[ 1201.464513][T29595]  ? debug_smp_processor_id+0x3c/0x280
[ 1201.469988][T29595]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1201.475540][T29595]  ? __f_unlock_pos+0x19/0x20
[ 1201.480230][T29595]  ? __fget+0x35a/0x550
[ 1201.484403][T29595]  ? find_held_lock+0x35/0x130
[ 1201.489179][T29595]  ? video_usercopy+0x10d0/0x10d0
[ 1201.494215][T29595]  video_ioctl2+0x2d/0x35
[ 1201.498557][T29595]  v4l2_ioctl+0x156/0x1b0
[ 1201.502910][T29595]  ? video_devdata+0xa0/0xa0
[ 1201.507520][T29595]  do_vfs_ioctl+0xd6e/0x1390
[ 1201.512123][T29595]  ? kasan_check_read+0x11/0x20
[ 1201.516987][T29595]  ? ioctl_preallocate+0x210/0x210
[ 1201.522106][T29595]  ? __fget+0x381/0x550
23:55:12 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x472281, 0x0)
sendfile(r0, r0, &(0x7f0000000080)=0x47, 0x81)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)
pipe(&(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r0, &(0x7f0000000140)={0x1})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000800)={<r4=>0x0, r2, 0x0, 0x9, &(0x7f00000007c0)='/dev/ppp\x00'}, 0x30)
getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000840)={{{@in6=@mcast1, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000000940)=0xe8)
lstat(&(0x7f0000000980)='./file0\x00', &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
r7 = getpgid(0x0)
fstat(r1, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
r9 = getgid()
ioctl$TIOCGSID(r3, 0x5429, &(0x7f0000001040)=<r10=>0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000b00)={{{@in6=@empty, @in6=@ipv4={[], [], @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast2}}, &(0x7f0000000c00)=0xe8)
lstat(&(0x7f0000000c40)='./file0\x00', &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000d00)={<r13=>0x0}, &(0x7f0000000d40)=0xc)
getresuid(&(0x7f0000000d80)=<r14=>0x0, &(0x7f0000000dc0), &(0x7f0000000e00))
lstat(&(0x7f0000000e40)='./file0\x00', &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0})
sendmsg$unix(r2, &(0x7f0000000fc0)={&(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000000200)="4598cbf36c7c3acb4dc5ef750aee7fe2384f45c79332a70328ee26e040c1f497463ee95613f55c38653cff16b515f97044a1c43de6102d99779b7e5cc83bd86e3d0981f330e5edb4974b8f80ab83e46b9a532bf9078571530f741e45ab35275dad47e6eeb386d5dd461de94aa6622cd7597ac2ada2362f32fa7dc0e28d8f67cf89c13a4354a025b856f96c37be6b2eaeb82b559225406cc77286133aa2efb449a9aaf7cb27", 0xa5}, {&(0x7f00000002c0)="9ff76c230b51048de64d6a5ec89978e50d74b83a399ac5f9d14953792568d708d9b742299a9c0dc0be69d5ed5fc3c0fd67a69c8700741addbeac550a0802dd912557", 0x42}, {&(0x7f0000001280)="bec95e3f3102b36da53ce5106878feda7ac8113ffc8a0873ef7dcecb2a1ee446d7c6e099f6953979b22d89fbdf6b961411be316857dd30680b0d4333d4daf1d706a6e41e4e36f02f00ba461ee30cd208c33b836bc2017395244b426f05284cdd7068e4fc77bcfaae4c743947d16bc1a93f065d51d994b0cc912f02b18c4ebcbda4136c2d2d64658368a72c2733a4e12cf5a69773f3bf2789e7cc5c9c2680ac68909f2e5dd9b331f947ef049ea44559daa632209f364b312ffd15150d0237da7c3be83aaae7ae6d95abde1469e2ea12e9214110930a90b681e06b1fa79813b0b5a27e9970c1c121df73aea3ef6b11061b006836fbf11708ce199a5201cc638809380ef96fb6337f063bf95afea0f0b74d63b5121e5257ee922ed15e24fe6ebdcf82c949e916b785e7fcc85182d14f6c556818f7580760b0cb65c513262ea38a1aebc6b2dfb23a0ea70a43c4335e17517dd551f367f780aaf9922957e538b6020205beeacf4699b2b657818c3fb0d30c2abf15ae7dc86a2876e918c2fe374675af29213eac97a027e2749558f1d86c8e7eb13b5aaa1683775be0a00c68264a5af72566ea383731a537b68143f71b8249e841fedc37decce316e6fc86502d24f0dcbf12cc74cb2f53b6a15124892b47e210a398958190d662f36a882532532c917415f89a8a55b832edb013669d687ba13f1d72085aaa0516c1052b059c5ba3d0724aae206151843c483ae10cd915070678be82b8a367825a051e7e99516ac3fb0951f19b6088b01f870b14ded3dd39a857957c9b923d90dcedbe04a209c4fbea086328d7602ef5bf748b622dbac2b5a4fe35c9855e34bd4311849b681cdfa68210473490256aabed5035773abf5d36917dcb17fee7594e0da133254db65d941ae3f1a0aea51301e3daa47213a269cd5b876e5a899689c80933f0b7c82cccc9449524965aa8e007b2771526bfef75f8531d33a9d1ad3aabc7ca83f9f0481f675fb95125fa53f3d87b308a1f4458bbefce30e21c63a5087cfce4e5a302b1d7e80586240fc6c2e6f65acb9a97af59d73558861aac6b8e4a7d4219b90cb08c1e15e331df4bcfe10ddbfe5db10ac9a9e1b57d76a46b4e56ad82b43a5d4fee0f10ef834160f82ca051d41705e332e77b3c7cad1c4a6185a5f03f3100f32bbb77e68eef4ad62eec5c535e704f9c62f30e1acb17eb719924c87837c3d90ede64f91d4abfdc0d2e393b91b4c37f0ade9a090c97f3e6c55a52e27c583e1c21949c392e1a0614461400159edf36096a85a81f06cae982fce8f9b605c3cc49a0b7994246f4e8474d203a3bd0986f1376b4ea26441e4719e617fd52288b0045a16d0cf7a678fb58dc1d781846ec611e4b1038a01c2c921fce00a2c3be1c4f64484d1e7b9f319ff75121c8fa46305e70793e95da1d6666b7c27eb9dd465d513a6ba700d5a3312d7eec04e5a3c0f0b5f89bfd03cb0f67fd2430bc82aeaef0f1e45a385af7cdd2913c8971df19860038558c82d91a56f30027daf57abd76b4c7828d09653ba7cdf0c215e5ecdb5e222ce21459c823f288ce0cbcdf8897616920757ba1fe4fb1ea3d619991fb764cb57ffdbb1bb7790023c37d5ec5d1a0beecb9e1fda33004cd08a044d860badb929ce04a30ff677a72d6729b90e2a63da57bccf50d0c8e6c1af1d24cabd34827acc53857accd715bf8eaf21d10d37f6ff914a9f4afded1cacdc62e8e4d773d67fd16db36bcdb2d692e38f5c76fda05d266548e944499c69634360f83c07da5b5c4a1f7f3d75cef8849fab80d52dab752c34f634f27426a61a462fb8a4e1c279ae4f9d566612b9775cef64f6027beb2204e87ba39f28b4623336f204f4a2b10768729207c049e9016e79b027459ec16e89582e51ef98f33b1025c7a2437a0b860b3d07f621a3d623c7100540b6f81743659a03ce6efc4e5e738d5baad578cc0957260c7d280454ae0052e61e2cce8e8a8f800efdd4da92ac869846523768b652374d6f19d14e51f6c807a25eba65d06ab1bc49dd375eb774e08622148ca7c3efa9c15ca6957011aa93831dc43e6d09bc05f709f463610c78fa6b8c7004b490e1123bc93b4d249e7dd62c0adf4e8a059bac03b32fdca59155b84354c3cdb70f0a3b19d5df919ecb9cd601eb90b6cb934ab7991eb97aa709f357c3142062e8c1688ea3262da031268af7fec7be2a24b6f5026e43e76d46e223dedca4f2b7e9fd7f90dafa506492a2c624fc58eef50eceece93d68d69ca231a2f488693539621e75d18f4f25e5c8e6a511768133ca3f07dffbe040beb091a13066e9e7e4110542435260e99d7e3f28ff44e36faea6ada3b6e866445210ada3c18b2966bea53ac016fa831557c6027c481bc6aab3f19f048dcd73c597fa67920c63a713d3ad1923864cd48a6b12c3e0f69d6d66ede275213a063bd8b460a5651cb93759376d5e146e875de6e5a62ed8ac8b2693626c61deacdfedd9e9058034db5e603058555a37cec56a08562fd31d38831f7d0dc1e82ae951e7e926b05a859d4bf336b64dfb4e1e071b2e997651ccc97206f4f52d9adfb109d942611b9d5dd3676ae7ac959dfb36c66021bfb5201d85175e391be0683723d4d9b44e99f10c161995f494e6df6a2b2708ac965c5baab632a0093e52e4d74aaac7c431aa0c7f00eb313f36159ca8b62f8946b6d16a08fe2fcbdfea600c27473bce1488b632916c3636f8644157a51c298a6e14ac09bf123b4b50bc5d76a9497f18d504e0b93d8c7dd368ee2e0d250fbac569e73bd09b692c78e7cacbb46c891050a2e95751125473f9184c66ae8e886012b900b8b553656faf558605ebe8a3ee865bcbb048cb6f44c188dacb12b405ea3f07bb2767770ce2f0beeace25c4e97b0f473fb4e7480dbea533f9a595d7c4aabe9e7ea6d1f5191059b7751347b75405010f91fa82cab7250e86f9a9ce8bf1fcc3048f95ba1b23ff723a3636ab29974a798ffe554685c5c86c21f6d2ef62723dbaa955ed659de2180526ab507a1a21c445b2274d565ef27956c07c17145d65fdd0f57472c097770fa2ff695adc81bb247370b3fdb39de7dac4ce97d46d7bb812361e792b6908c6689f25ed6310349e5982610ab6ddacb39a94709a1e6bec7ad8ce4ecacdd75e4f030f17332d35ed10f00b842a78dd00f243046d08d00e07befa09ee212880506747e397beea1a6576eeb464d9ae6c76de9ed66dfab0c602d326f3ee21ce2c80e725ef857a79cf907179afc70222c973eab3f6d46c03e1bc11cdf56a59f395ddd57b2583167ed6cfee008362ff240beebe40799114c337a63eb1ebf6b5b0d33f45edc860e35b886b5bdfd6bc1a0fca8569942fca8f807e69ff0142dfbfc1727f08e54579e3eefdc8c45a16d169a06302d9d55ebb74a6ae98213ce2df38791a1fc1096e4bfe06f6d5573f30320101c0a40ed1f75f84f74613581b462325d40b38a54603e0af000b815081d684b86a277f125c5d241ccccd4b6b96f628bd565183ef63a3d2c38ef5b69732ad0ff8d74ce8498032352cdfd5fc0caa36b2558481db20ce12fecd04f755437d0e929463c9ec869e3047e9069f268ef15cd900d36d7eb219ef82bb615a0f71fc0bf8dedafbb90eca8eddb3779edf5b46e396f2d2be229053abc19020707adc6270eeb1bb15fa51de8361f9b4fd5f3ff0b9842ba477615e5da5ff9700abdb94b51db7a6fe8c32741766a32c061f8e558ad791d37186d7786a431a98b54557e4fe4872849709703dae193f1f79b6b27372e895883ba57c13339cc3debc5e029d324c84c9bb43c144df8067f5bc92e8d22a43cfd7cb1cf493711c2d963020ed5dc1ab34786c69d10111680ac39e627dbf0b3b2c622df819971783088496d6ef1fa1592d7603b5540d36241fe9e7dc5ba468281182c97eb3f7fc7f9b8009618120701aeab0191269a5f58cbac32a70bf67799b77bdfd6c804515c42daaf94b2d701152578fee801119569a89a1175dd4d8403ad6c6b6294abc0dd1c1faf964bfcf56cb1e1fdfe3b06594b0a491ae282f74e6409207320b7d423566325c041a644df4659332882b560034bb90b05d038f0298a33f75d38f635853ace11ceba681080551d9b49ce5618b7f3ebf2e7a716725ea58a2762a64eeeb53312fadf64994c306e5e7b9842a63cc9cc4a18716628cb48928f2359cea89bf1d3073c37e27eec8a8d65ddfa2507698c34b9bbe04aa1fee90a15af5eadb62b6468b5be9b16736d7d5eca4dcc520d1eee5c2f7af332ef82c027081968023866d7b722226d0cd339ae49a3913436d7d95ef5bf492d61cb9ac669330cebb51c7bfa9e63bbacebbc1413dfe53e1e57c7eeca249d0ea7844a6c4763a1fbde1627f84bd296e0896ddf517754023ae139e72cafe330e91c0f56159f609209291ab047e88838da998f37bac8378e505d12e921b827d5f48eb2aa9659acd66669006dd7fffb777021a6c857b0e91720a718c8e3de7316068bbcaf1d7eb9c44bc72cf75b52730cedf9ef54dc996c91a5d8c24b6bd6eb52ae4ab4589958c9b018c30f588b1628c5ba232f1f741c230cfe0b1df6ea115b05c79d2fc7d79903ab9cf5679c8d0ebedd451036c8f0e371325e20f6b0910df85aac5a073eaa9c06b64d0723144057ba9a1b3fd35bc2a68874a3cda416855fdd367eec9c99f6ddea47204204800eea21ce234b3c37a8b47ab1b9d288c62e917b4a9ca2d4c7acc7c6a6081e9ff03967faade67c15754581da3a01363457fa5a8dd0355d4e2725d4f96c2ed2cc7866f3a89c307f35215e174d0b939b50b4109fb3346b81a485af5480b36e2626173a7dfa028489418aabac7e25d54f6b110240a79589e6fef44c5a5d5582833bc488c0fb92c59cd6b8a48a2f9ac149033351a75cbd26d07ce6a241a38d05c68f966fc23a1112f0f0f837dfb1fcd99a786f5bd7cf33cb8b5b1f48fe501a6a3702537c24e06cd481063f472cb79ff56b4c805380f9b0c4ec26a827966d9895056ee466c51ff33911f3536e19fa814f90ad5fdd0ca2d30b82689fa35536abce727640075866196e606a88248342c84145496d0d43a4dcaf6ded3b20b2c92a106789b42a974639e6b31541440b9113725a2cbede959775a0196c98356d89f4a3046e9a2eb27daf3e413187d56f788aa165a9a5d75bb3f2c9914acfe7c74a5af749b8cbafaf036fe1563eb8998e3abfd1c5ee14e15f1b09a909d4add20f4d7903ec76635cd5d6871ef6c54f6ca15d9836bc6a68736cf0e4afd4f2ec58051c39c4dbfa4a1bd9e03757b60736aedacff3ea18afb14e96972f9fc59a8751e3b61866d9084f6e574e40547253b2d0311670c183ffe532ef3ae6f8903123be00f102672162a7d2c78de6aab3410242932813705751dabb5217cd3dee698dab37c912445ee9397505d25df63aa1dcbcc66235b7ec686151635d2eb69d274222282edfbea8e1d77bcb20e9ece636de1e92e5284a06181ac123f1f393edf1c0dd4bc1df1b956e6c159930b3b474742f3ebde22dc2481af3f90be8fb9bdadb2764c0b698cca5e5b890f82ad73d05c9f2836279042c800fe65c2af9a011b51deb80603542dd71b5277cdc0c0285bf7e192ead4a4faf384371bee9a60be56d1dea23650e8c6a0334d15c1c082063e5f65003a611b0d515900aeacf0e4bb9fb3bb68b2e8d3d19102fea2e48981cb9e0504533d0088b67d2ea0b9015ecd72753669f0d2e8798f4fd4788a62d820082ce48d5adee9bb34b6a54b34f2f84b3b6269ae343e5212dd900edc09cf6632abd2ee7a06c5c34a3adbdce441145399ee851", 0x1000}, {&(0x7f0000000340)="0ce1cc6cba3fe58631d031afbddd6e6fd9c7244a0a283458747ce5d6128e5d748c2a7a2db9ea7ee0e0162b04874060d9d7cc1070c8f54b78b86c3c351d1418847468b0a03888224b6025565b0663ffaba789f7dd1613f2fb34d4da442b40e9a54d8c896cb5343a7ea364df5326f662f61273a79c092f94bd1351ad1bf257b386b8a1ed531ed371233c99e44d16f5f25a9befaff114a90c2c100ed2b2aeb4de184d0008f98de03fb9ee3fefa2f7b4d545c5ed5f02072511494a5242258d8e235580490c77de3647e0669d0bceeca2d2416ac6be555e66baf5971132", 0xdb}, {&(0x7f0000000440)="a1dbca28608f46b5708d2f66db6abd5d49be13d80c4588b13b56342503f058b5398423749b7cb60d3c9b60868e103b042a1cf17da34f6c9f71d4c018c8c2e0e19b6f61dc2f45adb2fbfce55b26991715d1f19c9f9bd17e93a6d1f7ae541a6e14ec98a2ea116f59026b514b156276d7f9d0dfe6a91f9c089ad986a98edcf483498527d98647a0beee8ebd1c1dc1c07a095f7c8a75d78f84d0f65d7096f7cd45e6d4adb8f28e3d0b76452dedc706229021967068e563356e11cd7c", 0xba}, {&(0x7f0000000500)="bf283d5ab31034bc55d6cc390457e74bd87ba1384091522c8909743d6ab38e50a5c0e234357a07cbd0b82fa2ed564cd801a3a6bcd0", 0x35}, {&(0x7f0000000540)="44ba4ff53186728279ebd7c6384ff731c28a2fc2d6feb77517cbc6bd47ec7afd751f50a03f9b7b1fd7a573e8784b50f21c7572e084ef51dee3419ee8098daedc6d67c19d528838ade177db1159a48a71a197f5469e57c19b960ab68e8a0b14279a9961022a8199114c33fb59b612ca799bbe3f309c34226c82010f8149cc4597cf3d9e13b18ae9fdb4d1c2d4ddc1b216d9dbee200b56da3e99d1f1b85feffed152c9f346033901f4d44ed77deba604a3907a03b0d7749b9b7f0da5c0ab7ac962573256effd9929fc2336a8a50bd819859cbd915c2da262933c2227e8013c0811d368c9c86ed9312b7618654685cc1abee2bd43f2e0ce93e177", 0xf9}, {&(0x7f0000000640)="46a921a4d5004cecb63e0467ca59562c75718c2317172c7231ca6bc0986ede326228ffe8456b965cd2e4d06a24cca9df0b47f5748b555f0a8e7e8b1e178b7bb8ae66aa53fa4286bc2ad632766b7164f369539926baa3afa104ef94069a844a1c7c2063dfd00751eaddb089961051ab9159b26ba36d4f0aee32915d03cfa97cb96c8f1f10024dfa9565c23713c4373a93a4be67c24edc7a39733818fa39b8fcdec55a640282794dc2e1241e9c1e7a6d61193b1e437e04c4ef2b5e609a0ce920c91a8b42d5212420d4a885c8b60994fa3d62958c38bc599ea73a", 0xd9}], 0x8, &(0x7f0000000f00)=[@cred={0x20, 0x1, 0x2, r4, r5, r6}, @cred={0x20, 0x1, 0x2, r7, r8, r9}, @cred={0x20, 0x1, 0x2, r10, r11, r12}, @cred={0x20, 0x1, 0x2, r13, r14, r15}, @rights={0x20, 0x1, 0x1, [r1, r3, r1, r3]}], 0xa0, 0x8000}, 0x8001)

[ 1201.526280][T29595]  ? ksys_dup3+0x3e0/0x3e0
[ 1201.530726][T29595]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1201.536978][T29595]  ? fput_many+0x12c/0x1a0
[ 1201.541401][T29595]  ? fput+0x1b/0x20
[ 1201.545232][T29595]  ? security_file_ioctl+0x93/0xc0
[ 1201.550359][T29595]  ksys_ioctl+0xab/0xd0
[ 1201.554532][T29595]  __x64_sys_ioctl+0x73/0xb0
[ 1201.559139][T29595]  do_syscall_64+0x103/0x610
[ 1201.563748][T29595]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1201.569648][T29595] RIP: 0033:0x457e29
23:55:12 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{<r2=>0x0}]})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f0000000200)={r2, &(0x7f0000000100)=""/224})
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040), 0x74}, 0x0)

[ 1201.573551][T29595] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1201.593198][T29595] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1201.601618][T29595] RAX: ffffffffffffffda RBX: 00007f7c2f181c90 RCX: 0000000000457e29
[ 1201.609591][T29595] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1201.617571][T29595] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1201.625552][T29595] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1201.633530][T29595] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 0000000000000004
23:55:12 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x8000000000107, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:55:12 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x101000, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:12 executing program 4 (fault-call:1 fault-nth:2):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:12 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x0)
fstat(r0, &(0x7f0000000000))
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='attr/fscreate\x00')
ioctl$IMHOLD_L1(r1, 0x80044948, &(0x7f00000000c0)=0x6)

23:55:12 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x5451, &(0x7f00000000c0)=0x10000)

[ 1201.769744][T30323] FAULT_INJECTION: forcing a failure.
[ 1201.769744][T30323] name failslab, interval 1, probability 0, space 0, times 0
23:55:12 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000080)={r0})

[ 1201.856753][T30323] CPU: 1 PID: 30323 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1201.865924][T30323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1201.875992][T30323] Call Trace:
[ 1201.879301][T30323]  dump_stack+0x172/0x1f0
[ 1201.883652][T30323]  should_fail.cold+0xa/0x15
[ 1201.888268][T30323]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1201.894102][T30323]  ? ___might_sleep+0x163/0x280
[ 1201.899327][T30323]  __should_failslab+0x121/0x190
23:55:12 executing program 3:
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000540)={<r0=>0x0}, &(0x7f0000000580)=0xc)
get_robust_list(r0, &(0x7f00000006c0)=&(0x7f0000000680)={&(0x7f0000000600)={&(0x7f00000005c0)}, 0x0, &(0x7f0000000640)}, &(0x7f0000000700)=0x18)
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000080)='6\xca<\xa3n]\xc1\xc5')
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000500)={r2, &(0x7f0000000040)="ba813b635f983a237e817f7eb4bf8d"}, 0x10)
ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f00000000c0)={"1b44717d194c7a4c4391f8c5e1698e0c349f534a5a2004210c1780984e0dd1ddab10c3872606c8ad9b320064fb9c3319f244edf0ed0543c3eb6d578c7b3faf510e475421aaa75ca42dead7e6bea3d96a92a26be339db1cbb306940ce5318f5083dabaffa8c1d909621e992477c37f5f0b903ac8763db52497056f41d6a286e0ed7f30079e127179405d3827b4c7e1e85b32f5db2c2961880e64202bdf8623aa8c6a68ec35b926be5d64997a434872bb10c0a145e5effaa31bbfe50e5bc5bf5999c63dbff67343314c3726ac7efe586d45742e1384a5ddd08643a0b4caa51acdeed03fbe4fa4d984dcaa2e1e1fa280235a4f1256242061403a1880272ac3faf88131eac352a6aaf802fca404032b12249bd568a43c2cd735dc9b8f8db5c4c6277e7200f208ed1cea55efbd9511e7ae25cca69a01bd12823e6df9e821d896ed90e7dddf998f26f8bfadd4500083f0e5e72d0f8a0b45dc4e4c47d3eacd937e5fcdd81051765f9cd06a3e33a19057c13a30964fba1fc2ebc77fb8df62b64f10a7ce78acc7920ebb298cf2f316b9503e44460d87d88c3d81bd525983a8c5775f097c46da93ccb222a65bd9ca3e4b5c9d9bad6b95b3e8a29b17afc149b7d5d3d702640ad3efbe1061b3bd1d4b9e149627154455e90cdaf9b8fdea22b3b1cf3a44b17a683fe0b0a7fe0986075d6eea7fd56bd29c279d30bd253dc7dc1dd8340b9cbe49b06100a5b2710602f20390db3239f0cf2f4e6886bdd7f8e9369acadb059497c633992c54338c2e814a76fd99183f31dbaa2b5228dc0896d7fe658a7966c6a0656a05e250d77db35b641beccf372d6cdacfb0dd712de1e6f380fe39c1267407579b64276b901d711285676048d43c5f1307cd4507185fdef12bb64d367134df04f1a2782c803f669122e8d5b270124236f2b77bd67252e76833d86bde7d5b23652a82d9f326a35bf03106f214afa4e5a2967d88c75a63ee69626dd7137cdbfe2f8816956cba8ba489be6a7e3f9953261e04459c65fbc5964ab27c9d64b71d17f2b395f09aed6b323e475aeb76872c3d0cbd5e1b0cda098617fa27893e70a37fe83d0503c2f9d3e38b2c65881b8c8e47cf1a51b6e685ad1421c2d701eca0e1939a955cfe6f09f11935206d4749d95e01ed3a61bca0fa015ca4c4eb3bc83e22fd20abe9e9a1ddb59d73721c73aa2be6e9fab48c5c068148cdfd73f44317832225ee1cba743027c8e9f9e024f23cfc38a8933d0418638867535dae04e5261d9a53dd9518cf4df4253a34e0e94b5f2e2f5a9bab8bb4254f126dd49b1b1abe496da32a04c240fb0d6b02853c93e8efdf63325064b48e1fdf74ff93c42bc485830f72cdc2f7e3e8643ace2cad140e3ee4a71c946f3236584871fb5d592120cd4031119ebadbe7ab112542993dc935eda30b63258a9c122e1c9abd8bb1e01052c5909873e"})

23:55:12 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TIOCMBIS(r1, 0x5416, &(0x7f0000000000)=0xfffffffffffffffd)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

[ 1201.904274][T30323]  should_failslab+0x9/0x14
[ 1201.908789][T30323]  kmem_cache_alloc_trace+0x2d1/0x760
[ 1201.914176][T30323]  ? rcu_read_lock_sched_held+0x110/0x130
[ 1201.919915][T30323]  ? __kmalloc+0x5d5/0x740
[ 1201.924349][T30323]  vb2_vmalloc_alloc+0x8c/0x2a0
[ 1201.929206][T30323]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1201.934240][T30323]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1201.940043][T30323]  __vb2_queue_alloc+0x5a6/0xf40
[ 1201.944974][T30323]  vb2_core_create_bufs+0x2bc/0x790
[ 1201.950158][T30323]  ? vim2m_buf_prepare+0x280/0x280
[ 1201.955251][T30323]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1201.960345][T30323]  ? lock_acquire+0x16f/0x3f0
[ 1201.965003][T30323]  ? __video_do_ioctl+0x398/0xce0
[ 1201.970013][T30323]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1201.976254][T30323]  vb2_create_bufs+0x47e/0x7a0
[ 1201.981018][T30323]  ? vb2_request_queue+0x120/0x120
[ 1201.986126][T30323]  ? mark_held_locks+0xf0/0xf0
[ 1201.990909][T30323]  ? debug_smp_processor_id+0x3c/0x280
[ 1201.996386][T30323]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1202.001448][T30323]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1202.007019][T30323]  v4l_create_bufs+0xc0/0x180
[ 1202.012410][T30323]  __video_do_ioctl+0x7f1/0xce0
[ 1202.017288][T30323]  ? v4l_s_fmt+0xa40/0xa40
[ 1202.021713][T30323]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1202.027951][T30323]  ? _copy_from_user+0xdd/0x150
[ 1202.032803][T30323]  video_usercopy+0x4c5/0x10d0
[ 1202.037556][T30323]  ? mark_held_locks+0xd0/0xf0
[ 1202.042315][T30323]  ? v4l_s_fmt+0xa40/0xa40
[ 1202.046714][T30323]  ? v4l_enumstd+0x70/0x70
[ 1202.051111][T30323]  ? mark_held_locks+0xf0/0xf0
[ 1202.055858][T30323]  ? debug_smp_processor_id+0x3c/0x280
[ 1202.061301][T30323]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1202.066828][T30323]  ? __fget+0x35a/0x550
[ 1202.070968][T30323]  ? find_held_lock+0x35/0x130
[ 1202.075717][T30323]  ? video_usercopy+0x10d0/0x10d0
[ 1202.080722][T30323]  video_ioctl2+0x2d/0x35
[ 1202.085044][T30323]  v4l2_ioctl+0x156/0x1b0
[ 1202.089367][T30323]  ? video_devdata+0xa0/0xa0
[ 1202.093950][T30323]  do_vfs_ioctl+0xd6e/0x1390
[ 1202.098529][T30323]  ? kasan_check_read+0x11/0x20
[ 1202.103396][T30323]  ? ioctl_preallocate+0x210/0x210
[ 1202.108491][T30323]  ? __fget+0x381/0x550
[ 1202.112651][T30323]  ? ksys_dup3+0x3e0/0x3e0
[ 1202.117074][T30323]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1202.122542][T30323]  ? security_file_ioctl+0x93/0xc0
[ 1202.127650][T30323]  ksys_ioctl+0xab/0xd0
[ 1202.131807][T30323]  __x64_sys_ioctl+0x73/0xb0
[ 1202.136380][T30323]  do_syscall_64+0x103/0x610
[ 1202.140963][T30323]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1202.146846][T30323] RIP: 0033:0x457e29
[ 1202.150740][T30323] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1202.170323][T30323] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1202.178721][T30323] RAX: ffffffffffffffda RBX: 00007f7c2f181c90 RCX: 0000000000457e29
[ 1202.186712][T30323] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1202.194684][T30323] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
23:55:13 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x5452, &(0x7f00000000c0)=0x10000)

23:55:13 executing program 4 (fault-call:1 fault-nth:3):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:13 executing program 5:
r0 = socket$kcm(0x10, 0x8000009, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

[ 1202.202636][T30323] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1202.210597][T30323] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 0000000000000004
23:55:13 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x5460, &(0x7f00000000c0)=0x10000)

23:55:13 executing program 1:
syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x2, 0x0)

[ 1202.338766][T30644] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
23:55:13 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x2, 0x2)
ioctl$CAPI_MANUFACTURER_CMD(r1, 0xc0104320, &(0x7f00000001c0)={0x9, &(0x7f00000000c0)="3b4d10bfcace4ba8b8bd88db1375e4e6a7c14c0c8ab78b1c563cc1f2749951fe47cd01d3065a545a077b58159ab317de798d713fa4a61f5d65f60d7ccaaa93370a7ccfa4acaa6b5b9791005c9c0cb8ff4a6c0cb61b3a73483b3723c97ec916ccc7c024fb405bb0117c7e0b315855b82c0d8db9558a97ba7a5578d9b17dbc56b1807ebc314675e62f9c0deb619d9ca339cf07536662aad8d1d108e7ce3980cec83f564ac1af65fbf5072b8ef6ba7f40deb682f2acbb02726b7b37f094e0884a1f4a686d74b73fad404d4cdf3f37c78d7d1892966958425c04d8da37b3345921808c59604718efcbabc059441b0b10ddb51cda680a81b1d79458e82f"})
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

[ 1202.484182][T30644] CPU: 0 PID: 30644 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1202.493338][T30644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1202.503399][T30644] Call Trace:
[ 1202.506704][T30644]  dump_stack+0x172/0x1f0
[ 1202.511075][T30644]  warn_alloc.cold+0x88/0x184
[ 1202.515774][T30644]  ? zone_watermark_ok_safe+0x260/0x260
[ 1202.521342][T30644]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1202.526991][T30644]  ? find_held_lock+0x35/0x130
23:55:13 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x40049409, &(0x7f00000000c0)=0x10000)

23:55:13 executing program 5:
umount2(&(0x7f0000000080)='./file0\x00', 0x8)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:13 executing program 1:
r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x0, 0x0)
write$P9_RRENAME(r0, &(0x7f0000000040)={0x7, 0x15, 0x2}, 0x7)
syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x0)

[ 1202.531771][T30644]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1202.537434][T30644]  __vmalloc_node_range+0x48a/0x790
[ 1202.542662][T30644]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1202.547704][T30644]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1202.553256][T30644]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1202.558292][T30644]  vmalloc_user+0x6b/0x90
[ 1202.562632][T30644]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1202.567658][T30644]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1202.572497][T30644]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1202.577520][T30644]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1202.583348][T30644]  __vb2_queue_alloc+0x5a6/0xf40
[ 1202.588312][T30644]  vb2_core_create_bufs+0x2bc/0x790
[ 1202.593529][T30644]  ? vim2m_buf_prepare+0x280/0x280
[ 1202.598647][T30644]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1202.603797][T30644]  ? lock_acquire+0x16f/0x3f0
[ 1202.608484][T30644]  ? __video_do_ioctl+0x398/0xce0
[ 1202.613529][T30644]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1202.619801][T30644]  vb2_create_bufs+0x47e/0x7a0
[ 1202.624581][T30644]  ? vb2_request_queue+0x120/0x120
[ 1202.629706][T30644]  ? mark_held_locks+0xf0/0xf0
23:55:13 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x400c4301, &(0x7f00000000c0)=0x10000)

[ 1202.634474][T30644]  ? debug_smp_processor_id+0x3c/0x280
[ 1202.634499][T30644]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1202.644982][T30644]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1202.650539][T30644]  v4l_create_bufs+0xc0/0x180
[ 1202.650561][T30644]  __video_do_ioctl+0x7f1/0xce0
[ 1202.650587][T30644]  ? v4l_s_fmt+0xa40/0xa40
[ 1202.650612][T30644]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1202.650630][T30644]  ? _copy_from_user+0xdd/0x150
[ 1202.650650][T30644]  video_usercopy+0x4c5/0x10d0
[ 1202.650672][T30644]  ? calibrate_delay.cold+0x44e/0x4a7
[ 1202.685768][T30644]  ? v4l_s_fmt+0xa40/0xa40
[ 1202.690204][T30644]  ? v4l_enumstd+0x70/0x70
[ 1202.694631][T30644]  ? mark_held_locks+0xf0/0xf0
[ 1202.699398][T30644]  ? debug_smp_processor_id+0x3c/0x280
[ 1202.704875][T30644]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1202.710443][T30644]  ? __f_unlock_pos+0x19/0x20
[ 1202.715139][T30644]  ? __fget+0x35a/0x550
[ 1202.719309][T30644]  ? find_held_lock+0x35/0x130
[ 1202.724085][T30644]  ? video_usercopy+0x10d0/0x10d0
[ 1202.729118][T30644]  video_ioctl2+0x2d/0x35
[ 1202.733457][T30644]  v4l2_ioctl+0x156/0x1b0
[ 1202.737797][T30644]  ? video_devdata+0xa0/0xa0
[ 1202.742397][T30644]  do_vfs_ioctl+0xd6e/0x1390
[ 1202.746998][T30644]  ? kasan_check_read+0x11/0x20
[ 1202.751861][T30644]  ? ioctl_preallocate+0x210/0x210
[ 1202.756996][T30644]  ? __fget+0x381/0x550
[ 1202.761189][T30644]  ? ksys_dup3+0x3e0/0x3e0
[ 1202.765614][T30644]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1202.771868][T30644]  ? fput_many+0x12c/0x1a0
[ 1202.776291][T30644]  ? fput+0x1b/0x20
[ 1202.780085][T30644]  ? security_file_ioctl+0x93/0xc0
[ 1202.785203][T30644]  ksys_ioctl+0xab/0xd0
[ 1202.789371][T30644]  __x64_sys_ioctl+0x73/0xb0
[ 1202.793985][T30644]  do_syscall_64+0x103/0x610
[ 1202.798564][T30644]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1202.804435][T30644] RIP: 0033:0x457e29
[ 1202.808335][T30644] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
23:55:13 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

[ 1202.827931][T30644] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1202.836352][T30644] RAX: ffffffffffffffda RBX: 00007f7c2f181c90 RCX: 0000000000457e29
[ 1202.844307][T30644] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1202.852265][T30644] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1202.860218][T30644] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1202.868170][T30644] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 0000000000000004
[ 1202.878584][T30644] Mem-Info:
[ 1202.882109][T30644] active_anon:183430 inactive_anon:192 isolated_anon:0
[ 1202.882109][T30644]  active_file:13066 inactive_file:35818 isolated_file:0
[ 1202.882109][T30644]  unevictable:3 dirty:127 writeback:0 unstable:0
[ 1202.882109][T30644]  slab_reclaimable:18316 slab_unreclaimable:104067
[ 1202.882109][T30644]  mapped:58682 shmem:493 pagetables:4170 bounce:0
[ 1202.882109][T30644]  free:1036925 free_pcp:612 free_cma:0
[ 1202.921622][T30644] Node 0 active_anon:735780kB inactive_anon:768kB active_file:52124kB inactive_file:143272kB unevictable:12kB isolated(anon):0kB isolated(file):0kB mapped:234728kB dirty:508kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 684032kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1202.951480][T30644] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1202.978431][T30644] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1203.005759][T30644] lowmem_reserve[]: 0 2553 2555 2555
[ 1203.012718][T30644] Node 0 DMA32 free:350520kB min:36232kB low:45288kB high:54344kB active_anon:731584kB inactive_anon:768kB active_file:52124kB inactive_file:143272kB unevictable:12kB writepending:508kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:11456kB pagetables:16680kB bounce:0kB free_pcp:2448kB local_pcp:1312kB free_cma:0kB
[ 1203.044487][T30644] lowmem_reserve[]: 0 0 2 2
[ 1203.049362][T30644] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1203.076337][T30644] lowmem_reserve[]: 0 0 0 0
[ 1203.081224][T30644] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1203.110121][T30644] lowmem_reserve[]: 0 0 0 0
[ 1203.114819][T30644] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1203.129540][T30644] Node 0 DMA32: 233008*4kB (UME) 196741*8kB (UM) 68062*16kB (UME) 31058*32kB (UME) 15229*64kB (UME) 6526*128kB (UME) 2979*256kB (UM) 1467*512kB (UM) 983*1024kB (UM) 4367*2048kB (ME) 14*4096kB (M) = 17920072kB
[ 1203.151272][T30644] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1203.165953][T30644] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
23:55:14 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a2316e820a407f420041a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eb4b8ff94671773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae7d150f2176aaadefc27ff4bf4d2b06ded1326a3d1872d51a281d1d2dbe308d49d1c256198b1ab4c2e03d4c485517", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b, 0xf})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000000)={0x0, @aes128, 0x3, "36ecb8d8878f095a"})

23:55:14 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x4020940d, &(0x7f00000000c0)=0x10000)

[ 1203.186788][T30644] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1203.197792][T30644] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1203.207864][T30644] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1203.228779][T30644] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1203.244004][T30644] 49380 total pagecache pages
[ 1203.251194][T30644] 0 pages in swap cache
[ 1203.255498][T30644] Swap cache stats: add 0, delete 0, find 0/0
[ 1203.267414][T30644] Free swap  = 0kB
[ 1203.283365][T30644] Total swap = 0kB
[ 1203.287233][T30644] 1965979 pages RAM
[ 1203.292621][T30644] 0 pages HighMem/MovableOnly
[ 1203.297379][T30644] 339409 pages reserved
[ 1203.309766][T30644] 0 pages cma reserved
[ 1203.314356][T30644] FAULT_INJECTION: forcing a failure.
[ 1203.314356][T30644] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1203.328340][T30644] CPU: 1 PID: 30644 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1203.337465][T30644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1203.347532][T30644] Call Trace:
[ 1203.350839][T30644]  dump_stack+0x172/0x1f0
[ 1203.355180][T30644]  should_fail.cold+0xa/0x15
[ 1203.359783][T30644]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1203.365592][T30644]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1203.371150][T30644]  should_fail_alloc_page+0x50/0x60
[ 1203.376357][T30644]  __alloc_pages_nodemask+0x1a1/0x7e0
[ 1203.381735][T30644]  ? find_held_lock+0x35/0x130
[ 1203.386513][T30644]  ? __alloc_pages_slowpath+0x28f0/0x28f0
[ 1203.392256][T30644]  ? lock_downgrade+0x880/0x880
[ 1203.397101][T30644]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1203.403327][T30644]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1203.409572][T30644]  alloc_pages_current+0x107/0x210
[ 1203.414693][T30644]  __get_free_pages+0xc/0x40
[ 1203.419284][T30644]  __tlb_remove_page_size+0x2ee/0x510
[ 1203.424640][T30644]  unmap_page_range+0xedf/0x2330
[ 1203.429602][T30644]  ? vm_normal_page_pmd+0x400/0x400
[ 1203.434798][T30644]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1203.441086][T30644]  ? uprobe_munmap+0xad/0x2b0
[ 1203.445753][T30644]  unmap_single_vma+0x19d/0x300
[ 1203.450605][T30644]  unmap_vmas+0x115/0x250
[ 1203.454934][T30644]  ? zap_vma_ptes+0x110/0x110
[ 1203.459647][T30644]  ? get_kernel_page+0xb0/0xb0
[ 1203.464418][T30644]  ? kasan_check_write+0x14/0x20
[ 1203.469365][T30644]  exit_mmap+0x2c2/0x530
[ 1203.473615][T30644]  ? __ia32_sys_munmap+0x80/0x80
[ 1203.478557][T30644]  ? __sanitizer_cov_trace_const_cmp1+0x9/0x20
[ 1203.485591][T30644]  ? rcu_read_lock_sched_held+0x110/0x130
[ 1203.491310][T30644]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1203.497587][T30644]  ? __khugepaged_exit+0xcf/0x400
[ 1203.502630][T30644]  mmput+0x15f/0x4c0
[ 1203.506511][T30644]  do_exit+0x816/0x2fa0
[ 1203.510661][T30644]  ? find_held_lock+0x35/0x130
[ 1203.515482][T30644]  ? get_signal+0x331/0x1d50
[ 1203.520064][T30644]  ? mm_update_next_owner+0x640/0x640
[ 1203.525420][T30644]  ? kasan_check_write+0x14/0x20
[ 1203.530359][T30644]  ? _raw_spin_unlock_irq+0x28/0x90
[ 1203.535549][T30644]  ? get_signal+0x331/0x1d50
[ 1203.540118][T30644]  ? _raw_spin_unlock_irq+0x28/0x90
[ 1203.545318][T30644]  do_group_exit+0x135/0x370
[ 1203.549929][T30644]  get_signal+0x399/0x1d50
[ 1203.554346][T30644]  ? video_devdata+0xa0/0xa0
[ 1203.558929][T30644]  ? do_vfs_ioctl+0x120/0x1390
[ 1203.563731][T30644]  do_signal+0x87/0x1940
[ 1203.567965][T30644]  ? ioctl_preallocate+0x210/0x210
[ 1203.573076][T30644]  ? __fget+0x381/0x550
[ 1203.577242][T30644]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1203.583463][T30644]  ? setup_sigcontext+0x7d0/0x7d0
[ 1203.588482][T30644]  ? kick_process+0xef/0x180
[ 1203.593084][T30644]  ? exit_to_usermode_loop+0x43/0x2c0
[ 1203.598456][T30644]  ? do_syscall_64+0x52d/0x610
[ 1203.603201][T30644]  ? exit_to_usermode_loop+0x43/0x2c0
[ 1203.608569][T30644]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1203.613858][T30644]  ? trace_hardirqs_on+0x67/0x230
[ 1203.618888][T30644]  exit_to_usermode_loop+0x244/0x2c0
[ 1203.624169][T30644]  do_syscall_64+0x52d/0x610
[ 1203.628759][T30644]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1203.634639][T30644] RIP: 0033:0x457e29
[ 1203.638516][T30644] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1203.658097][T30644] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1203.666486][T30644] RAX: fffffffffffffff4 RBX: 00007f7c2f181c90 RCX: 0000000000457e29
[ 1203.674451][T30644] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:55:14 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:14 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x80, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r1=>0x0})
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000180)={0x1, 0x1f}, 0x2)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000100)={@rand_addr="d58c27392edd865b355f08f06254ec60", @local, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x3f, 0x400, 0x7, 0x400, 0xfffffffffffff000, 0x100008, r1})
r2 = socket$kcm(0x10, 0x0, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:14 executing program 1:
r0 = open(&(0x7f0000000000)='./file0\x00', 0x800, 0x4)
getsockopt$X25_QBITINCL(r0, 0x106, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r1 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x6, 0x0)
fsetxattr$security_ima(r1, &(0x7f0000000100)='security.ima\x00', &(0x7f0000000140)=@ng={0x4, 0x9, "ccd2a169a1f944e6fded568fc4"}, 0xf, 0x3)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000180)={0x20, 0x80, 0xffff, 0x5, 0x3})

23:55:14 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x2, 0x80005, 0x1, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:14 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x80024321, &(0x7f00000000c0)=0x10000)

23:55:14 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x14000, 0x0)

[ 1203.682416][T30644] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1203.690382][T30644] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1203.698439][T30644] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 0000000000000004
23:55:14 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x80024322, &(0x7f00000000c0)=0x10000)

[ 1203.773173][T31301] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
23:55:14 executing program 1:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000001c0)="463afcabbbd182d8d5f1928497021b4447f4b6d7f0cdaef9bd827d17f3aa06ee67e2792925e95224a7aa77560c74ed1fd70cec08300f51492e0ee85bd6761a48fef5c730cbb2afc5cf9968d4a1d3f2db5bb646e34d94ab02ab46ff25e9bcd1f29c2e37a0e52bfbda9e6f34e763cddc32d04b2cde7d172f9efe2d0deb1af16cd0e2f8d0c6bd108da7eaa522ac255d0fba81228a6b87902ceb388052baf3c32516281da879b7b02e6411a1556017231e2856d545c884c828746e23459a15928cabe28f22d10aa294c82f577421dd3d78e00b10fcff2ea77b7bec72c5412ca9786e7d7d")
syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x0)
r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x40200, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x10f, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f0000000180)={0x7, 0xfffffffffffffe66, 0xfa00, {r2, 0x2}}, 0x10)

[ 1203.867422][T31301] CPU: 1 PID: 31301 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1203.876588][T31301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1203.886666][T31301] Call Trace:
[ 1203.889970][T31301]  dump_stack+0x172/0x1f0
[ 1203.894320][T31301]  warn_alloc.cold+0x88/0x184
[ 1203.899009][T31301]  ? zone_watermark_ok_safe+0x260/0x260
[ 1203.904559][T31301]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1203.910198][T31301]  ? find_held_lock+0x35/0x130
[ 1203.914975][T31301]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1203.920635][T31301]  __vmalloc_node_range+0x48a/0x790
[ 1203.925855][T31301]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1203.930923][T31301]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1203.936487][T31301]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1203.941531][T31301]  vmalloc_user+0x6b/0x90
[ 1203.945880][T31301]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1203.950932][T31301]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1203.955784][T31301]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1203.960821][T31301]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1203.966637][T31301]  __vb2_queue_alloc+0x5a6/0xf40
[ 1203.971603][T31301]  vb2_core_create_bufs+0x2bc/0x790
[ 1203.976817][T31301]  ? vim2m_buf_prepare+0x280/0x280
[ 1203.981944][T31301]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1203.987065][T31301]  ? lock_acquire+0x16f/0x3f0
[ 1203.991744][T31301]  ? __video_do_ioctl+0x398/0xce0
[ 1203.996787][T31301]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1204.003042][T31301]  vb2_create_bufs+0x47e/0x7a0
[ 1204.007818][T31301]  ? vb2_request_queue+0x120/0x120
[ 1204.012949][T31301]  ? mark_held_locks+0xf0/0xf0
[ 1204.017725][T31301]  ? debug_smp_processor_id+0x3c/0x280
[ 1204.023203][T31301]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1204.028244][T31301]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1204.033794][T31301]  v4l_create_bufs+0xc0/0x180
[ 1204.033814][T31301]  __video_do_ioctl+0x7f1/0xce0
[ 1204.033838][T31301]  ? v4l_s_fmt+0xa40/0xa40
[ 1204.043365][T31301]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1204.043385][T31301]  ? _copy_from_user+0xdd/0x150
[ 1204.043405][T31301]  video_usercopy+0x4c5/0x10d0
[ 1204.063649][T31301]  ? v4l_s_fmt+0xa40/0xa40
[ 1204.068081][T31301]  ? v4l_enumstd+0x70/0x70
[ 1204.072511][T31301]  ? mark_held_locks+0xf0/0xf0
[ 1204.077284][T31301]  ? debug_smp_processor_id+0x3c/0x280
[ 1204.082759][T31301]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1204.088320][T31301]  ? __fget+0x35a/0x550
[ 1204.092490][T31301]  ? find_held_lock+0x35/0x130
[ 1204.097276][T31301]  ? video_usercopy+0x10d0/0x10d0
[ 1204.102308][T31301]  video_ioctl2+0x2d/0x35
[ 1204.106645][T31301]  v4l2_ioctl+0x156/0x1b0
[ 1204.110981][T31301]  ? video_devdata+0xa0/0xa0
23:55:15 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x80044323, &(0x7f00000000c0)=0x10000)

23:55:15 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x5, 0x5, &(0x7f0000000280)=[{&(0x7f00000001c0)="fac18baf7f82a16065b7ef50506c34c6633fe3caec34e20818e19fceac264fa5cc0657bb08d75447dae3fdc6d325f04323188bfb542f2d738cba2e35a4385c31a430d7bdc002c4db45ab33cecb74e14b9e2a015ea4f3208831f0b6f101b1fd5738e739485e07c32cd2c629b674858d2c24e3b832237d2c9a6c11ee74e75c43ec818dd17a50f631441bd9f1501b8c7082577bf3a497779b23b7c60e2f5f98c33f", 0xa0, 0x1}, {&(0x7f00000003c0)="4eb5284647db8f34408a9f97112aa22d5140017285a6ccbc2ae20065f6278cd239ba52e71f9731988402e9783045a22e501f61c05365f69abdeaf6492be3a1747aee2ab9b287d883186f521a5d2762fac87e6eb4c5085931aeb2f9cce6fcf210e62a823d3beb9250e539a359a21b1138f17185b75f8e8735befcb0c74c2195b4b3162d6c8f076fe1b6e72126ef", 0x8d, 0x80}, {&(0x7f0000000100)="2a1b71a1", 0x4, 0x8}, {&(0x7f0000000480)="2ed935d7e64aa8152feb81b1e1672196dec5f4df7cfe7c6c052cbcc4a06d0ea8a578e29c529f635a70c68ca1fe59562f6123176b6926c8760e9f129d227bd7e56fceb8828752b3aa1922edc166cc032144eefd273cd464f71160d56103428878b5efc0f3af174ccb9762e525920eb60a63c549bcf2897ef6bf7f5ee43c3080fe84aa3e8af77ce6e547002e2426b4d5b510f724a975b1bcb338c4cab57d8df8466bc3a4e4df879108382109fb627f9f42da2969c597c402f869c23a35a5f12002a035df86ad03088ce05c564f", 0xcc, 0x3}, {&(0x7f0000000640)="b0468f710b5a8965820adc01dc8f07dc18c0d5198b9cb725ef1dee0487cf341f3f4d07e05eacb59a142be45441acfc36f8c9337fb4823cdb3bdd39f2a394dd9e2fcac5eba3d7ba9a013382c7874ece16444bb0c5e0abe8f6a9f98275278945468ec2a1453060c781957953a130125ee9eb90596aeb8f9a9b66cd50ef64a09e035cbbe48458daf1dfadc32ba748cc78bdc99b1e1f022212bf7a5424cab9696ce0c2a5ac6e85b2d1aa442d553b88d18d7cbd427fb6a2da78b1816268caed0f721f25e73b686772197b7e1b57f9f08e01474036e633142f2c69612d18b0af0c79f3047ca3c7366673c0fcb6f0cd556a21714554cc048d9700d365d8d243600313bb85526a2eeb8d46527ddb2b0fea5d136f0de1de1473f5d2baaa25392c213e4f5b420f5b920482e6e208909168f3b188e6a618d01f50b0c613c27625acd2af61c23e51fbe232ad4e22d72eee201c25d1188ac11bab2446315db6126c74390c052da5cb816fc1917235173fae368c55f6d44dfda4572d5286b71db5fc4256a0a1a2ee15acca0b8c1fafb6509b1c1d3ed676eaa763f9b3435ca2c015e5c2860ec15739c8188a242fdfd760e763cc70314b0932620906df4b3f72a89d83849cabe9f9e5e30bf5c442ed16d4fd3a4e3abbc7f4a6789be5828a60dae14a1e793ede8c2883149ade4575048d6ca4b591669ecd6da21cc96e5e984b98520b6cfb311ab3de64ced3c3c40cf5e5109559d0c70b429db301394f75ebbb6b7931b0e01fe181bde4bf9e924c38bf8838371e7f97e4e2333bc9a064cb258ce2458830d4431d1b4d7e6b1bc88812ebfcb8b397274d088fe76f425987c38f039e7bae5ef84c6c9c825f1a332705aeacb3689214480341e91dee7ae50d0c78b6615306443505c074362155de0203e2ed9ae302093eee53d7996b2294604d47675b8cef433fb0fadd0541af9207d16ede5dd543dd6c10542505a3ea8df8350d2689d1e35d8a56b678d9cbd4a73a66a7cdd4ebfb3eb397fb95d48a3f4ef6855edd54e324ec9eeed9bf24b08afcf3bf74690e9e0df26745b69b55c4a1339d0057347fe2916f6efad37f90124e8b4e202f428fc6a846f5cdbf967121e384769d3dbe7748796047e03a2b6885ee6aa0c28e663a86d02ba06f2128c1f3caf2b2c178a220b551e8cd8c11d7e7b0de90d7ca3ee688983655853e658e60a24a70a95f89e650d58af7f72b60c3153ada70441509e1807aa7be485560dbaa633d2ea71cd76857d9a1be3587529d2b2c4a0de990f35bbff2e46f37e78ea71a4ef2742eb3caf5af1108afdcee4f1615ea6604c70e9c6a3f897a0f6065821368c65c5bb64d02cb947042b717781582cad1255a4e89a8423ec87f19e9df4d8ac5d76f2bd58ced5feb8ae83e9554399d84e936095983a40d93a57f4009dcc44faacb1384b0371c162a2483d07875060ed51ddc2c57cde02f9467465ee0a045dcb2f21b546a9a5fa2eb2d492de3a1b6b87c552cd948b88b53927482c79b02a82fd2e020d3ed2a23684885a549697ffc49acd58ea83727c6060fc56be24f6c5a7f7903794def6f15d739940431879ff243f22e760d35b5556ef6e52e5bbf036efe76177329e530d1755bb22b88de29d61ec06902d07be0db5fa08ef721561a6985d8f4cdaed80f1cd5a14722b8b35402dc25866abbfd419ec6ad63a830fde47e37865844eec756123ae6ede7735ccc01047282f9836064fab63326848bba5861337044b73266c7400a96440cb41eaa5483ac1ab6722fb77a8742ee93272de92bd209a77e9757a0eb009a83e8bef004b9c9905a5d1b561e157aec6d02efe0cc9b0cb2bfabd46265f3690077c4d1b596181fa8869a55bb1168348ee76bfcc4df368b43bba3235ea795df36b66121b674c2cddf5ddd13936194310655770c8f201a510d4e092ba98f5c46e9a034dadc22ecea91c88ec86d1eb2a59de1dbf9fe46366365d6b2ecab7274ccb66f46753bf92ed684648213ec74960bfb2cdeccf8ff5298128a5bb592f482fc15f177c5ad68f15036b785a47916f5a56dd79da7f718e3627e70f6131a8727ef9b385ba05c5ea7947160c88904d13892b58dab30c9bca8ab68b0b1a19f37cd518fd5e5ba120df58d60ba51a0c25922fffc7ab4449cac516fd19e8fe425f9ad29994b9d70167dff41bd6fac46a5f30b2a891592482373182190ecb5146958e9a9ea2e251968f64f65ded719f95e0aa831328091aeb10221def617b16fe2a87153be77250151fe7dbb7579c5fca603b52884b6f66bfe7ac36c98f3e28d4bb078bf568a25f082962fef6fe97a61f88abff1ad30fe157a22ff9eddad1df863cdc19ed2e60ebe9ab5ffb2b891affba436c506413936e178e42801b7a438703e0fddde90a076474bf448fe6ea03393dd58fa92c181d4c63208e76b54b00475148fee2f3972082447e95cd691f47e2bc970f51dd5ca931aa3ca5d1eace489aeb9d5469345e01689599fdb68146a812c817a976de086f63cd47b92cd822e692aafdf2fc3471e3367989f8877f53c598d26c3bf5b8d427c9a5495b48599025e739cb72df1187188ef1524778ba48a6f1579630e1dd06fb9df71ca2abfaa950980c19e143e763f35af580585cdf9ac89e1275c30b341529e52ea7cd08662f4111c9d910350ab6d74e770b84454c6f60e38ab602a642c587906bd1da3e1af1abedcc6ecf3bf697101b4ab9341a7247703d80acb024f853ee3d39ed140436e5bb40ea33916fcbda25aed553ab1085e94b7ccd1d340e43408ad05686646564d77ccdd22399ee432f65bb0e91ef27934e2797294c7348b10146b076b7e4dc1ad44e02a9d3d3cac8c1b3fcf14d2a1e1822ef876224fe142bf23ac0e88ac38edf3701f13200476ad5f584ca3a4c6ccc98507d3e241a5849c9ae4c62a807c0207e8ec4f74144db25b93e8e2d8f9fc2925e6628b6345d44ae37fc3a151acbdcfe03c552b0f4d46b59ef2b52accec66578a7afc36ccdae39e11b82a83d15caa75576c8891afdad486cafedfc2b5cfe9be8ef60e3ab60fa8bc8d653eb6985b88dad5417b0a7790950a15935271e2fc0c8381b8c9141de76e1d2640fa20b2b6cd7138bfd6e7e5817b1fc0c6ab3f35d11b8db5bd33585b1158629bb2b40d586819a74afb4021037c4992976e5af82f9c9756b53fc8d8c567e22b4b14310bd6d3e8bdcf2651dbdc3f556507721fd306bd6b3106535c3f856063437de6c3fcb8b33dd35885bb9e3785002e72e3356bf702d1aba68d2603fc6c1b96382e331e7eab8b322079897de7712fd4be0ea3090d14dd5293fc661718e40a6a8725270286a3561ad50a701144388c678fc3954dfbf18725e44abd82ad89e4b49524e9f1fe477f34d9b8e426e6ab09a7e52fec921b70e5216a93c616b8729a30130c7a7a174a846f58905482d66e3d9ad4feee2ecbbcd3147e5fb19183da9fb3da854d32e3ac26cb2d17c249d5bcfbac936575aa78b83b9a6ae549b70e42b22f601365fe29b2a2a1efa9ce4ff6ec15a90e09279b7d10ac6e6d400978cd63a7aebfefe860b54d3f7905d0fea49fb15ba294bd16e5b769158fe247292ae6a842a4eb4556f371d8fdaf9f62086be2bf7760011f40b052f3644531ec3d88700ac6e4637b903bd35e4827f81e5a0326360affc82e89e4089c9e046603f2fb11aea6bbe5d27aab758b619f00d7dd90b55521b7f7a365f6165844379c0402e634931ace26b370a3d6a72a7418546ad1a2b1009113ee708d96c41449b9e18bc7678b30a542caf616129872ed0a57e23a2a0525f5c4fbee53731373aa56bb1bb7c8aab82019989f40da898cb351d48bc0deca8f3da68faf191f4a04b146294d8e24b95a0d65bde84607232d9207f377f892e3c87c2d3fd51ace13703197fee3855f9ea8a20e4dbfbff706ea82afe94b8009636dbc411161ca5dc2d0c131cfe51c8c0dcf81e28fdec99b85da4e4fb82e0fab61c7026a96848cc58d65b36cd2ba637d3b211213b52d99186c9aae40720e4005b99c5d52bd73c0d76bb4fe67c0f71f6b08615614fa3a5fb8f05a6e2bb7decf3b6614ad2e05a68168e1bd68f25c1762f119999e9dbb9f1ea9532b9dbd58a23a6b34c28db15c1e68a5a753d1023f58673dbd4738bf470cef3822f735c2435e73389660eeb4e6d4042aefeb06e9706ffa1f3570ad1bebfe74f6c92d49b4c6cc5ff0541248e4aee59a3161af71fe0f563849c27e25628f81ad619e7ede692a50333a2d60403d514f04b7ec449825cd092f6a2d13dc88a8b9ed645283c9c1ec81baf39c397da0fc7b8b7cca1a69e2607acf5ba91647418f434477848efdd8f419bad888ba62e657395682d720453398703d525e912816cf95ad3e672f555d3a21b04f92e4301b3a51aaaac5da08ef49eadba4ac685c4c3a1e290e17e4b9ce666596d1c6aaf6142ae0f2c8cd803cb555e2c4777d0bfff285f8185966905ccafac8fa21687a9abede6cf2110e995d89fae01244311826084297f2c6eecf4bef5c437e9e47bd1066492c158bd7265d38b53e6f22df5245c12f9149908c8febddc701255040ec685081e115cc3b01ca4db7ac01f30b2239fb5451bc425cd6c8c569e0f8ea49549213d31c177275e838c0f5f1b7be6ad2a20b3368629c29da4ef0080834359022d7d777fc2d00d8fcd984dda44964abbd5215403c5514097e6c3d6d205999ebe7bcd7f0a8628e7b36d42725823d7333952020cf9d4079b06a2738ab9003201bdabf68ecea63c1ae99c75440bf804ff835f37ddbfa48b1944789f13acaf43e1168a96dae057cebded81689b382f2a4a0478c85f2f47c77a31bcff5e4658d263f8075967611bda5bf19fc2e855d4536437b8d4feb77855eabbdd9cf973be5cce18f6be47c036e5e7aec360ce67cae87ff9ed10aa1a9e406e5455214178479d6368d804a67b1fa2a4df48148f52af23eeadf8a23f09f8b69f8d8bf22f0f11835b698d4951abcf764952dd8071ed11db6318114da20c2553969abaa7b1f682a4e1f588789df3793528730c4bf5f032769a53d3ec2d6ebf3f72d21b1a0513d959d76f3a100fbdb6eb6c37a7c7b93a66a1b18104a4c599e09010d5a9fff7758bc6ad474d27170d3542dbe4990f441dafb3034f7636722d94eb644775ab3d5fab21d8875d5f0f8667612cbfe2ae96c09259e5559aa38b1f27c0179dcb00aa26e5a7a5e032ee3bf49765397e84f676521b7ecb76896452c244f25d41476375036add71b7397c8a096214a38b3ad23ba73df92343ddca603a511864233bb9d727c4e7432f6b2fcea9372b28721fba7f6dbfcf7e1367f0643800b61bba9bf7c10ef4b5bb8859e6890e2b09a025662ba0302364a4edca1162c0c82e533e11c354b9c6f657341e85d06364e2d60c7e360b98f8b0aa0651ab71b29c71fe1730d8bc0845468560d8ebfa4ebb82ef8f76e694d5230a1c0afeef552b71dca8c8b3fe65b8c90b470aa241d6870117fe9451a95f12f17273d777f05d9d3707e080d3998fd760f8b530bcfda634fd926b31efc37581f5f5edadb8a162d4d7b8091373b970ac5a3108511309be11380f8374e04d58ddfe28e0f7e24fe81ffc326bdbf21faf86942d3c777d0823090e5febe9c68b7f7d186a50c0ef072c2e947b692c2a5e7edafb2f1fadeab8aab7f91ef5e59bd6f1f6420eebcbf7ba5f0660b15cd5717df0c84023c7757cdf6170126ca7ab7d744d955258fd746d58ae015415b58dc26faf5e9cf17d9b9c01d199b6bfcd26aed02b1f9246f04444c8a06ea3c3472b2dcfbe43365c29721b082681554151462bb03b5", 0x1000, 0x2}], 0x2, &(0x7f0000001640)={[{@quiet='quiet'}], [{@func={'func', 0x3d, 'POLICY_CHECK'}}, {@fowner_gt={'fowner>', r2}}, {@obj_role={'obj_role'}}, {@hash='hash'}]})
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

[ 1204.115602][T31301]  do_vfs_ioctl+0xd6e/0x1390
[ 1204.120204][T31301]  ? kasan_check_read+0x11/0x20
[ 1204.125065][T31301]  ? ioctl_preallocate+0x210/0x210
[ 1204.130188][T31301]  ? __fget+0x381/0x550
[ 1204.134365][T31301]  ? ksys_dup3+0x3e0/0x3e0
[ 1204.138799][T31301]  ? nsecs_to_jiffies+0x30/0x30
[ 1204.143668][T31301]  ? security_file_ioctl+0x93/0xc0
[ 1204.148797][T31301]  ksys_ioctl+0xab/0xd0
[ 1204.152957][T31301]  __x64_sys_ioctl+0x73/0xb0
[ 1204.157547][T31301]  do_syscall_64+0x103/0x610
[ 1204.162160][T31301]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1204.168060][T31301] RIP: 0033:0x457e29
[ 1204.171957][T31301] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1204.191570][T31301] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1204.199992][T31301] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1204.208498][T31301] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:55:15 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x80044324, &(0x7f00000000c0)=0x10000)

23:55:15 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x100000001, &(0x7f0000000000))

[ 1204.216481][T31301] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1204.224469][T31301] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1204.232450][T31301] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1204.246405][T31301] Mem-Info:
[ 1204.250015][T31301] active_anon:183456 inactive_anon:194 isolated_anon:0
[ 1204.250015][T31301]  active_file:13066 inactive_file:35839 isolated_file:0
[ 1204.250015][T31301]  unevictable:3 dirty:148 writeback:0 unstable:0
[ 1204.250015][T31301]  slab_reclaimable:18296 slab_unreclaimable:104224
[ 1204.250015][T31301]  mapped:58686 shmem:493 pagetables:4230 bounce:0
[ 1204.250015][T31301]  free:1036761 free_pcp:535 free_cma:0
[ 1204.290114][T31301] Node 0 active_anon:733824kB inactive_anon:776kB active_file:52124kB inactive_file:143356kB unevictable:12kB isolated(anon):0kB isolated(file):0kB mapped:234744kB dirty:592kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 677888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1204.386816][T31301] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1204.418360][T31301] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1204.452430][T31301] lowmem_reserve[]: 0 2553 2555 2555
[ 1204.458413][T31301] Node 0 DMA32 free:352428kB min:36232kB low:45288kB high:54344kB active_anon:729420kB inactive_anon:768kB active_file:52124kB inactive_file:143396kB unevictable:12kB writepending:628kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:11360kB pagetables:16588kB bounce:0kB free_pcp:2748kB local_pcp:1404kB free_cma:0kB
[ 1204.489479][T31301] lowmem_reserve[]: 0 0 2 2
[ 1204.494007][T31301] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1204.520590][T31301] lowmem_reserve[]: 0 0 0 0
[ 1204.525112][T31301] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1204.553493][T31301] lowmem_reserve[]: 0 0 0 0
[ 1204.558054][T31301] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1204.572464][T31301] Node 0 DMA32: 233033*4kB (UME) 196718*8kB (UME) 68055*16kB (UME) 31059*32kB (UME) 15230*64kB (UME) 6525*128kB (UM) 2980*256kB (UME) 1467*512kB (UM) 983*1024kB (UM) 4371*2048kB (ME) 14*4096kB (M) = 17928292kB
[ 1204.592922][T31301] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1204.607707][T31301] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1204.626564][T31301] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1204.636175][T31301] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1204.645503][T31301] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1204.655132][T31301] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1204.664478][T31301] 49410 total pagecache pages
[ 1204.669243][T31301] 0 pages in swap cache
[ 1204.673399][T31301] Swap cache stats: add 0, delete 0, find 0/0
[ 1204.679494][T31301] Free swap  = 0kB
[ 1204.683220][T31301] Total swap = 0kB
23:55:15 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x2, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:15 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x80)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae00000000000094c039fe1c7d3680c4005f3d6c25f8aecccd989b24dfb5c991cea5c65646064765be4d74eebdd6517bdc85f19c043efa0eb3cf3e74e1bb21cf5e893aea158d52d74d7b2e4949b602e1f094d2d62d826f4db463d5f39976ca2adef25b7e462a7619503d", @ANYRES16], 0x9c)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x280100, 0x0)
ioctl$LOOP_GET_STATUS(r2, 0x4c03, &(0x7f00000002c0))
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:55:15 executing program 1:
syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x200, 0x17)
ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000080)={0x18, 0x0, {0x4, @remote, 'bond_slave_0\x00'}})
openat(r0, &(0x7f00000000c0)='./file0\x00', 0x200001, 0x1)
r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x1, 0x101081)
ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0)

23:55:15 executing program 5:
socket$kcm(0x10, 0x5, 0x10)

23:55:15 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
r0 = dup3(0xffffffffffffff9c, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000)=0x7, 0x4)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x8)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f00000000c0)={{0x4}, {0xadd, 0x6}, 0x0, 0x1, 0x9afe})

23:55:15 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x80044325, &(0x7f00000000c0)=0x10000)

[ 1204.686969][T31301] 1965979 pages RAM
[ 1204.690858][T31301] 0 pages HighMem/MovableOnly
[ 1204.695555][T31301] 339409 pages reserved
[ 1204.699763][T31301] 0 pages cma reserved
23:55:15 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x80044326, &(0x7f00000000c0)=0x10000)

23:55:15 executing program 5:
r0 = socket$kcm(0x10, 0x8000000002, 0x10)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x1, 0x0)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000680)='IPVS\x00')
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000100)={<r3=>0x0, 0x48, &(0x7f0000000440)=[@in6={0xa, 0x4e24, 0x76d2, @ipv4={[], [], @loopback}, 0x8}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e24, 0x0, @remote, 0x3}]}, &(0x7f0000000500)=0x10)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000540)={r3, 0x3, 0x40, 0x1, 0x5, 0xffff}, 0x14)
sendmsg$IPVS_CMD_NEW_DEST(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="78040000", @ANYRES16=r2, @ANYBLOB="000025bd7000fcdbdf2505000000200001000c00070020000000240000000800090024000000080002000c0000004400010008000b00736970000800050000000000080009001300000008000100000000000800080004000000080006006f76660008000800010000000800080008000000"], 0x78}, 0x1, 0x0, 0x0, 0x4800}, 0x4810)
sendmsg$IPVS_CMD_GET_INFO(r1, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000280)={0x120, r2, 0x10, 0x70bd26, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2f40}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xa7}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x60, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x44}, @IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@local}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'nq\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@empty}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x71}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1419}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x1000}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e24}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x4}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@rand_addr="95b46acaba2df9651e70ddfe3e2bab97"}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x101}]}, @IPVS_CMD_ATTR_SERVICE={0x44, 0x1, [@IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'lc\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0xf7}]}]}, 0xaa}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:15 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000000400)='/dev/loop#\x00', 0x5, 0x4)
setxattr$trusted_overlay_opaque(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.opaque\x00', &(0x7f0000000080)='y\x00', 0x2, 0x1)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000380)='/dev/dlm-monitor\x00', 0x100, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000200)={0x8, 0x0, 0x7, 0xb0c2a07, 0x11, 0x8, 0x9, 0x2, 0x9, 0x5})
dup3(r0, r1, 0x80000)
socket$inet(0x2, 0x888b00e33e5a71b4, 0x2cc)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0xb56e500d47f9cb7a, 0x0)
sendmmsg(r1, &(0x7f0000005800)=[{{&(0x7f00000004c0)=@un=@file={0x1, './file0\x00'}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000100)="9c471197d6f3c0bca4bca7a85e61e13e9e42b02d0af5d536de07ccfa552b15a99c111544fb10b5605fd01770", 0x2c}], 0x1, &(0x7f0000000540)=[{0x68, 0x117, 0x0, "abc417b20fcf7d13a5c1e0e9f836728e2d6e84005c340536bb77bcf38e9d7d8262dee9db06e295958d0bf6360bc88cb1ca5484616c170ff1ccbcbd92c25cec335c295e4e817b77ddb6c4ef5aff024ac33762f2b6e4b08d"}, {0x78, 0x113, 0xa58c, "7cdf6ed31e3d0af6c61d6d723e4c9fca767fefda4da3ca97ea6fd8f445316b98ebbe39368f7f15cd890dbc037fd4891226af30f6b35106172605dd5f15df1d8beea156318e86ef0066e22142ab5ea71492004d2cbae441c0b6c457b52ef0872a06a8472e4112d7"}], 0xe0}, 0x2}, {{&(0x7f0000000640)=@ethernet={0x306, @dev={[], 0x1c}}, 0x80, &(0x7f0000000840)=[{&(0x7f00000006c0)="c1a1ffa146d2f1ae9076c041a443372de49c1a1702b21695bdefea8f79ffaa58424529e57e9d33355a447012b5c43b8d442d83694ec67c8cabbf14fe6b241c1f13016b7345158fd76d0f35a101c8891145697e82c11635144f3df1bce3106dbadd6e1e8a331b", 0x66}, {&(0x7f00000003c0)}, {&(0x7f0000000740)="cdf70890cd67144da3ae5056ea9560f28a283180d1754958f880476b5e4a3af1efd6c3b2c4901abfd79124bc5a5a3f483ff08a52c8c6f64b81bb46fe2d48863acfcb8a72a1a42e631056f36c36be234dec932471703025d7a1d8c28889a395c7ecd5e0810d4ffa520fdbd49ef05b38e6adc7718aaa4199cb34b0a3334972d739cd7a8d0cd6b4b30519ca1d5b1a8da2b1d691ae5ab2c37b216c24119be78ad745b4091822fdb0d530e6e507bdef39d74285037516878b6786314e7321049ec63d91b889d7bdbb22ba079875f1e26f159d3b43", 0xd2}], 0x3, &(0x7f0000000880)=[{0x28, 0x10a, 0xeb00000000000000, "cc7b80f43f0ab5f64299cd424514a9cdc2de"}, {0x98, 0x11d, 0x400, "80caf8df59edda38e1eca4248697e4a9185f4a7aba0e8497498d5c248d600f288db5d6ab05d0b573d509dbcd9cd0d8b2c9945926a8cbcec82f85e60c0a9cc451f76ad8b7c3073e4e085a1a7be3632d190cee1982e52700b1f36f81815bafde4a0922fe910f9f293badeb073121b0a83d5c607b2219901ad29bbc5ecd76324c92e7"}], 0xc0}}, {{&(0x7f0000000940)=@un=@file={0x1, './file0\x00'}, 0x80, &(0x7f0000001ac0)=[{&(0x7f00000009c0)="2f97a769d79121865fa4d50ae2b92e72733b38a1c5eaed25d29507c354e163b6d6e66e9f107c82a12d170816d5b7216a720e29e65b54f52e19e28f7f04e964cddec341fdc8069213781df5ff79eed353d4ebcb0c9fd0802e69788e1c809685dca7a4d20f8e84ea57e1fba77b577315cdaa6c18200e9518503852c4c6f4dd5df7200f92265db7da4ad271ed45e3b3c8818b114308a15b8fb27d2f3c8e2049f01a5f8ce0e53f7dce6559eaf83213dbe8be00e2186d76a3ef1b097f2f658863ebdf68fa01d636ed48da6cbee6730266259377579b89cf730c83e15e1b7e6c57898fe69599f825f920f7735b01ed7b3bfaaab4d62cf6fca60d66bd9f5bad01e59da2b5fe76d6295b36e8f5abb41df873fc99789cce658c247db5abd115052fb95b0735fbc4db368cd6c30553a256bea7f13f8b75d7c9d8f7294913b7c24aafa0ecd10ea5579bbd95226fbc25b9443309032eeb3addcf9f79dc24c2d2cfb87b9a5bf8656fd356e4e4858a468b763ef1b07d6be465930ce7d109edcdf78332e2dea46440cc71b6e74c27d0d90f107fe9aee4f66c11f2023cfaf31d37d6bdf19f046429dfde91af845916a27ef8af31cd2affe75cf85a222a53279c27372853462e6fbf1931071d0bc730e99d8a492745e150c51749e6a6fbbc842c83841e31edbd75aa2ac0e4f8ad5dd41cac6e13f22971273e03bc9e75c5c2c9f9aa3df05b142306c873e45b13020743d1b8b5093365c4eddbf0be5991520cbf64010299cd9fdd9afc4b6b0b4fe7e8d45b00b4f314963f598442e2e6cc0c573c7f0062b41d79d7370b11263135974e2a76dcfac15c66950fec199c487903daff5a8235efc92f768e33c693a3b460c1003cc897ddb171aa0dce339d109940d209571f4e4fca20556653515204a48869723705d60d58ea0348167369b2cd0bdc7b40b3698f14694d7cc3b9ae0fba08ce0e6b3b2cd637e073573915abeb308005877f1b0d142fc75306a78b2f08e8a715ab0897ceb37fc75bfb1a2c315115b22317683c61513d05a2d970d5a96f435dd507579e71ca01e5b63e00bb6ec985543d0f524be8fd333b1a8b86cbe4a1ddf3932722e3a2700337fce107ab8b51d1b6f2234d50e81b929650a355d6f1958f7e9ae62b22e8759c34c5711254e6f4dbc2f46bb5ba1b32606b20ce4019dcda0cc52c4fb0db024f30597382ece23e1d2edca4b5e81637a8c2420337c5ea907371d539c2f5063753e83d2c1006cf94f930d9dd77ab0ddd9d0c6bccb142caf878472517950fabc2a40d711294f2c9281cdc9cb2b385efc820bdf8d7d556bccb056f622d4b38656cadc21e6c7b68fe977daf34e5f2d03e0ae451d23c6bbca8e901cf150590ce0b914c06e045beea0c1f3befb9b10379001a01955e6bc03ce69de83862d9f4f1774ce03aecea994582c7abab3e50f33e2e5c636a064adf1ede4d1d4edf6adf8e4bfb19ca5e3b02e77f2507cc311a2f4f5a0bf6b632a7bcfb38b2a85d99e7dbc0d79a0f6074e716ba9fbc98904b03c76ab0401a6359a96f9bd238dfa13897101824cd0d5cd1935fd2fdb8519fce8f26f9edcb5e64535f3bf5d13e521f351f766d9d1f6b0d872fde27844321c57e959dc4f79f05f3c6d7295b72dae3e018ae39775f01f2344cc551f325b1c5849f6297967160e01de4a91ea619fa5eb32bc6288f80b024865208c4eef30545084a6288ce6e5536dd39ad9f41fba14bde703421bb681bbc56fbdf0a9e59b98242a11e5db01c5a5b6d5b46980f3c10c4c4592ce809500e72eb99a68233a5996bf314de1aa75b0761498769ae52f49281b47a4dbc2e6a049344dd5d83f5c9c97d9e5367eafa9c602ae11e64e28d17880eaee2dc22c71e0d8bbd112ec1e92c8ac85b81b14f172129d815034d57eb640e00f566535b66dc7a42ff1a98a92b0a9cbe33df48e95b00210149775c1a2ab69f954533f6b2099c5dcf95603567e68022100911586dc755b8b1015e2a84b51919d39f6065c0c0ad6d3c39b937e97d4266b6a6d58464f39392625d551b056acf00bd8bb1ee127298c1903990679500e436283b58e0ae3fc72873678a8acdaf7e66771b420c578e06c13e730949b46fd5f5d125bce7df2f9806282822ac21d597d201a759372e0972c168cd7ff039613858ed60760cb1d7d170cb6bc36efd3ffeab08cd206016801308c980b603d1ace97141b6996c1efa394f566580481a2cdecb9993a4e336f68ce8660b26dc4feead5278c85fe65523e21fa3e929d26aa88714c22a3575a3c7640263c5ff9c92dab20fba3f465a9189c23fe4484afab6887828ea9e9ebed734561aec608479449950bd6cc65f63450c159213023d1c309f992980a9f0ed184462651926e874e52372b1aa1ea327d07100c7d196e228d3bcb52108ee3de59c88c1a1ee33f0b4ed022221a08c1ad7e8ff3ef725e399cc5d673e36565e5acf4e4c5e3236fb9669b252f2a02bf5b0dfd14f2e0bb5044b32a42649b8d5e9d3f55f3f318a3a74ed74a047865c56a009f0cd9f6952de4d769d96525c970c19279f9c3288f6f71e73875df04443b3532fa82f84d649e6022d5644cd4d3550b1ebbb278715f6a552448ae774e5600d3bb201935351e855c252bfec8cff7116d1f447efa531540b3c90ac051041f208d708501cfecec54ceb2eaeee866c34c3358c0289fc8e5683c2a6cdef8052f6c63d0689b9739481fc0bc467075c225e6c4ea3822b641aa1502530ff055d296185015a3f053a6e3a7b1d73405f493273a71172fe8eaceb43c7eb2f8c53dd597455e73727419daac3ea65900bdfa4a1b866d383cce1845d0e8c861900b3dd894e3f68b6c896a405103395261a1ecc6cc63f8b5b71a07ebc6a446e3c34afe78d005faa6e37e8f2d193e8908ff3de704744e8088e1c636661f98c6fb40c9d7a8885d265fad5de635bfc5d81a84136dc57bb5ef55f8637354614bdf04ce2c51ac21f5a0c99cbeac08d3d1ec8ff66607f46e6076672e00a0614b9b5d4b28b2125e5edd28ddea61ec016fcc0cfab8eeb03bb4abf29371fd03007984602ee005ad8f8adeb5da1abfcc24be5bc030ac0f9cd4ceb896a213c7f455bfb8c22e71455b4ae9a26cb34f8a50d83be8b7af79ba78d72ec8bbb76fd07693dd2007ab9061a1259edb2ed6b038850ebd08b11e5e614cb054312f3a60e5c97b797236fded5a42f620e7fc637c8d9f7177010caa24a9f4c070af73055cf0df90a1e361c090b3e907d16e5e3b32be2a0468e01279710f1650995ef9c900ac0a993bfc7d9447df60192e8d102e0771ba15d86dd253c1173dcb1dee32d3448213d9692f7f3ea5b93297c82b10fd530d66541fb190823f1090fd398092e01f90a1b4bc8b20b3c9faee6dc9d87115740807359f3072c7248dd7dbcf106f92c7bd8a7b60e1a3356087f30476f9deed167a3a679ed9b735933cea80d495fd618c93212b8f137018ef234df2e59273b6cb590d12db1bddee2d4a05526c56b1a13239ed6628ffb1c26fcabe97f7ac3940b92fcd62f89be2f29a88d87471d223ff0f40017a76f9232dfd46666c2cc81197d5f81f119b3a2e7d6e531c68dce5c2248622cf498689640c9a8a7c9ad8c0b52705b097b34853baa5d69557103252757e241d7cee40e7930b3eaed4ada5e7d26c4d1a76a6c7e2557e4232198baf9bc54cfc2fb79b0ea0cf625efeffd2bf14699f5cbed274eca271d0e0927ffefbc0d0c8075af93d0856a553cd3d8960f32437766eaebdbaf345841ff1b10f52bc4a5152dbaa7e16de563bb3910c265028e5600cf0adf33a31490c3758de5d6eca665fd75089ceabb37dee7561e4d90c76855f9a1038abf4fd6b93667ee717bc635c0991b77bba58ae3856f6a03f98542f85349c132e4b5d2225ea7aa110067343ea3fbb3dcc3036e758cac2f83808535327ac4eaecb64cfd63739df3d8a2b2524b36a355fca5ddeca6d68afc2c9ae061b499911bed6fb0b324e28edb713519b53948825077c4474d34fff5b0787cae5eb613935a6b92c39e701f5e16c8b6f38eec52233520695f028fee042d895383a639bff31da9b913eac0b4af41c53cf60823219c6902c4f74585e630294c99a516d49fc1386216f621d1ad01652e38e22cfeced38126947f9b760d9dbef51ca2ddfcc6868c495c04684a0a9fcdadec7444e6bb8b49f14875c69b087b1e09b661589db53b2e4c6edde5d43f01d95f2d2029d19756f2ac1fd58801e2f5d615d54d184d4717da9ceb1499920ff8b84780b67749f27fc599d99bc4ed55b5af294148d6d12d756357823df10ae9e5e0fe2b8ece9409928d1dff6f3d3464019028b8d00c7986a358e6cdd28eaa85b85e9c82c0a6cccfacb4b9c3d140ae40088a875bb49479ce53144c4df4d00b63299d3dffc4cb81f503875b82393331a2fe337d2f78bf0f05d083b6118213a477c4e95f50e052025b0755499e527b80017e58e88fea83137591f7727df87c812f449a7ebe9dca3e2b82020f31fa049a0261ec53781240a92493a5299100fec0cef2c0e08dd79b9951964888c20cef7541308fbdab18658a80b0563618963fedb816844509a61e66aa35b1dddf3e63502a7cd4b2f63d526c48fd41dd88ce0ae043e110e60b0012bd6374d2817d58f9fc4e49087bad8344ce4ac18aa4cd7caf54b1cb4295ff2eee3ccea37eff413d74cff240042e8ff3f7248dab9618dc4e46f66bccf001a37e06cc13a21a148c58b5141aefbb5822c5b9f91690df996f96f39f55ea1a8bee8ff33775812fd850bc6a5db893ac1ec335f74545e0f03ea77f9ca6cf95d7d63081c4f6b25bcc2893fd28ea2e74f18440b195ec9376f4c5fa51765e0eddf08e024423cc95c608bcbacb2c7c77e0bc172c1c53ddd186ed94d3d06a23f91829a34707ff93cd59b30e889390ecc4fc7b136433105b8d6e40019caccda42582f6cbb4b33b8627e9b21a2d5e1b261ee2631eeb1f7bbe27e298c7d4000f115190aa0d94223b2140ca24d55d2345187d02d72d88e9fdd943efbd2f86e6a2049b1bf6f5eff16a005993b2d2199318b7cfcfd4f9f757cba377fcefecdd2712b3d1cb9f324eb8c48e7b8058b5ee655029ec41e2c64fbbcb4de4ed3e052825ebc50cd2363c0f9a0eab79db29b8343384495405135cd3c56020add8d8b21541c654439991d8ad92ca00d8d3fdefaee4b401a85fbd8fa63dfb4b990b429afb22a8ada28d107345e67e64994830b8973b00b66699644b4397bef11faa1256b08bd690a5151dbcdbf89d49e158e16fcd06010d222d96581b071605635010c4919c3808b1ae5bccf4b6366c62e3b8de54182cce237d6b85b537c6b0181e5c3013a9df4b6ab86021bbb55da7402af2c9c2d89b11723de42320d5cb60b4e6f3b5d65be4130a3ee2640424834e6f8c78803c755be3352ad9a10d557ceab0b0caca695880d0ce5415dd9f15be76d928dace2a41773c30a57d956fa1250d8bbc5ee083f845940afc27eec661792fc2b66fbc5d2222390e144de4c05368586d0480f735e4883514979b138ac2012fc32bd81af08911b99448c720cca4b757ac6eebda3ef4db1fcd9961600ead090eedb31fcef3b136c29d5ee63339ffe094f478e2a04f8bda56a1812553db36cf33734f8262131be88f235133e1f1d23ee32ad19788ef6aadd0a2fa03c7dae0fdc9613079a4c2ba86667ca2339c7e89a2cae357a8b230cb763bab130c6dcad9045c7721da16fb3f26562b26d08d3e0f932f2d2dbec6992dfc942a9ce02b2a1f6999ba68f57c496648a91086524697157f11bcb08e142c091a81652bf68d5448", 0x1000}, {&(0x7f00000019c0)="63caf728847e9fb3317200fd1ad4e55972f0aecf3a52c8ccdab312b8abc366d7af91bb04c910c396e22ab0d7c43bbd1e80e5f5a30027bd54040a3dd62a53c2ec1fd6998b4d9c5704e990926b5666782cb317b541023ce384337a15d8913332d80424d93f8f1dc760af5fb11bd9faedfc2cb948f4de774295d39bf5cd47aa5a701e3016d3d3d42f5cb5ddf9183c577c0b4c0297a4da6f2c28b52ae174bbd316b628c0456da46b55306089aa04d52b97d5a3cb74c66a6829f48d167883fced3b13131040ed3181ddd5105f4f0488cb230689778b", 0xd3}], 0x2, &(0x7f0000001b00)=[{0x88, 0x112, 0x6, "880f9d8ccc9b3a1ec2c1f5fc324124cce9cb2c8719816ff9586b5246fdce81e2f4748fe22c59d83dfed0b0acc51bf9f3c22f93dda108cfe85814532db55bc2140f4b3cb2876a4cc506b1fed3e7840c784ccb656717e9dd1b0279462fd55b13aa499700216bfee35ce82ea6179252140472b6e940"}, {0xb8, 0x112, 0x8, "29cc40a1078142f7b93f6d8802c9eab7fe9ebeee36e5a7d2852328c4889d25139408bda46be9166a16178557e2b85b4836a0175ef01665fb5b09e9c6f8c868bb196b1ba7e366f320b6930374efd5f6862b137f85a203ff3948c339ee91c097570ee4194bf472bf26fd2d0588dac04f776390e2b3f5b45fcbc788235efa633a86d4bc3e7389ec8ba68a61f41d9f2ad47ec4be83451f988cf77a6cdc18c588cfdc300b86fd6370ef41"}], 0x140}, 0xfffffffe00000000}, {{&(0x7f0000001c40)=@sco={0x1f, {0x2, 0x7f, 0x4, 0x7, 0x7, 0x8000}}, 0x80, &(0x7f0000001f00)=[{&(0x7f0000001cc0)="ce11d6df83ff7761e6dc29f2501dc6e04248afce5f93eda154c0de44556ccf5bd7ac2d2b857f4987dfbbfb606ef6e8683dae12c471abd19b1d1ac44b7c0f25b291", 0x41}, {&(0x7f0000001d40)="4a820c473c1481957a64766e80f1e971e349ba0aee3975ea4e51273d89618c1792d46c8a61208e869cf98c37358aa1b397b30dd2578a33be229298cebf99a8f55d991837ef05ae87b95deb84a97c428e570f24e94d42dc7152fbe045043c669e9d3fc2d923cf8e9722be0100e40b87329ff6e5d83cf37c76de50c88a76", 0x7d}, {&(0x7f0000001dc0)="15b68aa947819e9051da75ab0665053063cf9c3da2708da507c7e029c9d8365aaac9dc79b3048bcdbedbab794add15f12f806a94b05a430350ed7efa8d28e761ee93cb43f2d4276c95bd13ffdf5ade7119a2c13856e30f6b171d07920cc962313e58eb59f4", 0x65}, {&(0x7f0000001e40)="c6376144eab9d98603c37e1a388b80165a62b918fb1b501b945903e5ef4bcf200d911e71ee433dbbc90f88bd460ffc06a1f2b142d4e709d24efe4b34501d0ed1fdf99bbf3dabcc8bfbeebd9b3179b2e09ba16b4321757cadd1015f279a88335c8a62339f5002916235ca221a01d9bdad26784c2169514ec8b27fd3ac877356717a10a04b2f1ba77cb62297a5917f18c4383a1cf2164906e33c89bddda1a5ae96e2f9f8acf1694147f8182a7a", 0xac}], 0x4}}, {{&(0x7f0000001f40)=@nfc_llcp={0x27, 0x0, 0x2, 0x7, 0xff, 0x2, "2da9a8dd7953df64f8eae017bf8f6107e718ce71c3e2b06b6ec752ec2b180332976c5259ddf6ba86c126bf40779d1a6a02fb0a02192af47761c56c5d452b71", 0x3}, 0x80, &(0x7f0000002100)=[{&(0x7f0000001fc0)="114a8ecb77555e8b38187a8f692c87808819abfdd2ed82c423c0ba40716f9a70024c2368d2f38a84b668663b9fa0f42f62633ecd54726b6bd6520b44769c562cda20d78309a9f1343aed59a29d7d425ed4af6bb014c456a17fdbe441125e2f836f38119ce6cc1352c231126c89c2e5fc5ea4c3a24d29acbb32395023adf9c51f06b5bdc471527cb8fc9d96495c1467d463d0287ac8b8459a5f9fe010501a802ec5c0278f550a93f194f65d18850c71dbab1a", 0xb2}, {&(0x7f0000002080)="171102269b7349897586c89a9ead5fa172acb4dc47d45e2b1c577561be68871ad728787de4274d8cf8ec0d57a3c6a0c30a989d9db5297a345df64fccc70857c7e3423855b5cbf6a3a87cec922a38f0a4bcdb819b97fd861cc4e49cb661370cc5047e45ed26ab", 0x66}], 0x2, &(0x7f0000002140)=[{0x1010, 0x0, 0x24f, "637b79c752aadb1a6a2afadfbcedb5f4c15294933bb2db299b9f123e2c45f1d915895eae27d7423483909b05c4414fcf475d888cc8117fe1408a210308935c49eb6dff596e2b89112ac2debbb41c2510305da0dae0f4ce5b9d5f618bd579462d280dbede727800a156290893c7f866ce9ff671f69d9b31ee335c1a18bbd7fc946a032b51f33ddbeb3874b1be5be2b9467530c50d80c74c252a37b59532b97edcbe0aef1af59e8dd2d9c951b8bcb39818d1913bcdc1060b43b860340b416ac076fd52c70c36f4d7fa7427b8721037ea9152e7a83296beea56e81b2d636c416cdd641dacdeabf8dbf0cbc691d165835f14eadcea15afc4b476f19814ad1c4cb6b0095cb14123529b1836daf1941e9aba14331d023bee12ea52b88595fcdbc7efcf1eb6c9f559a70f20550d9d7ee894c10d612913b7613821d0fffae6fa90fd59ca5eb0890f0c502b2adf1377a4c82b54168a5cdd99c97078ac7afdb6693f6a858b4ccffd950942580c28f2d1cdf6abcb52729eaa140a4d99d8255fd3f9c702e6bf713c73b355714a9d9e472070ba3bb2e1d67d615bd46375ed881f40c4101e14cbb3fff2ab09de6c10c77861625164f2cfff6b03b53afb544a974a1bce71b9512f622da6a3a124d734be811879a6a009a1874d6c473afbb5ff8ac9314c63a42d48aad8f41a0d42d982c04f323f6593dce027ed9333a6459688506d393d8642cb337315f9428a10831cfe0b703c259a31defe96559e4e7af562b9fae48931bb4fe48e677af98abadaf2aa7f69d735317cbac5c25e46e1ebd24811f9c97900832bbf937dedf754179a59ddc5fe643f7d230510320d89bef96e01e9dcc6bf06fe68b79103242f43a58ae3d674dd7256f55e47dde0633947e56bf3ab3a30fe12e885e0dcd04cd2ec4d811c69c164973b16d12d1cf9c93bc5d4538b27c04b280416849d4ed6d6cf875d74a0b066dbf4e1362f442954dad39fd839096f290437db98921addbe4a762d3a9daa749fdee3c6d787f025d423443ed3130a90d89ad450a33574a4b39e608516e7ee733b878d2e1deba3786fe574e15a6704ba75e564f8e46f9aeb160888d233187052a226f5f11e5b9cc5afe2ba4995543c7c3217b1a7e6112e31c6a28b9325756989726cf4c01c4da2cb379a11b87510c20dd8e3d518a20ee1d872a0093ebcdc9e0fa2cb2ffc5f98159c7e929cbc088d8bf1f1721bb1f62e2d62c27330db5a12a5dbda71e45ac1139cd5943e12422ef843686b71b83a45c47cfda7d6bce15706c00049b91892d4f6e709ef88ad0a0d1d811750bbf59495e030dea509d58cf0ff329f9f641354592d0efa2b6fa040ff09ee9d66d01b5e67c27b1327e9e315f7e462fb41f7fae3a7ea04b988d255c4c713c3094799a5e5ac96f82d988878b58970b252b049540f03840cf1060e73c4fa036f0eb4ff98ac43e99fa36b1bef534d6b2f7d1cd836c9ebb46f06efcb4284267eb0bb6e7097af424ebdca6c5284df20ca12bd95acbd52b187987b9e0edd874825ff33bbbecf99ee64f77ac052a75491f8d0113f174868f58236cf6ba5474fd5452c0c48e05272c8930b2b95c01dad40248b97622e98b6e2d42cc3b760c2abd1bccb9fc063a2a0aaa5a103508dc9cd1c20a2c3d143a7e9b700893e5cedb8a8b49f18bacac2ba9cbe948965f7e7ddc5a566fb4716b5fb72b89bf162eb2fc8cffbf2e80f655f6b12bc11bf121e5bb345cbe2e0637ad92710bcae9f5c776031c981eb909d2c3f0ae36987c6d5055abfa245e37c846edfd4bcb7dab2f2f6d44d4d081598729ed94e6a93a1d3e2c8d695d0399ab4d6e9a8e1cedb8712f37d3ebbc78d57db598153b4cf5c06922d5166f97d21d0f34f9951376e36337391edb09158f32b5aeb5769fc6088252c4b1afe93f36e36983aba48eded8491dd675f353302bb96b246f6a40f2dd8906e4cd8f4777b674597cf333ed171cd6558ba0e5009b3017ca1beae14d57fc71105f26542f4e8203b463d0bb424bfed4c71d99e62453ededf2e7aa6a65c49f899d8fcdf662c748552afba86fabe1934d33008f894a3e5523158ecba3166f1a0e5fdb3d61c0b22e1a0cec2804ab92c2558e75351319ee23d0e4b4cd433146dd439ac4732344289d042ecd95745d2ded95091b65eb365ccc0c7fbcc4063746a9ce7b858fbcc613e4c3bb438d7b22da898a29bff52681695da28381aa704074990579b3add6054b3abf0531c507b365bba60bf1a00a72ac090e5da3be93e37e4052f610c1a66651ac8a57e0b34ab7800e5941732598ec38ef7de444c3a52f530d6243449824e88816deb13cf1f2d6efae148975d181a789dfa1700053fcaed14bf8a2fc40d932f2a7d143a376a6c668606608da40042ca3c0d206e01fcdb4e1224e4c6312b46b6d636aff06e92ef0f51cc2e6844a126b501bab15ff79bd86c87ac40ffc5c91541e40adec8bb1a53e849c6cca9b41499c7dcdead408e2623ea63d1c75c38e01afeba03e0d11c907b1dcb6d5e780935eadcf629e8fdb69b11e1907362b5899d3b780a33bb0f11813bd62c058e4aa487c39b5d31344b1a9743c5eaba57b5ba5a06aee178bb8bb3f4ce14c4f730b3129b0f2ad69e3b8d7f5c5a5ea0e28136c475bf4970a40c69491bbefbeebeb82257e067b36e2f61181de483160ca2b877df08ef5efc28abb52ef51c21d0b7e917b1883e1615d948449422d3fdca007476e8c312979a6eed67995676392448321c1d749eeb2256d7ff91a067cdefac32aba7a393363973a55a284ae9c8d2a3014c25665f48726de9f5e713a11ce7e13a7b403819a21d47518092366c4939ec05fb0d16d3c84360ab9c76cff0d2af5accbf0ef70881e81724eb4c434ae3d7af42a1fa9a2559dd9a315b78c2ecc51564465a576f615f6149d8a383b05a2b1563a36bae1d4120cb3b8ca8c942e82d7712024120c092e57cfe00f7cb64516fea42a1aa06ecf9e8ebf0c30760e6093be9fda478e647dd99fa188a14e5c42e3937f074379478da8c0a37a0d9aaad8f2897d677101d2342a600aae49af0cf122baeaf3eb7c9481f84392461c65c32fc65b2285223f512dcf1c1062c659410592eb72bbf8e778fedd3287f492950d88e5a3f54a93e3683dab9b4c8d5e2343d1967b283c364053566222d17b8f2957b3f199ff7d84bcf74efe1b65d80b81415819cfd2f7898945bb1b79c344856c05d238108c41cc908a045fe46579ae206e33677d80fe770bf51c2448f088625e727915c07bc7674cd4051fc8f8c8aa0ed67d23e9144cd8bfc7e24631913a8d03e5c1de1d856636934c35f252aa90447c31c2a31f344bbb755b9886fc42a3e8f1eef4fb541b29fd98b21ebb4ebccc2df97dc03d4a94876adadd024d4c2e21541b0f6a6bfac9aa6fdd5cff0e5c0c647b15ae583bb2e25201c98e0bf9fd835f5ff313394fde50664f812d0f601fcf4b014bb2a47c15de3db65be053db28ffd93acc1ee6ff9113861840337d95e7835e993440fd37c19f776001f9e3748e915e1f2c7b75426096bfba36df494624ad8cde6e7b19d10d0880f8ad30d8a05bbffa114dbe8124b9d71a5615ba6f34c258a9ce2ad369748c93be0393ea78c68541d572c836db025230bbb8f135387fbb83463af70d0f0640009089bdb2d89c46a788172b38f83b920ccbf0dc4152141ab6a943a06aba556cedd51707f078ca286d6467a16b3eeda8cbf03caaf5d3b7087e8158ad268d2266584549974b17ac84e1d283aa284a21939efa3ce1d0e30861d9b8599f20a21bc235006541b16efbb214c6f10f44312face306740dd2bc63c9dd82dc16483a37f3f87b06be40cb8e2f1bffb11fbc46631bf015bc1ac9c9e37cb1a127871f027a6ea856ff5fcdec3e495180e9340d4376b5390089324614537f2ceafd1c2dae202d54823c5eb8c79cd87ac9f2918e4164f3823ab049daffe4c0be86436253516ca775c001cf1497a1bcc6fb4edba3b91d69c727a17bc186140312a008b699dd563a9e770c1c57975b4137027f82aafea8f5bd954d810ca0f4021ea319688342b81e99964546975ccbd76f3c155982a2cae1aeaa75a11c505d2fa21b94d5e4c2ac7ea7430c31b71a2ca780d0efdb264c5dae3dbf821dac6ae0a54d9bd15a274c2335d077b9f4c42724a9ac56bc3f50febf91286b93a187a3c1a652593322d1f74063e89e8bcfa659a8a66dc674bb0b339e532df613c8cd0c0a3aeb49f93edff990f7935af0892d170601ae15bc26f17afd441908345c4edc383abddc96979c390659173ada074e4011d6de7cde10557d7c8093a403595e28d76c138c05a5460a6733213896a0ada628e4a9f942624942e2702d8e10453caa7f250b502f8fc8eb8aacd137399b5f4614b56121dc843bdc4dfcea48bddb65adcc08de0560fa9c7bfba186a6427e59acfca3fc3ff0c7f9a80c9f38ffabffb5cc2f24813d56e8b2f72f6eafb23e6019d2e5af0524d3cbb0e714ed2a6034317a26c5bffdbbc7ecda3c9c6e4ec77d34e648a1883d64b70a5252de2001d153fb56e841db52e00716f9b65b9d763f63941a51dc2f1aca0a9e51cf901c54254981a36d622737c673ab383da9e698679d6ed07980ec0d7ef41178f18d2ff1d03cd17c3578dfb9f7a4ecd91d3d22447e59e5bb4a8e4d01aedbdac8cbe5e96f8b48acb3b209ff69aa93165a9d6174fb9a525414dc57f36bd49bc1eba9165758ed53606a8112da95d1806174c3b19ac72cedee217ae3d0a5e4942cd33fa0b3bd6a698fbfb2c531906e3dfa226c09a27f169776a2f27646c2c0a6ff4c017f8dec36f01d7e4e7dbb2a4f924419564f726f3abeb0975778e61fc0090aa1d060f686412e0fe63de5f84f0ddb7da91711b364267c9bd8c5780cb26d4e72eb732249f38c4879e5da4ac02b46dd4a4d1a7177c64717eb5812bfa107683999b9c4a80a47fbd08fe477818e4aafafef610e3e475f5056f09bd004e2f8279199f795ebd7961a7549c9b11ece77eec91b6dac376da7bbd500f890df15367636f5db88be658dd82fe1898cf0e09634c1adc2092fde87fb5aeef66c5877c5ee559e59e8e08f7b0f532f501f17433d55037bbb8ca0b9b2597680777092b0e0520871ec6207caa30b792cba59b591ad4c7c3065d998b7fe8761b7cfd19993be6e8e9367aeec9d46827fe5af8a6e99c2d875ed09a334a0c672e79db3973327a47ca1eb870bc67d007f8ffb6b067c84464f5fc1f63c7d422dcfec8d45fae3471a2b920759e7040bfc2201e239a4de56022367daeee724b8f0360aa226d28e46f02c1ec6e259a9aa676246dda7773740ee6e50fc80d92347bc765bfa62da1686a31e6b50c685fb68a79391c127618ff2aec0047bc683f42aaf035f6b827b395c232ee92b7e4bdc394efba72be93a7c32054d8d20bc37262494f17c4a3355ac0bba90d3136d622583f3c17d0e4c5883903e39899ddbf3df78e7086e3398e10b24b231768c6d48bca289ff2ae2c5e0405cb8953ed18f29944c48fce1347738a6b7408917450c5bb3084337342569d9c0f33e4184d920d923d837a8e694c1f77dca7e5eaa6196100a9d8e29d3522ed671c8f924de16bf38a69d99ee5da1765ee72268da7c230196f03aac974f9c301b3c73b55815b463638973129398b4e4bfeba126a922a3ec6e6510fff05378f0948da8869270381d31cc08d52622de25205d5710e768f2ccf1dfb988da86322848c265947e9c1467e8395f9f242f6a96af6e426fed32ffeef8ddf7a6e78d3545dd3b6492f0692635efb3927066d6ff3ea8eb839a3ed736e554316e1065816"}, {0xa0, 0x11b, 0xa1, "e514b8bb7dfd37123c7db65936c4237e4b7af73038b4cd428a4a6545e5ef02383a4f586c2ff9b0a6a4d8f222468ee6ab178293cfc0236e95e2c2a3af3ae162a91c24186d193efdec211689ee79ac836a3d93abb1f81ca55ee46c9cce6f4aa4ac2b197621af196ca88c70349a9131b080b3bf0946ee51ae1fcaa5eeec21e4f1f6dc9aeeae233fb8d635000dff58"}, {0x108, 0x114, 0xffffffffffffff92, "b83d79e071023bc3215288e0733e3bedc7865219de4a1a4939660b95f3f4a33fd797567dc3d1b9fdc812685e5fb6be425819106590f64f56075d7c821d713b1de3db199a417c4143b90b1b75b8fdf8a1af4c7348e7665e9c9e1eb3b6810189bede47c6fe43ad84b871526ab46ba1d044108861bf97a6e53fa4bcc4b99f517e27a78f2c7d4a32e03c2a1eca6bb1004ede54ff57ae95dffd6fac44020473180621413a0b311c06d83d3ddcf25a45b73b02e0c60ac628325528fb06b21cbc2918a5f9745ce6127befdecec860e379e9ae953bc11e7703b130e4ff749c325e41d135c468a478240a1e3311d862a173dbfa2a215f"}], 0x11b8}, 0x8}, {{&(0x7f0000003300)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x4e24, @broadcast}, 0x3, 0x0, 0x3, 0x2}}, 0x80, &(0x7f0000003580)=[{&(0x7f0000003380)="60697fcdbc41d7e1293caf62f84d084c90197e7699f4534a6eaf95984ef06c91a55eb18fb161c19a87ba4804c24a1ce812a8a48a56c9ade00e9d49d5be86f31279559aed3cd0ab15aee0859efc224c86aae983cfd3ddff5a13b133ef37c936537e0b298e8b0b3e78ebc3a92d31f9951f6380da1de92a6c31b12dc9ac3975e4c16f4a99239736139ab8715ab62fe8289a50164d6a4543f2e5e03474ff4e8a478de798ab3dea10a5f83ec55839e0", 0xad}, {&(0x7f0000003440)="97db318c7220168396a36ec34ef47a2bc356b1520a9c13f92542d63633f37c524f508fa79eeef33447f784367fa96403c20d57b3ab5ae811c45ef3dcf161fd33122cb145a681d49e779ec63062ea581ffb1fc7e74f417a6fdbdd80443242a6bc5ee11c3ed60330288f49065450e46fed3d87f619654718920344e495a54e4893252852e62a99fb8afd4d2c59f77b8796c983abe04d771c35c082dc84c2860c452c589fb4367636b6aaa1d429ded3b9a2036eba3ccd9cf068b97368f232", 0xbd}, {&(0x7f0000003500)="b90f0279e59368bbfa0934e44a14d4afb9a4fc1b61a23688a7692bc24ee9c2570957b1f8c03655c6513972e3750d30ef9893c3d122b6955d9a4bd545445f12a94c7f3f907c8ecc", 0x47}], 0x3, &(0x7f00000035c0)=[{0x100, 0x11f, 0x5, "47a3bca2a3f3d2da5936aec2b6e116fd995bdd58752d87846b5668e4dccae58e8cafbf385f706fc9ea3faddca7609a2d81880b82ebd65a1924a7a123754a3581f18875c59eab7796fed0f8cc4fb616a1391f517af6aa4b3582ec3b72e7db92c90224007e7243d328cc1ae3e7380e8a64c9ad57192cdc0a07d82323c2ac6b3b6dc1144842ccd2fa32975ccbaba3e6512a948085994d336dafab255cf50e5760f25a04cd77e6204abc81e5533120e65f174e0bb7e29e2189a56a9fb3dba62df076430ef72f66fde6585e2f53e50e834426f03fe94841fb3bada444eec86b4b04a7d7d86e06c194dad81c6397af2211a8"}, {0x20, 0x0, 0xfff, "ca9cbb07b82c5c0b48d0f6a76488"}, {0x1010, 0x110, 0x0, "f4dd328665631d737ccee5d651998758508ac6810f7e9ed1d69cabd7c1aa1a038bfd4a80ed5808752829be82a09e5f85bb687e5da96e364bb01ac139f9e1d8efb5d76940c96fcd4851da94e048db5978705245f648fa9bc52a8b29661c228a4e38a3aae37505e08080c63dcf49d3e857a69fb91660ee37b81ecaa5964ae3d933f276329bebcd19f97fab0c2512c12eaad9b2c7400a914ecce9fb5f2537e6a9f8ae54b1e6d45dd1b29a4a9b4ab3e9a4fce3b0052b3146b1f850ca4dd6312a3ea29d0573b6fdc76a033e7dcb014443c602750170558728934d587a64fe21f6a57c00b642c063974992593133a08aca1b77bf6d9cf3c26ba1b7eff35d057601c26141555ca4a661098531619b73be755a397b43c6f4de6fbacf6b3d043b9da2d3f93cc598f670a81262a2f95240355bf6ef48d05d5d2a39d84806a5b88beb537c765c1cf07f65e450455e79b7001ae8297cac577a5d12a3c804f7139176f64674b456c8c8737ecc65f22d0f67f44caaaf390e71031a533ff01f2e5c6d9d6a77547063288a8f707a12df594140f0cbccd461a9b815de1282cbeaf14bfac23cb3fb4dfc53a8728b3f143b085ce33bb801e9cdf92dc7f5b9fd2aec968283a9d417b35153fcdde236391fd51c1276b8119eeb52ebdfd245b12f5ec6cfe920b2536ed846870f4fa3c236d3b9a94e89bb5e1450aa49779d620a1f192ee68a5119ffa218262ea20bbd7c68d6406bcb9a8bf5ec45d05970bc5a8bfebf38d9166f1eb7e5669923c485c22f8b13febd33a84f3f4479ac6842872cd148c475f9521c63e8442931fc574b0feee0b0e612a360bf4318b087be2c1398e4edf9503d9baf85f128a11e5adededfc1301745d2dce9e30f7d9ec53f1c4ad8f11c9e3c8ed8e6289e66ae3a3758f2f0725cb51949ecde0e3ccafd0fd9e18533fda7c5c3f91b7b39d1a4bc893812f8df4de0cb1cc5862c429e952c6ba0414af16c27053ec631c2ff5e434f2271a3113cfb997dabb2d352cd7cbc6e59f00c133ed16df23d9fc1a9c09cead2ddc91d7bbd12ca29de72db0f32748118b1f94f5059351103bdb40974c0a1080dfefefa5d71c0dcd2b47981d50503a39efcd734cd3d042d61260bb8a1cbb5348fe2d6cc27b921f602fdb6a418b3627ee8db9b93190ceac3d86c792132ca46e5c07a62aa03ebc41adb1da62df2a72e04bce99f994b0e7b8f97a0d970a8d6c1067af1dd1bd1b9f9ee732ab1d80e6efa4c621c6120d2bc4e7cff8282d7188686e377da8ad713ba81037f4036e0181c839556f60a94b51d2a4aa4bcbe0278ca61b940592cca61eb174eec233db01c9621fa2168e1b2700b8215e5c23056fd2288134a823469b5c9bed219324e2d250eaa0d7d5d9374bd647cebb9ac072071bc44d12dd1827a9c84b8e44c4c7fe0b1748d714c7b96defb8e40ddb51b2a6c9e4ce66fcf1505a2c2db99494c0b1998452dc18ad5072cc6f0176eebc96936fc2ba91cb6f5f2f9b517037623027d398171b369a1867ac1a811d8e980bcd1e7d6566b213ac56febea37dc43be7d81ba03dc91de968f09f1000d0e0bdd49c2a8f846f149472beb8baa56c77751d0036b73fc9ec306d6d36299765db8b8274c4120f7c65460e586e0e6e20247627bbcb62b2757cbff8fdf1d1204e5034679789352440161adc7534e56a4a4fdda30b75f1ec2bce31140ff863f6246d9119e29bfed350dbec3187b46bf92313b995bb89f1a3a0da027d8899f7e41a7e65d0fa70b3555c4755848b5b5856530c031040399e62fad8641e107b208ae992b7ea74667fb19821949fb848e8ebd486f0cfa7aa256af3ce112db6f5750942e029f88133cdc97a37110ac46aa3d02ebb0ec967c3c88c9a8668b0fe5ff0cf3e8716960a23ee2420d9e3c7f4f973d6624a3135e2eacf708cbec3aecbebf3b446cee477b318b2fc37e99ec958e044f71cdebdd91c3447dfd4a95e843031f59e75af5d878dcbb0d3fb2d252e8ada089539753bab6ddf159d459443c3c811afaf3cdc620cef4dde8f56d3d8b7af28a20fdc800de6420a585f972061d9666ec99642034947a0a2808f583c25d031e1b57f95b344c3c4f02cd5b2f5921df799b187be1ad3a1cdd8fb7a1c0f017016361b339c3ab659d45882451d95acb4f534a6ba3907b65edc30611b19066c79a0dd114f3c6e717a2e4f683913b7c3ab1dc37ff9a405e54ce2ad19f79384f2c950fd80c1a53011cd1d74062eb42b1ee6d40bb68a27fd66a999e9dad450e79945c91609b90acccbeb5df83f056cf7feab8152e92cba702582e899b4b43ee3abc50f2618117deb63b5295cad05c85096ff3c154f466e0b9b446c8bf6f271a008ada3db8365d5e7df755b15e2dc0a95459ccaa55b2623c170f8b9eb348c4f5940aab276b51d7378b43a288f8b97ad403cc946cf3972e08a649a10c18ec7742b9310821104260db720498e67e24a7b88a993066b791b4b1145b997d70f993b0903fa7c0607e1bc34328f7d209b70f6cc080f61e7566983c0924dd3197cc25b286211e9da9ef0fa06aab1c4de2c8cd94a2a7c7214d335accd7864161d12c9150ff95b6f79cca31d6daba0c6e440bac195f28b6348e1ab400b010c3dd0c9627609af9a423c6219863b0db6e3284cc5bcc4f5a9b0f9a0f35bc2a73041dda9d726f197a6f46a4ecdb3ab3fcd2d1df4a872501162ba743f5b01a7d3f4e8f716174cd95b6b59dff57e017cd4f30835089188da51070d94aac1fcec8de9a9493a03b5fe5d3a964e7bcd60550763e3895bc13b13081c96b63afbec57e06752db8bb3814c0995b99bb656519e6370de58a16360d2bfd34287bf89d55b4eae154f3bdd6790b7346d0f00a29076cca398ad64453d8ecccc0c1bb534be1e4111dd4bbfe244cf73a73813f722e981b6e4483b6903f2cd01d870a370e0f4335e5b64455d74c8ff1a6c5e279468f8e1913d6432e2d5ceb71df0f511018abdf11f7989c26e5cb9d30618b17e8c8de5f654e554b015d6f812cea4dee8e69b113c89e9e7443355cc293ea686c248dd51dd4cc58fba06bd8efaaca56a7463f2c3a8f8227a3705983d751962604b45d48b1364e168ef25da325bc03f67106a1d6b68266edce319698912102a2d175da58eb8c7dbd1d84ea70ba4a9de9d7f7b363d85d7fffda83d8aa4e6e80742aec7b8d7500d09b3ffe15404183b35aaf8e22451ece2dffcc54b1313797053aed5fd8571b4d0a9c3f81b4672ad3d71d9c8252474017f768ecd29b3ae7e398f32c13928ad624869a168e36d228198ca666186e7ad4e2bc7a5d702dd3f95dd83e984d98ea8248cdcc3468fc90d628220c7d742df8a3eab290463dc2ddec2a19a06fd02bdbef0708caa15335518c1d2780017d8005e883437fec172710f6a34b88f7dd9e091cbfe4eb803d10caff695a0cb5a07e5aaca3152d292732bcd88460c2f271771507f49cf06caf1d72e20007cbb51f685ef8c2fa2c222419bd3e1f6027bd929f048792f198729a8c62e7ecbd123ce1ab97825f909a98baf75a8a34b9e48ec3d2ee16d53050df250bfdab649928b71f9d950ab54e5f0da072e2d6f7395159076e3a126effb050566c3fd74708df84997ea61ff9e89f2fe0bd144cfe7c3b0558595898b75630fda8e54d6b69ac0357dcd25809dd99b352d1c64a93c1742562cb7e87600cefa20574a73afef69101ba91eaee9e6d2921bff23f769b4a6ff2fc889d35646e233d678b909bc9b8ebdb5bc31b0cbf0025dc869f788249c691a8bf73ac192156c8c7357d5753e0132b56bf05ede13e02752841588aa0bba52f3d85fc2f0c73c07a595c57831d2db794b2d30a1d5626fe8d3816527bbaa3448b1fb37dfec7c34617452d80949bea286c4fb62744b3cd253165dba8f74ef5d2542936c9b6c86b4fb78b3b0493e704548b612acdf00d7d98fdd4c138a8e34e428a9edc15674ecc59ccdd516a44979fdaeeaa58fbdd25bc795bcde1e7eefe61d9e9da555ff26a339db706231a51775eeae75332b9bb31b517b730b4d65334bbecddd7f0d2694758d979d8b1671208cd461c24b485119c568d0cbcf6b7a5ded204317f6192e8053ca90968a37459694973670b754fd0de4d5cd6101003c6787f61ac18eeee4df231469b3b6bbc72a19cd56df7c12dee81fbded12637635050b0b952c3a357f06f2a0cceaa913ee961c9ddb2adb2b3f4d2f72651c1971f34704846570382fee60c5e2ec82e8c4ca407d8cac48d9d3482e64b07c5045d54908b3f35b0642c54306172b111b2a3ec72f6b850de0ac9b423636c817de0b36ec06b6c65177dd3a2e2f7021a896983deab8be3560d3fbe44736010c685ee016b2883b70001ac3df70064b7ae11ce676e49d6eb1eeb25bb00f774c9c3384fc11b74dbac18ce751605a7d207e6679656c0d3ff98551494f68d6874fda7398679244ae9000798762c22bf230b553e5d1363f77c25dbe4b618e03908ff244839496088a567c5ae6d64cea76895a48dd4b9f65132e12c6403f4c14656d0cafaed0d3107056311fbd0c33fb54e8deb80d69adf9e4f4642ba0c548e468fdc532e8e9cd0b584ab38d0af354fe858401a63b84d27bbfe283421b3c69e0ba60c840b4ecd05cfedce6a7384014a4da33c14cefb81b4a8719e6a8c706a1a366f63e8da530a2d8c2e9ce88e6306f9c19623e6dbda37378bed230017ea88f0f809f58f539fbbfe994ecf6f75c1bdbc0c37a6280bb36f960712ac234fb7d382aacd8ae913ed765ebc3fa9404822ef72c962c4814f74545402792f3779f9430612256b04ba29cffea3224123f4f0a95edc34cec9848bf1bebbeac3eeb1f07109477c9d67221f44026258560fb639160a4a6ca6b62b6b539ad8e6904f19e1261f005d7f4cd541aa0c2a0d1ebe0355d55d099e3049a2ac552039d54c7f36b055d4dc0bdc9aa7778d40bd705378c11b9f3d948238e6bcd103f53afef7124445ff052d36b4172a73bc13a03b5fd44c10a114913ceca8c0760b40a66bc33c6135b2efcb49810d3a065ed204592af12e30c85a89607c32936c91f38e550c4f954017faccb8bd74a772fa6ca7d3347a0399e96ffc5637bebddfec5f06721993fc13f53fa2573e6c2c6908002147485d887c0c04e31d7f9c9bb7d9e955758f884a12d712d535e3426203e214c06ede46b54c9b25fe153ff46e3e077b8986784f63b2351dbeedfb54b886f6194172eac59befe8726eff2aae358a8e8dd94d774234723a0d7f1430de06ec87c87585ff5fc52fe7cdf20844e7e32b017e0bc3633253fae23dd2064569d01bd0a00a39dce4f662d214f8e7611af7bbda84bde34c382edafbd84693a7801f05328b9ba2c4a67fa814a66ec3da41ebe4690e458167c4d840d1e76b6107e796cea81245097dbf0c2474673e593401e4d5e5fc224b9ce4fe82be0ee966b3aac1303d4678398edcfeca8fff530cd3202df49ab56ad008552dca38f51509db430c8be5bb4dd5dc8d18fd5d42e3df6b0c67ae1db071c0b1d4cdf296427446065aefa6e46617f25d1eec500b98a9f91cbe1c9a3a6d02e46ef5313e3c942ef3a492942a3da1c959f5ee11216f415465150707271cfe2ced963a7d6f71933ff9e83e9bace94bcd828ebf6423e4036f44957f525a418941a5bd78580836faf35d0cfe10b32aa5a04de75723fd59be72a1cfcaf4c2d98b8ace288dd5686c1a91954e843a3cbd3ddd14f2037144e54644ec4ad2ec729f0b722bf2dd88a6c81504ed0faf8396f0931b643f6a19ad9dda869baba993ebefe2e79189b46f62f951731af3dc787216a36d75c45d009dc0"}, {0xe8, 0x107, 0x57, "22fdd0bd360724fe93ea083af0caa55466cfdec93102b19bba17cb8b2710113ec2caec288c65eda513c58122099bb2df04954c20a2f1799ac6819973bc2341f35e034bd751666ec4311606e241365f728f1aad39eb66b1627280894314e2edf2010661129892d1427010273e45754a1eb6897354b0bf9584f575953ec05c0bd8d23b36ba395386f783346e02f81fec72c5f42e340f33527b3c182eb42b199d4b0a581a17ac6df58750ebdb1bfe7593c47dbedadb1abc43840ec8ca968b55562775ab52655a74ca51bf733b1590718ab70d6f"}, {0x1010, 0x11b, 0x8000, "9364fcea70e0cb057bc5638cf91bc3767f164277f138d435eb9853f7d486baaef338fc7506e737a26b76af4fc1190916cc7b37a43e80114910e2fdf84ebb588f7d9437b64a2a39e9476962291095a5d01e6336322b82c067d17bf8c1a36ea680b062c3a33686569b3aca03c812ac4b003fbeed039ee424869cb9cbcc71b3498c8d3cc70fc342c6a9beed573cd719f16f05ef5f4944f1049f38f18ec199fff74918104ccbe89bb719852adadbad301e7af729ded4dfb45512a391bea270e766151db102885c28b3c6e6a579b9f70d2107ae6c7a996e7dc174fdaf6de9080995af1133ee511ad403fadf30f71397191915bb4a5aafc2a9f0f41cab01fd7cba4deae3c0446967182a47e5a6052ab54a3ed7ba90bebb5d11b096f93d9fef16c744514ce7835c088687586f285591d4e879bd1f381e42baf2310a8ede16bac2ed0be79f72434ca92c90c0cda7d39114b2fbc2a92a32123ce5d6e27d33584411a21e593f805c87a545759de043919b2f193203814e22173458d3c618fef07b0d82f91e233d8eab39a609231a86c205bd3b589df25c1b9141c6f46163d6b9e363e82a2f32cfdc87d5aadeaab3fe73b0cb34b1d64ead5d6c6dd91451df06c44d98d17111d9fa74b52546221a43b998a0e3a746d9a5375f3b73c3da1639672fbdcedafa1309b5cd8c32014f04e40dd7ab2f7d54b4659aa64302d96a87f054c636d4f424f1e7f78114e8152fe877511a03f59ca6c0afd7ee78789a6ba583fdd4b956cee789e213aad667ca0638e6e519baee8c5b09ce0ac25e76c4ca0c6738f2ec1c293fa032cb8a839d2ebd83ca02192b4b3478c3f40ee6fe69f101839c53bbcfe8934a8e27a515a2f308eb51a8e0bf5260d4189d6f81f84ec07a7b6135343a6522e9c7253c7dc429fe6cfa3e3dc74eb2941799c5995ae1cd2b4af01905187f10c115cbd6322a1265bc7ab03ccbc6ffca7808b84992680107099611af25abc0171e71b56239125193f3c4744f1ce3cfd6fae3d2b1cfc7fd139a4acdbfd30e8609542d33d3156c46227e396d990490a306d6bf4aff0369fe127e36a187f572ce70ab26c76cc4b2658fdebaf2efb2cb307366f26f1c1bc5cb60c93d28d37a35f38bea5cb1c371b1604ba12c60524afdb7ccc677d696f55cac1953293f04e753cf21c3833b6c3cbd5cdc3379bfaa3c5f4c8906353ffaeb8c7a4c2c8e23da2fcbff96e6981e5c8438784d179339e62aa17d7119266b041ee56173b4a39ee58f47d0d61aa5266585f2de00d548d3eb898bc50f4e9ba6e75d5ac07e1c3076881d538211a0a0ff3837dda78bf9bc0bbec0d8a994c3bcd87401643c4f4b925c2d6f240a106c9662f8caeff0a74d7f33f1f3b747ef30517536b15c2985ebc68a8d4d0c5edd59f301f5ef5e7237b9a36de74695144345adcb262f30fe87e9739bd16fbd7407ee01ef7ccfe0f1d4bc5de0548569239aa55cfd161a221ed368f30bd2f67618c944d8044816907bf1a7ec576c8c12d6d732303556fbd0edd40e7c439ab979ba85a7c18be04bc2e9df1ba22d2412bfffff9f1737a107e3005eb59d01b0ff0295207d2b2726f16ca162625c769b2b49cff4328d59cd3472b1f0e88239bce3ff5ad34001af4d17c9bbc83dbbdc85caa802be6375aef470475155c59f543a237b77e1388d3cd9b2e8dd5eadd9b3418a377ecd451864f3471edc107cfa3fa8117ca891280d4bff191707305836e4050e2f766be58534d179c23db121c9e169252d1d69d9f877b1b3758528f1e505c7549cbef3f5f2b99b50d12b9e82aabd7300c5a6d5591183fd504296ba029aaf67976e88ec10a74a82e5d1e7fb6ace0d06004580420b5abf37296bb51197dd4227b5c54d13ac168ad40f14a3163b74ab2b7b131c2a0466044ac342f36b0e7c15472a5d809144f2c08e4949d56715bc2a2397e12fab256684fc536c72de18a78cb37b3076fc13ec4742ebbdcd6aa08a2ff0d01fd5b950e451ca7f94be531d49d583ba9acb214b1797a4a9c4e30ff27cbfc3d99acac6419ee2eab1cc2384cf854a919970057e16778727652d340aecd1b4e20c8acd64666374e82bbf6cf3a4b6e06a498feec2b893126ae57b8abbd4f71b734cde0690100bebbac458c313faf4b46af4eb3c6b057fe0d50c74f4a258686e221ad6ad5e94f42bf178f85c245a8e687e4ca95a6a92318584628d92e14d5fc81e8ba27ff483729f1571d578357a9ec000bd4735b1938090709352f0a1d8226a903414a2a607ae0c7932814c5dbaa95cf1c18f5762d7d08c347bc2c9dddea94d84049f656f92336e906e3b1d91c4f611b08dba7bd507237d9e1e7140dad22479832994f9bad517355ed267ae7456f8f6bc03a7f608ea853a4c9b6c68cdcf60e38ffd751f73e2d6f7e36793a3feb120a0d182d9996ade793fe9ceb12bd821d03549942f9083a93e9e799407909667626ce02cdb7e00f2bf31a95bddb05576dd72c369a3622ec367e02a34a044c776b07ce61c4f9c6906be005b0116ad88b24e2fd8e66ccc75f9415993bdead2a27c0ca9f95a99a3f277f8e7720f5509d91f9a3679faf53b8277dd319f9b69beeb173164d64e010d657ab84419d7af8799fe5c07e62edbb10ea90b3244e6197be287ddeabf2cf2089799c1495d4a5e20ce07771d5cb76764b0735bcddd77117ccb778e11e4f38d8c7616ddb654615636885fd2fc11f60dfc862fc75aa609d383d7b8144c2f4877a7a6d15feb4472767de9e8012371cf20d2fb6eefd0fe8e8fd87649e4a70eec7e066465a364412d3cfab9badc4438b2b284bfd16275935640904480ae83b0790a2ca370f0808a366171302196533dff0195cee4438ab03d1a30ce9e4c612d5d35c5ae455b0c8aee17b0364436745680e715de07e8a9b128259a7c0efde0c948ebeae3ed8168bfc0f2f4be7330eeb68328fe0955ece113327c49ad8fff047f08e9b7f3168a48161a252492e233a5b1b554921d71657209719ac2818eb2c6fbd16a46b78e8ae03eb8dabbd34bf5000595d9519c8bc4b2c255a7837a5d70f5690611d1f7e2f8df2f6a09f3ca2b3fac9c8773810fe8b6f2272ad98bb1261fd2ba582bbe9006c037eef9fa745cfa22a48043eb1daf55ded91ec6bfd3379344f3e4012782a9cbfb234bc0586cb7209769acad52ed9998d433d37c4bcebfafcb8cd1f22e878ce24e009304961b6268fa31ad4473c501bba54e53f1e4d6c829185356e4f50a7f541f8f251da6e7ff2e82db5fa27da8a7843d3e741d92156156e507f72f1951f35747d2786353febc4c434675f8d96f93218cfafcc651895b21e0101b910228f0c987953cf0e2d1bf8b02c36d236b177b5bf6b47cb75eed9b425f19c10052bd98dc71c1741f1e2375d0be8bad679de040f8e81d9e288a7d37dff5ef5a9e39cbc8957337c2175e80a21593eaf05e419449d413987b9928f40afb8f16fb9e94d8fcc82dcfc9d7b1738a0d2d0600950a3a689b38041d0774ddfb39e4e1d1734b83b7709e3b247ce68ddbaeb0a1aa4c65d7f60599d89a5d3d24e445317c5c393ac804764e289429b3d32e91acdd82deefb4b7533df50967886ed376b5297a24ec199761a6eac1c96ecebeca4c892376b6f1786f241d1db4f51d31e4d691c8dda9e20e4ae97e6cb1184bd03d9a1dbaa9b3d82255ccda28b9f3977f6bd0f4c080247cdf83a216315e3882aaf2741d0f1d26d10d335337d35720b1700bed2f21a3e91a5cd66880a293679532d1b7b59aa91631c5808623e99aba9b3172b187d3995181cec161a7de901c49f068ceab73829d4321b576866a3f600c0fa21913f2da1635aad31d2ab2a1bdbbd73ea140cc4f30b24a623a3741649a32023cd329d76bdcc1c9f27c77bdf8c24828f139e977aac4e80e7c236191cbff61eb4ba41aa7bc1e5cbaefe5c942a450074f24f2ce03cfbb49b1ba6976526eb564f94e646635ae9d7fbb778b2bee04dce468f61b356d65429c6e753ac4b0809da66103bd318a4af960bc739270dd7621ac3dc94d833e1acb437ae27dbdfbb780d8fb9cca6c10e8313fbb715660dfbed45600799d7e393345263784d2f508163401abc245ca010527a6252cc37955793f20dff2e74cd29f4c909f9915dc9e35a8c9eb17d9aee4b4fa09880c52fe863c9877e875b92680ac08e4a35abb5e6d2f19786ad079ea3c75ab8e0da84ab3764d102097116587375ef19191a18899e2118e59fd365862411f0dc88ebb23af565f870f03c0c88190754c1cbab10f1a9f4875fa281de19488b1768d7d82b3e679ef4ba1777f369579e9506731cd8760626b985b03de3aed6c98a8b811de8a334d03e13f71275465fb40e8051bf47ba93363e1d81e4cd8eda8b8e8f90d0db15f41970e785511a4687df022ef65554c2dce1b9a05f26f45aabd79e2d0b9c80a12e6ae8bae6aa8794c4aff9de892f96660c7682ca8cdb5a217a3264ddd87de6e93bf76e4f3cbf84c6941b7f6a0154a49e12e4a967004b683af2a7c815adb8918818eb781790786359457978c1d5f55e77bb77ad418e2b86979a6a529e7684571edbca6b1c46adfed89076347b8c160e01d0a97fe802c8441872a20794e68f9222a2c49a6c02ab4ebf30b5750d24915de0c4911fbb982b4479b1ae2f61add1b58eeaabc916663f7c8551625f59842f3081e25d9fb5b449192296f8f1ffb3b4ff83a011f266f9aa41f073d9c4af21a4c15cb97e736e37c45502bd0d802b1f8986b39a1f6ab09c9583550976da1f775316f422a40f9f9c4fa2b4c249b4ddcde4a1f8ed11e22ea29e43e487979c2948a233f5c809b1284fdce0eaffae77f585f1d255464a44d949fe9eb0f7de5c3bc53c2a31f145c1d46f68829d7b33a18b313a8ba27574ff7d439513ac2c9f5bffb3c584614390e8f7d15d1f2457d88d7488eb6b6c6398cd0d4917f36a3adeccb616c3a3b7903f1a75c87b0a9ef8e2e0a6ce485d9359649b7de7313d1132676b118e77dd6c060d51391d80463d0a70661d9df9c136549e288e32e3cdac74822c79a75997ac61dc435fc37dce105cbc2b402418da77f6b35fa936caa18ca876120b09cc3e8da4b907924a6f20760264a65d9ae3efb6c2b1ff739a444c6e1a11df4bc6208b20b8117f1d427abecbe020efb1e792917e83276e27078fa8fa43675037faa66ab81fa6a7a26c964d2aae12231d47315568c6062da84ac51330aefe3ed9b4cdbc758b8467c6be077d694c866dfd0c90521e4b722d572589bf1a7c8d62a7d095fd58843f255ea447ffbf83bacc579c4476b2cc2c4bdf9258e1d3d451a716941f4167e2f66349e8a3397dac9fbca523fdbcefaf0e7e47255d419eba785ce20b62e6607802dbabc94f6c2fb8fa7d18ca100ff6477e14f1a180d98ba683423c12fc617cbe01dfa6a9b98b6806c720a2fe0e786376dcf89a0db2565e869127a756322aab11769b62617ad3143ea00af88aabeee1524f151a3d992e513b8771caeee8d4a447e26d979edebe0e0c39838d1d7bbf65dc7137d54cbef0003e4f8a63d1282473dc22dd126010b23ff3455713fcea2a0aca121da14cae86c0f472b154c2188e0ee74964657c9fc7d04e2f194e533b814694f645046c316c76d01695e550238474c24b01c996c84e8154316b208c828eea7a765dc7ece82c87571fe40509c03a4ebc8d549bac8343e1824c473d08767497b227cfbd387754315bf8cb71d15e3fae2560d2edbfb7eaccd25bf38e2c87156bd577801f40ecfb98cf14ea30de4e7143872075e64ec0b5315433f7cb277e58d5157b1f28bead23b636d38d3766a1b608928"}], 0x2228}, 0x8}], 0x6, 0x20000000)
getsockopt$inet6_int(r2, 0x29, 0xa, &(0x7f0000000140), &(0x7f0000000180)=0x4)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000005a80)={r2, &(0x7f0000005980)="58ba9b199706807f4eeb378329a73c628c1a1950fb4b02f29426060908b6c8b328038a32ad6b51811422fc0fb530acf5cbc598fae8cbb901b372bcc03ed01ad6ab6055060e02b77deb3c1a458007d2499259ac04c38a1cf50b0e6bd0ea9b8fde1f21d7adf7ede5c39580403877f1afd4ca7cfc87d87e192179c206219594fc291e8b46965d6f73a9e911218ca5e3a02ca998a3d3b366f390044ea35af50cfc3f2dfb115fc0ab4fc002c19ee7dc4b5d090b7c9f5d812237c8b1052b7f8677ec2675", &(0x7f00000003c0)=""/61}, 0x18)
setsockopt$inet6_MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f0000000440)={{0xa, 0x4e20, 0x100, @local, 0x1}, {0xa, 0x4e21, 0x8, @rand_addr="fcde4d4eaeeff455c56b1c12e395ae99", 0x1f}, 0x1, [0x4, 0x778, 0x10001, 0x348, 0xdf8, 0xffff, 0x8107, 0xb4]}, 0x5c)
ioctl$KVM_GET_SREGS(r1, 0x8138ae83, &(0x7f0000000240))

23:55:15 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x5421, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:15 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000300)='ip6tnl0\x00')
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'gre0\x00', <r2=>0x0})
getresuid(&(0x7f0000000140)=<r3=>0x0, &(0x7f0000000180), &(0x7f00000001c0))
setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000200)={{{@in=@local, @in=@loopback, 0x4e20, 0xffffffff, 0x4e21, 0xe13, 0xa, 0x80, 0x20, 0xff, r2, r3}, {0x7, 0x3f, 0x4, 0x8, 0xffff, 0x3, 0x3, 0x3}, {0x2, 0x1f, 0x0, 0x8000}, 0x100000001, 0x6e6bc0, 0x2, 0x1, 0x1}, {{@in6=@empty, 0x4d5}, 0xa, @in6=@empty, 0x3502, 0x1, 0x0, 0xfffffffffffff800, 0x2, 0x7f, 0x8}}, 0xe8)
accept$nfc_llcp(r0, &(0x7f0000000000), &(0x7f00000000c0)=0x60)

23:55:16 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0x80044327, &(0x7f00000000c0)=0x10000)

23:55:16 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230902d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc61850e9df91b6727fbdef1ef2882d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:55:16 executing program 1:
r0 = creat(&(0x7f0000000700)='./file0\x00', 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000002000)={'team0\x00', <r1=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000002040)={'team0\x00', r1})
syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x0)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x3, 0x588, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, &(0x7f0000000040), &(0x7f0000000740)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff010000001900000053000000000876657468305f746f5f626f6e640000006772657461703000000000000000000076657468315f746f5f626f6e6400000073797a6b616c6c657231000000000000000000000000ffffffff00ff0000000000000000ff00ffff0000e0000000e000000018010000636f6e6e6c6162656c000000000000000000000000000000000000000000000008000000000000000700010000000000737461746973746963000000000000000000000000000000000000000000000018000000000000000000010005000000020000002000000019300000000000006d61726b000000000000000000000000000000000000000000000000000000001000000000000000d0ffffff00000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff02000000050000001100000088086970366772657461703000000000000076657468300000000000000000000000726f73653000000000000000000000007465616d5f736c6176655f3000000000aaaaaaaaaa2bff000000ffff83ec6221c5eb0000ffffff000000c000000040020000b80200006e66616363740000000000000000000000000000000000000000000000000000280000000000000073797a3100000000000000000000000000000000000000000000000000000000ff030000000000006c6f670000000000000000000000000000000000000000000000000000000000280000000000000005f202976c911654a0f64d1b6c5d9fe883009238967bb1c85ca6e31f9c5170000b000000000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000010000000800000073797374656d5f753a6f626a6563745f723a7465787472656c5f736830000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006e666c6f670000000000000000000000000000000000000000000000000000005000000000000000cd86891cff0f070000000000ef8aacd25c9f099b62b765e864531dc1ad59185dc5a7e4304c40b8d960b7655c7479ff1c5b72a6f6446a877a3bf09b8689a4732ce90813d734f76588b8b3c5af00000000090000001e000000dada7465616d5f736c6176655f310000000076657468305f746f5f6873720000000069703665727370616e300000000000006e723000000000000000000000000000000000000000ff00ff00ffff384f9e88d65b00ffffff00ff0000b0000000b00000002801000064657667726f757000000000000000000000000000000000000000000000000018000000000000000000000000000000ff0000000800000008000000000000006e666c6f67000000000000000000000000000000000000000000000000000000500000000000000004000000020000000000000077d8beff2098dd265f702607dce6b8f30bfa9f7dcf48b4b61da373cec28c670bee5cb6843a87ff139148ef2385efb2fc97e0c90d6bb2d3216cde25e12eede48100000000fe9b37106d902ad77ae91ed8eb23707f2a0fdbed7f7bcdc25072a684d9552a54112372607da2533bc8bcc7fe37e4a2f0c80e809f6a42970d3acfbe8cdb20a65712e390f28a3687b3d7995e2542f9e2c15e8268bac6cdbb6ab43a009a1e7b2b2d80c7197eaf764fdbf138f559dc08cc81be"]}, 0x66a)

23:55:16 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x5450, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:16 executing program 5:
r0 = socket$kcm(0x10, 0x1, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:16 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044306, &(0x7f00000000c0)=0x10000)

23:55:16 executing program 1:
syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x0)
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$EVIOCSABS0(r0, 0x401845c0, &(0x7f0000000080)={0x6, 0x800, 0x8, 0x2, 0x2, 0x40})
syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x1, 0x2)

23:55:16 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000040)='ip6tnl0\x00')

23:55:16 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x5451, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:16 executing program 5:
r0 = syz_open_dev$radio(&(0x7f0000000080)='/dev/radio#\x00', 0x0, 0x2)
ioctl$BLKPG(r0, 0x1269, &(0x7f0000000180)={0x5, 0x4, 0xc0, &(0x7f00000000c0)="3988f7f2039bac09c8a9911981463db7355396826cc3fda4b874bd4ee3ca1a83d1e44bd088ac573c197dcf28fd6c9d989744d843363e3fae2f67a7c8600fc31209aaa782dcc5dc48ed64d2b93317544ea2f51d41ce260a3642e2391d1c8212d6f124b1a0045a96a781934ec46f8fbcfa90e519b2512eaa5dab4b4df778e646e09d60728b33401980a354c4f70c79fe49fdd21ddec8d0e6c75981e0ba3a366d948884fac65721fa85170478be0f51bdbdb74d37c1c097084ddda1a9c238129957"})
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:16 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0045878, &(0x7f00000000c0)=0x10000)

23:55:16 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0)
write$P9_RMKNOD(r2, &(0x7f0000000080)={0x14, 0x13, 0x1, {0x2, 0x3, 0x7}}, 0x14)

23:55:16 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x5452, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:16 executing program 1:
r0 = syz_open_dev$usb(&(0x7f0000000140)='/dev/bus/usb/00#/00#\x00', 0x9, 0x500)
write$9p(r0, &(0x7f0000000180)="48ea6ab4995df4ad1de4ce7640436c95bfa331d2f6c376af370c9a418b89943847cc9d062b70069d12dffe29ea134c385bc817477045f764de27499c450f81a173c62cc7a29fe5f7b8b0643d0040b5e6063771579603088f82b8733e3c898969012373e622143abb678fc3228ada3c8ba764087bb3", 0x75)
r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0xa9, 0x83ff)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffff9c, 0x84, 0x77, &(0x7f0000000040)={<r2=>0x0, 0x3, 0x2, [0xc9, 0x100000001]}, &(0x7f0000000080)=0xc)
getsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f00000000c0)={r2, 0xff, 0x9, 0x4}, &(0x7f0000000100)=0x10)

23:55:16 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0))

23:55:16 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x5460, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:16 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0045878, &(0x7f00000000c0)=0x10000)

23:55:16 executing program 1:
syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x8, 0x402)

23:55:16 executing program 5:
r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20ncci\x00', 0x0, 0x0)
r1 = accept4$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, @host}, 0x10, 0x80000)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r1, 0x28, 0x6, &(0x7f0000000040)={0x77359400}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040), 0x1}, 0x0)

23:55:16 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x402, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:55:16 executing program 1 (fault-call:1 fault-nth:0):
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:16 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x142ffd, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:16 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0104307, &(0x7f00000000c0)=0x10000)

23:55:16 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x40049409, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:16 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0104320, &(0x7f00000000c0)=0x10000)

23:55:16 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:16 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x4020940d, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:16 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000003c0)='net/rt6_stats\x00')
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00')
sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4854000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x20, r2, 0x430, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)
ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000100)={'hsr0\x00', {0x2, 0x4e23, @multicast2}})
acct(&(0x7f0000000300)='./file0\x00')
symlink(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
r3 = dup2(r0, r0)
ioctl$EVIOCGREP(r3, 0x80084503, &(0x7f0000000140)=""/175)
open_by_handle_at(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="e4000000090000009438c74d87d7c88501cef26361e7d46e4631a95acf3294b22bcecf87b71e0c30d16599e1a1495e645f4d8b92963538165ac453847b89772d1e288deeb483652dc7d7cd804d10b3ed441fbcd4953ab6e4ec7a77308d47b4f5f3a72b5b2f4c94fe33372e689c594950188aa6bda442adee1de6c5cced6c59b06660ba79830bc5450010000000000000ca1f9bf8925b46dfd816056d6ff9c8a6b4a4247ff77e80aa169040782964aea80cc20164e96f48005a8f896519703c1f2c5cf00c77b66e31c2d2d0119439d38690dbb3780aac36e2aeb43f8fa6acca01127d402d"], 0x80)
ioctl$EVIOCGNAME(r1, 0x80404506, &(0x7f0000000540)=""/29)
ioctl$RTC_EPOCH_READ(r3, 0x8008700d, &(0x7f0000000340))
sendto$unix(r3, &(0x7f0000000380)="cf7d419f32e1adec1e99a6be1c6c87de770dc05fbf77056a9f6d29906688c878e61105852a349892cd2c", 0x2a, 0x40000, 0x0, 0x0)

23:55:16 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb2305094149ade3b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f04b6a7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f8", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b, 0x0, 0x0, 0x0, 0x0, 0x1})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:55:17 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/icmp6\x00')
write$P9_RFLUSH(r0, &(0x7f0000000040)={0x7, 0x6d, 0x2}, 0x7)
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

[ 1205.910724][  T561] kcapi: manufacturer command 65536 unknown.
23:55:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0045878, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:17 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0189436, &(0x7f00000000c0)=0x10000)

23:55:17 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x2, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0045878, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:17 executing program 5:
r0 = socket$kcm(0x10, 0x10000000000001, 0x10)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000140)={&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000000080)="ac32891a642a31191185b7fbe78d9ba8dff64d2b52997bf7f4a715a3690d251264adf4d6eaf1d017ba61b56395c625561d43129049d6418060e441320fcb861bc88306b2cad1b6e3c08046bd756d675bdcbc2961844580f0f1e6ba467a61fd13e167a0064985549ea20034b5315b8a9cf2de487bb97b729d3d30c00711f20a3eab709aefa643e93d5c1eea0af57d62a3f6181009d2f5ef2e800a29e6161d4a6b61bf8db1", 0xa4, r0}, 0x68)
getsockopt$inet6_opts(r0, 0x29, 0x3f, &(0x7f00000001c0)=""/145, &(0x7f0000000280)=0x91)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:17 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc020660b, &(0x7f00000000c0)=0x10000)

23:55:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0189436, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:17 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x3, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:17 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socket$rds(0x15, 0x5, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:17 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:55:17 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0404309, &(0x7f00000000c0)=0x10000)

23:55:17 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x4, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0205647, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:17 executing program 5:
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)
socket$alg(0x26, 0x5, 0x0)
r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x2, 0x2)
ioctl$SIOCAX25ADDFWD(r0, 0x89ea, &(0x7f0000000140)={@null, @default})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000001c0)={0x5, &(0x7f00000000c0)=[{0x7, 0x1f, 0x563, 0x101}, {0x1, 0xfffffffffffff001, 0x10001, 0x4}, {0x81, 0x9, 0x5, 0x3}, {0x7, 0x9, 0x0, 0xff}, {0x3, 0x5, 0x5, 0x1}]})
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x20000, 0x0)
eventfd(0x5)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r1, 0x40305652, &(0x7f0000000180)={0x3, 0x7, 0xaff, 0x2, 0xffffffffffffffff, 0xffff})

23:55:17 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x3000000)

23:55:17 executing program 3:
r0 = fcntl$dupfd(0xffffffffffffff9c, 0x406, 0xffffffffffffff9c)
ioctl$KVM_SET_CPUID2(r0, 0x4008ae90, &(0x7f0000000140)={0x3, 0x0, [{0x80000001, 0x5, 0x5, 0x5, 0x101, 0x3, 0x8}, {0xf, 0x80000000, 0x7, 0x4, 0x8001, 0x4, 0x3}, {0x6, 0x9, 0x1, 0x2, 0x80000000, 0x3d, 0xcce}]})
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x80000, 0x0)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000100)={r2})
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x8, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89f2, &(0x7f00000001c0)='ip6tnl0\x00')

23:55:17 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x5, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0205649, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:17 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})
ioctl$VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045613, &(0x7f0000000000))

23:55:17 executing program 5:
r0 = socket$kcm(0x10, 0x7, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:17 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000000c0)="50d8e74c9e889be55e96b8d87314f1eb6197824ea73c24aff689c27873ec9976520deff88266546bb62a6e5ee1308ae78eb237124146cc1407eae81df345118f6796ba51756e265226b2145257040df966e1675ef665679310422fd7ddb4eebc405b68c4ccbde41763bf953b51b1ef85889f44727143aa1781cb92f729acaf224b617ca1ac7b7ae4eb80408262fd5f00be8ebcea9945bf1cc853efe91e348569036af4b8c962bbb4b979344f3fe0231bb1bcb37f446909cbdd0207db4898ee08ca3fe89d46b109048adb7d55126ca778c22e671a54dd572627c96c3c0a21", 0xde}, {&(0x7f00000001c0)="ac8511afa127d8acfe7ddf123114999986e742912f347f8dc6baabefa1a33aa56907f17b808d8fb74f71063bf8292facba4b0248ef92768703404f4adbc75e4085fec939834deaa09bfd5bf56b942adac06277c4835bfcda74e9f0684e1674984139f073e31ccb5b3aeced5d5150870c8e9563648365a27084f19bdd398a2032bffb8dfaf673c6143cb6a1bc2018e5aaaf8abd", 0x93}, {&(0x7f0000000280)="33f203a5a9227cb18087c05e6b14d12aa0ce6174e77de8a9c2e69c1d1cdfbed84c4ce3abf1d5cccb49244b2fedafca2b940714f7c81f61175e4f486fce4c29adc193cf65f466a13fde9f62e54b80f24ee3c8775bdca1d5348f5ab070aa5c99b31914f5360d6329c11385681679c4137ccf56c451438b5f9028e0a74f1407a7831005be7c58db2cc3512387d5420a7518e5a61125c19f63d8d349fcd173ec80ee05d3178a9d946d6883a59f5babeb892ad3888ef9e02527f0561557ac48e52ed7ae63d78afc13938ce56bbd1e7b83c243eed2efd99faead7be0cbc0df2a25c7b7d72d8fa7fbecc430a15ff4db33eb0068c439285d64b0", 0xf6}, {&(0x7f0000000380)="b8b40ea2c91fa6694fd7b4298e56976af399a70d248f05ac5d616287daac634032bed2a0b2e0e6328bb77e682d8e781059a1ee938a0611fffe603602f5e2c5312a8baa2653175e3cd737ecd57c0d1e57bab70d3c8c31411080280bb7a65626c77ee4d4578e2b09cfaf5b6e848850f780f0d6521d26d67e9f9a5477980bc32a7fa24253afbe8430452345ad6f7711c99392d55f1976c25c3d89390ebb38ff47750ed7061aab1440f6e7aeed6d5a8e6ba21231991724f68479e0516d9c0a3be62ab10cbab08843af519df5cb0401c2a383039b695bea0d0684ade1b69d2e282d256b53ffb0aab741d0b48d9bc8", 0xec}, {&(0x7f0000000500)="2049d3b15baab2566e269e95e2f316f4dc5caaf624227d76f0c77978a840782d6572b77d4726170a46054d32a9952280712b56116b907f8be0204751cbd5f020fc816caf4684cfac416d78a5dbb97d15859fee045316f0a98284f0fc133c8003f7f12518a51dc6dd73788dd8a8f594f3c807457547d68264331326d22d3357d6ae88dd50e828b9ccd8302343eb6d3213de1c0ef232dbfe23ca8245464c64d60c4ecbd130027aea1938591a0dcdd18f7018dc02a4ac422484ef0def2e745c78dee7d7f322870cf9f7096d438a8e438f1ec55383dcf5b0d80f996e175ed0c5cb4e6b92c7867fc40512", 0xe8}, {&(0x7f0000000600)="38576491ea832a52af70036e1d0c43293a92c9f17a51ad40950a25c39de8e1d94f3a2b1825311d1a469edc99b72a86b03c29505b99997cb756e2ad4c51ff7ec1599dcf30ce42bd1eff6376fdc66e1d9049463d2107ec2e4ad1942ed36d5ecffae6007851d1ecbc6196d40e3ba6d9d0147391a0e91f757a7b22f0537fb4e3aae255ade2616cbbabffc7e2c4c3302d4a2db767ff8cffe662ae5299d6db2fc29476adacd99797096d5a7d02c90feb588faf8b707ae6426c7f0ba17c38edfd222bb8483c2f2a0836d976f88419d827f06f46ef8adaefe62ad0e93e30dd8334051818a6d5cb833f5ccbac4ab0b215c9a665", 0xef}, {&(0x7f0000000000)="df3b0f0e9ba5a002cc2f77a9eee6b06994ef", 0x12}], 0x7, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:17 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x5, 0x8501)

23:55:17 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x6, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc020660b, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:17 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'\x00', {0x2, 0x4e22, @local}})
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000b60000e01200b0eba0b4965cdbaa18a59c473da67e3d743298cbb3001be63e75c82b", 0x2e}], 0x1}, 0x0)

23:55:18 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x9fd, 0x400, 0x2, 0x4, 0x8, 0x5, 0xfff, 0x4, <r2=>0x0}, &(0x7f0000000040)=0x20)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f00000000c0)={r2, 0x7}, &(0x7f0000000100)=0x8)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000140)=0x907, 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000180)='ip6tnl0\x00')

23:55:18 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x7, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0285628, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:18 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = accept4$unix(0xffffffffffffffff, &(0x7f0000000100)=@abs, &(0x7f0000000000)=0x6e, 0x80000)
ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f0000000080)='team_slave_1\x00')
r2 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r2, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r2, 0x5412, &(0x7f0000000040)={0x17})

23:55:18 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x8, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:18 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = getpid()
rt_sigqueueinfo(r1, 0x25, &(0x7f0000000040)={0x33, 0x92d, 0xb52e})

23:55:18 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x9, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:18 executing program 5:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x109040, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100)={<r1=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CONNECT(r0, &(0x7f0000000180)={0x6, 0x118, 0xfa00, {{0x31e9, 0xfff, "c4961e027d89fab728efb2d02b0ebe697e142d7cea64b96d1d1740529ecb3033ede924a48cb0491e854b2a8eecebfc5ab70f18a0148c0ae6af97bd7e49cd5c95ce90d27326e8559110bb3e01e3b0d928c7be3a23df69757265a41eafa92fefde9ec9e13c09b887dd20b4ac5f94e3659a6fd794c5249b3f54a92f11103bf77588d382a7ea7b027b1de2bd0db29d50c9e9178b7281e97b922f5547c5f90ed6b7819d6efaf6dc6f3955732ccaa0ecc42bd31ef125a7af3c3a4c36bd3eecf18f1f1dc7be13806befd433a23ea061333d85bd47c8d04954f696814d2bdc55ddb3b781ade81d1d94b9dea60e8dfa93d8537c952836f29ad155989388f5a373105c3e30", 0x6c, 0x8ec, 0x5, 0x3, 0x4, 0x6, 0x5b}, r1}}, 0x120)
r2 = socket$kcm(0x10, 0x2, 0x10)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x109182, 0x0)
setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r3, 0x111, 0x3, 0x1, 0x4)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0285629, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:18 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0xa, 0x40000001, 0xfffffffffffffffd, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x100, 0x0)
ioctl$IMDELTIMER(r1, 0x80044941, &(0x7f0000000040)=0x1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:18 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xa, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:18 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c080000000000000097a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501603a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2744f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d771862e82", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:55:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0585609, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:18 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000300)='/dev/capi20\x00', 0xfffffffffffffffa, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='gid_map\x00')
sendmsg$nl_crypto(r1, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x18000004}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)=@alg={0x100, 0x10, 0x104, 0x70bd26, 0x25dfdbfb, {{'rfc4106(rfc7539esp(ofb(des3_ede),vmac(cast6)))\x00'}, [], [], 0x0, 0x2400}, [{0x8, 0x1, 0x7}, {0x8, 0x1, 0x7}, {0x8, 0x1, 0x40}, {0x8, 0x1, 0x7ff}]}, 0x100}, 0x1, 0x0, 0x0, 0x20000000}, 0x40)
r2 = syz_open_procfs(0x0, 0x0)
fsetxattr$security_capability(r0, &(0x7f0000001680)='security.capability\x00', &(0x7f00000016c0)=@v2={0x2000000, [{0x1, 0x4}, {0x8, 0x40}]}, 0x14, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
perf_event_open(0x0, 0x0, 0x5, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x7b3088768b90c203, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000001600)={&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000000600)="1232288d5633e433b93132558811128e8bf507000071eb15f1f793bffd3c9fdf113af9672a9027ba3a2bca2bddd2c31c0d2bb9a41960d88ca1f719997f5e8b3a5381237dcec22a5e1266eb471ce1731f72e15bdee5d8782cc6a0c592acf608c163356a1e74652982de5191ee9aa6fedcb70b2003b4fab302f31f4a61ad25f5e4bf6c3011030d733443ec88f6f3622d97be481bb5957a467941271065b1541740c9597dd217b23b29af8e6ff7de44390eda99dffba1d03e8971543ad63ad241a3c4f3db1e74617d1d0aaef4d6b278118d18752f850df48f82edfa9a5139c0b854ebc609e5d5cbe90a83ca8d485c84fb94ff2bc34b5adb77601d6d9b804668dce06006e4a3036824dc26dc3a1d42e56290b43207cc33fde4205618fc893367cf455536cc3004cba0c121cd020901f8adf1b3b3f99156c59a445b51c6b751a07b1c4eb3c1b6ee31f7878577b5644d70b94d5d735abb29d00b54e349a9fd10487bc72b816029d38db159206a8922a6825606d9b3c06c565477c8af1fab76533a704a8eb17809898f370b26cc2e9999d99d8e6d2a3b3de31b7bff13988564cd2077b872d24110f0418ffeb8b290427ed4e5b57d1cd39f73a0623becd9063c459bbde7c470048d9a630745c36e78006e4099ce157201450c8dc3cec24b37cd2cae118296c141c0b2b4074703bd762cf452e94a057183366bc37d935c2623a5d28408f0a9b6940ccb2b0c3acdecb0849da678879160df7dfd5f9cee9d4832e44326f5162ce985861745052aef48f909781bd83718438f057115f4c0fd2687524a4338488cf278b3132f6f9efc89dc3ad647f56e53d9233e29fbba07ac3e7252899426cc808501b1ef0d03c585169f310e23d607bc3382609abfa3a350b32a875e46626740d21aeafd7e0eb2f37a4a884917577e764856926a621bd8034065aef72514f11090a709ff0d7a8d65ffdfa1464040e99acdb127e9686e569f7d453d38879549eae83a47049d23408d7ec7a0e2437874f3e573b8884e66fa640ed026256425583a458304537fc207bb4b422b305a45cfcbb277d73bf92d486e132327800b93b2a383439be9a6ed2d22cc1d02e90b92e28a89b236dd09b47d8f08c2eb57de4a3c7a6c7f54de7b7ca79d911fe45d54b30d8c5c6f927aa7c7f324899932c9316fc4fe222865d05a1f778a8b6fe4d745d837734f3dd38f8a8f8d0c970923a3b2285575377c26a74ed7e1e3e75bb437eb24dbfe875134aed32e5add829fd399dd692c3d8863862b3b81c47153bd2c7f0c37151b3a6471af97c26a03ba329b29c533a63237ff44c361eaa04fb9a5b31eb17271646b4cd1da0b615ed70ffcf0eac2086b6bfaf684b49bc28ec1289febc08e8d6ffcaa55919b7b65d26039f41bdb538d07266ceefd48bf5a8dc792a86900c3f3928376826720ce7fd59f40b00f4ba712b8a10cc26719cbf7e6fbff55a1fb65c110cf7723b73b4be2d9062809629ea7f256538e164c99e44f78ec0808312bf0ac5fae7bb28be2a24a3ff3d45f4c926ed749cfcd1d214781eecbb09ab58d85b27b7535815993294eee7c9dae304168df3681ed075c09fe9bc55c79bd1ca7ca1b3ab9b655b47a86443d742a16cc9fdb2c0151c4830d6979b3fd1da2d68b18ee7215816fcd8ed59b1ffb7eebf8a6076fb754c30794ed77a01f36bff3e0f509e31e3386805576293f7d6897dfc20b2e47457df2f7651c3bdfded0e77476410a13c0c9c49fed5a9144573e1242ebaffe3122f6ce421695520faa2e594daac13d3233d2034f7cfe586063975dcd2d419f8f15b503222b7f82749b5ce5d47ee2f6508b91ad855234acd087219663403c8d2991aeabf90abe27555f8c6f58cdc8eba5161ce53bc7479e9a00dfb387bc2f2e955149e7a43280050ba4a9058a35ff90a6d83da2fb47a4581a75ca5cded4c2369918651ff9791d423a167b1149bbb01a4cfac2c00b9f3e3a12b21955643ca873851458b52636aa92f602ebdb0649fa29f48e3a8dad3316881041a622a73b0954495e3613a397335e30bb9786095adc7d4d48eec81344677d022fad4257fd0498bc0b74a9bdfc7c1d77165f4c7f3b7742196b207b79499acb0e0d38ad691449dae87cec074c027486ccc51caf66ff172f0b69371209a78745e9d21431147f46eb0365d9043b4fc1c1b94a04e71673e05f5101861a6e6ffd5a8dd6f933f4d16fcdb858f7fda77cd7e8479215e2be032cfc1cb701aa564e9c5aa3ba32eda84de8a43e331d425129c48f5ef48da7462f2630f288e3cc5d2699a1d48a7a48463b454b37b890dfafbeafbe23125bc65c3375be9b5a2934961c30598e1cf08239521d4ec13f50154f21ecd81e622b055e6d6dd46432730631d8c18c354042deaf66958d98ccd80a5bca555d0aff0c57bd5dc88e07c5d46c95fc2b5dad1f3734343a9b455c83cadcd0704d6518c88b26ff73a5ceb4f6c52bfe71770261b58b89624bda526f1abce5ff87b2137e0c2bda84f42c384dfdfe5cd5dbd810a6c84407a80c0787e7602d3ea6f71f2764209108120988290a36eb595ab178003f22e2e3a921a127a4cef47e7f8aaadc385dbe6eaa35db828d821d96ea020d1c4085a557ce6e025e1f128544c1eca0ac04d1147f976a8b1bd711376dbf508125f3f6515bd488cfb645a78c06f8dda80e3c306f4fc7293195d6c9661632e36a804545a8bf0798c19f4f4a06223f554486b81a8c484f023dc365dd248cdc97c087d8fe16b2c28d9b0325ad191739b2decc30de46cd14aff63c65d56ed452002370d2d55bea2b7f9362a76de4cde6b33f6673293080efe555e83f1e44d57c0eaa6018311df063a8e72ae20cabeb61a8046e054d9091d35c75cfe0aaa86a19150fc354252fd3158d4976978411a2f4093909cb3d4e4e62858954cfd62840830d7421561162e80517a244357fe0a956d6cff0179f6e611e2063ba93c54a6ec71a55b9ea700b2782f410c3ff7a896a995f88dae15d350c57e69d0dc756258eeb48318a7e180328ffde558e80b11572bc80123b6ff7dd68ceb5e720b8ccc1fa75f53736e53664642036f6e9eecec60d920accb1125a2867c33495dd5651f55d71dbafe740ea07349538a67cf7822076b5a1271f7c66a55de1e9bd8d8c087a763ed353b257ab268c0859fb2ef5f6b51e9301be46822e9bb81ea13d2fbcd1a17be9170ccd8263ab6ad20d341727903494f768e6c8c343377b5dd17c4b5c5613ddc3223539ae472c40f769ea0e9cb9b403346e7319c2607dec30de1c513b6bf0a79f1f66e72803718388fecae6d899b2f8b1d1728ceae238625baae5563bfaaade1bced831a5a229d1adf972d3d450ab49f57a2dd4c6164a8f1caf2d5dc0fed65f45726f2ea22665dd185e6d846df595cb860a6f96aa0f201632870860c46c0a6f243481515d52da868970dd8cefac4a41851fd26f93a3a40e99fbb9846c0b64b10fa0260d37b8b2f6d5c592b4f0dc95b6491287b3b955699f9e20537e8d2eefdfc737c61a15cdc279e5b09f0235180e7353e7e290e3c6faeeb539efd2f75b0de802fe81038c2aeea350df408d7ac3f3e1d02e9dc4e80facfb6d10d099f44c1c112bb8efbec6d9f5fa09f9d4a2f9766d4c8fa1ef6617f41440f0eda550e30a8d060357df46ee1e4ba96cc440c4be2039d75adf85da1159846169dde60a051c6f2e065b328abe07d39c0a42d5c862e7e60c87203cdd7e3534fc2e23c9537d7dbac45f043e82faf5e9601c6625c4e1d1a1ca697e7b3b6bf174c762a2b33d5b953618d8fa2cc5a70df8262ed4cc3edfa5156145f32498f1ccb3f9a7ed2a7051391b125bdbd9bce09eca2603a9bfb9fff675fe10987a086a6dc40adc73d25a0b156b80fe7a9c06ccbd7e687ef4aed42fa3a0ab60d9733612f236912eccd057cef61384688b1dc7c6472b1b24ac23dea0bd689ff2ceb0945eb491b1d7e6bd97df6f2065bc7f16deafef434234148dc81b15c3d2b352d76b256b36d6e3c78761ab74ecac20e25446113e811c9aeb1c9b4799292007c29e61748ad66a4aaaf3fd95609c23ee66ac083ebdc3576e9df40d9a3ab16697ed24f5cef583306d868e321e75c4aa2fbc59eb24aa752b661831650c3181ee33d31e00e278e21a3e39b7612fd27941ead066a43fdd75fcc52d898bd70d8ee7ea4b8616a8e06f54d1132a07388a8331301e24c93b1a9e60f21ac0ffc0fc83108c88b09fd22b2ee7d630067fb8d655ba7080c71d2ecf4add684af83f4fa0e0f18a6e114716edd4b0f0865573413a12c4dfe12bd188ed79bf010c58bf04193899a33afab16a6a56c517de308fea056e783f19dbe74c11ab6776699bae73742669774433cf33198fe26387921af60bf58a0a7a6dec39e7e51b8683cabc7ab9e740930272370d0c2c36568abd13f654812b1e89c52b8b622d274a8b386ec089416c518b2b9417eab831683f37e959b74bdc1e87acebcec3ef8d2a422987a88cc2534c1e2271df38eb65190b6815709938854612190c1f2e214ede7ffd758269a9d32070aa78fdc43ededaab378fa8463c94421cd6441e7b7c7997a6dc8dee1f970b516cfba3fe6f16cc83bb6d3d7c7bc1e315ca0bab95bc8b4a4dfbf4e85159a1bf39ebbc320fa296ad801c8753d585b9b9ebb734b9550e130285bdc43518579c58b8047a1c9d3ce620ad2b7caaf91f2b93757df7db503591596ed6972f855f037f11ba224554111b88da49c3a6c3def525e4144aff8db1820dd7125cc1be97b655637db17fde6f7914e857db99b38e3e50cbb1c9397f382751e379685ed05ef374f9ce1d24df1d13040e072217dde0eefeec6769db845b2dec45f50753ff1c8aff2ff5f2d157059ad354b1a3d4fc9538e236a06434b06055855135a6afae99ba4047e5738e96f5986cf9d27d92d51e8c973acd79e835c11cac7ccfb9d1c959add3826612a43aa2acea0025d9fa02b3c9c6c7aa57204d749a7ce4b420796ffd69f4b633cbed2377d6ca84055d24baca9b8b8fa08ffb10849f5cda09a85e61636ca30572cddc99c562e516b0c4fdc09c88cc76ddcdb5363b9cd93a6e2a3da77d30b71c261dca067e1c678975554f06db1a73ffd8d850149fee84d2d3891347a4cf8093f55c60ec626272942c859dfbd05b96378e4e396c572f7a204117e0b2eb27e28ac66233a3d5fd3e2f130952633fd7338dd5b66a358b848a6da9b6958b044a654220379cf4133d9074d710fd5ef4a694799ce22cb93c2121561f6e1d8ee3d5cce4a9d77240dd97ab100e499d0330c4d8c90c10fff1c41de2f731403d1b178bde22656191d3edf284ecb3b912891536cc5a2e51e1682a2fd62c29ad8187c50715e5ea1c375939dab4884dc99013a882b007d040ea1c45c6b549817adf8d639dbbfc39188dc04e637a08119850a59df8afc0dbb7eb57163ff98bf23db31c57a7d9387280cc244c082094a7aca7b86861468227d1b28691c96a637d5ea7a9a79a545ebc0be7f3ab4d6ea05a265e98005eba37c7aeb16f0065e83058629ef59729149ab1aaec765378dda69deb1000de7e9d5f82a1b269352e6c14c7438fb266bfe8eeb01a0b7b50135fd331507a7481292f798d1fc54e762115a2d199ce95154a0a122a1cc09c3251097832b822abcc33a17daee256aa672f7a25786d1afcf7a4bea7e730f01c04c82bea1a481e1e091578458b41e6ed00da3779f306b82f141465c24dffa8e602fd8488cffea916bfa73db54a1ecd98aebe2bea2ffd782acde8ca967a5ed7e0b5b1bf87c71350fe1afad88976224d4edcfbdf49c1e362aa53707b", 0x1000, r1}, 0x68)
r3 = memfd_create(&(0x7f0000000140)='\x00\xe0\xff\xff\xff\x00\x00\x00\x00\x00\t\xca\xa6/\xbbX\xffK\x87\x13\x17\tu_\xfcJ\x00%$\x02%IY\xca\x03\"\xb7Z\xa3\xd9p+C\x92\x00\x95\xec\x10\t\x8f\x0e', 0x0)
write$binfmt_elf32(r3, 0x0, 0x0)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x200327da)
splice(r2, &(0x7f0000000280), r2, &(0x7f00000002c0), 0x5, 0x2)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
vmsplice(r2, &(0x7f00000005c0)=[{&(0x7f0000000340)="76c2717876be26ddd992c5b771056d7c9a37317107ae1d45ff4862f1a1fbf182a3f66c18179f1b15df8b09b23ce0179f8eeeda288d9dea82ed5d7c43df07aaac7852b1659ef5c0700f540fdae89a1100b55846a4da0cf283059cf35e5680caece33e7fb2e9852142c4f09ed2972dcbf94288fa2e51cec422d9b01e3e5d6a6d484d1540bd180f64895f5ddff8dfbe63f5a3861ce19ce3b56b89d69b25d7120ccae91ad22f6f8f9635c27327a1c6cb4b5b84b53cfce31d54852cafe656a4ca443887beb84191cd08f7e92443b3482a1e9bc823c1d6e433b45cceeaa907c19251ba754371e6b4ca5f", 0xe7}, {&(0x7f0000000440)="6d7a5f35f77c92a7f95aaa5243a334bb52bf90290c9622f5887369e252bbf4bde90b14ad1893ebb1cf9dcc156546483d49fe1fd4a4a5a7b03c225ecb56dedfbe32c7aad72803cb2ed50cdb0b7642fa7151d3a2bf98ef9a091da1169bed25c3a95831a595fc4a1796aef9d5be4ab4f05bc1221fd998ac01482a84374311c92c9a530b0f7ecef5a8d9e0f4a3e85d13d65ffd184f8a0138e0129e2c405ae465a0ca4cb2fa6de886db3c5823d80f4e372b7899886bce0dd1186d8bde5499dbd62c148bda14f8f43aac14", 0xc8}, {&(0x7f0000000540)="69311823919e3c527a22a188af00c32a77cc4dbd79aeb6966bad9ec236063afc24c59805c68c71ae0d6aed186150a54188d856fc987109a9cb912ca612b880cf7b91a3182892b186bc2d85edb2aa52a25817892783f514b769497fd030c36dce43e91c6010abb100d9985a5c34cac021", 0x70}], 0x3, 0x4)

23:55:18 executing program 5:
r0 = socket$kcm(0x10, 0x7, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)}, 0x0)
r1 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x4, 0x101200)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r1, 0xc0845658, &(0x7f00000000c0)={0x0, @reserved})

23:55:18 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xb, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc058560f, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0585611, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:18 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x121000, 0x0)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000040)=0x3, 0x4)
ioctl$NBD_SET_TIMEOUT(r1, 0xab09, 0x6)

23:55:18 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xc, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:18 executing program 5:
r0 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x7f, 0x2000)
bind$vsock_dgram(r0, &(0x7f00000000c0)={0x28, 0x0, 0x0, @hyper}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:18 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c00285f5636d1b44c017b564ddad42cc054242618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:55:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc058565d, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:18 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xd, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc1005666, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:19 executing program 3:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x4)
ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000040)={'veth0_to_bond\x00', {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}})
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x4, 0x101080)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89f2, &(0x7f0000000140)='\xee]\xbf\x9f\xef\x99\xc8e')
r4 = getpgid(0xffffffffffffffff)
fcntl$setown(r2, 0x8, r4)
sendfile(r2, r1, &(0x7f00000000c0), 0x1)
socket$inet(0x2, 0x4, 0x2)
getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@loopback, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@broadcast}, 0x0, @in6=@mcast1}}, &(0x7f00000002c0)=0xe8)
ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000300)={@remote, @remote, @remote, 0x9, 0x1, 0x3, 0x100, 0x5, 0x200, r5})
ioctl$sock_inet_SIOCGIFBRDADDR(r1, 0x8919, &(0x7f0000000380)={'nr0\x00', {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x22}}})
syz_open_dev$cec(&(0x7f0000000180)='/dev/cec#\x00', 0x2, 0x2)

23:55:19 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xe, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:19 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000100)='/dev/capi20\x00', 0xffffffffffffffff, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x2000000002)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffff9c, 0x84, 0x18, &(0x7f0000000040)={<r2=>0x0, 0x6}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000140)={r2, 0x1, 0x80000000000, 0x2}, &(0x7f0000000180)=0x10)

23:55:19 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)
r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xda, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000001c0)={0x2, 0x0, @ioapic={0x2000, 0x3, 0x1, 0xffffffffffffffe1, 0x0, [{0x3f, 0x2, 0x830, [], 0x3a800}, {0x7, 0x8, 0x8001, [], 0x8ac5}, {0x8001, 0x7d, 0xa60, [], 0xfd}, {0x2, 0x5, 0x0, [], 0x80000000}, {0x0, 0x4, 0x81, [], 0x6}, {0x1, 0x0, 0x3, [], 0x2}, {0x9, 0x100000001, 0x80, [], 0x400}, {0x8000, 0x9, 0x9, [], 0x9}, {0x1d, 0x3, 0xfff, [], 0x539e8830}, {0x3ff, 0x0, 0x1, [], 0xffffffffffff8001}, {0x7f, 0x0, 0x2, [], 0x18000000}, {0x1, 0x7, 0x1, [], 0x120}, {0x401, 0xd0, 0x100000001, [], 0x3}, {0x7, 0x9c2c, 0x5, [], 0x7}, {0x57cee5bf, 0x8, 0x1000, [], 0x6f}, {0x3ff, 0x0, 0x10001}, {0xd2, 0x4000, 0xff6a, [], 0x3}, {0x8, 0x3, 0x33, [], 0x2}, {0x1000000000000000, 0x6, 0xff, [], 0x6}, {0x3, 0x3, 0x10001, [], 0xae79}, {0x1f, 0x9, 0xfffffffffffffffb, [], 0x2}, {0x7, 0x80000000, 0x3ab40, [], 0x7}, {0x7fffffff, 0x2, 0x5, [], 0x4}, {0x8, 0x400, 0x9, [], 0x10000}]}})
r2 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x3ff, 0x2)
ioctl$GIO_SCRNMAP(r2, 0x4b40, &(0x7f00000000c0)=""/139)
fsetxattr$trusted_overlay_redirect(r2, &(0x7f00000002c0)='trusted.overlay.redirect\x00', &(0x7f0000000300)='./file0\x00', 0x8, 0x1)

23:55:19 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875f717c499ae2c3654b98d4bf054b6d79524d2197b40f96ffd1fb859d0e4f03ec008eefe16e9243a9738317491cd890166e69746a9e6f9012c3a4ff3e1d15f68b8f23cb4eded901fc676e3003f0b43541a8006edfc27c5a0ee2a15e05c319e298e6a1a6d4e", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:55:19 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc1005667, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:19 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc1005671, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:19 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xf, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:19 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x40, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x106, 0xf}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000140)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0xa173, @empty, 0x3}, {0xa, 0x4e20, 0x7, @mcast1, 0x6}, r2, 0x3cb8ec47}}, 0x48)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000ffd000/0x1000)=nil, 0x1000}, &(0x7f0000000200)=0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:19 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})

23:55:19 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100569d, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:19 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0xa, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:19 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0xffffffffffffffff, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x40, 0x0)
write(r0, &(0x7f0000000200)="ec8b8ce78dbc5faa2f5ace3a33cc01a8eea6b2d7a67a4f9bfe97a8f0c7042f678af81d3eeb07f53b4160e79303d46d77e01fcba967b3e81bbdda2d69cde674056efb035aa1c7ec071b73523a9f4635c328d364e8ba38313af112a6cee9a02f7b10002f630d7b786acf0d103a11995e25bbb4643fe3effb5fb5cb716ed6a97279e3569c1272358b2d3033c15af77893faef7618c2952fd33afaf000364011c1f00621397bccaef4dbf8d9754059bbdd987dfe3885d4875d0c8c99190ea4c7642cc8054632444ddadd90a9520f36a012488c700d4009924bbc5a14bb26d2be7e3718bc19e2ae69ccb68e006268251a23554c99e9e5b74277ac1b403420a858867af7e0bbb81f6516ea36119c875b199958c18d083acae467c7d9aa7f47a74dc9f84dad4e9908979754642982c239e523397d023ea97fd1f4f61679dadb9abc03818b46e118a81099eb194163fd6777fd34adacb04d796e5f9bc6465e8137177003acf269df469218e7ebb0996de23a9f4a76e88aa5855bc95465af57d11d7344b29636ca37bfd57d0060f5ebd65c1610589753db2ca641764af71d09777c121eb65707f166d88b5a3096475fc1d85883062330162733e71a87e32051bdf9e17ee33ce12b3c291dfe2ff108320e64c602e19168f7af982576ed0943f423e9c92f43de27348a8cb1c2d15913f7253e1b294b12d77ddfe3de14368a7433bfadbd3967560abebfd3c36a2995d0825c8f3df8772678791c1ca97de297a85b2c99c6266c0680f5e81d50100f6d3838ae1378a79c238040acea6e1238e49aff23720d088da8d59abbd2b4cb1f88658865ccff69d92a1949859261f6a10e6ee55bebf404eac03a943e0ad9198ff59580914e38c05faa5ec91059962d167f94a1607212a22943942675ad7b960bb54d425aa58aea25d161e032eaa8f13ada8e5fb8bcd11c7f539bad7cf4924991be4957a8bdb2d64689bbefab9e0ac54b423c16496208d49307539323a2ab51ea94f45a625758073998a0200f2c257cb4fb627708b7d640e6382d7b6ae52353a721cb9eeb9c7dc41ebaf7eacaba5febbdc159493737000c2f6d4b52498ed8ba0d1000b48d7a8a55b7658f8f934731d0f6c2afde2624f36ac17d6daabe6af6860e8beab792cdac0fb3dd14c0fe7a680d6b24285f0b6c91b0c0593c63ef15b724a1394602253e9663542692ba52fe4961e760bc8530be537a60bae5d168eba84c2cb2abf54074844cc677c9755e2371a0f33975dd27df17310e0cf8f7d1a7f0eb91400156db46954b1f2b813da546a272ac849028dc16a90b766bb27a884384930b7c3e8bc72fba05ca2b04e827ea532e10d71ccb8fc02eb58239f39b363db7f1b1fbdcaaf98301524b7c91f9197e6c00b799ebc678d59b0a9d7063d7e0e4aa25dca9e638d41fc82fd739135a21ab5b6e4ac42a421afeba341b26ab5dc25514908204201b2190bb06305f83728630a95f9e2e61bdae6ff86e919890ccb9b04560c1fff4be42ed26d4fb2a741d43e3e1e49051800ea15bfcefeedb129f4db03d3a667e1c4e9e2696ddc298d61c47ce2aeeaf156d06b0e277fdba5ee4528e166872f7b8e219146eb6caa0d83402ee11688be4d50ed78f079bf153466db192af33810e2b7223f09f86b4548f4da4e13fba29cf2c4024c9e94e22f4f5c63d0f5a12c2fb120cf5f5db80823690b5380cea3926a279619976bb34a4c604bf42f20004e324a558ae1ac7808d5fe10203f4cd6bce70459d3d1c0b262a96dfa206a6951577b604dc466c03c0c1dbff5095c289d5e4006a099ff5a53b478272e7904eb4f5ed2c941cd2ffccd501bdd71556fccd1b5fd3bf1b6a7d2a644e0e84f3a615328293f49289c3150776320632b99ff9de2cf95b2377fd76192d0d0d29a5de02673688055bf06caa1e1f1ba9e5c5dc59ad9cfafbbfc853859e33c64a0deb20aa1f8837feafcafa813b372f6349ee7899bfe65f35a696093d07d877470e83f26ce5987717ce8ca0a43b174ece68076b2bfbbc9fa6368b7d908250470d91f33dba98645b62162f65625f4ca34886b0183c58bbf922b8973db34856e13d1b621d23b53666d84d6ea20efb08fa1c8f7a1e6564a0f71d99837f8d32f88f9a57d8d4abe5b8fc0e729c7883b1574656181c474d4908c2fc462db85d150f372d8e79d9d9461ce1603ef6d1ceafab0673865b0e7ba2e205c54960ac932e82583ab1734b94b3becc5baf6915ee7e7db0ca9f7d0d258232392de0580199b11114a2690a9984a30309a3415c4b1c3e4805462183c78a5ed5814d309d0a6b64533b41554388326e3d1eff1cdaeae340a46426cd807151537f26655f6d796979a9c9c7f316a728df1fa75e2a65d9f764dcd4a1bc2cc6d54dc928c997dc2dfba12b0529e107541c6935221ec2852aa4265f12dfe4ad3a0be4871371cf1cdf47da5d07012dd83e2fa4cbb3b105d1abab6a13f7b9711d502f8c401a3be724fea9a9ec5c4089410ccd99e6ae2390bc741f14e74d1fe8fcba13650e87294e966561d1d44b3b1c552ca25f0b03d4083c2294dd9845c7e2c785c3126cbf5ac1d86d8c0354710a33c94e0f7f8606ab1df77b7314bbe1393cb46718ff812f12f9ec852014a9138f6da624a23af9e93e0926c4045a72ed13f3ffcc235a880474ade151f05786cb782db1d27b7f4b021669039dd74065111356ac40554dcd11dd1a865814488fb2e8197496a3d3e773b9ee238280e0acaffb81930f8555d97bcbd627dbf32471e9fd479b2e2d0cd6cf83b903864c1bbcd5ebefbe6002b86331e2e7160ac8d8eca920cb04585a931b85c23cca9d1a7f0ac051f0a572fe1503015a480f0fb384e15b053d638a35c70457e9c887c939c1f8bbc447f56c0889398de5ae0e4cf66f5cf4de1225b65378c0719d58b4f9c5ae741cd2eb3591855e592dbb6b46f06beabed5602900eb3bfa79450dc963e66895fd700185512eb3af76a3a02e9c85ad6ca356391110604dd1fc90a1af726f37785aff2bacb5f36dabfdf6306bc184da13919f7c8cccd8133f3be9436b7eaf019b5ef951d33b2c755e84104b761696cb5a99a0c286a240f3141a29c0462f74d691f85a5266269918d60d145311efbd3492f44f19051a17b3895f7dbd2821441a3c2ab70a800e258c038e23ff20c36eeb9f56fe2a2f77f0ce40d6634dbdd1f94a6d3d1277a13d55acd9ba81e430b53317c448d1b46797ce511dbd622cbf2206748f588318310439d8ffefcdefc5f5836a64c6219dcb9c11d63dac584f6ad8b27356823cd98c4d309bda8b3141ba38fcd422b5764aab2a643651110b338d17f25a7fe178467e7a2f787b15b42c32c70d9055f13efa42921ec8995e99335ca2bc9a94bac23f36cc24c55c5825df3815d4410bc3961c81d8575379aed1fe6c8e566172595981441290eb80ff95ab1bd80bb2550d692c1a224aabfb652f2d43f289aa873cd2dc77eebb4075432d22accc508980a587c7f88ac9d412c04b1d79d6f417a67f074218d23d713b8ed42a9e79119ca007a2e5bb538aa4d805a58d03bd9baf51b06a55d66fcd3e9c51b47ed415e542d920262ceb37e029934d736f08b33514c474445247771d232a998938549b162be57955cab3603246aecf7386f34c429e2739b2115b2c9eca3a6e8e3f6675a18b5f00a307dee5a7c4b65f4e6d0c58527bdee30767f01e287a3a526b54429ccb763bdbe7b6aa08b0f77cd3ff7cb4fb01ce8810b586efaf9aa80226444841a9992cf78999d464ed1f9c85cef67e9331da82b628968252135db6aca76a3d455cfa412048b982822f4d8b64c50c5e0f0241a1b0c60eee7e49d5fa229e055ecac99ff64edd75e4edd73b8d3d06e4dc951c03c8e480d0347cebf874d108f0b7dffdb008a946fc930ff1e57dac24d13fa94d7badfa99597620e8c8e929e8511ca39988f548f173f0f71763e159c611fbae49eb773a34728c53844fb736a8a0855fc6e7c708138d4a6d5e2aa783a856b15a98b552559d84d6d9d8ec35d4d1ce934a6238e2f52564e2894bfbdfa19dbc4b105fbf0ec8727745443391817e37447e233f6f16c4b0976efebe6f46389c7f2b7648105bcebff319bae3e1afe749c2c47237666595aaae81230185d7545a76af21f41cefaf336326229588f928b70fb1b68f06fd382d7241acb749aec7b7daf85537b67a23998f38fdb1a8c9a019f13e261c929792efc050809d126f59bbd26201866334b1101cacb0129c97e563e51cf1695e0e8c7b9c510dd43e7223a2075c46365f236102c840a6a0dc657d42d0ed18b400d1bb63c674986b93c34f5916940e2d440f311bceeadeb358d92586e9bec7ffd26c1dc2fb6b171d58627782c51a5b54dd8e470f56a61cabd0663557d2f42a6b34555af882402a647dc43b795ed251e6118a935f7a3a52568a9830551b9060f6a1992eee9f637d255d25cff2a74d325854348a0803dee61ce29adfc1d5d3c68d73f6d4248aa679ec298f7e5ad0b611b5d68d9f48bb09adc2cbbf46e299dc24c27f7cf0523b410bc95a3f5976251b09090be5e03f94635fd5318301330b1c9420adf2550a4f3941ada9249d9f95a53a27eb1ba74875b0ff1a4514959e03130b9bb35bbe4ae58199cfaf2265dce1784ecceb153623fdef656b8aeb198ee04cb94177806c1b854a70f32b412a89a1dfef5a55b197ca5145be6e66b66254b7e05ead2492eda7ffbcc1194195df09627edbcac7b7ecedf678571092296a673aa5180c5c87d543a3669801297d8b06977c42a6192eefb36fa328f24da6ad8c95026bd9db5a7b064f7252b638e35e4250c9d94c6edccda17bf3e7ccdd93cd6f7706131a205c471852713d10c3664235722f6c7ce0c99358fb637f6622fe614dee1a184997cbb3032b4455a9a16c5c022eaa3ce4d048ef679880749d4bd8779df5485b7920cf9677ae9322cf1b6a20805e8264a57b7cb248240a1d225d916e5f6408dda08d81c555c999b185f29a6f0c4d2508288b628e2171071621c9d7da758d980855c92442a964aaa6ae1a52a3f38635836fbb9a1afb5482fc18bdcc5a1cc8c7fc82f1e8a0581ad1e2d0ddbf7134b7b967c2e2d5a20a53b0ce5eb126f8c52653e739d95432893f034c9582b5cc71c480db7830be899d8449067567a6bf5bf3b0314377d591b628070fbcb69c00c321a32fafe90d754af12e26aa8f5d69470118c8acb88b9ec90c9210402f5515938ad35bf1a8676c9dbf6f1d0e77f9be152a9d9ba0d23ac2169925c7fd2b5d78bf1f3f0029d32b2b2d3e7d9adf41d2c278928ea0de7eff378fca15a6d1c21acb1eea28a1afadabd8995695b0056afb2bf654250fd89b50a13cef9df747b1dbeb3e1676bdb32e2cca805f765b7d44387d08e972e788a47bb5c9627cd17060224eff9197a1133aaa64d70cc480d8321b85ae0f1b56316210a56a359530a53d5a6cf0c202efe79d993016081aeb28e5735e7548c3541b1da020888bed7f7d811603d93e7520d34e0f773078a46ed7819b44adbd7dc153f99cda0ee8f43d32b69130603ae30a87f40f9fe3fbe675767219f1b8a47f515341d7b57506b348673f6f67ccc6dce39063a478954164a3a26a99bd5038a2e0b8787eab10035770468b030055916c44b5cfc1ee31bac11715a4d9e90ec18b19dc834f327ba09133d3c29f1413426cda0ebb4ba1b282b2e28365908a4225fe42c10cf4c32b0b94a6746bad319e26c0a1efa22fa99c9f6e0419461229da592ec0557fe130f5c5b420fce9a13aabb32656b8d094e34d49d71a1d49d7bf4448ed10c1e3d022136b2e", 0x1000)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DEST(r1, &(0x7f00000012c0)={&(0x7f0000000140), 0xc, &(0x7f0000001280)={&(0x7f0000001300)=ANY=[@ANYBLOB="6c00c89639355a3347b7", @ANYRES16=r2, @ANYBLOB="000027bd7000ffdbdf250800000008000400060000002c00020008000b00000000000800080000020000080002004e22000008000b000200000008000b000200000008000500870000001c000200080002004e200000080008000400000008000500d7df7f51"], 0x6c}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'vcan0\x00', <r3=>0x0})
setsockopt$packet_drop_memb(r1, 0x107, 0x2, &(0x7f0000000100)={r3, 0x1, 0x6, @remote}, 0x10)
openat$cgroup_ro(r1, &(0x7f0000000080)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0)

23:55:19 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x10, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:19 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x2, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1208.686488][ T3830] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
23:55:19 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)
fcntl$setflags(r0, 0x2, 0x1)
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x80400, 0x0)
read$eventfd(r1, &(0x7f00000000c0), 0x8)

23:55:19 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x11, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1208.762927][ T3830] CPU: 1 PID: 3830 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1208.771982][ T3830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1208.782039][ T3830] Call Trace:
[ 1208.785342][ T3830]  dump_stack+0x172/0x1f0
[ 1208.789697][ T3830]  warn_alloc.cold+0x88/0x184
[ 1208.794394][ T3830]  ? zone_watermark_ok_safe+0x260/0x260
[ 1208.799964][ T3830]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1208.805613][ T3830]  ? find_held_lock+0x35/0x130
[ 1208.810396][ T3830]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1208.816068][ T3830]  __vmalloc_node_range+0x48a/0x790
[ 1208.821278][ T3830]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1208.826315][ T3830]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1208.831867][ T3830]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1208.836924][ T3830]  vmalloc_user+0x6b/0x90
[ 1208.841267][ T3830]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1208.846304][ T3830]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1208.851160][ T3830]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1208.856198][ T3830]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
23:55:19 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x12, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:19 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xc5a, 0x80)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x14)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r2 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r2, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r2, 0x5412, &(0x7f0000000040)={0x17})

23:55:19 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000003a00)='/dev/dlm-control\x00', 0x80000, 0x0)
sendmsg$rds(r1, &(0x7f00000039c0)={&(0x7f00000025c0)={0x2, 0x4e21, @broadcast}, 0x10, &(0x7f0000003840)=[{&(0x7f0000002600)=""/66, 0x42}, {&(0x7f0000002680)=""/108, 0x6c}, {&(0x7f0000002700)=""/4096, 0x1000}, {&(0x7f0000003700)=""/25, 0x19}, {&(0x7f0000003740)=""/148, 0x94}, {&(0x7f0000003800)=""/15, 0xf}], 0x6, &(0x7f0000003940)=ANY=[@ANYBLOB="58000000000000001401000006000000c0ffffff81000000", @ANYPTR=&(0x7f00000038c0)=ANY=[@ANYBLOB="0200000000000000"], @ANYPTR=&(0x7f0000003900)=ANY=[@ANYBLOB="f9ffffffffffffff"], @ANYBLOB="010000000000000003000000000000000400000000000000720b00000000000020000000000000000100000000006900"], 0x58, 0xc0}, 0x4000040)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, <r2=>0x0})
process_vm_readv(r2, &(0x7f00000024c0)=[{&(0x7f0000000100)=""/164, 0xa4}, {&(0x7f00000001c0)=""/178, 0xb2}, {&(0x7f0000000080)=""/3, 0x3}, {&(0x7f0000000280)=""/154, 0x9a}, {&(0x7f0000000340)=""/198, 0xc6}, {&(0x7f0000000440)=""/48, 0x30}, {&(0x7f0000000480)=""/21, 0x15}, {&(0x7f00000004c0)=""/4096, 0x1000}, {&(0x7f00000014c0)=""/4096, 0x1000}], 0x9, &(0x7f0000002580), 0x0, 0x0)

[ 1208.862006][ T3830]  __vb2_queue_alloc+0x5a6/0xf40
[ 1208.866966][ T3830]  vb2_core_create_bufs+0x2bc/0x790
[ 1208.872177][ T3830]  ? vim2m_buf_prepare+0x280/0x280
[ 1208.877290][ T3830]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1208.882414][ T3830]  ? lock_acquire+0x16f/0x3f0
[ 1208.887103][ T3830]  ? __video_do_ioctl+0x398/0xce0
[ 1208.892156][ T3830]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1208.898414][ T3830]  vb2_create_bufs+0x47e/0x7a0
[ 1208.903195][ T3830]  ? vb2_request_queue+0x120/0x120
[ 1208.908326][ T3830]  ? mark_held_locks+0xf0/0xf0
[ 1208.913108][ T3830]  ? debug_smp_processor_id+0x3c/0x280
[ 1208.918583][ T3830]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1208.918605][ T3830]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1208.918622][ T3830]  v4l_create_bufs+0xc0/0x180
[ 1208.918641][ T3830]  __video_do_ioctl+0x7f1/0xce0
[ 1208.918664][ T3830]  ? v4l_s_fmt+0xa40/0xa40
[ 1208.918689][ T3830]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1208.918706][ T3830]  ? _copy_from_user+0xdd/0x150
[ 1208.918725][ T3830]  video_usercopy+0x4c5/0x10d0
[ 1208.918740][ T3830]  ? v4l_s_fmt+0xa40/0xa40
[ 1208.918760][ T3830]  ? v4l_enumstd+0x70/0x70
[ 1208.949464][ T3830]  ? mark_held_locks+0xf0/0xf0
[ 1208.949484][ T3830]  ? debug_smp_processor_id+0x3c/0x280
[ 1208.949502][ T3830]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1208.949523][ T3830]  ? __fget+0x35a/0x550
[ 1208.949540][ T3830]  ? find_held_lock+0x35/0x130
[ 1208.949560][ T3830]  ? video_usercopy+0x10d0/0x10d0
[ 1208.949574][ T3830]  video_ioctl2+0x2d/0x35
[ 1208.949594][ T3830]  v4l2_ioctl+0x156/0x1b0
[ 1208.949610][ T3830]  ? video_devdata+0xa0/0xa0
[ 1208.949631][ T3830]  do_vfs_ioctl+0xd6e/0x1390
[ 1209.016338][ T3830]  ? kasan_check_read+0x11/0x20
[ 1209.016361][ T3830]  ? ioctl_preallocate+0x210/0x210
[ 1209.016378][ T3830]  ? __fget+0x381/0x550
[ 1209.016402][ T3830]  ? ksys_dup3+0x3e0/0x3e0
[ 1209.016420][ T3830]  ? nsecs_to_jiffies+0x30/0x30
[ 1209.016463][ T3830]  ? security_file_ioctl+0x93/0xc0
[ 1209.044917][ T3830]  ksys_ioctl+0xab/0xd0
[ 1209.049088][ T3830]  __x64_sys_ioctl+0x73/0xb0
[ 1209.053698][ T3830]  do_syscall_64+0x103/0x610
[ 1209.058306][ T3830]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1209.064206][ T3830] RIP: 0033:0x457e29
[ 1209.068107][ T3830] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1209.087723][ T3830] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1209.096394][ T3830] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1209.104376][ T3830] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:55:20 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000200)="b9f1d4d4aea7b3349a07d3876abb1e957677f3d97f254d80bd2d9460443308a8d0adf816f88be4da250239d813735c1bd3df56e8c8e85216167733f7f307e0803a656d6bff867ecbc5772fe07413878cd8426a0cb63c1d997484f84076662fe77ba3d84cd5bf09076e1ae39d12464b9f3efd822dbccd45ddc3e9690010ed2fe376536cf620370fb2ce1e56e40a6d36f24bb544f56e87e4e9de10a81e639d0131c73cb30ee48decdb2efd69c159eabb42f5b58cc533d01763e9a61a3babb6839290c73f", 0xc3}, {&(0x7f00000005c0)="e79cfd57b4afd5beaccbd127b9a319c47d18aa6eb0ee38bb9eab4a53a24695dcd9fc47c3ee0f3305d28200fd8eeb0a7562d5b8f0cadc9cbefd97005c7e2b387dfe1aba31a3ff54582cae73f76a24f51bec7a60c814d96dc8389347ae99b9f3e28d232ea357812d3e56dc87a8281cacc5c094c89721edf3b0353b23c4c15a3486c1ea35863cdf9715bfffdebebb44e9a8db970de0ff8f7aaad2929d42407c316a748efbb3", 0xa4}, {&(0x7f0000000300)="032192e945fbe5e8c0ffed738e40e7b3fc0478b3707c3f958d0a8f6f881435c4fbb42ad1f35828cc24c642ef95664dddc0c9796c5e7192ddd5e72842e06f4d6f622674ece76c21be5bcac8e6860f3010c27a6d0dd3b9c3", 0x14d}, {&(0x7f0000000380)="155cf1778c2053c59be817c0ae0036e8cc0b835366a61b261e6ccc1591ae3d8f7a0d27b83bc2b256f425f5835005cfe0eb1b133db43dde7d2f7f3b6bc17806689e0637a7ce8af72f86ecb9b826d72f8b16", 0x51}], 0x4, 0x0, 0x22f, 0x20000001}, 0x0)
shmget$private(0x0, 0x11000, 0x88, &(0x7f0000fef000/0x11000)=nil)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0))
r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x400)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000140)='\xafw=\xdc\nW\x11\xc7Ni\x90\xb2\xca\xde\x036\r\xc7\xf2\a\xf8\b\xd1q\xe4\xa8\x0e\x17V\x86\xf8o\xeeTC\xe5o\x86\xfb\xb2\xf7Ehq\xa0\xfa\xed\xd7\n$\xcb\xfc\xf5|I\x8b\xd4z\x9aVz\xaa0\xee\xbf9\x04\x11\x1f\xcbz\xc5.\xabw\\\xfd;n3\xa8\xac\xf6\r\x17;\x1bF\x88\xa6\xbe7My\x14\xe8F\xc8\x88c\xabn\xc0\xf4\x88&W\xfd\xc2\xe2|\xa7\x9e\"<\xed\xfd\xfa\xbd\xae\b`\xf5A\x11\xce\xae\xe2\xb0\x9e\x12\xa3\x829opI')
r1 = semget(0x2, 0x0, 0x0)
semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000440)=[0x8000, 0x9, 0x14])

[ 1209.112354][ T3830] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1209.120336][ T3830] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1209.128314][ T3830] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:55:20 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
msgget$private(0x0, 0x14)
sigaltstack(&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000))
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
r2 = shmget$private(0x0, 0x1000, 0x488, &(0x7f0000ffe000/0x1000)=nil)
shmctl$SHM_INFO(r2, 0xe, &(0x7f00000001c0)=""/141)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:55:20 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x13, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:20 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x29, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000001200)={0x0, 0xf6, &(0x7f00000011c0)=[{&(0x7f00000000c0)="1fcdc9560be70acf5422e558599d3440b94035b9748d12ad6c5c615e7f865a4e012ac58aab9e2148068619e17136c60aa07f93c3963755ec844ac3882f437cbd2f1a4cc2fc6271ce1d96506a28e38342e4b69118b33571590491d911247fc7beda980a6add5425a5ff8cbfae5ad8c4a9f3fea3f95fabb4e8800e5da495b1e5b58934a4221a3e73c0d1a5f787cf25302a222a2d1c97e77cff86cc0d629388f1722233480f37afbfee0678fd0039207730698457920a4aff8a854080db80ba4196586a90bad1871b77a1ac0bcad25306f42bf5c7427ef7a61f5075ebf0dc61b8c914af0c33219cda6e131163dec94790277d8667ce510354094672beebdeb5d953daf945bb84acb709443aff4be0a698d34b173f09662393306e0798585a387050874faa42989404d5986dd38bf6bbb71ce4e4e91112c6ee77e99af56719a36eb1c1ce76d61d6c63d0824fe9003cb73b950dcace772471e4eedd2912f73c9ef1690c58c6946f52b4d7dc3b0d0c2eb6afafbeb7e6ff7ea88265b06116a9fb27cf033d3b16191070ee504dc7b02acfffff2875b257480a12499f75b59807fdcb61a91148070d253c07e07619ae328e3dc45fda13987c9bf608803dc453631d9e0ba1d353f2c36cfa34d9748702b2d497c655227926350b45c07d7579ffcd76694c94165b7097338bb41de0748cb982f553245721820c6a59837be474f3af66857f01bf89a6b9b355cd66a837a695b54caa81b6e2875ed382cb9750d0b07d695412e6ae7cc7c5a1dbb96dd4364db68fdcda5c49293a9c627616854f09afbce09df8a69f5d91abc09552927541cef18c78f327d4151b64b1ffcb0b980e9ceea638bf5a62d720da5f2e413811c3816b9471dfaaaa41123a2282ff21343d9a8c938904b1da8341929e9ff188ebca4388e0c1327083d1ffac50665d739b1050df6d4cbc2e43c17554ab7ce06735c51fc1eb800e4660a260bb4396950c724f2ad3b156fb9ef7e47e76d1c19c080cfd72ae3be247fe9f774d526f20e2b5e8d22c9864ba4d508ac69b40737e0692226c01cff3a7936fbf4378077eaf8a3beaedd7204274677658a030b9bc29478af3e2742ccfdeb5e986161cb103b2e053a62912274ff6e302ec479d59e6effa6c445c9a83d070493edc76bf45bd47fb0ae2c0272a1848a5ee0c555c5b383de52997b2e8790370c4762d072be2af149f9804342daca665cbce2019d09f1169080f4698597c953e0b0b72a2e086fef25faf40a91bdca405c166fa5583abcf2758988e08c890484aa6e896c39453588c16da23e0315d2b4e73f33efaa81d19b436e0c384118d97a8e1c9f812399ac6906abe9148bc5c5fdde91a9e2637d00ef76e71477f5c59896106ba55dee4fc1f54264c6a22a76dd50be5843ab5905ec35e712f7d99fcfb9763e3c203e10fa653bd1e7b47bb73fe9b5451a5b7c7519d4486900055981f655d06d3428af01cccb0c5a9854e474692cadb7f893c79da88ab388c54daa9dbe7be164c057c127ca89fa76d6fe6432a11ec1d0560994d0df2d07265db7f6f79a91f6c6dfd108e62c6b4bbb8ca9d8a614ffe83728400d4c0df377d7a47cfaac9e2f951e782b1a878a422dc0059e0f715c3d1a825ba8739688162b76034e58e60abb87f620b8f34f1e621e6ada7a23dc4a82e41f14546276e54e9ab1e8b1cf1d2bdd51f764709595e591ce4c0cfee5f72b8c5570344a119ec98c807c97c8213b451cd3e87935bb0615a530e19a2aee10cefe28d13e03d9670829b10dd1216aeaa872e077b69563962e1c421d10c40cd786947549226837836bb2234255440667c5f7ea99ab14818839534d992034f7f6cd1bb59a4cb260866ee8d4ccdb683c0f6817412d91e008acc49a98ded752706423fa10b66d6cc1853f027a5398fdbe8131db9808cc4a412548ca25aad50c85690bc1e87e3c59e41481ef0fc46acad12b7312db46cf89b1c85c39217d02171e1d219d9dd53d3c94e025f931d4944b67b7ae6331be60230477e25c95ec242f40db879f45e6e6e61ec902923070f44598ab7c719f3b71e4d71091e68884323bf499e7823a1ed9760daf86fc224f4066748db08f6d16275e7819fea8b28b609259def59578fa582e8df5b3181aba6a7aa777254398875a9a3d1eac90fb2ea00f2480bd6d6a2fbb963fe577b96fa019590515a1012291d8b39bc12fc4b8df3b69dfdc3db3c68c339d87fe9918da34bd983abd9f533c113faa90b048542b49938d92a2ecb8d5a9714d491e88fa71abd6a0e2302daa384cd69b8dcbea6ae4521814b4fe6ae720b26448cf6b09812325b02e9e8bbedc2f1c96db5bb0ef8e4998294f4f3a4810cac3da97275a530fb1e6cabca4cc8902f25e2d0e546f6a106008c2f88e08d6703387b804f3e3a4f982e3941b26eb6d8e6615c7ffdc3b345e5dcd2adcfbbd9b54a8b77b7f20e51419be3d013ce882c97c90a239f40d97e1b4bc37ed4fe7d0badb01c8beaae4f0201a2eb5d9c988649a8d9b99a34b7dac57d172e5349e56e20a0952bcebbd01126d3742d3e06f1c405e0f54cea0412c257736056caf0f403092067166ebfa42655db04140975c9524f901ac4fc1fea3ada3ca0a646faba8f9bbb8246a250901a8ea09520c6b0e683b25dd308c3ed4d3673acb07927fe38878d4a2e35ab51e2ee97e1dad49a61e7c7af65580cbc6e5c108be472a436aa8255ba774767bdf0761ba99c45b14f0655ea751993e6cb3e333ebe4ebee99393b20d8c6a9c95fcafe838371d47409068189bfe46e88ffd1f92a4cbdca9467f0298422ad45fc926fbc045e2a3422b887fbf86ec0769b78413d478d2e3596b0441f4a0a206741ddeeded423812389407344f78633fc8961ebc312d75cc5f652e52a951ff3e074728fb214703e9852773acd49c3639934d491c2dda308f5bb850fd50903d2981e2e44adf0b311a98545d3138d00b00f1ca8c56404311e004ba1e2f13b9aca620bf47e5fe466b5be8474df0712ce4d544f8ef45227ae49d538020b9f8f15a88ffcfc127eba4b209a7b20eb75093979f744cc0e40ef5ebe26fcd8a375faba3eccd1b4695ed46a21887bd7db9565b4aed395a6166fb7aa0ec50deea283083b602742afa9fd01bce66687c54a1b7b5e72fee6afeb48ba7dfe66369c1dcb8fe4a70510ed38a15423cdd0f054968eb5330edc62837dbb6cf3ec63cc4c07d726408f9b3a760f6887aa8cd02c616cf8dbd30d12b57eec334e4e43e13c5c48f15dce0667743166dfa6b7c0dfa99a6e0c06029e69f64c625bfd48de8c557d54368ad5181c50b053c2a7e1ccb732bcb1e867d270734a58124245d277ddd16295bae447dbb1d7cb43ba54345b4cc6157b6b65c628560baf4febfc3c3838a3b90335f92cc790013b4c057494e59cb9187127efed24fd5e9d4d4e94218126071a303bb5ab3ffb6e30b650b63d0eff679435489ae3cbdb0ca3b30cfc88342bfceb73749f117cd33dbabf2818a1b360c168fd0ace3e18a0a381748d643c77edf907a8d2944ff15659abbe0a32389babafdcba9a36764a37d0e7c309aa127af8245b0cbbea5cb77558318adf75f6b83788cca1667e77e9bdf7fe5933547c867b7955ac9dc1a28cd662707d7fc6b022c7fa42ddc2b1323c8f67563a911c64826537a9c3e23eb3589afc65f876ba277cf144ed794c954b4bb38491ed9b4fc627537786cc0be28839c2512926f675c6f5f12e44b79d4128346523b39e6681b0fa519fab40007b69a6acc88b61546c2ac49abfee864cf96cb60c74a2fe29a87d8a9121b8fd7a2bb275332b934b3e01b5db167bea2dcd4c65aa4c942394ba91c44d5aa14a9560e36555c7df8af39763b236b890dbf29642dc65cc52320ce6d66286eb62dd087c2066be059cc5f03ed884d6e31ed47ca20c0e37462267ecad58e05f88845352a54475431bec3a46a763cbaaf6cffff0627089204d2b7ea1428984cbb6262b5fb9a1de9f2c6d91eb5ae03ae31e30b37117ec44a163764dc937edc5165954080e6db768475d6caff79ec4ea3582c9ce3879253d9fbb1e7a21556a969b394d5cb49f9d14e68639940a7535dca643b4e47fa7eeff9aff413d6c6544b9b8325d7746056b478fb8a69a93452e5280a3fbfdb7460309c3ace93ae76e9d4ab72a1804151122118916ccc875a61b6534cd5dd3a1555cac35bf9b4de581108993ac790195120528277217d7ddf8feed0103701cb5fb371bbb61771f66efd3abeaea71a401ebb31a7c76f7ae37818bbbff3003d404e86945641ca2ea14946059aaedfd5f10324d3c09a586d8b892da67dfc72cb99bfd9900504fcfaf37332fa7e797d243749f83fd6c6e07eaa6b9f43ce59d2f13362df7ba7f42ade22f4f975828dc15e9860557edaafb0f3457fb607960c6360e9244e3f19028453fb991b14fd269ddc68a12c5eca2e7fca949975c12de2405feb3231786d2de8482c76ef1cc581fa95172415a6bc60d6fbead33256771a2752b4a0747a7c6f70ed13bbfa9a0c7c84dbfefe6095ba4b002e1a1a1860a3bfc178150ba6c7dd50db8aa63c56c32c8ac4429ef93ed867e86e8b2346b58068ab1f130aed63a498d5b35b63e6fa9e94e90aeb01d2154edb883fcd863d31aa836aad907f0fb587916f119f5c7e00f165d10e8f15e20aade888fbfee18264a3b7026c82b1c5c97f7889dc91b934a6717c28111b22a8f52eed82fdab336aae566508873c4e9c77bf9b9be9014d17d2c7b28486a279f5684a5c01c18ae10f7d47e4b47b0928b92139f23cd52fbe1a0dbc001e51988a3e6ba271d8c528bd71d5d5c36a269de290aabf639de669dfbc31c27d8f44f55b85501b6a340706fedb799d4da98d32a795e85fbdf4c4b38f69af84bc0d5ba7388f16f9ef52397067ff099ef23819676391513a916b32a24471c3811438958cc20eddf43040ea1c32fa99212767d80c3c1ce838875bfb4452789150048d83947360a1dc9f223e5c8fb6cb23a9d3a9e5606203b189aa1bed437011dd1c24eaefe19130cd19fd3b98fabd34533d3baf49a56aadcd09e13cd957f28afdde7f9386d3d2174cf79a075a7148237682b329dc7ad519b0e504f3f31a30a46d050d22c75b0acd1e860b15cd7965d391bab2c2c7f1ff8abf8c262f62d3271517f6c3896c0c4d8de2d34baa61b9ebc18bb872eaeb5864cf70a76dd2b99cf06c544f418f5ee6dbcf8085431b90d57f00ff1b508178573a01f810951329fbf851fc2a0f072693fc13c30e6ee80a3245714690206d45cb87cf2ffb74a5340a821307c4901481088ff01b691136c73cba33f163559780bff4874b211889169221165fa322fdef3052c3a5995e57e61785ce096a2bdf3734e8db1d4b101052178a50d89f2dafa8e3c1f8bdfd89d936075cd1b59ddd9dfffa87590d1ef488e1d4508060dd017d4d42e44314b6776c5f1f0c73f2a9fe929d733676af22aaf66b406be7b85f8d9f2baf9024f53824d279314cdb28d7b29ea1d611925e8e97ab714b79563963c942d8aafbad7247872510e438cbcc1a62453a31d6cc066bafdd63955f5d3db3ca8e0c934d93bcf2a41905234b46d15cd67edefa5d9a6b1b6f4468a7a846b384a2f3fb6ec0845df9d11ff439784035b0a6182fe0b43506ffe49da6243f017164e2b9f88336294107c19d63a6e058d772ea2ef711b24f53b94f7b16846d7cb080a84af206100ff17f291f88f20bbe64083054a48519b1809a5e12e64fc6098b16c5d218c74ae1ca708581775121284310b995123a35fb8929302c1da7cbdde6ed326a5f0ed77c8a4e0810badb6e", 0xffffffffffffff07}, {&(0x7f0000001280)="b50dba6a2a1ccb70b2bbbfd8b15c777f2c9206fe151216d2610785210c8f908c0873ff8db241ada0541216ea4329f74cc2a1803307deab5cc930a52f7fcc93741313e74257c9b75383617c036e36a94bade9190c4923c3a072094eacb9d5e0f0dda608e2adfe78c1e5983336c8b84cdf7e9ed9e8c77c2076313cbece7b3901664769e4fbf87f10832833f21c4e9036f93913257c6d960952a9455792e5cbbae44fcd115c52a7d0afd97a39531234a718024814d2e033d596d4df5195846d98000221a22c07082086"}], 0x0, 0x0, 0x134}, 0x0)

[ 1209.222183][ T3830] Mem-Info:
[ 1209.225713][ T3830] active_anon:183425 inactive_anon:192 isolated_anon:0
[ 1209.225713][ T3830]  active_file:13066 inactive_file:35864 isolated_file:0
[ 1209.225713][ T3830]  unevictable:3 dirty:194 writeback:0 unstable:0
[ 1209.225713][ T3830]  slab_reclaimable:18059 slab_unreclaimable:104613
[ 1209.225713][ T3830]  mapped:58661 shmem:493 pagetables:4232 bounce:0
[ 1209.225713][ T3830]  free:1036777 free_pcp:419 free_cma:0
23:55:20 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0xfffffffffffffffe, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:20 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0xeb7)

[ 1209.413881][ T3830] Node 0 active_anon:733740kB inactive_anon:768kB active_file:52124kB inactive_file:143480kB unevictable:12kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:800kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 681984kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1209.469378][ T3830] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1209.516698][ T3830] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1209.544695][ T3830] lowmem_reserve[]: 0 2553 2555 2555
[ 1209.560617][ T3830] Node 0 DMA32 free:350968kB min:36232kB low:45288kB high:54344kB active_anon:729460kB inactive_anon:768kB active_file:52124kB inactive_file:143480kB unevictable:12kB writepending:800kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:11360kB pagetables:16440kB bounce:0kB free_pcp:2296kB local_pcp:1180kB free_cma:0kB
[ 1209.592715][ T3830] lowmem_reserve[]: 0 0 2 2
[ 1209.597239][ T3830] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1209.623816][ T3830] lowmem_reserve[]: 0 0 0 0
[ 1209.628404][ T3830] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1209.657176][ T3830] lowmem_reserve[]: 0 0 0 0
[ 1209.661746][ T3830] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1209.676122][ T3830] Node 0 DMA32: 233187*4kB (UME) 196978*8kB (UME) 67866*16kB (UME) 31067*32kB (UME) 15234*64kB (UME) 6528*128kB (UME) 2980*256kB (UME) 1467*512kB (UM) 983*1024kB (UM) 4403*2048kB (ME) 14*4096kB (M) = 17994396kB
[ 1209.696962][ T3830] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1209.711360][ T3830] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1209.730210][ T3830] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1209.739839][ T3830] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1209.749203][ T3830] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1209.758815][ T3830] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
23:55:20 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x3, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:20 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x14, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:20 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000100)={0x80000000, 0x10000, 0x5, 0x6c, 0x5})
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c66edbb836cb23b4e97a2c44737f604febcc37fc508239f04baa870829dba761a230906d69a84d3a4151a3dfabda9a8c578d9336ce3344e3996b747f5773208514f451232425d96eba7f2910371773501602a831265f019ff7f00005c70de87788d059c6dcfb5c0028511636d1b44c017b564ddad42cc618582d2674f4d09000000fd8c77857a5acf38a10c87380f9e6107f875d717c499ae", @ANYRES16], 0x9c)
prctl$PR_GET_UNALIGN(0x5, &(0x7f00000001c0))
r2 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x5, 0x105000)
mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x20)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TIOCNOTTY(r1, 0x5422)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})
ioctl$IOC_PR_RESERVE(r2, 0x401070c9, &(0x7f0000000140)={0x9, 0x4})

23:55:20 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)}, 0x0)

23:55:20 executing program 3:
r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x8, 0x80000)
setxattr$security_evm(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)='security.evm\x00', &(0x7f0000000240)=@v2={0x0, 0x1, 0xc, 0x3ff, 0x38, "e3ca2321765c62b96b90017590da2814fec5f287794f373bee550de1e50fe8b7ea62675ed4dd0e72d4b1c1831893276d8bb6461bd9c4e41d"}, 0x42, 0x3)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f00000001c0)={<r1=>0x0, 0x3}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000100)={r1, @in={{0x2, 0x4e22, @local}}}, 0x84)
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:20 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f0000000040)=0x10000)
openat$capi20(0xffffffffffffff9c, &(0x7f0000000080)='/dev/capi20\x00', 0xa0000, 0x0)

[ 1209.768167][ T3830] 49431 total pagecache pages
[ 1209.772842][ T3830] 0 pages in swap cache
[ 1209.776975][ T3830] Swap cache stats: add 0, delete 0, find 0/0
[ 1209.783067][ T3830] Free swap  = 0kB
[ 1209.786780][ T3830] Total swap = 0kB
[ 1209.790554][ T3830] 1965979 pages RAM
[ 1209.794355][ T3830] 0 pages HighMem/MovableOnly
[ 1209.799085][ T3830] 339409 pages reserved
[ 1209.803238][ T3830] 0 pages cma reserved
[ 1209.883652][ T4838] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1209.907751][ T4838] CPU: 1 PID: 4838 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1209.916815][ T4838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1209.926886][ T4838] Call Trace:
[ 1209.930214][ T4838]  dump_stack+0x172/0x1f0
[ 1209.934564][ T4838]  warn_alloc.cold+0x88/0x184
[ 1209.939257][ T4838]  ? zone_watermark_ok_safe+0x260/0x260
[ 1209.944813][ T4838]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1209.950460][ T4838]  ? find_held_lock+0x35/0x130
[ 1209.955236][ T4838]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1209.960909][ T4838]  __vmalloc_node_range+0x48a/0x790
[ 1209.966121][ T4838]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1209.971168][ T4838]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1209.976725][ T4838]  ? vb2_vmalloc_alloc+0xca/0x2a0
23:55:21 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x15, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:21 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x2, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1209.981767][ T4838]  vmalloc_user+0x6b/0x90
[ 1209.986107][ T4838]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1209.991143][ T4838]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1209.996000][ T4838]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1210.001040][ T4838]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1210.006862][ T4838]  __vb2_queue_alloc+0x5a6/0xf40
[ 1210.011841][ T4838]  vb2_core_create_bufs+0x2bc/0x790
[ 1210.017055][ T4838]  ? vim2m_buf_prepare+0x280/0x280
[ 1210.022183][ T4838]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1210.027306][ T4838]  ? lock_acquire+0x16f/0x3f0
[ 1210.031991][ T4838]  ? __video_do_ioctl+0x398/0xce0
[ 1210.037034][ T4838]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1210.043298][ T4838]  vb2_create_bufs+0x47e/0x7a0
[ 1210.048085][ T4838]  ? vb2_request_queue+0x120/0x120
[ 1210.048108][ T4838]  ? mark_held_locks+0xf0/0xf0
[ 1210.048123][ T4838]  ? debug_smp_processor_id+0x3c/0x280
[ 1210.048155][ T4838]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1210.063463][ T4838]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1210.063482][ T4838]  v4l_create_bufs+0xc0/0x180
[ 1210.063502][ T4838]  __video_do_ioctl+0x7f1/0xce0
[ 1210.063526][ T4838]  ? v4l_s_fmt+0xa40/0xa40
[ 1210.063561][ T4838]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1210.094247][ T4838]  ? _copy_from_user+0xdd/0x150
[ 1210.099122][ T4838]  video_usercopy+0x4c5/0x10d0
[ 1210.103924][ T4838]  ? v4l_s_fmt+0xa40/0xa40
[ 1210.108369][ T4838]  ? v4l_enumstd+0x70/0x70
[ 1210.112803][ T4838]  ? mark_held_locks+0xf0/0xf0
[ 1210.117578][ T4838]  ? debug_smp_processor_id+0x3c/0x280
[ 1210.123049][ T4838]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1210.128609][ T4838]  ? __fget+0x35a/0x550
23:55:21 executing program 2:
openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm_plock\x00', 0x7a, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-net\x00', 0x2, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000001480)='/dev/hwrng\x00', 0x8000, 0x0)
write$UHID_INPUT2(r1, &(0x7f0000000640)=ANY=[@ANYBLOB="0c00c7b1120376530800e1b30000eb6ad7d7da79fc964cc98272b6ffa154905d999ecd492f0eb7d25dfb204c0f5ce1ca040082382013c147beeda26860365d0d8f762eb82071aa13f15494f23d9d453a35fc4f568b305657cf8b7651685717e7fa5264d919a7aa8b97345c29bd5db8d35a7f8b6a58e51b446ee2afa3decc7ed4be318cc199ddecbe7bd199470295b693191de4b379b73a6b58cf6bf50a5bba8dcd5d7f4a7b453ec646e3ee24f463f100c2d0b4eeb3807b64d129ea3dd654634ed766dca471062a1aae1ca4d0ff404ef4135e72da6af2c11ec9f596d3ed09a79fecdb7e5ea0bc65a3b0e0acb939e056ba3456fa77e90a99c83e84bd55ed7fb615226d9b0800000015f41d733ac567b857957e9f6fa74e1ec8a1706881aa48a275efc2a5ee6f22a4002b03aa05f6f12c83cce21056094e3676eb0b4449b86437879fa5aeca2e4a5041f91576b9b0a0be17438e8d9ce28e6f0c7efa3600c854fce7c3a94e1b6044695a8320d3d91ac80de4fd0b8404d24f3c016100"], 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/net/tun\x00', 0x200, 0x0)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000001780)="2400000052001f0014f9f407000904ff0200070208000100feffffff0800000000000006", 0x24)
r3 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r3, 0x0, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0)
write$binfmt_script(r3, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, 0x0)
r4 = socket$inet(0x2, 0x0, 0x0)
ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x0)
r5 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm-monitor\x00', 0x0, 0x0)
r6 = openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/current\x00', 0x2, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
recvfrom$inet6(r5, 0x0, 0x112, 0x1, 0x0, 0xfffffc55)
ioctl$EVIOCSABS2F(r1, 0x401845ef, &(0x7f0000000080)={0xffff, 0x2, 0x7, 0x9, 0x1ed, 0xe9})
chdir(0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0)={<r7=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r6, &(0x7f0000000340)={0xb, 0x10, 0xfa00, {&(0x7f0000000280), r7, 0xbb0a}}, 0x18)
socket$inet6(0xa, 0x1000000000002, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x42, 0x0)
syncfs(r4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'brive_0\x00\x00\x00\x00\x00\xff\x00', <r9=>0x0})
ioctl$TUNSETIFINDEX(r8, 0x400454da, &(0x7f0000001300)=r9)

[ 1210.130250][ T5140] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[ 1210.132772][ T4838]  ? find_held_lock+0x35/0x130
[ 1210.132794][ T4838]  ? video_usercopy+0x10d0/0x10d0
[ 1210.132809][ T4838]  video_ioctl2+0x2d/0x35
[ 1210.132829][ T4838]  v4l2_ioctl+0x156/0x1b0
[ 1210.132852][ T4838]  ? video_devdata+0xa0/0xa0
[ 1210.169711][ T4838]  do_vfs_ioctl+0xd6e/0x1390
[ 1210.169732][ T4838]  ? kasan_check_read+0x11/0x20
[ 1210.169750][ T4838]  ? ioctl_preallocate+0x210/0x210
[ 1210.169766][ T4838]  ? __fget+0x381/0x550
[ 1210.169789][ T4838]  ? ksys_dup3+0x3e0/0x3e0
[ 1210.169806][ T4838]  ? nsecs_to_jiffies+0x30/0x30
[ 1210.169835][ T4838]  ? security_file_ioctl+0x93/0xc0
[ 1210.169856][ T4838]  ksys_ioctl+0xab/0xd0
[ 1210.188549][ T4838]  __x64_sys_ioctl+0x73/0xb0
[ 1210.188572][ T4838]  do_syscall_64+0x103/0x610
[ 1210.188595][ T4838]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1210.188607][ T4838] RIP: 0033:0x457e29
[ 1210.188623][ T4838] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1210.188632][ T4838] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1210.254569][ T4838] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1210.262552][ T4838] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1210.270555][ T4838] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1210.278603][ T4838] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1210.286582][ T4838] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1210.294587][ T5140] CPU: 0 PID: 5140 Comm: syz-executor.0 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1210.303624][ T5140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1210.313681][ T5140] Call Trace:
[ 1210.316980][ T5140]  dump_stack+0x172/0x1f0
[ 1210.321326][ T5140]  warn_alloc.cold+0x88/0x184
[ 1210.326016][ T5140]  ? zone_watermark_ok_safe+0x260/0x260
[ 1210.331567][ T5140]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1210.337215][ T5140]  ? find_held_lock+0x35/0x130
[ 1210.341990][ T5140]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1210.347644][ T5140]  __vmalloc_node_range+0x48a/0x790
[ 1210.352872][ T5140]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1210.357952][ T5140]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1210.363511][ T5140]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1210.366628][ T4838] Mem-Info:
[ 1210.368539][ T5140]  vmalloc_user+0x6b/0x90
[ 1210.368559][ T5140]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1210.368577][ T5140]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1210.368592][ T5140]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1210.368612][ T5140]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1210.368632][ T5140]  __vb2_queue_alloc+0x5a6/0xf40
[ 1210.372077][ T4838] active_anon:183990 inactive_anon:192 isolated_anon:0
[ 1210.372077][ T4838]  active_file:13066 inactive_file:35870 isolated_file:0
[ 1210.372077][ T4838]  unevictable:3 dirty:200 writeback:0 unstable:0
[ 1210.372077][ T4838]  slab_reclaimable:18066 slab_unreclaimable:104567
[ 1210.372077][ T4838]  mapped:58661 shmem:493 pagetables:4221 bounce:0
[ 1210.372077][ T4838]  free:1036204 free_pcp:423 free_cma:0
[ 1210.376078][ T5140]  vb2_core_create_bufs+0x2bc/0x790
[ 1210.376100][ T5140]  ? vim2m_buf_prepare+0x280/0x280
[ 1210.376120][ T5140]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1210.381489][ T4838] Node 0 active_anon:735960kB inactive_anon:768kB active_file:52124kB inactive_file:143480kB unevictable:12kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:800kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 681984kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1210.385972][ T5140]  ? lock_acquire+0x16f/0x3f0
[ 1210.385988][ T5140]  ? __video_do_ioctl+0x398/0xce0
[ 1210.386014][ T5140]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1210.386035][ T5140]  vb2_create_bufs+0x47e/0x7a0
[ 1210.391417][ T4838] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
23:55:21 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x800, 0x0)
socket$rds(0x15, 0x5, 0x0)
ioctl$KVM_GET_SREGS(r1, 0x8138ae83, &(0x7f00000000c0))
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000300)={r1, 0x6, 0x1, 0xfffffffffffffffe, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)
getsockname$ax25(r1, &(0x7f0000000200)={{0x3, @default}, [@rose, @bcast, @bcast, @rose, @bcast, @netrom, @bcast, @rose]}, &(0x7f0000000280)=0x48)

[ 1210.396854][ T5140]  ? vb2_request_queue+0x120/0x120
[ 1210.396878][ T5140]  ? mark_held_locks+0xf0/0xf0
[ 1210.396903][ T5140]  ? debug_smp_processor_id+0x3c/0x280
[ 1210.396927][ T5140]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1210.402201][ T4838] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1210.439965][ T5140]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1210.439983][ T5140]  v4l_create_bufs+0xc0/0x180
[ 1210.440002][ T5140]  __video_do_ioctl+0x7f1/0xce0
[ 1210.440025][ T5140]  ? v4l_s_fmt+0xa40/0xa40
[ 1210.440050][ T5140]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1210.440076][ T5140]  ? _copy_from_user+0xdd/0x150
[ 1210.445645][ T4838] lowmem_reserve[]: 0 2553 2555 2555
[ 1210.450369][ T5140]  video_usercopy+0x4c5/0x10d0
[ 1210.450385][ T5140]  ? v4l_s_fmt+0xa40/0xa40
[ 1210.450407][ T5140]  ? v4l_enumstd+0x70/0x70
[ 1210.450424][ T5140]  ? mark_held_locks+0xf0/0xf0
23:55:21 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x18, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:21 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
sendmsg(r0, &(0x7f0000000440)={&(0x7f0000000000)=@generic={0x3, "850e89c04e2bca99cbbfcb886e0a844dea52df62a1e12bf8746a962906990ef5599e6f0f4e1809eb13b52c174e0cfb8565b4a580653920954e1d9421339815a529db196838b2b9aa716782404ec14edf732c024c705bd78884d8173d3eb3bad531822b87f7a34a0fa22fa218d512124250593d339a68fe08b9326264bd11"}, 0x80, &(0x7f00000003c0)=[{&(0x7f00000000c0)="3c9c1a648dcbe9d2d9a74382171cfba45aad4b8449008ae2fd6db9aeef8532f6eae4fd539c9243896b107b0a78e9d63133e714aa1d03e1b5d6c723b1d71e7bd41629e7cf96039b69979d13fb", 0x4c}, {&(0x7f0000000140)="7a092e467dd905ac51d84c51af451e9e567ad045439f5900bb694efa03b57dff39d1059df9c2c3a8b99195f8b5e5", 0x2e}, {&(0x7f0000000180)="2e469ecf95e9e3a5c643bcad93a54aaa72d70fdacad0b38bd70cc1712a6811704c2eb672da3603e5a450bed5d1a8af939404d2680fbaf4a0482a8bc03964e2e425bbd1fa999cb7bb9b59da669f9c58620621f0d991dafd7ed816c6eef4f304a52ad4500bc306", 0x66}, {&(0x7f0000000200)}, {&(0x7f0000000500)="ba9af77da14a4cda263f72bac0052872f465d0c2e8692641b9c723742f9cc57b77dd6d6b80cb0e0fcdf55207f128325d826bf674950d3fb571e6dd0081ded523f888c57b007bffbdf51b7d7544fb248d0dd995c8711544081ceb9e07a5822e780ce736522d20822bf77ea6bc713a1d1a385cfe1e0b488e9e2c24f4380bf7c12b10a96b4012513a6e129ac95c69a46fe0b754c7a1519539dfdb8a26e19d5bb8192c41bbd3d2be4714606f11f7a48b364327e3dd8598c7e5f0bfdab86a7639731f4608778344fdef3a8b6d5e71705a96daae968ccdc46c083a460065038acdff225f328555c932bb708c29050900bccc2cebae2618b131ec8aa450a585ece39b13d847d366470bff487f2e9c2c769a6df1aa580a06ccb95438eedc6b8a09cc00add7a90b5027218abb90d75c45a8c8b16ba552f6d6a43384b88035779356b37712d1ae6d43e5f0e5c73a4afd1b3e3598ab557bb44c72a3c50f6025be964b570e66de6716c862da144dc14e4d02c4b61c887d9d3473ef478510f7e1518063b4bc3537340158cb57cdd79eb706f2a5c5a5b1b043a055250fa4d7015623356ce4afe8ca8e85fb88654057e3bc3ffda8c10d9037a716d2fcb98ede17fbd9a895b786edc6565de7b4df45bff66b2c91b7c7e9b93ee55ef2538a418e948b29c7bf6b5e4b57adcf5dd26266cafeefbaf7988283e57c7999b49b6802515a6fcfcc4cbc6a60d2355898f0c00bb75a58dc7c91ae54c67ce9b81f95fe7dda7f8313407c356f3e995aec9e0b9f2263f3e27db3b4958c3912ba8d310cf81c23574793f79e822e5107feb5fcf8940c15927db34fa91ca16c06d554971735fca9ce3dbafe793a8652454cf85696bf7eeb4ed2e07e9b73ca02ccae29fe31891cce15e5c27c9f8a329366eb09b43efd56530549e842a996123ea12da997660b0c3ebd7cb787d07ae99d3a75bea1d125cd9af27ecb68319172bdc15f56f710cc6d5d4281c3e580d6391a786efa44f27fe5865dbeb84ae3b3d2bf4ac5746930437e72e3eaa4388879f3f963a92671438df853295ee7926c2f4c16a01f4e21f30c42415525d05752509baf26374c6b73e37c63c16b67745783009143b0bbf15fd5b1cb9113c353b605ce9bcef36cfc1c85380847def4849b120f1dd52628b00b13da696358e50781b3b8ec6b970f5763c869a84c5d5093b46aaf19ff2d17662ee51fb1663803a032453079b3d93c9ba3177e7bd76a6a3198e72b31ab4f52c50feaf76cc8b95ce94a9b21a2abd7ff5120bb44aca5712a6b4550f5d8e65cc1ade7c3b6d7887ddc3ef520a9e3ec0f718e884bd34688ba97f6bc68263e18eec2314596342dbfb11517c03ff85024d828b8d1251a2fab8f84889b9c5fb7b7ace1ea8b788fdc67af3f1bff9fe809f34c1e40c0fd1a1c29eadc49fd2e2ba33d03ff4b81e864faa94c9354771c1716a4251ad786346325fe9422791960e1d3573d0a492402c2945f9b14fc2bde71c7e7a19770d1a594a836bea47a1a9fbe0c802ce5c0875d14cc9471a6b3eff95e67caa483fa1372ded8581e4f7d8904983465054caabf6619c3181c299d501eca824f57c607273a9c790a42b5944e870bad636cf8d29920f1fefeebabe6660725c48c98ee5d64324dea4f456d117fd7d5335c39080b4a3cdf9cf33869c8ed73a1fdd69b59ba42f4d848553ccd865b968db0b941a788c384f4a18443b8113043bb6b8a114458f0c38282ffa02fb08b8a42c4fe4ed65941edf32f146e0c2313ce30c5a2c06120e7e2cb95264ff1e8b211dd8a379ce4854ccc3bd799e171adc4e6cc6519fba5d0704e82577975b5c5e6e9d9d975fa1d2ba4f491a5a6c179a250537a59415281fdc80a88205317e5f7b0fd9dbc8c5c0ac7b34f177793daf62df40d9921b6a69d294e80b13d2b7c0312e33b0ffe8619c5770755b433fd2976a2ce25b4bf6cb170c08e3cc9db2f8090812050b00e330b4926dcd9052e8ccd956b991c23d9a0d0691557d22939dcf36f46f97524fbebb448fa713e9bb143344deec537c341cb6b916cd3b3e52cfa44cc1d339d8da12bed02879f61a63e8158dcffcb8b104189f6dc4aa04100cc0cee7450f85b7467bbddd75443e8304a3c5c8a7a4cac2cee9cfe9ff715869999a03ed9517309a61622646d49e39dba5312038ee7085cf5ca99a82a6cd01f13c49231d72e15ea25e453db2dea67a47b42098e8c7505de39feb19db3ee50be243c342b4a153eaf0a3106233c0d7558e7efcf9232e59798079009ab9ccac5cd6c40627024f35b1fb1d625b5f21e11b37a5a8abfd07a2efa51b424a1f14cab6a7ab2c81fa28f02aff80bfd76fa95c251d02876437dbc5f921898afca7b1acb70813bec3148b00b5829a3068690f0726b9fbdaa82a75e3f57dcef9f6eaf5c6c5017f4cf93b1d6f25e6b2846181650d2ed76fd4823e11d3bfe20dcf8f1f429c13cdab08136ed2b87d73973ad82c8766b9240ffb7b7d4da581e2000ffa93b3b8790d27f90a96e095222e08927a509e933f5238dd20907c7c415067cb27b1eaf3dbce60f90df8ae97d950cae0b4030eef1c5c197074b420872d156b0f698341dade9277be2383e17ff47a2374c88f7f5dc44ed38ab404e5de46f75adf2674324f040ed0d3fc17ae5f675223e2ced30e89701a50522d41de8da2784cbd2ca86636d940af3d03f84b66407d3c7ae41cc96413d0f217442c2f2e27d093a5e7f73c29f4a71233f5c3b2dbafd4ea5f4b9922e6ae2e81416e25e3dbea47adf4aa4b0de7124a9ca39ae948a9a4f56630965e6b6b12083141d463680fca61ed7d9b6d8a58c9cc8a57ed9a5026dec0c53e74217d103c66a677e17a18747aab0da431698204894cb1cf226fdce4f7c190bb448a4ac7a224216b3dd9733401563acf4b812dd9d18211dd19f273a6451b6316ab503be11e3fb67686ddf55758ed696a4e88ad130f192cd857b9b3b64e638118dcdec7706dd3463d86cb38bc42c363f35eb7f0d7b75de8e778492c2668b8697115fb027c1ab94ff11cda88341eb40bce6575a0108aac53736f90233d3000cd8a7ffb4ed07e8d714825cb48a949d058465612f1d55657a444cbe5801a2edaf0f5e9b8de91b863a40b57241d3c6c18e5750918357fcd6234b843bd6b95c707b9f953dc3c291eb7e34890a29c384eb037a05fab291212bd34c34c0d5392ff4b21b4ed44b9af65dc43ee9fb9505948584bb1d635ce24184025798c7c7acdf704eb760d4070b8ce752769e99853d262c6bb97a64a410fd911712a965b48a91ac3eaac40b09e5cb14166a41b3bc6338842eaf225edec5faeb947c9d5598662cae0184186d5ff56370f049855a56f35a85e738bbc8097308d95dc50c467605ada5b55de43fd5b2029f03b0987f4b56d76d083913300feee3a7bb25de9bb725194d9a4cfc17454bc7ca42cd837902750429b00370db1d62d72f63b94cc174b4d237d5520c5c560c62439d25859a1b3c70179aa176a2bf7d2a0894790130583748e800bb45817a1b58a1dc451fa124b1e0e03b4e6a1ba030569cdf4e730ec18dcb58b2b1bcd291f3cf314d478ef6b2b8b6382f119bc197ebe56780049a25285002e22a7974b092c7c52a98193af60485515950995c11b2782f35b28c2433241f8c7c90741f601a553180a63558dfe5b031b08318609cb1958193ba9443e6b52a4f45d716f13a2fe28c645312933edddf11dd88459ab08da78a2f8ce36f8228a57074919c805f7583964bef10a2a47ab61b1151aa16f61c72cb23bcd550bfb9b0a88e9e72ee17ee20d1de0e2392bdf02cb3f0e33f3486e8763d5998c7481eb5665b3d3b3dd05d5323400b923b26004c39e008770a3d8b6ad28140d115aa175c82c8f6afab0126c98028be07a547a9b3992288a4e6129f8283c51ed9133f22d4f7b1edb9e24e1f09a8192db061ab2898562ad1dc1813ebefe65849759906e6f754a565478dac28abb2711fa83677dbf8ee12903a7b0af8088e9de9751d5411b060f5ccf9e5d61fd34464ad693c974ef7a90a90f7956fd2f23c8105cddaf52e1815a5e3cbd1ecac37a7f346d2a390d9eb4aafd300f5794e1d71668fbcecda5aebbc505f95e91aa1bb1a8fdda52b7df5c04ed2dc2e0b0025707315ae5d9976572e0c6359bb16b620dbe887e28dfe880c22f235d73dc1d1cddce80c665bac792a241ddbb574fcac947c4ce62ea21d229f120feb4375f706dad15cfd9dd09e829c06fade96655b4a133e6c7285f16a94f56e34efd02fc3dc1114ac28e4e4e540fecfcce7bdd5a1fe58eb4a4d07eb5c8d4197d92162f02abe6c81e0d77ce7fd2220dc6a8dff23e9746af75229f66efb342123676c4007be2f6ba6d5ba0698aa67cf1341d7124b7ffc841360307a2f95be78c29141311b6301765029e143fcdd4a58dcc201bd42b36701c5c26dce4c5bd0a8e7cf4ed5f5679384981c0f734b6dc9b829ee2dda4d75a60c15e29cffa8f6e2dee03c16a0f8f1facc19eb4f426aca5fa1144dcb62514d6c1b7aa2f3bbe3b6795c0860bce7711cb367b65d7b4177d1e43e3671370cee2ffc01af684d6079eeeb560935fb64fb0fad3a3b067b731112a04a4483847cdff6577c5d68a7ecae7343fc53210c30407c5267860a902e5b41294ea616c28e421ddaca32e68b360776a2312b83bdcbfc0927e7ce28a3e5cf347b42a8f2165c9fc0871290c2ec69b80efe6f59bc72050a6175de3d7992fb0b181291a4eb5e1cec09e4f9eccf94c1abe0541b6936ca7cf95e1e7f07d97f0a8d6eb79370747efb1469830b1e695791a5a805e3ae0694ded5569f57e71e0be2685242c8fd8c359662a1903e360a3bb8aac249c2a73b7f6756576dae9ab3cb121cfd07933fd6090f85cf11ce117e98b97e0119564a1fddc2f7c0205f57fca7c195d9e49272ae4488b95ec9ea0fa9a34ee507aad088e6453802687e197215f7094c5349d6135a95914e15b06954cbe4219f8f076099175fb288e01bc7ef7217058625cb7208b77ac746f69c2e4f0dec1e2ce34d4b41dbee004f14eab7b23f4ce6e381a0c74f063931c8a89da434b5564603f1d38e5293368c54a69a596f8d60bd083baa046a3852d8605574b34bafff8465a00e80c593bb8edfc81af9a514b378a7ecde24e850f39f1df7b70ac955e06a671ab04e6d92d66e25d3d604ecf6e63f8fc8c8e14d3c06b7c74ac097a911147add9c74662f69cd3d54920d3713f110d46311925c037e4ecbe752dc810fca2dfba7db76ca2481072573874561f8f2c19597c859f5194bdd20755ec1e521c4cbf41c6681cb61c08439ef4ce261071e1defbbaec0d4bfb5c192ada87494fc0f14a0002f322a1329fa8e8248e2ca54a40e4eecfe301cae6579b000f4fb956ae32dfabbff81d4d2c59eece3fa5e528bcb4e64ef112284bd79e8dc304c159a1fff9fc5d4ced8aafc4a6b344075e2d9abaf296858a43c1811d70f1582ab23f8c216790f314c38fe2576699355b3bcfabddbde5ac68fefb4978821feabba924ce0314bbbee4a1d09a8a51cefa945df85326c3bb09fe25d584183ef762eade566c7d85f9f4d8d38229ec04111193c29fd103c0d2092f02d18518e86b946398bf906a7b3bbb5b82dfb92cdfa472906d1e45a8ed5bb695e6fe73fa27c1b8ef69264cb4f84673e9cab08fcad29b37614b5a9042da733465f2e7e589756e6da7f8b196b43d7c7b10470670f3e1d17ea1b560e48c821319e07c272001c39805d9417f348ed5d8c5005557b3b8c2771712054529211a4c3d49f91f382164d574bace46dfc2f19336c9ae2aa6a02b1ea44af", 0x1000}, {&(0x7f0000000240)="1709eb191ea4eb0491dcb949f1df37a58fd1c8f76004d62f718997f59d73126bd91cff34fcbe40b5a03db08af2e10b08aafa0b3e14da3090858971129671448b2c172e3c8f116c10e1d6e49847e9133b89b23ea17271b0ec770f431cc90754f3279668daf891a25bf198a2668ef075ad10c073c1a171f3ac0d1c66816032310eba205aa793dc154c856d183fe0109b393bf93cd51aacdc791510a2ee65fb7e5ab28f132f067ef9440365f1fd36ab5f", 0xaf}, {&(0x7f0000000300)="85d0bbc55ee825d4ab79e7b69f0a7b173ad9446073e55e09046ac69c66d976c3c80c15d2e6f30741ac07a2f60fe60a83f555a9fa6ec718ac9dd0330576175d06c129556bf3b4064f3ca32e0eeb8c191ed4e12c6ea1602b955f93b8446197c4b8091b4b48b714ff205e022bbc33dbb3ddbdc7287cb33ba921898cf033ddf699d4d7ffb6d09105538c21aae8446dd6560eea1d609897aa7862b9bd283091442bf2ecfc143a0eb77b", 0xa7}], 0x7, &(0x7f0000001500)=[{0xf0, 0x29, 0x4, "8b8387fb8c91ee3fc2c96b6d37c7b413f7b718c585ee552388ad518b6b8602b056087ccd0cc82013ad126259760ea4c59d84ba6875165d1e66420775eb981e3373ee5f688b3f4fd4cbc257b951dca168291db985147e2d2734bc9bc8393a75fed416ec6ede1ae405e1bd47bd37cdf2063ff341e0a5330a3caaf7f4ae312d277cfc11887023d0a39907c15e6b72c19100b2f61cf0cb23b286dc0aa3be914c2057d4c38b0bed2abc2f47792e63e0d0d952947ee07d437f7aeac78c2ab9f55711ddbd49d44e7f7df3191f052139402dc21da3b83f631a93a9e143c5ef9b5ca8"}, {0xe0, 0x1, 0x0, "8f55419df0897a84ff0a039a5c63a66923b0e0a94e170b0aa1003e9f93355f0939b2c724942dea6be7b4baf41093822e61522da2886d6bc37254ac5756750fe0372f91574b97a99adde1e68e053f1f5f9258393f7a88b29eb632ae66914c0d5e4731a2ccbab38d0b90e45f656faba8095629bfeaed222cd4330a850f52287b0c1d9ce2cd5b3bfadbe7f2802409d5607b1736f0786718df60cf1b8b79aff9e4131ad7e432edea0747d3587626991212369f186174ed7fa2c810faf6f981e2c95a5ee597224b446108e6b5bde95fb6"}, {0x90, 0x115, 0x6, "dce981ad451750a002ed81026ce3c4b15016fa8620e9280610a42e95d7bd8b6ad0ec00ebc6af575b22f55c85fee3845e5af78f4e06dc7ae25abbc46ba7f3a16b2f2fbbf65fad8548a4615732575358153ec0f2378bc56d8d7b0151f512e89bef64169a2073613e49c7765f6c2294035900e47820f825a506e766"}, {0x78, 0x185, 0xffff, "326684c7d8c4e9297ca8a6887fdcf407bec5966b96136b5af2019ae8cb1f942c21b4d640cbea234b94407e9f95cbed6d38e23dab32ef6e4e30d1f574282a9949ee76bda4fe54d6f3eec556027a5ddf591e86093abac2b8deb2d861e601616f1bc6ca200a"}, {0x70, 0x114, 0x7e3, "5c85ba5fdcfda22cc87a9b6cf431160f2c1391c1532d075a821d8be9f00e454f331aa87e69f44d2174e79e2027ab87718265c0968ab3a75b9c10b371a3b9fb1ab3427dddd2a70f6a48224c7e4d56a9453b8c9ebd3b7181e872ae36e1263aaf01"}, {0xc8, 0x19f, 0x8, "a0db527eaa4401b7272de4231fd7fdcce8abadabbc47af4e6642f671e1bab314360fe7c2972820f870cceb7b3e7126c817647d5fdbb1df3a46008835a8317e1f51087cee7530fb3bf9c21c998d78489478417ac1a421b6ce26233804e17d1b8c187e738d4f3087cc616913d2a11473d6acba6740fc249e331c29990dab919a1e1928278a5be1b80fc04c5c3df39e5314773d06a4890b2d8c71e8dc9b5761a1525c21ab0129f5b2a3e4a97d280b7460dddfa6b7536630"}], 0x410}, 0x4000)

[ 1210.450439][ T5140]  ? debug_smp_processor_id+0x3c/0x280
[ 1210.450462][ T5140]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1210.455876][ T4838] Node 0 DMA32 free:344388kB min:36232kB low:45288kB high:54344kB active_anon:735960kB inactive_anon:768kB active_file:52124kB inactive_file:143480kB unevictable:12kB writepending:800kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:11648kB pagetables:16884kB bounce:0kB free_pcp:1692kB local_pcp:824kB free_cma:0kB
[ 1210.484634][ T5140]  ? __fget+0x35a/0x550
[ 1210.484652][ T5140]  ? find_held_lock+0x35/0x130
[ 1210.484672][ T5140]  ? video_usercopy+0x10d0/0x10d0
[ 1210.484685][ T5140]  video_ioctl2+0x2d/0x35
[ 1210.484704][ T5140]  v4l2_ioctl+0x156/0x1b0
[ 1210.484720][ T5140]  ? video_devdata+0xa0/0xa0
[ 1210.484743][ T5140]  do_vfs_ioctl+0xd6e/0x1390
[ 1210.489826][ T4838] lowmem_reserve[]: 0 0 2 2
[ 1210.494430][ T5140]  ? kasan_check_read+0x11/0x20
[ 1210.494451][ T5140]  ? ioctl_preallocate+0x210/0x210
[ 1210.494467][ T5140]  ? __fget+0x381/0x550
[ 1210.494497][ T5140]  ? ksys_dup3+0x3e0/0x3e0
[ 1210.501093][ T4838] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1210.505485][ T5140]  ? nsecs_to_jiffies+0x30/0x30
[ 1210.505517][ T5140]  ? security_file_ioctl+0x93/0xc0
[ 1210.505543][ T5140]  ksys_ioctl+0xab/0xd0
[ 1210.532827][ T4838] lowmem_reserve[]: 0 0 0 0
[ 1210.537122][ T5140]  __x64_sys_ioctl+0x73/0xb0
[ 1210.537144][ T5140]  do_syscall_64+0x103/0x610
[ 1210.537167][ T5140]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1210.537186][ T5140] RIP: 0033:0x457e29
[ 1210.542269][ T4838] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1210.547392][ T5140] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1210.547402][ T5140] RSP: 002b:00007f6b78cc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1210.547417][ T5140] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1210.547427][ T5140] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1210.547437][ T5140] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1210.547446][ T5140] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6b78cc86d4
[ 1210.547456][ T5140] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1210.926316][ T4838] lowmem_reserve[]: 0 0 0 0
[ 1210.931015][ T4838] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1210.945419][ T4838] Node 0 DMA32: 233124*4kB (UME) 197086*8kB (UME) 67874*16kB (UME) 31067*32kB (UME) 15236*64kB (UME) 6527*128kB (UME) 2980*256kB (UME) 1467*512kB (UM) 983*1024kB (UM) 4406*2048kB (ME) 14*4096kB (M) = 18001280kB
[ 1210.970914][ T4838] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1210.994734][ T4838] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1211.014221][ T4838] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1211.023847][ T4838] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1211.033528][ T4838] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1211.043117][ T4838] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1211.052450][ T4838] 49439 total pagecache pages
[ 1211.057111][ T4838] 0 pages in swap cache
[ 1211.061326][ T4838] Swap cache stats: add 0, delete 0, find 0/0
[ 1211.067419][ T4838] Free swap  = 0kB
[ 1211.071221][ T4838] Total swap = 0kB
23:55:22 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x4, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:22 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x2, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:22 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x400103, 0x0)
ioctl$NBD_SET_TIMEOUT(r1, 0xab09, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040), 0x4d9}, 0x8800)
openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x0, 0x0)

23:55:22 executing program 2:
openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)

23:55:22 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1a0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:22 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x277, 0x0, 0x0, 0x20000001}, 0x40)
kexec_load(0x1b3, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="90906f21af34c04d9f4bf0e3f5a0d884b54e6b691ff44e32c63c9c839d254dd3c6ed435e445dcf79b1db33f55107d19e2071c7536971f35812492341a91dbb822b42a33dfac2232a30c0febbdd88ad547f653fa3b9f6d6a540152e43ad95c57fdd55246f9667774dc8c102da2abb1a1a0fb51f170ee8913a84c0397c05af0c4cee7926f2e19c465bd50e8a6eb8ebb0901877", 0x92, 0x800, 0x6}], 0x3e0000)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

[ 1211.074940][ T4838] 1965979 pages RAM
[ 1211.078809][ T4838] 0 pages HighMem/MovableOnly
[ 1211.083494][ T4838] 339409 pages reserved
[ 1211.087711][ T4838] 0 pages cma reserved
[ 1211.148088][ T5461] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[ 1211.199557][ T5461] CPU: 0 PID: 5461 Comm: syz-executor.0 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1211.208644][ T5461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1211.218707][ T5461] Call Trace:
[ 1211.222009][ T5461]  dump_stack+0x172/0x1f0
[ 1211.226362][ T5461]  warn_alloc.cold+0x88/0x184
[ 1211.231063][ T5461]  ? zone_watermark_ok_safe+0x260/0x260
[ 1211.236630][ T5461]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1211.242276][ T5461]  ? find_held_lock+0x35/0x130
[ 1211.247050][ T5461]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1211.252712][ T5461]  __vmalloc_node_range+0x48a/0x790
[ 1211.257948][ T5461]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1211.263007][ T5461]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1211.268577][ T5461]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1211.273620][ T5461]  vmalloc_user+0x6b/0x90
[ 1211.277973][ T5461]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1211.283027][ T5461]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1211.287889][ T5461]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1211.292952][ T5461]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1211.298760][ T5461]  __vb2_queue_alloc+0x5a6/0xf40
[ 1211.303726][ T5461]  vb2_core_create_bufs+0x2bc/0x790
[ 1211.308956][ T5461]  ? vim2m_buf_prepare+0x280/0x280
[ 1211.314079][ T5461]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1211.319197][ T5461]  ? lock_acquire+0x16f/0x3f0
[ 1211.323908][ T5461]  ? __video_do_ioctl+0x398/0xce0
[ 1211.328978][ T5461]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1211.335230][ T5461]  vb2_create_bufs+0x47e/0x7a0
[ 1211.340009][ T5461]  ? vb2_request_queue+0x120/0x120
[ 1211.345142][ T5461]  ? mark_held_locks+0xf0/0xf0
[ 1211.349922][ T5461]  ? debug_smp_processor_id+0x3c/0x280
[ 1211.355405][ T5461]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1211.360456][ T5461]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1211.366018][ T5461]  v4l_create_bufs+0xc0/0x180
[ 1211.370707][ T5461]  __video_do_ioctl+0x7f1/0xce0
[ 1211.375580][ T5461]  ? v4l_s_fmt+0xa40/0xa40
[ 1211.380018][ T5461]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1211.386272][ T5461]  ? _copy_from_user+0xdd/0x150
[ 1211.391140][ T5461]  video_usercopy+0x4c5/0x10d0
[ 1211.395919][ T5461]  ? v4l_s_fmt+0xa40/0xa40
[ 1211.400360][ T5461]  ? v4l_enumstd+0x70/0x70
[ 1211.404782][ T5461]  ? mark_held_locks+0xf0/0xf0
[ 1211.409551][ T5461]  ? debug_smp_processor_id+0x3c/0x280
[ 1211.415018][ T5461]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1211.420603][ T5461]  ? __fget+0x35a/0x550
[ 1211.424783][ T5461]  ? find_held_lock+0x35/0x130
[ 1211.429558][ T5461]  ? video_usercopy+0x10d0/0x10d0
[ 1211.434592][ T5461]  video_ioctl2+0x2d/0x35
[ 1211.438948][ T5461]  v4l2_ioctl+0x156/0x1b0
[ 1211.443295][ T5461]  ? video_devdata+0xa0/0xa0
[ 1211.447954][ T5461]  do_vfs_ioctl+0xd6e/0x1390
[ 1211.452567][ T5461]  ? kasan_check_read+0x11/0x20
[ 1211.457446][ T5461]  ? ioctl_preallocate+0x210/0x210
[ 1211.462583][ T5461]  ? __fget+0x381/0x550
[ 1211.466759][ T5461]  ? ksys_dup3+0x3e0/0x3e0
[ 1211.471270][ T5461]  ? nsecs_to_jiffies+0x30/0x30
[ 1211.476139][ T5461]  ? security_file_ioctl+0x93/0xc0
[ 1211.481266][ T5461]  ksys_ioctl+0xab/0xd0
[ 1211.485440][ T5461]  __x64_sys_ioctl+0x73/0xb0
[ 1211.490069][ T5461]  do_syscall_64+0x103/0x610
[ 1211.494680][ T5461]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1211.497406][ T5563] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1211.500582][ T5461] RIP: 0033:0x457e29
[ 1211.500598][ T5461] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1211.500606][ T5461] RSP: 002b:00007f6b78cc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
23:55:22 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xe0000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r1, 0xc0605345, &(0x7f0000000100)={0x2, 0x0, {0x0, 0x0, 0x4, 0x2, 0x8000}})
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:55:22 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x300, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:22 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x369, 0x8000)
ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000100)={0xf7, 0xbef, 0x9})
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r1, 0xc008551b, &(0x7f00000000c0)={0x8, 0xc, [0x6e, 0xb1, 0xdf]})

23:55:22 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x500, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:22 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x600, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:22 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x40000, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x7)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x229}, 0x0)

[ 1211.500635][ T5461] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1211.500653][ T5461] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1211.500668][ T5461] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1211.500687][ T5461] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6b78cc86d4
[ 1211.578357][ T5461] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1211.586361][ T5563] CPU: 1 PID: 5563 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1211.595395][ T5563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1211.605479][ T5563] Call Trace:
[ 1211.608783][ T5563]  dump_stack+0x172/0x1f0
[ 1211.611030][ T5461] warn_alloc_show_mem: 1 callbacks suppressed
[ 1211.611034][ T5461] Mem-Info:
[ 1211.613122][ T5563]  warn_alloc.cold+0x88/0x184
[ 1211.613143][ T5563]  ? zone_watermark_ok_safe+0x260/0x260
[ 1211.613159][ T5563]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1211.613183][ T5563]  ? find_held_lock+0x35/0x130
[ 1211.620266][ T5461] active_anon:183417 inactive_anon:192 isolated_anon:0
[ 1211.620266][ T5461]  active_file:13066 inactive_file:35888 isolated_file:0
[ 1211.620266][ T5461]  unevictable:3 dirty:218 writeback:0 unstable:0
[ 1211.620266][ T5461]  slab_reclaimable:18056 slab_unreclaimable:104615
[ 1211.620266][ T5461]  mapped:58661 shmem:493 pagetables:4194 bounce:0
[ 1211.620266][ T5461]  free:1036690 free_pcp:524 free_cma:0
[ 1211.622350][ T5563]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1211.622389][ T5563]  __vmalloc_node_range+0x48a/0x790
[ 1211.622408][ T5563]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1211.622431][ T5563]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1211.627416][ T5461] Node 0 active_anon:733668kB inactive_anon:768kB active_file:52124kB inactive_file:143552kB unevictable:12kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:872kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 686080kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1211.632640][ T5563]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1211.632659][ T5563]  vmalloc_user+0x6b/0x90
[ 1211.632677][ T5563]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1211.632694][ T5563]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1211.632708][ T5563]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1211.632729][ T5563]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1211.632743][ T5563]  __vb2_queue_alloc+0x5a6/0xf40
[ 1211.632776][ T5563]  vb2_core_create_bufs+0x2bc/0x790
[ 1211.632805][ T5563]  ? vim2m_buf_prepare+0x280/0x280
[ 1211.640275][ T5461] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1211.643279][ T5563]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1211.643298][ T5563]  ? lock_acquire+0x16f/0x3f0
[ 1211.643315][ T5563]  ? __video_do_ioctl+0x398/0xce0
[ 1211.643349][ T5563]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1211.682678][ T5461] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
23:55:22 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x5, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1211.687087][ T5563]  vb2_create_bufs+0x47e/0x7a0
[ 1211.687111][ T5563]  ? vb2_request_queue+0x120/0x120
[ 1211.687134][ T5563]  ? mark_held_locks+0xf0/0xf0
[ 1211.687150][ T5563]  ? debug_smp_processor_id+0x3c/0x280
[ 1211.687174][ T5563]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1211.693543][ T5461] lowmem_reserve[]: 0 2553 2555 2555
[ 1211.697382][ T5563]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1211.697401][ T5563]  v4l_create_bufs+0xc0/0x180
[ 1211.697420][ T5563]  __video_do_ioctl+0x7f1/0xce0
[ 1211.697452][ T5563]  ? v4l_s_fmt+0xa40/0xa40
[ 1211.704113][ T5461] Node 0 DMA32 free:346228kB min:36232kB low:45288kB high:54344kB active_anon:733668kB inactive_anon:768kB active_file:52124kB inactive_file:143552kB unevictable:12kB writepending:872kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:11520kB pagetables:16776kB bounce:0kB free_pcp:2084kB local_pcp:704kB free_cma:0kB
[ 1211.732077][ T5563]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1211.732096][ T5563]  ? _copy_from_user+0xdd/0x150
[ 1211.732117][ T5563]  video_usercopy+0x4c5/0x10d0
[ 1211.732133][ T5563]  ? v4l_s_fmt+0xa40/0xa40
[ 1211.732151][ T5563]  ? v4l_enumstd+0x70/0x70
[ 1211.732166][ T5563]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1211.732183][ T5563]  ? retint_kernel+0x2d/0x2d
[ 1211.732198][ T5563]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 1211.732212][ T5563]  ? debug_smp_processor_id+0x3c/0x280
[ 1211.732233][ T5563]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1211.732252][ T5563]  ? __fget+0x35a/0x550
[ 1211.732268][ T5563]  ? find_held_lock+0x35/0x130
[ 1211.732285][ T5563]  ? video_usercopy+0x10d0/0x10d0
[ 1211.732298][ T5563]  video_ioctl2+0x2d/0x35
[ 1211.732314][ T5563]  v4l2_ioctl+0x156/0x1b0
[ 1211.732328][ T5563]  ? video_devdata+0xa0/0xa0
[ 1211.732347][ T5563]  do_vfs_ioctl+0xd6e/0x1390
[ 1211.732372][ T5563]  ? kasan_check_read+0x11/0x20
[ 1211.740125][ T5461] lowmem_reserve[]: 0 0 2 2
[ 1211.741718][ T5563]  ? ioctl_preallocate+0x210/0x210
[ 1211.741736][ T5563]  ? __fget+0x381/0x550
[ 1211.741760][ T5563]  ? ksys_dup3+0x3e0/0x3e0
[ 1211.741782][ T5563]  ? nsecs_to_jiffies+0x30/0x30
[ 1211.747072][ T5461] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1211.751646][ T5563]  ? security_file_ioctl+0x93/0xc0
[ 1211.751667][ T5563]  ksys_ioctl+0xab/0xd0
[ 1211.751689][ T5563]  __x64_sys_ioctl+0x73/0xb0
[ 1211.751709][ T5563]  do_syscall_64+0x103/0x610
[ 1211.751731][ T5563]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1211.751744][ T5563] RIP: 0033:0x457e29
[ 1211.751760][ T5563] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1211.751775][ T5563] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1211.761861][ T5461] lowmem_reserve[]: 0 0 0 0
[ 1211.762578][ T5563] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1211.762589][ T5563] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1211.762599][ T5563] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1211.762609][ T5563] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1211.762619][ T5563] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1211.857519][ T5461] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1211.901119][ T5461] lowmem_reserve[]: 0 0 0 0
[ 1211.916825][ T5991] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1211.954124][ T5461] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1211.987615][ T5461] Node 0 DMA32: 233110*4kB (UME) 197245*8kB (UME) 67884*16kB (UME) 31064*32kB (UME) 15236*64kB (UME) 6527*128kB (UME) 2980*256kB (UME) 1467*512kB (UM) 983*1024kB (UM) 4411*2048kB (E) 15*4096kB (M) = 18016896kB
[ 1211.995618][ T5991] CPU: 1 PID: 5991 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1212.006518][ T5461] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1212.007990][ T5991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1212.007996][ T5991] Call Trace:
[ 1212.008018][ T5991]  dump_stack+0x172/0x1f0
[ 1212.008045][ T5991]  warn_alloc.cold+0x88/0x184
23:55:23 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x2, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:23 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x700, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:23 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = add_key(&(0x7f0000000080)='blacklist\x00', &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000100)="782b11cfa4a4e3a859043f38b5f4e7534eeb8cbd0f9970639732e550a1e6f9404ad07484166305afa087736858a95fa2abcb80e852dc32eb7fbb32e5eee00c3ae44872629acaa6751cff564925fe3ee08f9508dbb4438baea94a0da9093d53a0fe537cc92583d4e8c7d20705b829b0de90626baa60bd", 0x76, 0xfffffffffffffffb)
r2 = socket$unix(0x1, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x10, &(0x7f0000000000)=0xffff, 0x4)
bind$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x3d)
connect$unix(r2, &(0x7f000066fff4)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
r3 = add_key(&(0x7f0000000180)='encrypted\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)="7dba948ccf135c2b7b3f0f5d68d07f0dfc16663de6c4101c70c80aef8cc280819a0c0333dd9e3aa5d8f887e2c2e92a2598a4db24f772f1a3b1bba532dff186e9e4bb724fe816c14a77d9e17c99875b1816cd74a0f9569e1f16ee2d84c714df94670b0044ed8c400b28a3c143830d351adde055b684cae59d060cc3347d9ded7c80daa8a6e8df57981418c28bace3ba9e34536a6825891a22f2f115dd22aaf968cc6f0da291dc6aac6b9d659722b93a24527c79417e237005e0b8f9509e7ca4cabec3", 0xc2, 0xfffffffffffffffd)
keyctl$link(0x8, r1, r3)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)

23:55:23 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x20)
wait4(0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x5100}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, 0x0)
socket$l2tp(0x18, 0x1, 0x1)
mincore(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0)
clock_gettime(0x0, &(0x7f00000003c0))
socketpair(0x8, 0x1, 0x0, &(0x7f00000004c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000000c0)={<r3=>0x0, @in6={{0xa, 0x4e24, 0x9, @remote, 0x10000000000000}}}, &(0x7f0000000000)=0x84)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000180)={r3, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x16}}}, 0x1, 0x1, 0x7, 0x6, 0x40}, 0x98)
r4 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x2, 0x2)
ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000240))

23:55:23 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x4, 0x11b001)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r1, 0x40045542, &(0x7f0000000100)=0x800)

[ 1212.008064][ T5991]  ? zone_watermark_ok_safe+0x260/0x260
[ 1212.008089][ T5991]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1212.012725][ T5461] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1212.017260][ T5991]  ? find_held_lock+0x35/0x130
[ 1212.017281][ T5991]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1212.017317][ T5991]  __vmalloc_node_range+0x48a/0x790
[ 1212.023337][ T5461] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1212.026641][ T5991]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1212.026663][ T5991]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1212.026685][ T5991]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1212.032780][ T5461] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1212.036015][ T5991]  vmalloc_user+0x6b/0x90
[ 1212.036035][ T5991]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1212.036056][ T5991]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1212.041609][ T5461] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1212.045563][ T5991]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1212.045585][ T5991]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1212.045606][ T5991]  __vb2_queue_alloc+0x5a6/0xf40
[ 1212.073397][ T5461] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1212.077232][ T5991]  vb2_core_create_bufs+0x2bc/0x790
[ 1212.077255][ T5991]  ? vim2m_buf_prepare+0x280/0x280
[ 1212.086000][ T5991]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1212.091796][ T5461] 49449 total pagecache pages
[ 1212.096461][ T5991]  ? lock_acquire+0x16f/0x3f0
23:55:23 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x900, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1212.096478][ T5991]  ? __video_do_ioctl+0x398/0xce0
[ 1212.096504][ T5991]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1212.109027][ T5461] 0 pages in swap cache
[ 1212.119997][ T5991]  vb2_create_bufs+0x47e/0x7a0
[ 1212.120019][ T5991]  ? vb2_request_queue+0x120/0x120
[ 1212.120040][ T5991]  ? mark_held_locks+0xf0/0xf0
[ 1212.120055][ T5991]  ? debug_smp_processor_id+0x3c/0x280
[ 1212.120078][ T5991]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1212.120105][ T5991]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
23:55:23 executing program 2:
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x300, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f0000000080)={<r1=>0x0})
ioctl$DRM_IOCTL_UNLOCK(r0, 0x4008642b, &(0x7f0000000100)={r1, 0xe})
r2 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r2, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1212.129841][ T5461] Swap cache stats: add 0, delete 0, find 0/0
[ 1212.133010][ T5991]  v4l_create_bufs+0xc0/0x180
[ 1212.133038][ T5991]  __video_do_ioctl+0x7f1/0xce0
[ 1212.142760][ T5461] Free swap  = 0kB
[ 1212.148988][ T5991]  ? v4l_s_fmt+0xa40/0xa40
[ 1212.149013][ T5991]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1212.149031][ T5991]  ? _copy_from_user+0xdd/0x150
[ 1212.149050][ T5991]  video_usercopy+0x4c5/0x10d0
[ 1212.149063][ T5991]  ? v4l_s_fmt+0xa40/0xa40
[ 1212.149093][ T5991]  ? v4l_enumstd+0x70/0x70
[ 1212.168273][ T5461] Total swap = 0kB
[ 1212.173001][ T5991]  ? mark_held_locks+0xf0/0xf0
[ 1212.173020][ T5991]  ? debug_smp_processor_id+0x3c/0x280
[ 1212.173043][ T5991]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1212.209435][ T5461] 1965979 pages RAM
[ 1212.220216][ T5991]  ? __fget+0x35a/0x550
[ 1212.220235][ T5991]  ? find_held_lock+0x35/0x130
[ 1212.220255][ T5991]  ? video_usercopy+0x10d0/0x10d0
[ 1212.220268][ T5991]  video_ioctl2+0x2d/0x35
[ 1212.220287][ T5991]  v4l2_ioctl+0x156/0x1b0
[ 1212.220303][ T5991]  ? video_devdata+0xa0/0xa0
[ 1212.220331][ T5991]  do_vfs_ioctl+0xd6e/0x1390
23:55:23 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xa00, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1212.236178][ T5461] 0 pages HighMem/MovableOnly
[ 1212.254867][ T5991]  ? kasan_check_read+0x11/0x20
[ 1212.254888][ T5991]  ? ioctl_preallocate+0x210/0x210
[ 1212.254914][ T5991]  ? __fget+0x381/0x550
[ 1212.254938][ T5991]  ? ksys_dup3+0x3e0/0x3e0
[ 1212.254955][ T5991]  ? nsecs_to_jiffies+0x30/0x30
[ 1212.254984][ T5991]  ? security_file_ioctl+0x93/0xc0
[ 1212.255003][ T5991]  ksys_ioctl+0xab/0xd0
[ 1212.255025][ T5991]  __x64_sys_ioctl+0x73/0xb0
[ 1212.265586][ T5461] 339409 pages reserved
[ 1212.278261][ T5991]  do_syscall_64+0x103/0x610
[ 1212.278285][ T5991]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1212.278297][ T5991] RIP: 0033:0x457e29
[ 1212.278313][ T5991] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1212.278321][ T5991] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1212.278335][ T5991] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1212.278345][ T5991] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1212.278353][ T5991] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1212.278371][ T5991] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1212.291234][ T5461] 0 pages cma reserved
[ 1212.291705][ T5991] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1212.369136][ T6000] encrypted_key: insufficient parameters specified
[ 1212.440024][ T6053] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[ 1212.652090][ T6053] CPU: 0 PID: 6053 Comm: syz-executor.0 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1212.707969][ T6308] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1212.710251][ T6053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1212.710258][ T6053] Call Trace:
[ 1212.710280][ T6053]  dump_stack+0x172/0x1f0
[ 1212.710307][ T6053]  warn_alloc.cold+0x88/0x184
[ 1212.803787][ T6053]  ? zone_watermark_ok_safe+0x260/0x260
[ 1212.809350][ T6053]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1212.814997][ T6053]  ? find_held_lock+0x35/0x130
[ 1212.819775][ T6053]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1212.819816][ T6053]  __vmalloc_node_range+0x48a/0x790
[ 1212.830628][ T6053]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1212.830650][ T6053]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1212.830671][ T6053]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1212.846243][ T6053]  vmalloc_user+0x6b/0x90
[ 1212.850591][ T6053]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1212.855622][ T6053]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1212.860482][ T6053]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1212.865512][ T6053]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1212.871321][ T6053]  __vb2_queue_alloc+0x5a6/0xf40
[ 1212.871358][ T6053]  vb2_core_create_bufs+0x2bc/0x790
[ 1212.871380][ T6053]  ? vim2m_buf_prepare+0x280/0x280
[ 1212.886595][ T6053]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1212.891714][ T6053]  ? mark_held_locks+0xa4/0xf0
[ 1212.896496][ T6053]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1212.901791][ T6053]  ? retint_kernel+0x2d/0x2d
[ 1212.906394][ T6053]  ? trace_hardirqs_on_caller+0x6a/0x220
[ 1212.912039][ T6053]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1212.918298][ T6053]  vb2_create_bufs+0x47e/0x7a0
[ 1212.923072][ T6053]  ? vb2_request_queue+0x120/0x120
[ 1212.928205][ T6053]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1212.933242][ T6053]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1212.938793][ T6053]  v4l_create_bufs+0xc0/0x180
[ 1212.943482][ T6053]  __video_do_ioctl+0x7f1/0xce0
[ 1212.948347][ T6053]  ? v4l_s_fmt+0xa40/0xa40
[ 1212.952775][ T6053]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1212.959020][ T6053]  ? _copy_from_user+0xdd/0x150
[ 1212.963877][ T6053]  video_usercopy+0x4c5/0x10d0
[ 1212.968649][ T6053]  ? v4l_s_fmt+0xa40/0xa40
[ 1212.973074][ T6053]  ? v4l_enumstd+0x70/0x70
[ 1212.977499][ T6053]  ? mark_held_locks+0xf0/0xf0
[ 1212.982265][ T6053]  ? debug_smp_processor_id+0x3c/0x280
[ 1212.987727][ T6053]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1212.993278][ T6053]  ? __fget+0x35a/0x550
[ 1212.997435][ T6053]  ? find_held_lock+0x35/0x130
[ 1213.002210][ T6053]  ? video_usercopy+0x10d0/0x10d0
[ 1213.007240][ T6053]  video_ioctl2+0x2d/0x35
[ 1213.011578][ T6053]  v4l2_ioctl+0x156/0x1b0
[ 1213.015922][ T6053]  ? video_devdata+0xa0/0xa0
[ 1213.020525][ T6053]  do_vfs_ioctl+0xd6e/0x1390
[ 1213.025119][ T6053]  ? kasan_check_read+0x11/0x20
[ 1213.029981][ T6053]  ? ioctl_preallocate+0x210/0x210
[ 1213.035096][ T6053]  ? __fget+0x381/0x550
[ 1213.039265][ T6053]  ? ksys_dup3+0x3e0/0x3e0
[ 1213.043690][ T6053]  ? nsecs_to_jiffies+0x30/0x30
[ 1213.048557][ T6053]  ? security_file_ioctl+0x93/0xc0
[ 1213.053676][ T6053]  ksys_ioctl+0xab/0xd0
[ 1213.057840][ T6053]  __x64_sys_ioctl+0x73/0xb0
[ 1213.062441][ T6053]  do_syscall_64+0x103/0x610
[ 1213.067048][ T6053]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1213.072944][ T6053] RIP: 0033:0x457e29
[ 1213.076847][ T6053] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1213.096878][ T6053] RSP: 002b:00007f6b78cc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
23:55:23 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x6, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1213.105333][ T6053] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1213.113310][ T6053] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1213.121279][ T6053] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1213.129342][ T6053] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6b78cc86d4
[ 1213.137319][ T6053] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1213.145325][ T6308] CPU: 1 PID: 6308 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1213.154360][ T6308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1213.164424][ T6308] Call Trace:
[ 1213.167731][ T6308]  dump_stack+0x172/0x1f0
[ 1213.172085][ T6308]  warn_alloc.cold+0x88/0x184
[ 1213.176773][ T6308]  ? zone_watermark_ok_safe+0x260/0x260
[ 1213.182325][ T6308]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1213.187964][ T6308]  ? find_held_lock+0x35/0x130
[ 1213.192743][ T6308]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1213.198403][ T6308]  __vmalloc_node_range+0x48a/0x790
[ 1213.203647][ T6308]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1213.208684][ T6308]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1213.214244][ T6308]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1213.215568][ T6053] warn_alloc_show_mem: 2 callbacks suppressed
[ 1213.215849][ T6053] Mem-Info:
[ 1213.219280][ T6308]  vmalloc_user+0x6b/0x90
[ 1213.219300][ T6308]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1213.219319][ T6308]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1213.219333][ T6308]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1213.219353][ T6308]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1213.219368][ T6308]  __vb2_queue_alloc+0x5a6/0xf40
[ 1213.219403][ T6308]  vb2_core_create_bufs+0x2bc/0x790
[ 1213.219424][ T6308]  ? vim2m_buf_prepare+0x280/0x280
[ 1213.219447][ T6308]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1213.219465][ T6308]  ? lock_acquire+0x16f/0x3f0
[ 1213.219485][ T6308]  ? __video_do_ioctl+0x398/0xce0
[ 1213.246925][ T6053] active_anon:183431 inactive_anon:194 isolated_anon:0
[ 1213.246925][ T6053]  active_file:13066 inactive_file:35909 isolated_file:0
[ 1213.246925][ T6053]  unevictable:3 dirty:244 writeback:0 unstable:0
[ 1213.246925][ T6053]  slab_reclaimable:18117 slab_unreclaimable:104335
[ 1213.246925][ T6053]  mapped:58661 shmem:493 pagetables:4175 bounce:0
[ 1213.246925][ T6053]  free:1036921 free_pcp:502 free_cma:0
[ 1213.258538][ T6308]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1213.258563][ T6308]  vb2_create_bufs+0x47e/0x7a0
[ 1213.258585][ T6308]  ? vb2_request_queue+0x120/0x120
[ 1213.258606][ T6308]  ? mark_held_locks+0xf0/0xf0
[ 1213.258623][ T6308]  ? debug_smp_processor_id+0x3c/0x280
[ 1213.258652][ T6308]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1213.279667][ T6053] Node 0 active_anon:731592kB inactive_anon:776kB active_file:52124kB inactive_file:143636kB unevictable:12kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:976kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 688128kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1213.283714][ T6308]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1213.283736][ T6308]  v4l_create_bufs+0xc0/0x180
23:55:24 executing program 2:
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x900, 0x0)
ioctl$PPPIOCATTCHAN(r0, 0x40047438, &(0x7f0000000080)=0x3)
r1 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r1, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:55:24 executing program 3:
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$BLKBSZSET(r1, 0x40081271, &(0x7f0000000180)=0xfff)
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x6, 0x5, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$int_in(r2, 0x5452, &(0x7f0000000040)=0x7)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001680)={{{@in6=@remote, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@ipv4={[], [], @broadcast}}, 0x0, @in=@dev}}, &(0x7f0000001780)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000017c0)={{{@in=@broadcast, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@initdev}}, &(0x7f00000018c0)=0xe8)
syz_mount_image$btrfs(&(0x7f00000001c0)='btrfs\x00', &(0x7f0000000200)='./file0\x00', 0x7, 0x7, &(0x7f00000015c0)=[{&(0x7f0000000240)="eb7d31049c3d3512c1c6bfea7ab0589190233679b6076290581f7fa69ac186fc895cc7e37fb2847668d9f7c71cb3e4033cf48fac0f3338a1ad7e697e475000380859871e701a1392a1489cc72c393b0b4bdd943667b6482aa04e7cdfec05e1d8de6443983b4ba245347be36a15b4378f2dbac78382dfbd82de6fbf0c9ae1d88378d693d4ac436336b89acab99eaa4fab18a8f36d5d071ce8483a9e0c99751382c7867812326fba724219324f899a8a12af211980f301b73af949c6b0c5c459f12b311f796d41d1f7e228cce34cf0c54d0cfa91714ff09e57be24", 0xda, 0x4}, {&(0x7f0000000340)="c0db922cbcb69e3b4e68b1028baa8e760f85a8379bd820a55dbc1a6d9c875cf3d5c0804bdfa4f3fc3051d046a69aef70b0fc0e5ac0adcb7938", 0x39, 0x401}, {&(0x7f0000000380)="452ed61e7179ea590467d43e8cab96a9b55ca6a46512af34ccd5a6219ceeec85a8237e65c3396e29d444e3ca57a1f69148f4a729fa1645c2c5eb1598df", 0x3d, 0x7}, {&(0x7f00000003c0)="6d6e4d2621cc5a16f40c49a37b5b0d93c56ed5745d4a37731092c04b872ed45cb41ffc4cfb3a32d5bd34ea8b47a742c00e9f639d69e7fe63932135e8822b2cc6b15567d946b07fb524b0e785bd0fed9707c83b4609ebc266a388d6824e3d4deb7356223a2a603cc8cea82037ab893dc9c600c78543f9bda7f16a9b3cb259b01b9bbc439e60e67ba83bb6cb45210e3994bd794ffbbcde00f068156672173dc2616199b6d790906927e0f7b7f496e723cd7e8d1941a512f78d47ad1b12a84e6d2202b38b7af01729ae7ac0be6632a762a0798018a3c16d4c2c928f288ba15081", 0xdf, 0x34ac}, {&(0x7f00000004c0)="efd324a95d85c06fc8", 0x9, 0x5}, {&(0x7f0000000500)="d3fa2d8529b9eac1d62f3d7643a6290258ed42260d13388cedf4c0e252569f51d32c222edf84fc9e669d91102e3ab005226c5bba66760a33897b944c3b6ade16bc09fb61bbd461563c2bcaa3220aaf70b66b4f39745666ffd147c54b92589389f47fc108b232cc83aba65cbd2252935e4f59042efbcfc9e3152fd50b38c040a43cf4e3eeec748260ca8024ee4869c09a5d099aba759964d55b5038d6fafd70c22ede7790c8acd6d6ab9f85566913a08a2fe76518f5fd5aab60679c54e95a5312173062d8b91aafa65afc8e96d8459a423e8d6199edc5e127134f98ff9cf8e83a9b5092ee5d00dbc8e8caa64d17daa3a214d0c33d28a22e3bb318c96f1fb10520ca6f1e034d5081f1c099e647c5752e66d1e154ee33f53323d55edcb901c7f3d43f9e1b19447e8c23e6f15c9420df0235fa8889c8d24596abd332723832ca299d8aca90da202aaf785c5ebf7716920cd4a704fda28bb6eaa6190116df3c012c22fcd516d219e1c4b426f21320628764dd2c70dbcf9b77a1a1f809f0933133e454a9d687d88bafefc630116a07e1f6f42b30839c25aefb14e6fe34672251db8af583e035c68027eecbafa101b88b1eae5747ebee6428d074121db48a47bd0d9b760d7e25b20468547de68ac7d91db8027449c2b99fa17f1a772c9ef54b3ecaaf357ef1e612b4898124c6743613a8d8aeb37fbc5fcb831b7a2bc4a5a9a73d80ef09142c0e869e8a3be51243a8339700a9bd15615742d0cbde9a3266acddd50d2249787930c21036a8bf9dc67505677b87b23b71467ebabeffa5c7a85fa8c1b36e2bc09bd90a51b13c9407a6cbc74a7dd41870af73ed5fe19a7818fe894635cb67dfcfd58a275c7577c1d656775a86650485103efb24e5526eb2a9e7d5667701d838094f9eba539816073f8a1a1ecee23906c10591ee4f95e27941c45ea572bf0cb1342be457f910515011c8d7892c014c4061d21aa91de727c01274ed93111fa8a3d709f4a097f45420b87972ad9a506beacf11ac2082ce4c6aacbb9600995d5d3f692cb0a61324e0e5f7508c3db4fe650d3e18ab5cab185edc75ff4a3011189add91f64d28775af225cb49fc12badd0b1ff17a450383f8359b4caf98928deb13c0ee7739105c80723896c0fc84236f4f61d6d9131e87f25dbb0e35c612fe4fb52303cd60a47f9586e8706ef67782645583fb84d802ad80ecf0acd116eb79509e9e878fb3c03ee0d25b11ff464ebb633238c123c3bd1c8f984d1fb21079217a3a43242b5740a3727655a3057bf5457a36d2c1921871ffe943e939b1c24de9f77fc3d152dfb219fe0d3fd7013c74387f94b4b532ce6f0de4b76b5227a8138b5923481578a5338be19c4db326954f1a75fcd513b2d8901738964d29a90da4e07ea515c156ea38cf72947c7c16c377f68e898dc205525fa2270ade195f72de193ff4e8ed73df2b849ae40d7e76b7d64fc070e2c8805a75f9ec6c0fda5591b91f5654189d162d496cd8761c261488b54b90605c82a817db8f76f79ed78c0c3a4fd2a4cd52bdecc7a70917243045496eeaad0334e06398e4bff9c14a8d191533f7726e6aaf090a768ce865ff335505aeeb230db3ffded1848c1c7b05c1bddd1b5bddadaab2f1e6d4f3c44e361394b877f4a82c75b56aaa11fea3173dfd03ad3da8b3a5f76e9a9d6a223c7e4b9005790dcabd0ff073443f3e93b376263d604771409f5e63893f592ae585a58dc2ca812e798fde3386119c8a86f9934534888c0c51f2ae0624b16d2b282e3fd5d744c7db861985671a534439cdb2ebd641dabb3537033fbdb9a65d4b70f4781ca7f1e89fdf658055bb071dfc13ab5af7826c09c8f6f86348ebbd20f26a4e0c25884d032b0a8b40232a4a36b017b84222d7bd142213a8cfc989334f2aff6f5cefee63cac139b5dfe3e6fe1a97e006e58c237b765b87858a952a2d8b0f3eb11e8c94892cd011029160e5f40c8e6fc284b1afcce7939affe3fb2b38ee2d05ff5512c5be42008aaa3e8484c50f6dc651805d6cd9a7b6c7aacc2f42160e29a7848b87acf47a30a2fe37a07c479c4aea0f2c2a1da6f0f35d695b977f27057e1f650e882583af02d572d81f874dfc76b97ed3c43fd243a3a8b4d3025fde5140fcfc4e374bb07dd18688c56f993d226c156c1879879a91b1d306dd57b9fa055e38dbf1c2d77d4ef3b4ccb7f5f087166b30275fcb444f0474f803ae96cd603ba8ddaff90d1d17bc243ef3cd76fbc34d382a009b36ce96f1e4aaafa0027a14820622ab35be389a350bb19c3692cfdc93f1520a4e754e6142e3002d9dcd57c52a9e31c5146402db52c51bf768521585a285fcaac0f8e225434c26651b2f76133e7966e5deabc537823223fa5c66a342137ea4fd9d2c9ed2f892d22f789141708db776dd75b0a3b6489263cbdeac93dbface2369cf19a1c12771a21068e6a986be2933500f60802255dc166a1c5b7551ab929a9b6ad046029f0ae0821d8a116d22f03b07b5e659f74a384bd529896d0af04fe314394c3af8ee26852b80340936a745a893b7a87e01a75b6fe2f6519cf9399811af012f231fef8e93132f413449b1fcf1d5b52195c57e7e04d73735a76aebc1a271f42e95aa240d17ecfaf12868ee75666ad6727a967178fe3016ba55bf4e4fb80d817698f4d06c0ef05af0382d2803e5ca26f56637012149818259d574c23d498cbc97d00ca348bd7f40531035770cd308d04946e5514dd767894579adc35531a808b668da5a96dbf3c4e59af36d13ee00ec8c9068933247b2135f8f5b086dbd5c6a982c1911cf18ee6009d91eeb388042f663a3cd91397434704edbb6152decb701be2c67b5efdbfa664893647eb091efad308e890329b51f07a15021dae941bb6521c000ae12e218056c9f7c3498d46e9ce640b5299024bdcbfc7ba6819254d4bed54f6ff404c4cb7a7578a17758fd203727b3d222c4016b33b68f31bf6b7ac49af4f4d9682732d8d99713f9aae7bef0a93fde137caa95dc5c932e4bd503e17ee35d0c0b48457edb87d0b55a1d862baad059f4e7e78539c6e64a774f99582b44966a456babf925f71750b9111d9fec4399daae8c30e23c8af63b175d6ea20d6e3f9fdf37c9fcfc7769035afbb3e501676740519de50b32128593c22de4bf1d3d763aeed24c945fe5806a24b9fa3a33d2c06c737edf2dc78041768f7ca4e7e3413ad889e619b89f9063e761192f7b13ca63c7f6af9ad9e937600a8ba7e323ae2e1b4c03871cd6592eb04812ddd950c7b66c08d7099312ddc1c498479a4a5702a4883da76827cba18da3758339d0b4e263343ef7a54b0a6fe126efc6243311f468f07e2a52dd02471ef64423b122fa732fabf3ec3e11b4fc5c6147a104488dfcf83de438cd3a01d6151165c9d6907d979927625eb367b727742d23c9eef32f352dd9f379e3757b9868071b94294b8a2de0662b30c3eaafd15c2cbebaa4d3bf11e1712f84d39a47cf377c1fa305d3d40ce3e1ba3551b0c72c1332bfc2a84b6cf383ddff34220af4fb8d02bec0ea31c98a4433dd71eff49615e23e55dfe6f643c6ef69917817c79dad07d351ac078977f0b48a80bedb33f01f29d5dc95246f61241b81cba2504576cdad1dfbfdf8bad1249abbabb496b963886c8d3fa41b4b97ad314e9821e9d8ab003ecb9db733d3cb99f8072b0b39a29b0012db7f2c9867bc6ce42261a5ad942605d52aba5445d5c401a1997f072d7c93224fbf4766fe9a63b6d8516bf49b50f4cc01c801c3d59d1dfc99de7e99615d5ebfa2118c0c4b68e552556e77d152b72c82a1eaa6c54047f1506d548cc69ba876e6cb1f974d5494c54ec8d55b0599ea1c87aaf340b7648c91b0ba205043007e2f242bcaab6a7909b553f040edc67d962ea3b4e4e71adf2f7616c3ddd2e61ca743bae2d87a0e5a425d0e20af78481de9198e2d32f867fd86e28660c9181ea8f90328a343eaae1aa996e52f536ab888d73068892c30d8490a70c88b5cd369875b77885241df29e1b8d80f9ad5a97e012b184909d7b2f99e557e696d9dc2160116a02b42b45a1a5b1ab60cd4d1911225f1422c63f93c995c147b86cfab181040877e5e66e0b561376983f31ced9c062303d5c1d297d2253f4f611923e1287587ae2eb5919a109b0e2d9fc184d685e6c02dfeeb631894c6dcff4a488794661c1c5d270ea891b1caf9523b5941ec7edfa39ef095dd1042486f4f07f5f9bbc19a164ee778e9f2954500f18889ee9f591d7d02544435919481fbf6a14e7a529fa12e35bea3d1d8add50d0f64a3f0b756b65c973facc2fd6ca359e4703d744cdf3c32cdba76bbebec9c3abc98c3f8904debb8f0c83ba4c2e7f082efb679c7ea88bc684f04449a48efd824b5fdf3a68b90f5747b57058b1102c95aab421c42784799729741fa885eb799efe21c6ed2ff16d9dd9ec3a8ff936162a3d20a6a96558f6c4516106b02408f6008be3896089b4d6856b6542c7b61ddad1c098e1eaec8a233bf878c424f123ced70d6fc9268bb03124d33af6c802f51436ed9c698c9afe2bf895c2d10c7e2452c2e986b2e6ae93a14b04362fc3962e6f7a0bd53ddf3c0f3ac5b37c03f55257741e3d206e04665af5deb0b1be941ebb56be21eed21676c38bb7adbc1f756c29ddfe9e049f6bdf223f2595ab7608e779dee1dfe5fd2f87d7ef15fd37e0bcb594ac1381f323812d05179274f54656afba35028cb6d53e448d34d6ae714f405502d60fa3742a6bab4b0065397f3b8288263cf079bccc1d17872ad9cb73639dd061f5c0cb7b963cbbbc064838c256e2c80c5b420d2697d37ea1dbfd3e1c667ebea427c0b39b83abd010e1744767e9a973219d86b7886c4f3db04d5c3ce3fa76d5b8abf65f41829f35847a45fd7d1951a010bdb43ef406a302bd20428ee5ef121db49ad5e25e59b695bc207b1cb88910a037ba141a91f3bda83fa7a9b2fa1c9dceec41d6123b170cb90c617b030f893d7274ab79045ec29c16fda370b19c0ac835286c39882e071f8ed53f8e979c7240feb887adf3428d18b240e4050806960f2404296415858a0be775c21904f685c1b0ea2b9103f142cf4d46a68c70ec73e57ff41a442b1555bf23e65504fbe2c4a859ad128579b86bdf85a55de3c123bc590d65871de6c3ebd78272ece45db64f83649aa78407df52eafabf7f3313d02e05a191c0071b896610d85d6d6af9c1c6b2ad3dbc46bc2b37f2546be766748ba18e2860a3d8e686c2c5084d078511ad3cbb86f25e56aa8105ba13af2b93ca0d259f4d19bfbbe5f5d12694605b0a2ec975e84823dec8069907cf0f8c8071dc2368ad19964835f793f28d628eb5031ef5b1d2aba9ce027ef4260396ec3859f3c7348a51415ba8d8dd855e5c481286aba8641dbd595f59c5f1aa921dbaddc55168a8f065417b6134b6393bac538bf84b37ca2c3d837e25495354c60b224b758518fbd81934f858c16205b92a4315573e3f709290d6a24c32fd3bdc82af9e02c11b6830c2379bb08a09244af1c4cae39f373ca3c2ec5756f3d3f373af7198ea2c3e62f52800ae29873b607fe01241f4286a36cdcfe6a45ccdf0c7aaae0d240bec49022bb5733d5fbad686e34d54d120e5b01e39b465512d85a293da5c2316c308854b0d1d7cc329c240bdc16629e7545610fffdaba86bccd28dd95fd8706d89268548348c6fe492539a44e7efe100c7e9c5ccebceb72cffce63e3303dbfdae1e7096c879b47a02d4401835b98012235d70d28d4ab1f058aacef70880b8c8aa17c9aba71c2582f41b81fa8405e4e35ea7dda8949382f6", 0x1000, 0x4}, {&(0x7f0000001500)="3fd4ee267c599187f69906050601dc27cad4e851e466e5cb4ae0cb7840e1ca6cdb3d6e338f7b5bb0d003a7a3a1ccab1b23e259f435c66e959d58f031711d68bd5d9d2ea254650a7fc406cdc8defdae9718a9dd0a20023df43a1b22ada0aadc6869ec2e0ac4fa6b1ea2acf7213afeb90f3122ffeb0e16bc8c7f8a71816a61c88ab489244a2092b9f3b7347f1717a265d491764894808afa7b500caf9252bb870e55d0b247426918f7baf7746389ea1ad45db575af", 0xb4, 0x49f4}], 0x804804, &(0x7f0000001900)={[{@nossd='nossd'}, {@acl='acl'}], [{@fowner_eq={'fowner', 0x3d, r4}}, {@subj_user={'subj_user', 0x3d, 'ip6tnl0\x00'}}, {@subj_type={'subj_type', 0x3d, 'ip6tnl0\x00'}}, {@uid_eq={'uid', 0x3d, r5}}, {@context={'context', 0x3d, 'unconfined_u'}}]})
getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f00000000c0), &(0x7f0000000100)=0x30)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:24 executing program 5:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001240)="2e0000002a00815f00000000000000cf1200b0eba0b4d65cdbaa18b29c473da67e3d743298cbb3001be63e75c80b", 0x2e}], 0x1}, 0x0)
r1 = syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x9, 0x800)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r1, 0x660c)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000280)={@empty, @multicast1, <r2=>0x0}, &(0x7f00000002c0)=0xc)
setsockopt$inet6_mreq(r1, 0x29, 0x15, &(0x7f0000000300)={@rand_addr="59b9b9a1f2a85a92633dc28cf6cf91b1", r2}, 0x14)
r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x480000, 0x0)
write$apparmor_exec(r1, &(0x7f0000000440)={'stack ', '/dev/adsp#\x00'}, 0x11)
setsockopt$RDS_CANCEL_SENT_TO(r3, 0x114, 0x1, &(0x7f0000000200)={0x2, 0x4e23, @local}, 0x10)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000003c0)={r1, 0x10, &(0x7f0000000380)={&(0x7f0000001280)=""/4096, 0x1000, <r4=>0x0}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000400)=r4, 0x4)
setsockopt$netlink_NETLINK_PKTINFO(r3, 0x10e, 0x3, &(0x7f0000000340)=0x2000000000000ee3, 0x4)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f00000000c0)={<r5=>0x0, @in={{0x2, 0x4e23, @empty}}, 0x0, 0x3}, &(0x7f0000000180)=0x90)
setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r3, 0x84, 0x23, &(0x7f00000001c0)={r5, 0x5}, 0x8)
fcntl$setsig(r3, 0xa, 0x27)

[ 1213.343581][ T6053] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1213.348122][ T6308]  __video_do_ioctl+0x7f1/0xce0
[ 1213.348148][ T6308]  ? v4l_s_fmt+0xa40/0xa40
[ 1213.348174][ T6308]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1213.348191][ T6308]  ? _copy_from_user+0xdd/0x150
[ 1213.348210][ T6308]  video_usercopy+0x4c5/0x10d0
[ 1213.348225][ T6308]  ? v4l_s_fmt+0xa40/0xa40
[ 1213.348246][ T6308]  ? v4l_enumstd+0x70/0x70
[ 1213.348273][ T6308]  ? mark_held_locks+0xf0/0xf0
[ 1213.360337][ T6053] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1213.382388][ T6308]  ? debug_smp_processor_id+0x3c/0x280
[ 1213.382408][ T6308]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1213.382427][ T6308]  ? __fget+0x35a/0x550
[ 1213.382450][ T6308]  ? find_held_lock+0x35/0x130
[ 1213.382469][ T6308]  ? video_usercopy+0x10d0/0x10d0
[ 1213.382482][ T6308]  video_ioctl2+0x2d/0x35
[ 1213.382501][ T6308]  v4l2_ioctl+0x156/0x1b0
[ 1213.382517][ T6308]  ? video_devdata+0xa0/0xa0
[ 1213.382535][ T6308]  do_vfs_ioctl+0xd6e/0x1390
[ 1213.382555][ T6308]  ? kasan_check_read+0x11/0x20
[ 1213.382579][ T6308]  ? ioctl_preallocate+0x210/0x210
[ 1213.395351][ T6053] lowmem_reserve[]: 0 2553 2555 2555
[ 1213.419245][ T6308]  ? __fget+0x381/0x550
[ 1213.419268][ T6308]  ? ksys_dup3+0x3e0/0x3e0
[ 1213.419284][ T6308]  ? nsecs_to_jiffies+0x30/0x30
[ 1213.419313][ T6308]  ? security_file_ioctl+0x93/0xc0
[ 1213.419333][ T6308]  ksys_ioctl+0xab/0xd0
[ 1213.419353][ T6308]  __x64_sys_ioctl+0x73/0xb0
[ 1213.419372][ T6308]  do_syscall_64+0x103/0x610
[ 1213.419395][ T6308]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1213.419408][ T6308] RIP: 0033:0x457e29
[ 1213.419423][ T6308] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1213.419441][ T6308] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1213.419456][ T6308] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1213.419466][ T6308] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1213.419475][ T6308] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1213.419485][ T6308] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1213.419494][ T6308] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1213.661296][ T6053] Node 0 DMA32 free:347852kB min:36232kB low:45288kB high:54344kB active_anon:731608kB inactive_anon:776kB active_file:52124kB inactive_file:143672kB unevictable:12kB writepending:1012kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:11520kB pagetables:16908kB bounce:0kB free_pcp:1804kB local_pcp:404kB free_cma:0kB
[ 1213.692907][ T6053] lowmem_reserve[]: 0 0 2 2
[ 1213.697862][ T6053] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1213.725550][ T6053] lowmem_reserve[]: 0 0 0 0
[ 1213.730487][ T6053] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1213.760859][ T6053] lowmem_reserve[]: 0 0 0 0
[ 1213.765493][ T6053] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1213.822996][ T6053] Node 0 DMA32: 233162*4kB (UME) 197131*8kB (UME) 67889*16kB (UME) 31065*32kB (UME) 15237*64kB (UME) 6527*128kB (UME) 2980*256kB (UME) 1467*512kB (UM) 983*1024kB (UM) 4417*2048kB (ME) 14*4096kB (M) = 18024560kB
[ 1213.844374][ T6053] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1213.859175][ T6053] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1213.878382][ T6053] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1213.888281][ T6053] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1213.897713][ T6053] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1213.907327][ T6053] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1213.916763][ T6053] 49479 total pagecache pages
23:55:25 executing program 0:
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000100)={0x2, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:25 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xb00, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:25 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x4, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:25 executing program 2:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0)
pwritev(r0, &(0x7f00000025c0)=[{&(0x7f0000000180)="52b50276d5354cce4ecb386d61bba79375e8eabcb36626185b08cb811266cb88e40c0e8e95b5179c71d306af698503e3a1a6e35b787f628517773c0292ad30cecb81a82eb4a66b7f850e361fd57ed5ce773b696483e8f9eb6651a8fc193508013954564d8a91d66d9c979ad32245b2819eaf6cfec96e244932131d5b54d10daf57239cfd9e4fdb179e559b8b7ec2489a0896f2d7cd9e1d27649449f3b148ebe4afa405b6713ed5558ca7f641f9402f19f129348fa724329c4561022d72b52fc55eb9e6b7e4e3de84af666f3dba48d30b686058950a50ae5d77bfe800d87fbae85e2276594b49ba4b9712d2bed6604cdafcbb37353e72ef4d007d3c9ce9a5134564727de7a6958a11ebef40a159e7a1b89a5952c80a2fccb89475290cb6ce289e38c77bfa4ec5d82958dc6d97ddd80c28904a87cf2b7a7e172ed8e7b3007a89287bdd294d7823183a95611c062cd7222e7d0b7290d111e7f583ca8b10be431eacc0a5b79bfc7b96ecfa02cde10f088b1aea6eb201e355ee8e62d4ff04a7abdc8c8d0cdd8c6c48c2ecc9aa445375ead21089d433a55e6be4af4ad5317f3ea37248403bedf3bb8cf9563cc7546a4c6dee4c2923b37378c95a7e043651a971e0b63c6782c9e058b495e44676518df85fa6e731e499634ae128dc8bba392217e2f0d69c7081dde5f7613ed2b2690c3e593eb510dd7fbe8434ecc4846c50a87447354110f4f41177d07603f30c9fa182479733c1b33476f5e38e9caf8076a526f443cb2c1922450e4a24b30f3a1a33a390ca37a4276f6a97724991f78256631d177ad1d921d9271f924288033d2e0ff9811d725a0d19bd668ef7e978a11b57380fd174e37f8247c51ddf35c0bb37eccc66d79495ab626b012394f1f4c583df47db907027f8fd48b7fbf15f6169836889ab8e7d327168550bcfcdda6405acd701a5b99e923202e84bcaea6abd80f506fd1472e984aaa071dbb57760a7e5c46da0556e27a080703d044f36f6169f0a73ee246254ecd380924e7dfdc7f864d2a55f050efd0acde237b325f8c7322746b7e5607df96d8e484e7b031ec6d21ca51b552a3eed5a1693f1fd5a89786c7bae49e8a360276a44839b35a96dbc64f5391157b20cf6eca86a1959d4673e021ebd31eef9ffac2c85ae2d95bda89b72f73bf3b35d7829591a81bab351bee0a4c9402cc46af1778d105717990fdf430640d918b40dc681e5d8f4bf52f09fe3d8b843743edac86ccd36488c7691d674abeac8eebaf404105b10a6b130d94decce615d61b8540321baafc828c335122038491d84e313d3095b5cbee1792409633b810cd8af23d337aa04c2d4f933bf6e344991b34a1cc0338f3c459dec71a1716275c7d4762b6f589653825393f3de99cb15a3b21ecab1ef61c960eddb1169c7713db74790321698d23e7340a397d4439d64a7855b58a9be355a8103db75595b8e2687f288437667100d890cba58d88eafbd2420299ee0c7a93325dc4fca8eb333b5823171fd993eda860bb5fa82b1f3f93c41d513dfcf9b1cae629424f7fb7a4ddc047a4df1128906d9d906ef9f16424df472b573f9ab026b8221cee81012d24fa5e25c604c408834194eeaa3e18d4f634f5e696882a6f586f07b56d69a44e5aec61e6b7e852ca837ca7a3d237a6b446f24c57b783226dd4294d6e7ba05be165d6758170600852e1774192570710e810456d845e88197b7b72c4b87f2d869802a6c355d1a21b056def1a746c080639537e5540eaf079c9751939c394e855240024f7e2d5dad48e460ca1e6cbda8ebcecc1e14b8ed49d0a8cad426bf0a8d0192c3926ba599ce412e68d5cb5db953d5014152942747f76a17e8804b8e5cf14eef2eb93113448bf3cc9b2ac673594d928618055be2377ffba40cbcbebfdaf34ae41a3ff4263591d83c2964fdde9743becd97f3f759a48bdf6c9f9acad760781883befb3d5a58d3201546ef1e577855cc77c888b73a0e6d422d309f32a8be0a1f906d21804d62682ed27a341d11137e35b7ddeabad1c8f7af85c3b8852e8fe15b0f0eaf5189e56aa9b3ee9aab6ff79a48c457367f0d24cd816a060b346b161055e63a47cb161fb0ed65edffb9c219c84c146af25bf0511e310c6684a3d8200d6d31f795470c63b328574619bb5f6f61a58a8920d4624031b7a3401fab9891c60b274fd9f6c4dcc0807aad8ca820f2c9fc36db5446b5c25a01d16aae73b8ce5bc4387608260a53b750006b6ad4de813b8a1a04d16b50def67b5595fb18a185c31404c3d04deb144d18cde280fd6156ae36e748c2c5507ede500e97ab68d853f19e4cf41ee5809d1bf3ef7a28a6852f3907c741e31b67f9399bca496ccc6e220709ff2d4aba2837a7ab1db43c542d2b70fd18cdaff6942c31034b81ddc942080ef98393e26407c2db80b55f9cbe74cea524a8038064c583906c15360f6994800a6c986a3992e0596555b68454f6d74ca35fb83598b13499c5a673556855905c5eaefbdb885ed9767dc769d7e1c1c6528b52dc56bc10bf3f8a906beb1c0175652d7802f1e237da62c560ce1759441b099f48107e271ede45737837a7f8149af85b4a26a311b160d772b0e0c312f4343932f0fc1ecb17d612ef4ea19408a42364d37b8d6983fec9fd26dadc1fb467d54a7191e122d8893a35e5f6e2a2093f07ef5840fa79b3675e1ec00cb8e46308212c29f3e09f88462c770833dc70c5b703767e28358172f660f3ed0536f40fdf25bbb48d2105882cf1a8334bb8da72fb2e2175541858c1d52b25056e2daf7fbb6185c7db91768b3c0893a1481f4f29741fede629e2a441dabd99a4a6b3055467e1e94c8134212173a04d9c938655b6fdb5e26c34cddab5e6139dc79821a8737a690e92168be6955a27d125038b225d1051a8ae9a608ba845f629e83e7e05978cf810aef1cf3971f05ca7e42f66d94bc55a2c5f8582584a3e3d8f33d9653760bb2e634570b419fe01037f087f176466ea1541a664e89165d77a893a4694bb4f6813840a5e05ae3de53efbb4c91afbca4df89b5699e1ba189c65fbb660a36f4a2a31d1eb8f1c4ec06929b920917766571bd77cf0626ae8c69399e3c8099f4644a4383e01982d07edc2d5566e429b320cb165e8cfb951f15274413fc0002e38d7d352dd585d9ddb1d12540a751305d818580f532413cfb05b0bd9248691c248f6afa359f5ae6ac5c0a8d4f6346ef01fd1c289e8f34cae7fdb4aab48f9b947c3aae42825e084017cd04a1245a0121afe72b583770816aa6d4a9d1c0251db6228e1d2def7cc579ee0f06dc88795fe748e6e2b0c037c465b09cb514ac2fd9bb3bbd02312fe8b17bb1b097fd70335a72ece8cf0178d11414c3d77d87880477256f9262c3da19482bba4a22416041aa631b1bcc5cd40fc0c4fe7e51748035b82e17440e65797e4661708d8f7e2d973ee079c83e5228d1b11322d0020409c690055895b8b54096ded8035ff9ca58832699da7ea67080cb98f01b005b6bffc314a61509ae1fbd67ab0db297a8ca92635a3a23877dfc2aa1e52d651427c3014172ef769e13a84384704b358f68883e157620187fff92521822b2fdcbc219bc1fc6b63fffff77d3e76145137accdf2de94b193b9bfd8059d7af8ddc252fc6f18b4cec299bad33b4a539a8c35a95330be4a702a8c9c00c0c520affbdfbbad076c2d4804c8f650155984b1677d7c6c9ee65584f06ab985057e3259f171011d1c9f9b574fa248f5ffaaa39c27e1979ea99e84d294b30977d5eb3cf40e63ea984eff4299abc93db5d57c32cc46c1d742bf2c33c25c2c399a12b61d67bf6247168615b2d8256857b24868fed02a302f03a0491c8165bb7371cdfb6d567ee50d7a26e0cfc725ed0ffeec126abe3d3e9644b274c64b462b9e927d516f5b6bf4c6df885f86d812ed62a9b0ad393aa097ba6c3551a68e954f84b8b7749ab1ec79eb906c4beaf6a9462c373727b9af321c9e92780a03989e70b164e04df7c806a4abee0cb3dfc2ea6a8d12b65dfb17d4fbd4a606e52bb9a7daf1c9275f5e234ae8418377b6500db8203b3f5ab5738a75bc888fa43cdb1e68d58a7f3908a5333143c728b5989f9c479b4fe1abe50333d5c2bb1463bdb1b655c258cc6d08c04d0a727eb4a1fa79e7fa7586e86ea242dad5fed1b31fe4feb7271af44ab852c38ed511122204bdc7e77e2c504c999eced883c9e21f19bcbce1a7b2586f3f59aa4a0ea209a784e7bb727a8be8b012617d28fa200a237f40860178e2b2dd3ee91fbaa62356de480ef6a7bf8712f52a62b8876443eba8b8fb4e8e7496d28536ccbf6c67a1b7fb099f52fb17f1dad9c225621be6ec1691199eb5879d94ad3444f0b6ba6037d35e8ea95565e93852ac3b5afdd3f180315514425681fa624a4fbdd4b0d169167705bb1e142322881475026e64117b4170c464ce195194b8196161dce0a36631dd2451a1a73e1e67cc08beb01df76ade11b906494a33560774547f25dee1f627be2a2c178c744f10969316c0a24d83b4c5af73ec6ba373967646ad8e513eba90acd8204d2c027f1d6b0aa33d042b0b517eb1085941b85237b255cbcbf7c04985e6ffbeb5130c83efa85819e3f6d22ca641b24508ba4f268302bd9c4f568c8ce4b95823c2d931cab697885970b5657b7e65150a7bd053d4f92125ac48c977eaab5a71bd6bd473f6cb481bee359dea9d97a458442520b7b78b62a7d52f7be001f4663c71e866da74ad929a47afaff4f9f67b85d354f49c9187cad0feaab669c7b860b9b59b1a686f5d0cfbfdf70e50682383ac5762aca972a741cbea9d1f518b67d1dd0f4ec5c398c1f051891a8b12c005c4552e553945afcfccac55b678239c15cc1d6de60b349ee3192ab27a3db2dccbcec51058d1334e40d9bdf375e4ed35c4373d65c3f924c4afd6d0fb2118c6fb43205114fb6b95d70a9da4134970366fd27a3349a8f68953a1185d3aceffcd8204994abc706b69cedbbb1560da310145ab5be2adbeefb5c5ac6c715fdf2a2b8b5d97d83c2179014cbf0150db1dfe8a778ea069d3d2634e802446bbc37a204d41cccb742e794c7b254e3b8875987fac8ca63e2940ff989a439f3c7509525875010b17e57df7eadfbc278ad183676956174fd4c393c9fbb423a37cf532b6321aacb36019b403298fff42e243c7bc6376f2201e8c4caa5dc49a4d8103f04cb8063da2f8ea7cc4d6635746f6344240d5ec4a936452ff84ba227e017b0707538969a4cd6be160c3680697e833d6fe624ca6c953d189e4247bf4bb63b5db2b57865f2ea6889c0c7f158edcde1137acdcc57ff8d96771f2bc3a89fca4125c543041da14808c807c93db4d90c7f6988218aff6f5412fc66148e4bb79646fd2d60327b4b50a5acece1962634c3bf31900b11ee4bb3735b7266923f81fb7caa48de0480adcf640a8c3148bb58532791186bb3a6ad228cb89294186d06bcea6546b6b6bab52cd598432fa4fbf1e455dd8c45fdee55abb643ba75629b49654afe44139cde5d47d65df3f641dd0ae45c8293dfc2e1cc607251e8488761f5b475ed07865a6000d977963b26c61154ffcf456336c2db9faa4de69d2e29e4b10e9e03de3f134cfe2c61937a7f3204ba949d179b1bdbc51220587207c7b2cd763a3e330cd0db3b5c94c0029eb90cdee9cfd2fa0794ba912c7ff8397ead142ad4fcc2f9a5238ef8584bc2f96c62b02e958c8516712cc54def0e19df96688c87a30a9f1a912bfca8bc1c307401e337c33fb52226347baf05c79ed48bf92c83d2613220bef3b18781927dc8949b391fffb02", 0x1000}, {&(0x7f0000001180)="eefe16b7dd56298951b99dde579e90b4e08688bc6f6c7288fa95aa54ac27e4072f9c6cb056adaf074321af146b8ab7bcb7ef8b6a42f293a15c2058757497a48b0140c4447474e738b2a3b29df4f4008ca35e496fe9917b5398d1049c6e96d0d369f71133a74cc0b9634a07a4b48b72fea98ce12fc512895c60bcc25b729bba64a54d484c1eb78aad01a3a843ee263e0330e4d76904821e3c23a50a2b1946e6abed3083a6d6e8d94cd34954683b1d0020ec3152e6b4bfe9ff5cc13599f3450171da27243919e80f2e1a814e80ead4d058ba9c36f9ab5cc2febdcf8f5f63", 0xdd}, {&(0x7f0000001280)="0c5f6593df934ceb6499273797b12e4ebbce1a1e020189543fa7561a04245ab8cb009871f38f4d7b05ed1bfc9f1519b10e30d92b376ad7a61d2d062ea64d3612cc8f7c7dfe9f32d4d1de5123b91bf9ba0a565022bbb07c7e20a685fb505fa4b76ed6d347a177aaba0b8019772d3e3c326b4a4aa03bb41daa4d3d5838d06e068747ddc91c97b41ba5951ea16f6b14eb3b3fd4a3640001d0f2b4b20926ea1163365e88713cea2a4d31b3897158af227ffc9e72331cc98496c9111e735788b74f7c005e019e702aa0a3c49ac5657377175f119331903d4f4c8cb9355ea3653074338c19eb4d8a9328bce2fa0c4583d383e5", 0xf0}, {&(0x7f0000001380)="06ff321fb6223accf8c9bb4e821577ed58fe337c3f79e9a6f30346944dfdbf142fe0dfbc387c3288c335c751a79964e1e11e869973268154a6e734bfacf0bb861c2e222514a707d774c4f07c2c7d620ec90dd5643e2fe6a737d898f649d2961b3e4106df51074d124d76db7f4175fbb3ca0f03700e465dcc981e5b4ee0d0e6f0fb232ac15d4c0b7b1c34891b2b30820228f7653e6f64eb1cafd66022e60dcf9a39880a3d153b3f724e964f1c1ad7ab84fa12b008141463c775b1a2ce1b26eaf2b32e7dccaa520bffe6ef53ad813d62b7a791b1bd486cc4bc684c8943f3db4aceea2feb7d3875c93733fc434b805722c7d9ddfd09afd6", 0xf6}, {&(0x7f0000001480)="2fd72e1dbf6e49b15f14f08979a4557ee13e38", 0x13}, {&(0x7f00000014c0)="5c15bd89e0205aca7ebb1f07bf7e66ede0f2db1d6fa0e48314c039eaf2817e8165ea18b92c9082d09ac3e135e73ed9ec4a96a10885f5355b1b48ebe8a59ad414f49f053d503f95f588c149944937c8b45cba26cfd3210dbe460b9b588902a8382afad18ef143eb2f85a9fea42a3a0f901ab6cc9858afb69d78d1bd78131ae06857e38b70a6c74b67071a324d3a2a5b09ad3992cf0b5b9c6b19c2fd0d73ee76894d99d8bbde0ef48c632c69", 0xab}, {&(0x7f0000001580)="7128ce3fab8e2e28ba995f17d456593cf2f931942bd938d82a6c822c242b8519cc8803f25baf5b", 0x27}, {&(0x7f00000015c0)="fd8dd652108bd1a566669f4a9112561638a248e77e8a54fb87c7daadf0bd62e0e7c424930e8da530aa33dbad45a313ebfc04a1613bd69b65c7269a5453f23fcd2107736f84bfdd678b501c7bc1343aa9e9883850490315b012a33a6545e6c5e074fff355697458c439d52acac468f041a19f1c6fcd09a9ca1bf4d225f4727a62ee517d97175eaeb60d5aeda20f4d0bb4b149522fa687c2bd680ada8ec66d7573f2ba70504cc39ef172383c650c7e310a435f057c2404d566858505b0854dcf22dccc0bae7ab88d69d3ba0ff60d3b4144a2f25bf456468591c88f9fb70ce65c06d9d907e9d1802225f2dd421b9d758687327e7323362a23e2f554beec3784e3a589b7b64056b69bceb0fa579a1ebff6a175d4eef9381e5a6bdeef70dc60cc52c964cff164025636d8f59977e2c2052129569866f2ae347798e4d9b1a85898ae12d1eb584ee27938520c59d7579cc0b6fc366d90b6625f09ab52bb3c9ab436fd71dce5cb83d0a126dc8aefa143141ca79ff3a4d6217228e2a17599ea1a533e0c46bf82de549800b406e0d97eb2464e3df81e0d583d167d4c8fa8e8775c42f4d02074ea3444b1250828a881c4061f483e1036d3ef588f25b0e9871340c25b41d94d522f48ab16f819c9068bc356ef1a4357e4256154e6426de924f98ae3181bf9884f3e4ae4f7ff7eb08c991d90fbf715e1b0d87e3123e1103cdbbe759acb5312fe59eff6873d17937bc580c565b482eceac0bb05f16bb2bf490842c963f6bb2a106472e161e8aea7a805b6ab4eeb5459b5f5ce5ffc8b747e0418a028a60b7c9f80412aeec02fa12ea82c0fb2e9808204313ff617de68af013b44680832622285b3890dc0a14233057011f106ceac0b4d351425cd490d259caea3659d910077fc8e641837e4af18598dd451462fbd6629084a60e31a2b33657c2c7a2dd1a4861c5f00917cddfcf3e5d8e0c56439907d9ebaa8ac3b7e48c6d51acce2e609ece429b30f292958cce7eae9beb1dd052a4c827bec6f9e16b4c0c334bed8b0b8c86a7d31a862bd78b395f87a43119b9a3023cfaad1a16ef16bb9bce7ba6628e4fe716a079b2129cbf5c1d2827418248219fd5e565e5f6c1b8b127e1901ca314ab383a5c8b6cb6a7faaf81c92031839d79e37ffcd02bf6638a76d406f37a46eb734475a328ffdb7307cae9970e15bbcc51b9104d1ffb44e25eb538324fdebfce96d63288de8f6376e94037db1369c0227f258c4fa877706f8bf9c9fe36081ce669affd5b2040689d09f43fe91471b485f9621a05227cb0be61926b03e6685f99fc86b79fbf4a3afc693648672d603d1ca915a8253cc9148de3d069e37931c5f196f8eee7b9f73300c1f6ea3600a6d26fb2694841c57e64b9c81af896082a8cb3143379242fdcbc3361669c6a30e3c8af70706629b3f019fd3f5ff24a163bb6ede8e0143439506e61f1673e264687e6d472c3d81a1db8b79b8f0a5aa5996b5db80c3f34ab185a60a8214a4dc84a4c4202065f6da8aee172050c118e1408c8efb51f297c04e0b4da45d37261dcc0955356aaf49290b0a0e2fdb128cea742f57f688192e8f5dc1f53b8b3c7fce48a4c250b06c594de948ede8a220534c86f400fff8e21d68296d69d8eea76745a49a0bd0babaf3b5ca81640215441e48163270c253dc35a2e27d168b3a8747cfdd4d186e7922cc9db9f20c81177594a0cadbdf3634ed170e0b608c328a124277b02999ea0c24bcc303a06dbd3d31bb1c47c5a7ff26722322e8348ecbfab4db3d5db1c9d889986d40dda3e1e5ee6a7ce6f31e3c0e2f7d2465632dbbde9cc6dad70467c8f4ff5b2cbbebf0d1842ee6ec8eae464f885a2c56f191ca04e446a0db8f690a74bb06cc466e372023bcbf43d7d99a5c557de98be32883ecab8fd3e5ba92255228282c74c14291f0793e0f17f30dd832323934db1a51c52c34d9259ce40f5f8d54da0f857784eebc2d11c69dba98cf13d60d0333122104b4b26d929a3de6509e2dd79d30e2ea6be8d3a1805ce7d77d4909c30502152645c839957ec3de8f2a72ef35dee4e007a296cb3b778e0a6bccc84a02dcdd4a5a85af297b151bf346d667de06298db11296826685f227b126d732f700850bf96ec809293d5d81304d64630d079648137549b34075e4216519a3e3ab68a1f51169358053a77952f0efbcf7f0079f8aff7732f4769a1ca365126b21c7e1648d4aa75b5f20dda39d894c991b6c4aaeeeb073487815a166f6293b1212d6a5ff3d5e886c02e35ad3290a7be7d6e74d84f0ee7e68848c7f85d20a5cf6e0c006b62db705d797d6995483f9587557a07966725dbb2d50a6eccacb473da61468d49d02d0280a94c6b0256b7a3e3c9433f772fa0e9c101cd4032faa7c7d72de9a7eca35f030f6b88d31d9a67ab4e1d27e73734f2b213153f714a70bad53be8168774f0c743dc897d25777f65c52108e19fa6e352b34a27397cc9c69677a3ad666d6e946f6da7fff5b552d596d56c0e302b1bb79c1c4ef2d0b3e827bca4780d42560e3ccebf5f35f3f7afc2cf04367bc52258b6d92ca5b41016a1d0df2bbca9b2d24f4b7980bd7bf2700ac5e1a163b050cd30620514d47c81c5e0f5fbad111411b93bcd21198a8d7431056413387eddbea5f3d6c7d3c2c4de8d2c54f0ffd9923e416caa85551ac2363284660aa0ec4bed5c062e3e9a3f5a81b047f4112a89fc5dffaa5bc63ef863235ed8da55ab0481acf6ea1e47107482d5186f3fd44149b92111d8256239189bbaba8e9e93da1d09a07c7f38b77822170f69c48cdb452e6130bb34f8da0f04e652d1cb08b1b0ce0135b77fdc69162f9f5a998f5318e2c65e69c1d2e80572fe855e02a66d950b71868ae0407cb3061c352a1dcb11531ea9fc9a607b4d09f068d29c28a02600bf4b96f0a0345c3d38d8bbf9bb6080697bc0bb1be2e02d6c8177a85bd17851154c922a8a156b1a5c92f8d3e4519285e84f248320591df008f1a5770067adf3fac1f341f48b1dcd0485a4ce84c2831bb5bd76a98448b544fd6b2bc7ff56225b53ecbf48a2b84a0ca20884522be7fcbab7216308b9f3a4dac8a44021586bfa2098dabc40c0f8ee8552fac679cd39be4b6e16cc21fbfceab006cdd0a2c8825affe782ceb82df960d70d58b16153a317bf346348191a1bef5ab904f1af7094b2042252aa9868c7125ad49ce41f552f8e7f7c9c12148e7f97aceef9bf7c0a6ce046f6fcbc099dd0f173c1d674bbd580fd5e257c296b3e67839f8fc271950847a832bc912bd1e3d1a56dff2d05a843d6995afb3c97621e75a10ba019c255d1612ad6559a84b25ac2d642e0a6b8b11515981ed8b8ea0887f8b9ca880482fe993727395b445d54ae4c00aa0c47f4762af89f6aa872cf3597f2b7dc8c53bba8b63495522ffc393bdbdd0f9e61931f4beea136f1870096722ae1f3c39d5f8476d226bdee6c1ad1b3c5ea55a9ffad10d1f73951e5cda9feddfa0cc60f9eed784abac29dd173dce48ad7efd3b293c992bf3ff4d74bffb1250d098aa3f63c181af7a3d809126020af2575103a1de4e86f836fc898c32eac4ef8981322e889ccf0076e2df9e42a712dcf1b788ddebd638c9494799cb48830a5ed2b75f653bcea623f76642f91383275d9e7ada04b07a1d9710edcc47377eb025c9d18da7f7d0403587a1edf5b1bc94ddd299e520a11dfa92cff60b433c91be8fe842daaebc5df3c06b3cb733d1a5a3f64e8c8656cd09449bd0c54587a480530f7c529891aaa651a80aedb1e9019e409bfe5cc5ef515651fa55426c4feddf0a7452ecc0a6c1fe93b6b1d66f24c4e193b1097960c5056863368c864bc962d809e020ce3ea5eab95142139953d5cb7b0fbe35907c9ca8543ac0d0d4dee538eea8668d38d34c11dcf81820552503b38bf09c7b5439745feb07a36ef9082c043c329692919fb02b22519b7ef59f9219deaed1fe176a885e34046bd312c7957faf6a319cbf63884ac9e065526ef79744756f8d3d68c4d03ac7e4bb5e29e1353f4705b9fe5d6f8595009515a15b0e0f6c612737b23bf73af1c51135878089e5bf72ddddc4cc13b3103d14bb389dfa7ab30752586cf75a16cb24a9b1197a119a8a933c57ddc7c67f52f52395204a497050b63d724c96a978837a00d6e67383619dcb146183586c7ff0ed7bae1168efd1a8952b30218051eeb02d89a5070b575daf52821b31941608454e974ccafefae07da7ae54c5e1d8df6a6a00b4f29c90fd5cf76f683e610d4562e40fc623192900e4fb8265245d32ba6643d1b70234c53d74bdf2134b9a907249573274c6d9d8efeeb1576ff437ec3eaafd30710f1414fb6db9cb8d71cb78647736b8b018fdefded34df817b099fb8dc4e3f5d4649fe3b69357c53f26e8a72891bb765ef9dfbb07384a395d0b01fe4dd41bf8cb122ae740f93151b0b8e56980d6c1c68818661ecb8dd14fce944da9ff8948065e02d26943febe66250fcc5c95e57148a1175b74241eb2f1dad1b7cb76f9708c3383ec9280ee00dc0644d93ea048c3b08877d469341e31a8e7fa68790e9ceb7f4ba51cab2b6367241372fb2e0d4ca3edf5e1bf3e28025349d1a8b8eae4128aea67120f869e61d1b72aa65e728385bc130aa1a486919b9d936ec503505e9bb3df65088f6916e0ef70d551e503f4b9f9fa828d7258891f076ffb8cac5f96dbac8dbffb11a23ac7f892783d33ddd7f7fc40430b62eadf777d78011eee6820b9b2f68984f6e228cd7bb4855084e60d69bdfc16298aa3974284f340945f5c0713995fe458010cbf436be0ccefaab12a7025b677c0b1bd011fa80350c8226dc7b4db2c9a9adffc9d7af703eb8ef8d6f4c96aad58ccf96aaeb96d4ba48dd49d965cc92ca7cbf891b46c236cef38413d60768e852d8f91fcfee216378f413b1330665af9380800b928a7fb0e6db30e1b894bb1a6b8e8a0975f33b5c0910acc12f932f654076ff359c9bc3faa27986e373dd9351f0ab25b80d7559e4403c14fd6f5fd8693f97e2405235cb0ff16c63283404c1762f0cdf86012ac0b1f9155a3d4b421429f028ee5d007dca223a090a2b5a5e472f958bdf5f220e2754c575916124842f8b132e09b5f46d6e6e5b7622c33ca04c87819a3aef7c72450e1d9e3823e4c503a74ff4aefc7175434973fdb25d2a55e460e25be30f1fa719bdad504dbe85c28a097c58bd4ac2bbbeb36741b4087e4fd6d8b45978abecfeb730fb38489859bd8be3e12f8afb0fd057ead728c35fc2e52d32826868600c9fea68177f1368e117b6f5a975877d2f53033c6f074abbbeaf12ce2119f26cc47f9f6caa3ba5d0da5d1520fa88a52e4951d9adbcf5e6761f76b7a986b63e418787bad1a7cdf64e531ad6669a2f744dc6fd832a588dd00f01fb9ae0f0acde85923550497fa7f40401f2ccb62070d7924c479d11e928d84b020570f3781c1cc0ed35b2573cc587a86c82fcfda0c67449453f299a0f3b5cb999805550352d6672cfbe46a54abbbb28bce7de32e81a90dc4d7b6942533bee777f7464abd0271a278e71ec33023ec3abbad52ec050a37616bb8f203131709e1b3e05968e4a22875b424a833ed546283604096f4f70f3b7ab28b4ba0f85f376a97ef58d4d4689c9b46f281f9bf41d2e83c10c8b1b8812893454434df727021a361ff3732e61a491578f19e33838f13e27370c51ec67df09bc4473efde1599b9051d60f7fabdca2f4009d03693e68a4fbfebec198216364f498849be79d52bd1cc55cc03294f933f343be8510c1e7c4f1305679b2e6170b8710001f63714b089bc98cd1d2844b", 0x1000}], 0x8, 0x0)
r1 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0xfffffffffffffffe, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x100, 0x0)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f00000000c0)=0x100000001, 0x4)
fcntl$F_GET_RW_HINT(r1, 0x40b, &(0x7f0000000100))
ioctl$CAPI_GET_PROFILE(r1, 0xc0044308, &(0x7f0000000140)=0x10000)

23:55:25 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x7, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:25 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x400000001, 0x1, 0x2, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
r1 = syz_open_dev$audion(&(0x7f0000000100)='/dev/audio#\x00', 0x9, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000140)={0x1, 0x1000}, 0x2)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x4, 0x80)
connect$rds(r0, &(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f2, &(0x7f00000001c0)=')vmn\xd4g1\x00\x00\xbd\x00\x00\x00\x00\x00\x00\x00\x00')

[ 1213.922572][ T6053] 0 pages in swap cache
[ 1213.926775][ T6053] Swap cache stats: add 0, delete 0, find 0/0
[ 1213.933003][ T6053] Free swap  = 0kB
[ 1213.936847][ T6053] Total swap = 0kB
[ 1213.940728][ T6053] 1965979 pages RAM
[ 1213.944633][ T6053] 0 pages HighMem/MovableOnly
[ 1213.949489][ T6053] 339409 pages reserved
[ 1213.953947][ T6053] 0 pages cma reserved
[ 1214.023158][ T6737] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
23:55:25 executing program 5:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0404309, &(0x7f00000000c0)=0x10000)

23:55:25 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xc00, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1214.127884][ T6737] CPU: 1 PID: 6737 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1214.136963][ T6737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1214.147036][ T6737] Call Trace:
[ 1214.150344][ T6737]  dump_stack+0x172/0x1f0
[ 1214.154705][ T6737]  warn_alloc.cold+0x88/0x184
[ 1214.159413][ T6737]  ? zone_watermark_ok_safe+0x260/0x260
[ 1214.164977][ T6737]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1214.170624][ T6737]  ? find_held_lock+0x35/0x130
[ 1214.175399][ T6737]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1214.181068][ T6737]  __vmalloc_node_range+0x48a/0x790
[ 1214.186276][ T6737]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1214.191310][ T6737]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1214.196870][ T6737]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1214.201930][ T6737]  vmalloc_user+0x6b/0x90
[ 1214.206791][ T6737]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1214.211827][ T6737]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1214.216682][ T6737]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1214.221726][ T6737]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
23:55:25 executing program 5:
syz_mount_image$reiserfs(&(0x7f00000002c0)='reiserfs\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001800)=ANY=[@ANYBLOB='grpquota,data=writ \x00\x00\x00\x00\x00\x00\x00,barrier=flush,barrier=n'])

23:55:25 executing program 0:
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000100)={0x2, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1214.227548][ T6737]  __vb2_queue_alloc+0x5a6/0xf40
[ 1214.232517][ T6737]  vb2_core_create_bufs+0x2bc/0x790
[ 1214.237740][ T6737]  ? vim2m_buf_prepare+0x280/0x280
[ 1214.242865][ T6737]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1214.247994][ T6737]  ? lock_acquire+0x16f/0x3f0
[ 1214.252690][ T6737]  ? __video_do_ioctl+0x398/0xce0
[ 1214.257729][ T6737]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1214.257750][ T6737]  vb2_create_bufs+0x47e/0x7a0
[ 1214.257769][ T6737]  ? vb2_request_queue+0x120/0x120
[ 1214.257788][ T6737]  ? mark_held_locks+0xf0/0xf0
[ 1214.257803][ T6737]  ? debug_smp_processor_id+0x3c/0x280
[ 1214.257826][ T6737]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1214.257845][ T6737]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1214.257861][ T6737]  v4l_create_bufs+0xc0/0x180
[ 1214.257887][ T6737]  __video_do_ioctl+0x7f1/0xce0
[ 1214.304310][ T6737]  ? v4l_s_fmt+0xa40/0xa40
[ 1214.308835][ T6737]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1214.315085][ T6737]  ? _copy_from_user+0xdd/0x150
[ 1214.319955][ T6737]  video_usercopy+0x4c5/0x10d0
[ 1214.324734][ T6737]  ? v4l_s_fmt+0xa40/0xa40
23:55:25 executing program 0:
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000100)={0x2, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1214.329169][ T6737]  ? v4l_enumstd+0x70/0x70
[ 1214.333775][ T6737]  ? mark_held_locks+0xf0/0xf0
[ 1214.338553][ T6737]  ? debug_smp_processor_id+0x3c/0x280
[ 1214.344024][ T6737]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1214.349677][ T6737]  ? __fget+0x35a/0x550
[ 1214.353839][ T6737]  ? find_held_lock+0x35/0x130
[ 1214.358648][ T6737]  ? video_usercopy+0x10d0/0x10d0
[ 1214.363683][ T6737]  video_ioctl2+0x2d/0x35
[ 1214.368024][ T6737]  v4l2_ioctl+0x156/0x1b0
[ 1214.372365][ T6737]  ? video_devdata+0xa0/0xa0
23:55:25 executing program 5:
ioctl$VIDIOC_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl(r0, 0x7, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x1d4)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000080), 0x1c)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1d, &(0x7f0000000240)={@mcast1, <r4=>0x0}, &(0x7f0000000280)=0x14)
r5 = openat$full(0xffffffffffffff9c, &(0x7f00000027c0)='/dev/full\x00', 0x200000, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000002800)=ANY=[], 0x0)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f00000002c0)={@mcast1, @mcast1, @mcast1, 0x0, 0x5, 0x4, 0x0, 0x3, 0x10000000280, r4})
r6 = dup(r2)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r6, 0x402c5342, &(0x7f00000004c0)={0x100000000000, 0x40000009, 0x9, {0x0, 0x989680}, 0x40, 0x7})
ioctl$SG_SCSI_RESET(r5, 0x2284, 0x0)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000380)='TIPC\x00')
sendmsg$TIPC_CMD_GET_NODES(r6, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1200000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r7, 0x200, 0x70bd2c, 0x25dfdbfc}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
ioctl$VIDIOC_S_AUDIO(0xffffffffffffffff, 0x40345622, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_kvm_setup_cpu$x86(r5, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000540)="66ba410066b8c9ba66ef42dfa752000000c4617bf03048b893000000000000000f23c80f21f835000050000f23f82e0f01c88f898892bc1a020000000f01c866b899000f00d0430f0fb800000080bb66410f388234150e000000", 0x5a}], 0x1, 0x60, &(0x7f00000005c0), 0x0)
sendmsg$TIPC_NL_MON_SET(r8, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000329bd7000fddbdf251100000008000100090000000800020081000000"], 0x30}, 0x1, 0x0, 0x0, 0x4844}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r9 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0)
readv(r9, &(0x7f0000000100)=[{&(0x7f0000000000)=""/1, 0x2}], 0x200000000000000f)
sendmsg$nl_generic(r8, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbbf4, 0x0, 0xd}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x8, 0x11, [@generic="e2ab"]}]}, 0x1c}}, 0x0)

[ 1214.376970][ T6737]  do_vfs_ioctl+0xd6e/0x1390
[ 1214.381572][ T6737]  ? kasan_check_read+0x11/0x20
[ 1214.386450][ T6737]  ? ioctl_preallocate+0x210/0x210
[ 1214.391572][ T6737]  ? __fget+0x381/0x550
[ 1214.395748][ T6737]  ? ksys_dup3+0x3e0/0x3e0
[ 1214.400176][ T6737]  ? nsecs_to_jiffies+0x30/0x30
[ 1214.405057][ T6737]  ? security_file_ioctl+0x93/0xc0
[ 1214.410189][ T6737]  ksys_ioctl+0xab/0xd0
[ 1214.414365][ T6737]  __x64_sys_ioctl+0x73/0xb0
[ 1214.418976][ T6737]  do_syscall_64+0x103/0x610
[ 1214.423581][ T6737]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1214.429483][ T6737] RIP: 0033:0x457e29
[ 1214.433384][ T6737] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1214.453000][ T6737] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1214.461426][ T6737] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1214.469509][ T6737] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:55:25 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
r1 = open(&(0x7f0000000000)='./file0\x00', 0x80000, 0x0)
ioctl$TIOCLINUX5(r1, 0x541c, &(0x7f0000000040)={0x5, 0x9, 0x5, 0x200, 0xffff})

23:55:25 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xd00, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:25 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x2, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1214.477498][ T6737] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1214.485518][ T6737] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1214.493507][ T6737] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:55:25 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000080)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f0000000040)=0x10000)

[ 1214.579684][ T6737] warn_alloc_show_mem: 1 callbacks suppressed
[ 1214.579689][ T6737] Mem-Info:
[ 1214.629696][ T6737] active_anon:183425 inactive_anon:192 isolated_anon:0
[ 1214.629696][ T6737]  active_file:13066 inactive_file:35923 isolated_file:0
[ 1214.629696][ T6737]  unevictable:3 dirty:281 writeback:0 unstable:0
[ 1214.629696][ T6737]  slab_reclaimable:18174 slab_unreclaimable:104208
[ 1214.629696][ T6737]  mapped:58686 shmem:493 pagetables:4221 bounce:0
[ 1214.629696][ T6737]  free:1036511 free_pcp:356 free_cma:0
[ 1214.704349][ T6737] Node 0 active_anon:733760kB inactive_anon:768kB active_file:52124kB inactive_file:143692kB unevictable:12kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1124kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 681984kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1214.737762][ T6737] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1214.765057][ T6737] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1214.811147][ T6737] lowmem_reserve[]: 0 2553 2555 2555
[ 1214.817907][ T6737] Node 0 DMA32 free:349696kB min:36232kB low:45288kB high:54344kB active_anon:731620kB inactive_anon:768kB active_file:52124kB inactive_file:143692kB unevictable:12kB writepending:1124kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:11392kB pagetables:16588kB bounce:0kB free_pcp:2056kB local_pcp:1040kB free_cma:0kB
[ 1214.856961][ T6737] lowmem_reserve[]: 0 0 2 2
[ 1214.862050][ T6737] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1214.889532][ T6737] lowmem_reserve[]: 0 0 0 0
[ 1214.894267][ T6737] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1214.923682][ T6737] lowmem_reserve[]: 0 0 0 0
[ 1214.928550][ T6737] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1214.943140][ T6737] Node 0 DMA32: 233162*4kB (UME) 197159*8kB (UME) 67896*16kB (UME) 31063*32kB (UME) 15239*64kB (UME) 6525*128kB (UME) 2980*256kB (UME) 1467*512kB (UM) 983*1024kB (UM) 4422*2048kB (ME) 14*4096kB (M) = 18034944kB
[ 1214.963882][ T6737] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1214.979515][ T6737] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1215.002012][ T6737] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1215.013652][ T6737] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1215.023470][ T6737] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1215.033111][ T6737] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1215.042453][ T6737] 49489 total pagecache pages
[ 1215.047126][ T6737] 0 pages in swap cache
[ 1215.051366][ T6737] Swap cache stats: add 0, delete 0, find 0/0
[ 1215.057491][ T6737] Free swap  = 0kB
23:55:26 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x8, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:26 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xe00, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:26 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x2, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:26 executing program 2:
r0 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x3, 0x2)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r0, 0x10f, 0x83, &(0x7f0000000180), &(0x7f0000000200)=0xff71)
r1 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r1, 0xc0044308, &(0x7f00000000c0)=0x40000010000)
write$P9_RLINK(r0, &(0x7f0000000140)={0x7, 0x47, 0x2}, 0x7)

23:55:26 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x4040001, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x200040, 0x0)
ioctl$ASHMEM_GET_PIN_STATUS(r1, 0x7709, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:55:26 executing program 5:
bpf$PROG_LOAD(0x5, &(0x7f00000031c0)={0xc, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1840000000000000000000000000000095000000a0010000"], &(0x7f0000000140)='syzkaller\x00', 0x3ff, 0x1000, &(0x7f0000000240)=""/4096}, 0x48)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000002680)='/dev/rtc0\x00', 0x210000, 0x0)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000002700)='nbd\x00')
sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000002800)={&(0x7f00000026c0), 0xc, &(0x7f00000027c0)={&(0x7f0000002740)={0x4c, r1, 0x100, 0x70bd27, 0x25dfdbfb, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x5}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x101}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8801}, 0x10)

[ 1215.061209][ T6737] Total swap = 0kB
[ 1215.064932][ T6737] 1965979 pages RAM
[ 1215.068844][ T6737] 0 pages HighMem/MovableOnly
[ 1215.073520][ T6737] 339409 pages reserved
[ 1215.077756][ T6737] 0 pages cma reserved
23:55:26 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x2, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1215.195301][ T7217] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1215.247037][ T7217] CPU: 1 PID: 7217 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1215.256114][ T7217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1215.266187][ T7217] Call Trace:
[ 1215.269507][ T7217]  dump_stack+0x172/0x1f0
[ 1215.273864][ T7217]  warn_alloc.cold+0x88/0x184
[ 1215.279011][ T7217]  ? zone_watermark_ok_safe+0x260/0x260
[ 1215.284569][ T7217]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1215.290216][ T7217]  ? find_held_lock+0x35/0x130
23:55:26 executing program 5:
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vsock\x00', 0x80000, 0x0)
mq_timedreceive(r0, &(0x7f0000000380)=""/74, 0x4a, 0x80000000, &(0x7f00000002c0))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$audion(&(0x7f0000000780)='/dev/audio#\x00', 0x7ff, 0x0)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r2)
socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x89a1, 0x0)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x89a0, 0x0)
lsetxattr$security_ima(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='security.ima\x00', 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r2, 0xc10c5541, &(0x7f0000000640)={0xbc, 0xffff, 0x0, 0x0, 0x0, [], [], [], 0x2, 0x2})
sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x8000, 0x0)
r3 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000900)=[@in6={0xa, 0x4e24, 0x7ff, @rand_addr="9e5eeab84d90181aa26fc9362676f3c7"}, @in={0x2, 0x4e23, @broadcast}, @in6={0xa, 0x4e20, 0x2, @mcast1, 0x3}, @in={0x2, 0x4e23, @local}, @in={0x2, 0x4e21, @empty}], 0x68)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, 0x0)
close(0xffffffffffffffff)
write(r3, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200)
sendfile(r3, r4, 0x0, 0x10000)
lsetxattr$security_smack_transmute(&(0x7f0000000840)='./file0/file0\x00', &(0x7f0000000880)='security.SMACK64TRANSMUTE\x00', &(0x7f00000008c0)='TRUE', 0x4, 0x1)
openat$cgroup_ro(r1, &(0x7f0000000300)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0)
stat(&(0x7f0000000600)='./file0\x00', &(0x7f00000007c0))

23:55:26 executing program 0:
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000100)={0x2, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1215.294989][ T7217]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1215.300657][ T7217]  __vmalloc_node_range+0x48a/0x790
[ 1215.305869][ T7217]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1215.310925][ T7217]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1215.316482][ T7217]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1215.321521][ T7217]  vmalloc_user+0x6b/0x90
[ 1215.325864][ T7217]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1215.330934][ T7217]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1215.336062][ T7217]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1215.341108][ T7217]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1215.346933][ T7217]  __vb2_queue_alloc+0x5a6/0xf40
[ 1215.351913][ T7217]  vb2_core_create_bufs+0x2bc/0x790
[ 1215.357130][ T7217]  ? vim2m_buf_prepare+0x280/0x280
[ 1215.362252][ T7217]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1215.367379][ T7217]  ? lock_acquire+0x16f/0x3f0
[ 1215.372069][ T7217]  ? __video_do_ioctl+0x398/0xce0
[ 1215.377112][ T7217]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1215.383377][ T7217]  vb2_create_bufs+0x47e/0x7a0
[ 1215.388170][ T7217]  ? vb2_request_queue+0x120/0x120
[ 1215.393300][ T7217]  ? mark_held_locks+0xf0/0xf0
[ 1215.398094][ T7217]  ? debug_smp_processor_id+0x3c/0x280
[ 1215.403581][ T7217]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1215.408625][ T7217]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1215.414193][ T7217]  v4l_create_bufs+0xc0/0x180
[ 1215.419207][ T7217]  __video_do_ioctl+0x7f1/0xce0
[ 1215.424099][ T7217]  ? v4l_s_fmt+0xa40/0xa40
[ 1215.428544][ T7217]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1215.434816][ T7217]  ? _copy_from_user+0xdd/0x150
[ 1215.439693][ T7217]  video_usercopy+0x4c5/0x10d0
23:55:26 executing program 0:
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000100)={0x2, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1215.444475][ T7217]  ? v4l_s_fmt+0xa40/0xa40
[ 1215.448922][ T7217]  ? v4l_enumstd+0x70/0x70
[ 1215.453356][ T7217]  ? mark_held_locks+0xf0/0xf0
[ 1215.458143][ T7217]  ? debug_smp_processor_id+0x3c/0x280
[ 1215.463625][ T7217]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1215.469291][ T7217]  ? __fget+0x35a/0x550
[ 1215.473473][ T7217]  ? find_held_lock+0x35/0x130
[ 1215.478258][ T7217]  ? video_usercopy+0x10d0/0x10d0
[ 1215.483314][ T7217]  video_ioctl2+0x2d/0x35
[ 1215.487694][ T7217]  v4l2_ioctl+0x156/0x1b0
[ 1215.492042][ T7217]  ? video_devdata+0xa0/0xa0
[ 1215.496657][ T7217]  do_vfs_ioctl+0xd6e/0x1390
[ 1215.501276][ T7217]  ? kasan_check_read+0x11/0x20
[ 1215.506163][ T7217]  ? ioctl_preallocate+0x210/0x210
[ 1215.511290][ T7217]  ? __fget+0x381/0x550
[ 1215.515482][ T7217]  ? ksys_dup3+0x3e0/0x3e0
[ 1215.519928][ T7217]  ? nsecs_to_jiffies+0x30/0x30
[ 1215.524817][ T7217]  ? security_file_ioctl+0x93/0xc0
[ 1215.529953][ T7217]  ksys_ioctl+0xab/0xd0
[ 1215.534126][ T7217]  __x64_sys_ioctl+0x73/0xb0
[ 1215.538732][ T7217]  do_syscall_64+0x103/0x610
[ 1215.543347][ T7217]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1215.549255][ T7217] RIP: 0033:0x457e29
[ 1215.553160][ T7217] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1215.572956][ T7217] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1215.581381][ T7217] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1215.589360][ T7217] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1215.597338][ T7217] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1215.606214][ T7217] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1215.614195][ T7217] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1215.617047][   T26] audit: type=1800 audit(1550706926.493:165): pid=7463 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=17617 res=0
23:55:26 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xf00, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:26 executing program 3:
socketpair(0x10, 0x1, 0x10000000, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r0)
fcntl$dupfd(r2, 0x0, r1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f2, &(0x7f0000000080)='\'\x00')
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000000c0)={0x3f, {{0xa, 0x4e21, 0x100, @ipv4={[], [], @broadcast}, 0x80000000}}, {{0xa, 0x4e20, 0x3, @loopback, 0x5}}}, 0x108)
r3 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x40, 0x41)
ioctl$TUNSETPERSIST(r3, 0x400454cb, 0x1)
openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x240, 0x0)

[ 1215.717972][ T7217] Mem-Info:
[ 1215.725950][ T7217] active_anon:182878 inactive_anon:193 isolated_anon:0
[ 1215.725950][ T7217]  active_file:13066 inactive_file:35936 isolated_file:0
[ 1215.725950][ T7217]  unevictable:3 dirty:311 writeback:0 unstable:0
[ 1215.725950][ T7217]  slab_reclaimable:18162 slab_unreclaimable:104265
[ 1215.725950][ T7217]  mapped:58661 shmem:493 pagetables:4186 bounce:0
[ 1215.725950][ T7217]  free:1037489 free_pcp:487 free_cma:0
[ 1215.786969][   T26] audit: type=1804 audit(1550706926.513:166): pid=7463 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir465997981/syzkaller.sIWEmg/3105/file0" dev="sda1" ino=17617 res=1
[ 1215.860604][ T7217] Node 0 active_anon:731616kB inactive_anon:772kB active_file:52124kB inactive_file:143744kB unevictable:12kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1244kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 686080kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1215.894611][ T7217] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1215.921643][ T7217] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1215.949719][ T7217] lowmem_reserve[]: 0 2553 2555 2555
[ 1215.955169][ T7217] Node 0 DMA32 free:352860kB min:36232kB low:45288kB high:54344kB active_anon:729456kB inactive_anon:772kB active_file:52124kB inactive_file:143744kB unevictable:12kB writepending:1244kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:11392kB pagetables:16596kB bounce:0kB free_pcp:2500kB local_pcp:1352kB free_cma:0kB
[ 1215.986389][ T7217] lowmem_reserve[]: 0 0 2 2
[ 1215.991026][ T7217] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1216.017823][ T7217] lowmem_reserve[]: 0 0 0 0
[ 1216.019599][ T7706] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1216.022378][ T7217] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1216.022424][ T7217] lowmem_reserve[]: 0 0 0 0
[ 1216.043759][ T7706] CPU: 1 PID: 7706 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1216.065833][ T7217] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1216.069217][ T7706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1216.069224][ T7706] Call Trace:
[ 1216.069248][ T7706]  dump_stack+0x172/0x1f0
[ 1216.069273][ T7706]  warn_alloc.cold+0x88/0x184
[ 1216.069296][ T7706]  ? zone_watermark_ok_safe+0x260/0x260
[ 1216.078342][ T7217] Node 0 DMA32: 233207*4kB (UME) 197171*8kB (UM) 67919*16kB (UM) 31060*32kB (UME) 15245*64kB (UME) 6525*128kB (UME) 2980*256kB (UME) 1467*512kB (UM) 983*1024kB (UM) 4426*2048kB (ME) 15*4096kB (M) = 18048164kB
[ 1216.092512][ T7706]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1216.092531][ T7706]  ? find_held_lock+0x35/0x130
[ 1216.092549][ T7706]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1216.092584][ T7706]  __vmalloc_node_range+0x48a/0x790
[ 1216.102670][ T7217] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1216.105913][ T7706]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1216.110260][ T7217] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1216.114901][ T7706]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1216.120461][ T7217] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1216.140660][ T7706]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1216.140679][ T7706]  vmalloc_user+0x6b/0x90
[ 1216.140697][ T7706]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1216.140713][ T7706]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1216.140727][ T7706]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1216.140744][ T7706]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1216.140756][ T7706]  __vb2_queue_alloc+0x5a6/0xf40
[ 1216.140787][ T7706]  vb2_core_create_bufs+0x2bc/0x790
[ 1216.140811][ T7706]  ? vim2m_buf_prepare+0x280/0x280
[ 1216.146958][ T7217] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1216.151364][ T7706]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1216.151381][ T7706]  ? lock_acquire+0x16f/0x3f0
[ 1216.151394][ T7706]  ? __video_do_ioctl+0x398/0xce0
[ 1216.151419][ T7706]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1216.151447][ T7706]  vb2_create_bufs+0x47e/0x7a0
[ 1216.157061][ T7217] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1216.162252][ T7706]  ? vb2_request_queue+0x120/0x120
[ 1216.162273][ T7706]  ? mark_held_locks+0xf0/0xf0
[ 1216.162288][ T7706]  ? debug_smp_processor_id+0x3c/0x280
[ 1216.162311][ T7706]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1216.176623][ T7217] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1216.181568][ T7706]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1216.181585][ T7706]  v4l_create_bufs+0xc0/0x180
[ 1216.181602][ T7706]  __video_do_ioctl+0x7f1/0xce0
[ 1216.181623][ T7706]  ? v4l_s_fmt+0xa40/0xa40
[ 1216.181647][ T7706]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1216.181670][ T7706]  ? _copy_from_user+0xdd/0x150
[ 1216.201426][ T7217] 49497 total pagecache pages
[ 1216.206442][ T7706]  video_usercopy+0x4c5/0x10d0
[ 1216.218947][ T7217] 0 pages in swap cache
[ 1216.220992][ T7706]  ? v4l_s_fmt+0xa40/0xa40
[ 1216.225301][ T7217] Swap cache stats: add 0, delete 0, find 0/0
[ 1216.230321][ T7706]  ? v4l_enumstd+0x70/0x70
[ 1216.230339][ T7706]  ? mark_held_locks+0xf0/0xf0
[ 1216.230355][ T7706]  ? debug_smp_processor_id+0x3c/0x280
[ 1216.230372][ T7706]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1216.230392][ T7706]  ? __fget+0x35a/0x550
[ 1216.230412][ T7706]  ? find_held_lock+0x35/0x130
[ 1216.235458][ T7217] Free swap  = 0kB
[ 1216.240274][ T7706]  ? video_usercopy+0x10d0/0x10d0
[ 1216.240288][ T7706]  video_ioctl2+0x2d/0x35
[ 1216.240307][ T7706]  v4l2_ioctl+0x156/0x1b0
[ 1216.240322][ T7706]  ? video_devdata+0xa0/0xa0
[ 1216.240341][ T7706]  do_vfs_ioctl+0xd6e/0x1390
[ 1216.240364][ T7706]  ? kasan_check_read+0x11/0x20
[ 1216.246319][ T7217] Total swap = 0kB
[ 1216.251089][ T7706]  ? ioctl_preallocate+0x210/0x210
[ 1216.251105][ T7706]  ? __fget+0x381/0x550
[ 1216.251126][ T7706]  ? ksys_dup3+0x3e0/0x3e0
[ 1216.251142][ T7706]  ? nsecs_to_jiffies+0x30/0x30
[ 1216.251169][ T7706]  ? security_file_ioctl+0x93/0xc0
[ 1216.251189][ T7706]  ksys_ioctl+0xab/0xd0
[ 1216.256554][ T7217] 1965979 pages RAM
[ 1216.261493][ T7706]  __x64_sys_ioctl+0x73/0xb0
[ 1216.261512][ T7706]  do_syscall_64+0x103/0x610
[ 1216.261533][ T7706]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1216.261545][ T7706] RIP: 0033:0x457e29
[ 1216.261561][ T7706] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1216.261577][ T7706] RSP: 002b:00007f7c2f160c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1216.271161][ T7217] 0 pages HighMem/MovableOnly
[ 1216.275995][ T7706] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1216.280864][ T7217] 339409 pages reserved
[ 1216.285656][ T7706] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000004
23:55:27 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x9, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:27 executing program 2:
openat$capi20(0xffffffffffffff9c, &(0x7f0000000040)='/dev/capi20\x00', 0xfffffffffffffffa, 0x0)

23:55:27 executing program 0:
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000100)={0x2, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:27 executing program 5:
socketpair(0x8000000000001e, 0x5, 0x0, &(0x7f00000006c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
write(r0, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
r2 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x40000fffff9, 0x1)
ioctl$FS_IOC_FSGETXATTR(r2, 0x80045515, &(0x7f0000000080)={0x81})
lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000000c0)=@v2={0x2000000, [{0x1f, 0x5}, {0x3b, 0x4}]}, 0x14, 0x2)
sendmmsg$alg(r1, &(0x7f00000006c0), 0x4924924924926e4, 0x7fffffff)
syz_open_dev$rtc(&(0x7f0000000100)='/dev/rtc#\x00', 0x2, 0x200000000202)

23:55:27 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1100, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:27 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0xfffffffffffffd75, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
r1 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x1ff, 0x101800)
ioctl$KVM_GET_REGS(r1, 0x8090ae81, &(0x7f00000000c0))
finit_module(r0, &(0x7f0000000000)='ip6tnl0\x00', 0x2)

[ 1216.285672][ T7706] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1216.292118][ T7217] 0 pages cma reserved
[ 1216.296663][ T7706] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1616d4
[ 1216.582558][ T7706] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:55:27 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0)

23:55:27 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1200, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:27 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040)='/dev/capi20\x00', 0x48000, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1216.763445][ T7861] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
23:55:27 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
sendfile(r0, r1, 0x0, 0x10001)

23:55:27 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1300, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:55:27 executing program 2:
r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x20000, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f00000001c0)={@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x0, 0x0, 0x1, 0x2, {0xa, 0x4e21, 0x0, @loopback, 0xd9cc}}}, {&(0x7f0000000100)=""/76, 0x4c}, &(0x7f0000000180)}, 0xa0)
r2 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r2, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1216.856001][ T7861] CPU: 0 PID: 7861 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1216.865070][ T7861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1216.875236][ T7861] Call Trace:
[ 1216.878565][ T7861]  dump_stack+0x172/0x1f0
[ 1216.882951][ T7861]  warn_alloc.cold+0x88/0x184
[ 1216.887657][ T7861]  ? zone_watermark_ok_safe+0x260/0x260
[ 1216.893227][ T7861]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1216.898922][ T7861]  ? find_held_lock+0x35/0x130
[ 1216.903737][ T7861]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1216.909421][ T7861]  __vmalloc_node_range+0x48a/0x790
[ 1216.914650][ T7861]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1216.919690][ T7861]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1216.919707][ T7861]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1216.919725][ T7861]  vmalloc_user+0x6b/0x90
[ 1216.919741][ T7861]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1216.919768][ T7861]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1216.944587][ T7861]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1216.949636][ T7861]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1216.955627][ T7861]  __vb2_queue_alloc+0x5a6/0xf40
[ 1216.960707][ T7861]  vb2_core_create_bufs+0x2bc/0x790
[ 1216.965944][ T7861]  ? vim2m_buf_prepare+0x280/0x280
[ 1216.971074][ T7861]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1216.976207][ T7861]  ? lock_acquire+0x16f/0x3f0
[ 1216.980907][ T7861]  ? __video_do_ioctl+0x398/0xce0
[ 1216.985969][ T7861]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1216.992230][ T7861]  vb2_create_bufs+0x47e/0x7a0
[ 1216.997018][ T7861]  ? vb2_request_queue+0x120/0x120
[ 1217.002155][ T7861]  ? mark_held_locks+0xf0/0xf0
[ 1217.006952][ T7861]  ? debug_smp_processor_id+0x3c/0x280
[ 1217.012434][ T7861]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1217.017741][ T7861]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1217.023307][ T7861]  v4l_create_bufs+0xc0/0x180
[ 1217.028006][ T7861]  __video_do_ioctl+0x7f1/0xce0
[ 1217.032883][ T7861]  ? v4l_s_fmt+0xa40/0xa40
[ 1217.037601][ T7861]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1217.043865][ T7861]  ? _copy_from_user+0xdd/0x150
[ 1217.048753][ T7861]  video_usercopy+0x4c5/0x10d0
[ 1217.053537][ T7861]  ? v4l_s_fmt+0xa40/0xa40
[ 1217.057972][ T7861]  ? v4l_enumstd+0x70/0x70
[ 1217.062403][ T7861]  ? mark_held_locks+0xf0/0xf0
[ 1217.067181][ T7861]  ? debug_smp_processor_id+0x3c/0x280
[ 1217.072659][ T7861]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1217.078223][ T7861]  ? __fget+0x35a/0x550
[ 1217.082392][ T7861]  ? find_held_lock+0x35/0x130
[ 1217.087170][ T7861]  ? video_usercopy+0x10d0/0x10d0
[ 1217.092203][ T7861]  video_ioctl2+0x2d/0x35
[ 1217.096987][ T7861]  v4l2_ioctl+0x156/0x1b0
[ 1217.101327][ T7861]  ? video_devdata+0xa0/0xa0
[ 1217.105945][ T7861]  do_vfs_ioctl+0xd6e/0x1390
[ 1217.110548][ T7861]  ? kasan_check_read+0x11/0x20
[ 1217.115411][ T7861]  ? ioctl_preallocate+0x210/0x210
[ 1217.120527][ T7861]  ? __fget+0x381/0x550
[ 1217.124704][ T7861]  ? ksys_dup3+0x3e0/0x3e0
[ 1217.129138][ T7861]  ? nsecs_to_jiffies+0x30/0x30
[ 1217.134019][ T7861]  ? security_file_ioctl+0x93/0xc0
[ 1217.139148][ T7861]  ksys_ioctl+0xab/0xd0
[ 1217.143329][ T7861]  __x64_sys_ioctl+0x73/0xb0
[ 1217.147955][ T7861]  do_syscall_64+0x103/0x610
[ 1217.152561][ T7861]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1217.158461][ T7861] RIP: 0033:0x457e29
[ 1217.162373][ T7861] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1217.181995][ T7861] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1217.190419][ T7861] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1217.198402][ T7861] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1217.206424][ T7861] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1217.214410][ T7861] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1217.222389][ T7861] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1217.342933][ T7861] warn_alloc_show_mem: 1 callbacks suppressed
[ 1217.342938][ T7861] Mem-Info:
[ 1217.355011][ T7861] active_anon:182890 inactive_anon:194 isolated_anon:0
[ 1217.355011][ T7861]  active_file:13066 inactive_file:35936 isolated_file:0
[ 1217.355011][ T7861]  unevictable:3 dirty:318 writeback:0 unstable:0
[ 1217.355011][ T7861]  slab_reclaimable:18171 slab_unreclaimable:103953
[ 1217.355011][ T7861]  mapped:58661 shmem:493 pagetables:4211 bounce:0
[ 1217.355011][ T7861]  free:1037712 free_pcp:569 free_cma:0
[ 1217.422574][ T7861] Node 0 active_anon:729396kB inactive_anon:772kB active_file:52124kB inactive_file:143828kB unevictable:12kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1344kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 677888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1217.452438][ T7861] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1217.479796][ T7861] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1217.508552][ T7861] lowmem_reserve[]: 0 2553 2555 2555
[ 1217.513867][ T7861] Node 0 DMA32 free:352800kB min:36232kB low:45288kB high:54344kB active_anon:729396kB inactive_anon:772kB active_file:52124kB inactive_file:143828kB unevictable:12kB writepending:1344kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:11392kB pagetables:16480kB bounce:0kB free_pcp:2472kB local_pcp:1488kB free_cma:0kB
[ 1217.545310][ T7861] lowmem_reserve[]: 0 0 2 2
[ 1217.545651][ T8189] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1217.550034][ T7861] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1217.550081][ T7861] lowmem_reserve[]: 0 0 0 0
[ 1217.570876][ T8189] CPU: 1 PID: 8189 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1217.591232][ T7861] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1217.595173][ T8189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1217.595181][ T8189] Call Trace:
[ 1217.595206][ T8189]  dump_stack+0x172/0x1f0
[ 1217.595236][ T8189]  warn_alloc.cold+0x88/0x184
[ 1217.604438][ T7861] lowmem_reserve[]: 0 0 0 0
[ 1217.632570][ T8189]  ? zone_watermark_ok_safe+0x260/0x260
[ 1217.632586][ T8189]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1217.632601][ T8189]  ? find_held_lock+0x35/0x130
[ 1217.632617][ T8189]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1217.632650][ T8189]  __vmalloc_node_range+0x48a/0x790
[ 1217.632668][ T8189]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1217.632686][ T8189]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1217.632702][ T8189]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1217.632718][ T8189]  vmalloc_user+0x6b/0x90
[ 1217.632733][ T8189]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1217.632749][ T8189]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1217.632762][ T8189]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1217.632786][ T8189]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1217.644854][ T7861] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1217.646130][ T8189]  __vb2_queue_alloc+0x5a6/0xf40
[ 1217.646166][ T8189]  vb2_core_create_bufs+0x2bc/0x790
[ 1217.651048][ T7861] Node 0 DMA32: 233210*4kB (UME) 197155*8kB (UME) 67934*16kB (UME) 31061*32kB (UME) 15246*64kB (UME) 6525*128kB (UME) 2980*256kB (UME) 1467*512kB (UM) 983*1024kB (UM) 4432*2048kB (ME) 15*4096kB (M) = 18060672kB
[ 1217.655162][ T8189]  ? vim2m_buf_prepare+0x280/0x280
[ 1217.655180][ T8189]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1217.655203][ T8189]  ? lock_acquire+0x16f/0x3f0
[ 1217.661200][ T7861] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1217.665236][ T8189]  ? __video_do_ioctl+0x398/0xce0
[ 1217.665263][ T8189]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1217.665285][ T8189]  vb2_create_bufs+0x47e/0x7a0
[ 1217.671367][ T7861] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1217.675675][ T8189]  ? vb2_request_queue+0x120/0x120
[ 1217.675703][ T8189]  ? mark_held_locks+0xf0/0xf0
[ 1217.681843][ T7861] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1217.686511][ T8189]  ? debug_smp_processor_id+0x3c/0x280
[ 1217.686538][ T8189]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1217.686565][ T8189]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1217.693249][ T7861] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1217.697154][ T8189]  v4l_create_bufs+0xc0/0x180
[ 1217.697175][ T8189]  __video_do_ioctl+0x7f1/0xce0
[ 1217.697198][ T8189]  ? v4l_s_fmt+0xa40/0xa40
[ 1217.702818][ T7861] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1217.706559][ T8189]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1217.706579][ T8189]  ? _copy_from_user+0xdd/0x150
[ 1217.706602][ T8189]  video_usercopy+0x4c5/0x10d0
[ 1217.712159][ T7861] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1217.716472][ T8189]  ? v4l_s_fmt+0xa40/0xa40
[ 1217.716496][ T8189]  ? v4l_enumstd+0x70/0x70
[ 1217.716518][ T8189]  ? mark_held_locks+0xf0/0xf0
[ 1217.722073][ T7861] 49518 total pagecache pages
[ 1217.727356][ T8189]  ? debug_smp_processor_id+0x3c/0x280
[ 1217.727377][ T8189]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1217.727399][ T8189]  ? __fget+0x35a/0x550
[ 1217.743317][ T7861] 0 pages in swap cache
[ 1217.746555][ T8189]  ? find_held_lock+0x35/0x130
[ 1217.746575][ T8189]  ? video_usercopy+0x10d0/0x10d0
[ 1217.746595][ T8189]  video_ioctl2+0x2d/0x35
[ 1217.752237][ T7861] Swap cache stats: add 0, delete 0, find 0/0
[ 1217.772180][ T8189]  v4l2_ioctl+0x156/0x1b0
[ 1217.772195][ T8189]  ? video_devdata+0xa0/0xa0
[ 1217.772213][ T8189]  do_vfs_ioctl+0xd6e/0x1390
[ 1217.772231][ T8189]  ? kasan_check_read+0x11/0x20
[ 1217.772249][ T8189]  ? ioctl_preallocate+0x210/0x210
[ 1217.772264][ T8189]  ? __fget+0x381/0x550
[ 1217.772287][ T8189]  ? ksys_dup3+0x3e0/0x3e0
[ 1217.772303][ T8189]  ? nsecs_to_jiffies+0x30/0x30
[ 1217.772328][ T8189]  ? security_file_ioctl+0x93/0xc0
[ 1217.772345][ T8189]  ksys_ioctl+0xab/0xd0
[ 1217.772375][ T8189]  __x64_sys_ioctl+0x73/0xb0
[ 1217.782452][ T7861] Free swap  = 0kB
[ 1217.782595][ T8189]  do_syscall_64+0x103/0x610
[ 1217.787324][ T7861] Total swap = 0kB
[ 1217.801503][ T8189]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1217.801516][ T8189] RIP: 0033:0x457e29
[ 1217.801542][ T8189] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1217.801551][ T8189] RSP: 002b:00007f7c2f160c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1217.801565][ T8189] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1217.801574][ T8189] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000004
[ 1217.801583][ T8189] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
23:55:29 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0xa, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:55:29 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0)

23:55:29 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1400, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1217.801592][ T8189] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1616d4
[ 1217.801600][ T8189] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1218.136344][ T7861] 1965979 pages RAM
[ 1218.140634][ T7861] 0 pages HighMem/MovableOnly
[ 1218.145318][ T7861] 339409 pages reserved
[ 1218.149571][ T7861] 0 pages cma reserved
[ 1218.199833][ T8194] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1218.215630][ T8194] CPU: 1 PID: 8194 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1218.224670][ T8194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1218.234732][ T8194] Call Trace:
[ 1218.238046][ T8194]  dump_stack+0x172/0x1f0
[ 1218.242400][ T8194]  warn_alloc.cold+0x88/0x184
[ 1218.247109][ T8194]  ? zone_watermark_ok_safe+0x260/0x260
[ 1218.252668][ T8194]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1218.258309][ T8194]  ? find_held_lock+0x35/0x130
[ 1218.263086][ T8194]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1218.268756][ T8194]  __vmalloc_node_range+0x48a/0x790
[ 1218.273962][ T8194]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1218.278999][ T8194]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1218.284583][ T8194]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1218.289619][ T8194]  vmalloc_user+0x6b/0x90
[ 1218.289638][ T8194]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1218.289655][ T8194]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1218.289668][ T8194]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1218.289686][ T8194]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1218.289700][ T8194]  __vb2_queue_alloc+0x5a6/0xf40
[ 1218.289735][ T8194]  vb2_core_create_bufs+0x2bc/0x790
[ 1218.289756][ T8194]  ? vim2m_buf_prepare+0x280/0x280
[ 1218.289771][ T8194]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1218.289788][ T8194]  ? lock_acquire+0x16f/0x3f0
[ 1218.289803][ T8194]  ? __video_do_ioctl+0x398/0xce0
[ 1218.289829][ T8194]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1218.289847][ T8194]  vb2_create_bufs+0x47e/0x7a0
[ 1218.289869][ T8194]  ? vb2_request_queue+0x120/0x120
[ 1218.360887][ T8194]  ? mark_held_locks+0xf0/0xf0
[ 1218.365665][ T8194]  ? debug_smp_processor_id+0x3c/0x280
[ 1218.371120][ T8194]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1218.376126][ T8194]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1218.381653][ T8194]  v4l_create_bufs+0xc0/0x180
[ 1218.386313][ T8194]  __video_do_ioctl+0x7f1/0xce0
[ 1218.391167][ T8194]  ? v4l_s_fmt+0xa40/0xa40
[ 1218.395569][ T8194]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1218.401804][ T8194]  ? _copy_from_user+0xdd/0x150
[ 1218.406649][ T8194]  video_usercopy+0x4c5/0x10d0
[ 1218.411399][ T8194]  ? v4l_s_fmt+0xa40/0xa40
[ 1218.415799][ T8194]  ? v4l_enumstd+0x70/0x70
[ 1218.420213][ T8194]  ? mark_held_locks+0xf0/0xf0
[ 1218.424968][ T8194]  ? debug_smp_processor_id+0x3c/0x280
[ 1218.430425][ T8194]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1218.435966][ T8194]  ? __fget+0x35a/0x550
[ 1218.440116][ T8194]  ? find_held_lock+0x35/0x130
[ 1218.444874][ T8194]  ? video_usercopy+0x10d0/0x10d0
[ 1218.449908][ T8194]  video_ioctl2+0x2d/0x35
[ 1218.454236][ T8194]  v4l2_ioctl+0x156/0x1b0
[ 1218.458560][ T8194]  ? video_devdata+0xa0/0xa0
[ 1218.463149][ T8194]  do_vfs_ioctl+0xd6e/0x1390
[ 1218.467740][ T8194]  ? kasan_check_read+0x11/0x20
[ 1218.472589][ T8194]  ? ioctl_preallocate+0x210/0x210
[ 1218.477693][ T8194]  ? __fget+0x381/0x550
[ 1218.481845][ T8194]  ? ksys_dup3+0x3e0/0x3e0
[ 1218.486456][ T8194]  ? nsecs_to_jiffies+0x30/0x30
[ 1218.491302][ T8194]  ? security_file_ioctl+0x93/0xc0
[ 1218.496404][ T8194]  ksys_ioctl+0xab/0xd0
[ 1218.500561][ T8194]  __x64_sys_ioctl+0x73/0xb0
[ 1218.505149][ T8194]  do_syscall_64+0x103/0x610
[ 1218.509733][ T8194]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1218.515626][ T8194] RIP: 0033:0x457e29
[ 1218.519516][ T8194] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1218.539127][ T8194] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1218.547573][ T8194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1218.555556][ T8194] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1218.563510][ T8194] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1218.571464][ T8194] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1218.579439][ T8194] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1218.589144][ T8194] warn_alloc_show_mem: 1 callbacks suppressed
[ 1218.589150][ T8194] Mem-Info:
[ 1218.598513][ T8194] active_anon:182347 inactive_anon:194 isolated_anon:0
[ 1218.598513][ T8194]  active_file:13066 inactive_file:35969 isolated_file:0
[ 1218.598513][ T8194]  unevictable:3 dirty:354 writeback:0 unstable:0
[ 1218.598513][ T8194]  slab_reclaimable:18159 slab_unreclaimable:104110
[ 1218.598513][ T8194]  mapped:58661 shmem:493 pagetables:4119 bounce:0
[ 1218.598513][ T8194]  free:1038177 free_pcp:608 free_cma:0
[ 1218.636728][ T8194] Node 0 active_anon:729388kB inactive_anon:776kB active_file:52124kB inactive_file:143876kB unevictable:12kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1416kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 677888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1218.666107][ T8194] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1218.692646][ T8194] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1218.719580][ T8194] lowmem_reserve[]: 0 2553 2555 2555
[ 1218.724883][ T8194] Node 0 DMA32 free:352280kB min:36232kB low:45288kB high:54344kB active_anon:729388kB inactive_anon:776kB active_file:52124kB inactive_file:143876kB unevictable:12kB writepending:1416kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:11392kB pagetables:16476kB bounce:0kB free_pcp:2432kB local_pcp:1096kB free_cma:0kB
[ 1218.755925][ T8194] lowmem_reserve[]: 0 0 2 2
[ 1218.760525][ T8194] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1218.787136][ T8194] lowmem_reserve[]: 0 0 0 0
[ 1218.791682][ T8194] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1218.820076][ T8194] lowmem_reserve[]: 0 0 0 0
[ 1218.824589][ T8194] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1218.838963][ T8194] Node 0 DMA32: 233275*4kB (UM) 197090*8kB (UME) 67932*16kB (UME) 31061*32kB (UME) 15246*64kB (UME) 6525*128kB (UME) 2980*256kB (UME) 1467*512kB (UM) 983*1024kB (UM) 4434*2048kB (ME) 15*4096kB (M) = 18064476kB
[ 1218.860054][ T8194] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1218.874464][ T8194] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1218.893315][ T8194] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1218.902922][ T8194] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1218.912275][ T8194] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1218.921906][ T8194] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1218.931233][ T8194] 49530 total pagecache pages
[ 1218.935904][ T8194] 0 pages in swap cache
[ 1218.940108][ T8194] Swap cache stats: add 0, delete 0, find 0/0
[ 1218.946175][ T8194] Free swap  = 0kB
[ 1218.949978][ T8194] Total swap = 0kB
[ 1218.953702][ T8194] 1965979 pages RAM
[ 1218.957546][ T8194] 0 pages HighMem/MovableOnly
[ 1218.962225][ T8194] 339409 pages reserved
[ 1218.966369][ T8194] 0 pages cma reserved
[ 1218.972249][ T8194] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1218.986353][ T8194] CPU: 1 PID: 8194 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1218.995363][ T8194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1219.005412][ T8194] Call Trace:
[ 1219.008744][ T8194]  dump_stack+0x172/0x1f0
[ 1219.013080][ T8194]  warn_alloc.cold+0x88/0x184
[ 1219.017757][ T8194]  ? zone_watermark_ok_safe+0x260/0x260
[ 1219.023313][ T8194]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1219.028968][ T8194]  ? find_held_lock+0x35/0x130
[ 1219.033732][ T8194]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1219.039386][ T8194]  __vmalloc_node_range+0x48a/0x790
[ 1219.044586][ T8194]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1219.049614][ T8194]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1219.055163][ T8194]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1219.060193][ T8194]  vmalloc_user+0x6b/0x90
[ 1219.064527][ T8194]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1219.069560][ T8194]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1219.074411][ T8194]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1219.079452][ T8194]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1219.085273][ T8194]  __vb2_queue_alloc+0x5a6/0xf40
[ 1219.090234][ T8194]  vb2_core_create_bufs+0x2bc/0x790
[ 1219.096276][ T8194]  ? vim2m_buf_prepare+0x280/0x280
[ 1219.101393][ T8194]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1219.106534][ T8194]  ? lock_acquire+0x16f/0x3f0
[ 1219.111207][ T8194]  ? __video_do_ioctl+0x398/0xce0
[ 1219.116229][ T8194]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1219.122463][ T8194]  vb2_create_bufs+0x47e/0x7a0
[ 1219.127219][ T8194]  ? vb2_request_queue+0x120/0x120
[ 1219.132335][ T8194]  ? mark_held_locks+0xf0/0xf0
[ 1219.137102][ T8194]  ? debug_smp_processor_id+0x3c/0x280
[ 1219.142574][ T8194]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1219.147612][ T8194]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1219.153158][ T8194]  v4l_create_bufs+0xc0/0x180
[ 1219.157839][ T8194]  __video_do_ioctl+0x7f1/0xce0
[ 1219.162719][ T8194]  ? v4l_s_fmt+0xa40/0xa40
[ 1219.167140][ T8194]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1219.173378][ T8194]  ? _copy_from_user+0xdd/0x150
[ 1219.178234][ T8194]  video_usercopy+0x4c5/0x10d0
[ 1219.183011][ T8194]  ? v4l_s_fmt+0xa40/0xa40
[ 1219.187418][ T8194]  ? v4l_enumstd+0x70/0x70
[ 1219.191850][ T8194]  ? mark_held_locks+0xf0/0xf0
[ 1219.196600][ T8194]  ? debug_smp_processor_id+0x3c/0x280
[ 1219.202063][ T8194]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1219.207759][ T8194]  ? __fget+0x35a/0x550
[ 1219.211924][ T8194]  ? find_held_lock+0x35/0x130
[ 1219.216701][ T8194]  ? video_usercopy+0x10d0/0x10d0
[ 1219.221723][ T8194]  video_ioctl2+0x2d/0x35
[ 1219.226054][ T8194]  v4l2_ioctl+0x156/0x1b0
[ 1219.230388][ T8194]  ? video_devdata+0xa0/0xa0
[ 1219.235069][ T8194]  do_vfs_ioctl+0xd6e/0x1390
[ 1219.239674][ T8194]  ? kasan_check_read+0x11/0x20
[ 1219.244525][ T8194]  ? ioctl_preallocate+0x210/0x210
[ 1219.249638][ T8194]  ? __fget+0x381/0x550
[ 1219.253797][ T8194]  ? ksys_dup3+0x3e0/0x3e0
[ 1219.258219][ T8194]  ? nsecs_to_jiffies+0x30/0x30
[ 1219.263077][ T8194]  ? security_file_ioctl+0x93/0xc0
[ 1219.268191][ T8194]  ksys_ioctl+0xab/0xd0
[ 1219.272349][ T8194]  __x64_sys_ioctl+0x73/0xb0
[ 1219.276934][ T8194]  do_syscall_64+0x103/0x610
[ 1219.281535][ T8194]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1219.287429][ T8194] RIP: 0033:0x457e29
[ 1219.291324][ T8194] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1219.310922][ T8194] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1219.319370][ T8194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1219.327619][ T8194] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000004
[ 1219.335613][ T8194] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1219.343609][ T8194] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1219.353064][ T8194] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:56:28 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c5dedbb836cb23b4eafa2c468afb24465b1c402c508239f04ba"], 0x1b)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:56:28 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x9)
r1 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x9, 0xc0000)
ioctl$TIOCGSOFTCAR(r1, 0x5419, &(0x7f0000000080))
fstat(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = getgid()
getgroups(0x1, &(0x7f0000000180)=[<r4=>0xffffffffffffffff])
setresgid(r2, r3, r4)

23:56:28 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
socket$inet6_udp(0xa, 0x2, 0x0)

23:56:28 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1500, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:28 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0)

23:56:28 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0xc, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1277.262876][ T8207] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1277.340011][ T8207] CPU: 0 PID: 8207 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1277.349070][ T8207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1277.359125][ T8207] Call Trace:
[ 1277.362437][ T8207]  dump_stack+0x172/0x1f0
[ 1277.366787][ T8207]  warn_alloc.cold+0x88/0x184
[ 1277.371480][ T8207]  ? zone_watermark_ok_safe+0x260/0x260
[ 1277.377042][ T8207]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1277.382683][ T8207]  ? find_held_lock+0x35/0x130
[ 1277.389144][ T8207]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1277.394801][ T8207]  __vmalloc_node_range+0x48a/0x790
[ 1277.400004][ T8207]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1277.405039][ T8207]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1277.410586][ T8207]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1277.415609][ T8207]  vmalloc_user+0x6b/0x90
[ 1277.419946][ T8207]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1277.424983][ T8207]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1277.429841][ T8207]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1277.434873][ T8207]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1277.440704][ T8207]  __vb2_queue_alloc+0x5a6/0xf40
[ 1277.445667][ T8207]  vb2_core_create_bufs+0x2bc/0x790
[ 1277.450877][ T8207]  ? vim2m_buf_prepare+0x280/0x280
[ 1277.455998][ T8207]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1277.461113][ T8207]  ? lock_acquire+0x16f/0x3f0
[ 1277.465793][ T8207]  ? __video_do_ioctl+0x398/0xce0
[ 1277.470855][ T8207]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1277.477115][ T8207]  vb2_create_bufs+0x47e/0x7a0
[ 1277.481889][ T8207]  ? vb2_request_queue+0x120/0x120
[ 1277.487025][ T8207]  ? mark_held_locks+0xf0/0xf0
[ 1277.491793][ T8207]  ? debug_smp_processor_id+0x3c/0x280
[ 1277.497259][ T8207]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1277.502286][ T8207]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1277.507837][ T8207]  v4l_create_bufs+0xc0/0x180
[ 1277.512528][ T8207]  __video_do_ioctl+0x7f1/0xce0
[ 1277.517391][ T8207]  ? v4l_s_fmt+0xa40/0xa40
[ 1277.521817][ T8207]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1277.528061][ T8207]  ? _copy_from_user+0xdd/0x150
[ 1277.532937][ T8207]  video_usercopy+0x4c5/0x10d0
[ 1277.537706][ T8207]  ? v4l_s_fmt+0xa40/0xa40
[ 1277.542134][ T8207]  ? v4l_enumstd+0x70/0x70
[ 1277.546550][ T8207]  ? mark_held_locks+0xf0/0xf0
[ 1277.551315][ T8207]  ? debug_smp_processor_id+0x3c/0x280
[ 1277.556778][ T8207]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1277.562336][ T8207]  ? __fget+0x35a/0x550
[ 1277.566510][ T8207]  ? find_held_lock+0x35/0x130
[ 1277.571279][ T8207]  ? video_usercopy+0x10d0/0x10d0
[ 1277.576303][ T8207]  video_ioctl2+0x2d/0x35
[ 1277.580647][ T8207]  v4l2_ioctl+0x156/0x1b0
[ 1277.584980][ T8207]  ? video_devdata+0xa0/0xa0
[ 1277.589575][ T8207]  do_vfs_ioctl+0xd6e/0x1390
[ 1277.594169][ T8207]  ? kasan_check_read+0x11/0x20
[ 1277.599027][ T8207]  ? ioctl_preallocate+0x210/0x210
[ 1277.604150][ T8207]  ? __fget+0x381/0x550
[ 1277.608315][ T8207]  ? ksys_dup3+0x3e0/0x3e0
[ 1277.612733][ T8207]  ? nsecs_to_jiffies+0x30/0x30
[ 1277.617599][ T8207]  ? security_file_ioctl+0x93/0xc0
[ 1277.622719][ T8207]  ksys_ioctl+0xab/0xd0
[ 1277.626885][ T8207]  __x64_sys_ioctl+0x73/0xb0
[ 1277.631501][ T8207]  do_syscall_64+0x103/0x610
[ 1277.636110][ T8207]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1277.642001][ T8207] RIP: 0033:0x457e29
[ 1277.645908][ T8207] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1277.665523][ T8207] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1277.673937][ T8207] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1277.681913][ T8207] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:56:28 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:28 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1800, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:28 executing program 2:
syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x4, 0x2)
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x0, 0x2)
ioctl$KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="020000080004dc00000000000002000000000000000000000000000000000015000000000000eb59f2857121e7a31ae868ca290b2330da5e65d5609fd8b93ab650b2ade8d17a1085fe6ab72e3fd24573fedbf1adb2dbb0f202496be63b2fa9f3769d8d8032ea4b6673b1351301e9f887a875db131806f0a13f49d9b421031e0c07d844a2bdf9ed501b8abd1d029d293e5f30beadbd8e7e57"])
setsockopt$inet6_MCAST_LEAVE_GROUP(r1, 0x29, 0x2d, &(0x7f0000000100)={0x20, {{0xa, 0x4e24, 0xffff, @remote, 0x5}}}, 0x88)
ioctl$SCSI_IOCTL_DOORUNLOCK(r1, 0x5381)
sendmsg$tipc(r1, &(0x7f0000000500)={&(0x7f0000000280)=@nameseq={0x1e, 0x1, 0x2, {0x43, 0x4, 0x3}}, 0x10, &(0x7f0000000400)=[{&(0x7f00000002c0)="2ac6537c6aca9fbe1adb2aafc0270cc709484bf3ad685f4887bf94227f70aa8631759df95ed3c89a5fd44cb7f23084757b17e4f6e34bac1e3309c1c7f4edce927c36cb5ff2a8e27f34b7876c26d512c11803c7b6c1712bcc1fe039596cffbf155f54d982f4c4638d4aaea9a42e2576521aaaa17196e46d73701fd2199016e3c98f8f5f88623a52d2890f93f26d6c8d37765852407606c9dabf1dffc9e688022b13d98b3275", 0xa5}, {&(0x7f0000000380)="232409421dd55b5015aaaedf77cef2a3a7e0638cb3d95ab83e27c3e923829ead2d4870f4a346ee3bfa5c4ee8df0f413e28fce22cba3d4c58a5078c7676489b6246d12cac88f5290314120348b50c81f0b185867285c7094b2c37fcdbc18a106d36301bc044e79edc67bb87e9", 0x6c}], 0x2, &(0x7f0000000440)="38a669bdc139538ff379680c5873d051195803eb169b08690194a84873a3026bb6caa54c9880746275d7364216879393ffa9a78f6037ef36457bbd7e529b1a498e4dad9c72a1d2207e544f31c5316c83792675b7cc54cff226971b8eb23fa2c0fe77182d442385aff81cb6063ddf1bfd2a19a2dd11fb18430152e9cd85942223174ae0dfc4cbc3c95d4c79a321fe62aaea973bd04aa17b29e96bd9768b6771a68d0ac8232a85a0855b38da893ddca453427f9a9e43038b", 0xb7}, 0x4040)

[ 1277.689888][ T8207] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1277.697871][ T8207] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1277.705847][ T8207] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1277.722258][ T8207] warn_alloc_show_mem: 1 callbacks suppressed
[ 1277.722262][ T8207] Mem-Info:
[ 1277.794689][ T8207] active_anon:167403 inactive_anon:194 isolated_anon:0
[ 1277.794689][ T8207]  active_file:13070 inactive_file:35980 isolated_file:0
[ 1277.794689][ T8207]  unevictable:2 dirty:70 writeback:0 unstable:0
[ 1277.794689][ T8207]  slab_reclaimable:17819 slab_unreclaimable:102677
[ 1277.794689][ T8207]  mapped:49982 shmem:493 pagetables:3447 bounce:0
[ 1277.794689][ T8207]  free:1064681 free_pcp:624 free_cma:0
23:56:28 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffff9c, 0xc00c642e, &(0x7f0000000000)={0x0, 0x80000, <r1=>0xffffffffffffff9c})
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000040)={0x3, 0x38})

23:56:28 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1277.865074][ T8443] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[ 1277.928823][ T8443] CPU: 0 PID: 8443 Comm: syz-executor.0 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1277.937911][ T8443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1277.947979][ T8443] Call Trace:
[ 1277.951281][ T8443]  dump_stack+0x172/0x1f0
[ 1277.955641][ T8443]  warn_alloc.cold+0x88/0x184
[ 1277.960329][ T8443]  ? zone_watermark_ok_safe+0x260/0x260
[ 1277.965906][ T8443]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1277.971549][ T8443]  ? find_held_lock+0x35/0x130
[ 1277.976315][ T8443]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1277.981984][ T8443]  __vmalloc_node_range+0x48a/0x790
[ 1277.987194][ T8443]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1277.992232][ T8443]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1277.997786][ T8443]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1278.002831][ T8443]  vmalloc_user+0x6b/0x90
[ 1278.007184][ T8443]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1278.012217][ T8443]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1278.017073][ T8443]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1278.022108][ T8443]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1278.027951][ T8443]  __vb2_queue_alloc+0x5a6/0xf40
[ 1278.032926][ T8443]  vb2_core_create_bufs+0x2bc/0x790
[ 1278.038141][ T8443]  ? vim2m_buf_prepare+0x280/0x280
[ 1278.043265][ T8443]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1278.048386][ T8443]  ? lock_acquire+0x16f/0x3f0
[ 1278.053077][ T8443]  ? __video_do_ioctl+0x398/0xce0
[ 1278.058131][ T8443]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1278.064404][ T8443]  vb2_create_bufs+0x47e/0x7a0
[ 1278.069198][ T8443]  ? vb2_request_queue+0x120/0x120
[ 1278.074323][ T8443]  ? mark_held_locks+0xf0/0xf0
[ 1278.079089][ T8443]  ? debug_smp_processor_id+0x3c/0x280
[ 1278.084793][ T8443]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1278.089832][ T8443]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1278.095398][ T8443]  v4l_create_bufs+0xc0/0x180
[ 1278.100087][ T8443]  __video_do_ioctl+0x7f1/0xce0
[ 1278.104958][ T8443]  ? v4l_s_fmt+0xa40/0xa40
[ 1278.109384][ T8443]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1278.115630][ T8443]  ? _copy_from_user+0xdd/0x150
[ 1278.120496][ T8443]  video_usercopy+0x4c5/0x10d0
[ 1278.125297][ T8443]  ? v4l_s_fmt+0xa40/0xa40
[ 1278.129729][ T8443]  ? v4l_enumstd+0x70/0x70
[ 1278.134161][ T8443]  ? mark_held_locks+0xf0/0xf0
[ 1278.138939][ T8443]  ? debug_smp_processor_id+0x3c/0x280
[ 1278.144406][ T8443]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1278.149967][ T8443]  ? __fget+0x35a/0x550
[ 1278.154137][ T8443]  ? find_held_lock+0x35/0x130
[ 1278.158921][ T8443]  ? video_usercopy+0x10d0/0x10d0
[ 1278.163954][ T8443]  video_ioctl2+0x2d/0x35
[ 1278.168288][ T8443]  v4l2_ioctl+0x156/0x1b0
[ 1278.172623][ T8443]  ? video_devdata+0xa0/0xa0
[ 1278.177227][ T8443]  do_vfs_ioctl+0xd6e/0x1390
[ 1278.181833][ T8443]  ? kasan_check_read+0x11/0x20
[ 1278.186692][ T8443]  ? ioctl_preallocate+0x210/0x210
[ 1278.191807][ T8443]  ? __fget+0x381/0x550
[ 1278.195956][ T8443]  ? ksys_dup3+0x3e0/0x3e0
[ 1278.200379][ T8443]  ? nsecs_to_jiffies+0x30/0x30
[ 1278.205614][ T8443]  ? security_file_ioctl+0x93/0xc0
[ 1278.210708][ T8443]  ksys_ioctl+0xab/0xd0
[ 1278.214865][ T8443]  __x64_sys_ioctl+0x73/0xb0
[ 1278.219501][ T8443]  do_syscall_64+0x103/0x610
[ 1278.224109][ T8443]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1278.230611][ T8443] RIP: 0033:0x457e29
[ 1278.234512][ T8443] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1278.254119][ T8443] RSP: 002b:00007f6b78cc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1278.262539][ T8443] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1278.270516][ T8443] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:56:29 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f0000000080)={<r2=>0x0})
ioctl$DRM_IOCTL_NEW_CTX(r1, 0x40086425, &(0x7f0000000100)={r2, 0x1})
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1278.278492][ T8443] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1278.286474][ T8443] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6b78cc86d4
[ 1278.294453][ T8443] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1278.309837][ T8207] Node 0 active_anon:671636kB inactive_anon:776kB active_file:52140kB inactive_file:143920kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:199828kB dirty:280kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 569344kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1278.367886][ T8207] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1278.406085][ T8207] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1278.467674][ T8207] lowmem_reserve[]: 0 2553 2555 2555
[ 1278.474309][ T8207] Node 0 DMA32 free:460928kB min:36232kB low:45288kB high:54344kB active_anon:667468kB inactive_anon:776kB active_file:52140kB inactive_file:143920kB unevictable:8kB writepending:280kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10400kB pagetables:13492kB bounce:0kB free_pcp:2592kB local_pcp:1256kB free_cma:0kB
[ 1278.516801][ T8207] lowmem_reserve[]: 0 0 2 2
[ 1278.521427][ T8207] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1278.554590][ T8207] lowmem_reserve[]: 0 0 0 0
[ 1278.559209][ T8207] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1278.588069][ T8207] lowmem_reserve[]: 0 0 0 0
[ 1278.592602][ T8207] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1278.607148][ T8207] Node 0 DMA32: 236260*4kB (UME) 197921*8kB (UME) 68062*16kB (UME) 31145*32kB (UME) 15309*64kB (UME) 6578*128kB (UME) 3009*256kB (UME) 1478*512kB (UM) 989*1024kB (UM) 4442*2048kB (ME) 25*4096kB (M) = 18175192kB
[ 1278.627750][ T8207] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1278.642104][ T8207] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1278.660911][ T8207] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1278.670530][ T8207] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1278.679906][ T8207] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1278.689610][ T8207] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1278.699005][ T8207] 49552 total pagecache pages
[ 1278.703696][ T8207] 0 pages in swap cache
[ 1278.707939][ T8207] Swap cache stats: add 0, delete 0, find 0/0
[ 1278.714001][ T8207] Free swap  = 0kB
[ 1278.717796][ T8207] Total swap = 0kB
[ 1278.721514][ T8207] 1965979 pages RAM
[ 1278.725311][ T8207] 0 pages HighMem/MovableOnly
[ 1278.730050][ T8207] 339409 pages reserved
[ 1278.734208][ T8207] 0 pages cma reserved
[ 1279.624534][ T8742] IPVS: ftp: loaded support on port[0] = 21
[ 1279.696814][ T8742] chnl_net:caif_netlink_parms(): no params data found
[ 1279.728975][ T8742] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1279.736091][ T8742] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1279.743933][ T8742] device bridge_slave_0 entered promiscuous mode
[ 1279.752430][ T8742] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1279.759643][ T8742] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1279.767303][ T8742] device bridge_slave_1 entered promiscuous mode
[ 1279.786361][ T8742] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 1279.796531][ T8742] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 1279.814754][ T8742] team0: Port device team_slave_0 added
[ 1279.821846][ T8742] team0: Port device team_slave_1 added
[ 1279.880764][ T8742] device hsr_slave_0 entered promiscuous mode
[ 1279.917860][ T8742] device hsr_slave_1 entered promiscuous mode
[ 1279.967276][ T8742] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1279.974351][ T8742] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1279.981741][ T8742] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1279.988852][ T8742] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1280.026754][ T8742] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1280.040118][T30777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1280.060550][T30777] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1280.079214][T30777] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1280.087375][T30777] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 1280.099660][ T8742] 8021q: adding VLAN 0 to HW filter on device team0
[ 1280.110736][T23237] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1280.119253][T23237] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1280.126276][T23237] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1280.136541][T30777] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1280.145291][T30777] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1280.152394][T30777] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1280.170907][T23237] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1280.188734][T23237] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1280.196869][T23237] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1280.205389][T23237] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1280.214256][T23237] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1280.224188][ T8742] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1280.243791][ T8742] 8021q: adding VLAN 0 to HW filter on device batadv0
23:56:31 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c5dedbb836cb23b4eafa2c468afb24465b1c402c508239f04ba"], 0x1b)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:56:31 executing program 2:
r0 = syz_open_dev$admmidi(&(0x7f0000000440)='/dev/admmidi#\x00', 0x2, 0x606040)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000480)={@loopback, @dev}, &(0x7f00000004c0)=0xc)
r1 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x3, 0x400000)
getsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000280)=""/45, &(0x7f00000002c0)=0x2d)
ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000200)=ANY=[@ANYBLOB="b304001000000000ffffffff000000001800000000000000", @ANYRES32=r1, @ANYBLOB="00004f1573159925b527cc1b9700980400"])
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00')
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f0000000240)={0x2, r0})
sendmsg$TIPC_NL_MON_PEER_GET(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x22280040}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="e5a1e8fb", @ANYRES16=r2, @ANYBLOB="080028bd7000fbdbdf25130000001400090008000200070090a80300000000000000080067c411571d0200fee60000"], 0x28}, 0x1, 0x0, 0x0, 0x20000040}, 0x4)
sendmsg$TIPC_NL_BEARER_GET(r1, &(0x7f0000000400)={&(0x7f0000000140), 0xc, &(0x7f00000003c0)={&(0x7f0000002100)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000225bd7000fbdbdf25040000004c0005004400020008000200030000000800040000000000080001000e00000008001200000000000800020000080000080003000200000008000300400a0000000000000000000003e9d22d3f853cf7d9e916cdbba9dae8801d0cb1457bc6b126eddb22b8d631bbf393c895c5d610c3a4b114157c66bb9c5abe220a88dc90489c8b9596578b352e79164c2b24"], 0x5c}, 0x1, 0x0, 0x0, 0x20000004}, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000f00)=<r3=>0x0)
r4 = geteuid()
stat(&(0x7f0000000f40)='./file0\x00', &(0x7f0000000f80)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000001000)={<r6=>0x0}, &(0x7f0000001040)=0xc)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000001080)={0x0, <r7=>0x0}, &(0x7f00000010c0)=0xc)
r8 = getgid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001140)={<r9=>0x0, r0, 0x0, 0xe, &(0x7f0000001100)='/dev/admmidi#\x00'}, 0x30)
r10 = geteuid()
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000001180)={0x0, 0x0, <r11=>0x0}, &(0x7f00000011c0)=0xc)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000001880)=<r12=>0x0)
stat(&(0x7f00000018c0)='./file0\x00', &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, <r13=>0x0})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000001980)={0x0, 0x0, <r14=>0x0}, &(0x7f00000019c0)=0xc)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000001a00)=<r15=>0x0)
r16 = geteuid()
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000001a40)={0x0, 0x0, <r17=>0x0}, &(0x7f0000001a80)=0xc)
fcntl$getownex(r0, 0x10, &(0x7f0000001ac0)={0x0, <r18=>0x0})
r19 = geteuid()
stat(&(0x7f0000001b00)='./file0\x00', &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
sendmmsg$unix(r1, &(0x7f0000001e80)=[{&(0x7f0000000500)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000a00)=[{&(0x7f0000000580)="fc9ffcde729a51a10eddaef3326d65f31bce51d1d7e604e75089a9792e15f2aa26cd6ace6d80cd1d9930e50cc0464e2453e5bf37e4b2de0fac684fa7b005f578b3904b45588eda96cf36b8e428bea3b45d9a15ddb98a504b6c6631db7ed5a7a33e0ae1e7ee178642765a2166b031b09614adcec7bff0d7e80d6e2f4ad5b4a3f3b59215eccdcb348f1127f9c75cbcc7be2768f535bcb2e3a1d29549365455454c58dec217966c2f189c8051001d268546df9bd29a692089c3443950de39", 0xbd}, {&(0x7f0000000640)="78f6e8dd9805b764903e9bed6fb94ec2790bb7cd4abe417aa5edac00eb12b002a40bd67420d5df9231d10ca184f14b5374aad4126c096094f5d1c4d65ba0f6fea9116360d57819f0ede6751251f2f50434d7a163a20314b21be8de433e6277c3bdb4ce18", 0x64}, {&(0x7f00000006c0)="56d14ed9b0640eacbd89b363e59a1f5c4285ad86c0ab774e03fbe1c18c5be6edf45c77eadacca0adc5826a6bca08475c1584c4f10d1bd7b5ec56365545da63fabdf6bb7ba4f017005dcb0a2579e8861b94046acf87d610b9d18cee450602ad9fdd8cca87f96e03c7b8151180c951d733f8a16845ee46e794c14ea8e9a5fcc942a6", 0x81}, {&(0x7f0000000780)="853fb491c4259fbd37c96ac09de326c367fb4b991034bdad8b72754a9f456aa9d9f60c2ac39e8cebc1394b2ce48de2539d90f9b04bb3979a51bd019b806a376f7aa0b8ddee78cdb812b90c944b15a6b664e0cb2ccfc984eea996ee6851589f639f65d25d9c15b76eb931ac198a5a6379c2594b51863415b33672af0832160179ab7dd6290296e8c4a615ce12a33b4f4cd25fdf4f", 0x94}, {&(0x7f0000000840)="86741de623d3d236502a48e6a1f68af2ecf2a9b2ae5a762cbb93dca85da9657e49de6459e86bf233b8247a81cbd1baa7072c2cdf4a4b479f35a9bae3c2262b36d993f9b6a3b4c4ea7790ce24340db74c2529b9e1bd4b46dc7237fe637b7b496157d9582b6d022f594d6eacea9cf15c6386a22f4c15ae0db146125be758cfce0786ab4f50ad36f7048d7399abe2adbe02856c7c4a5e570e74b47f8e9900e055", 0x9f}, {&(0x7f0000000900)="8d6dda3e0c86aab05a57b7d7b3a9cc5604a1a36e15b36ec3d0e60436cc3ae54e7ee92530cb66a7d38b65120c6a9c1e57c920b1ac8aa87e9d456f37d693fd9506bfe910a9c9f650e97ca70dcb91ece2fef5b42aae1fc30264bd2dd9ce0e6d5ce47cf460437448f0d1c3ab32c4254bb2f37e7d7b19a4970cacca3ee54b07ed53c26bc3a29b40ec3f0c85d2ac918006e1ebe2780c0453d176f787f244888689bfb616ad351c9a20509ab866a04bda8e1b73b356f929624baa22", 0xb8}, {&(0x7f00000009c0)="30ee78d98110a6d519c231b63ed8ab29fde6b52b5f20b441f2c72167694562d6f228b1a860062a", 0x27}], 0x7, &(0x7f0000001f80)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="00554d0000983c8fbba3cb24062ece2e04ff30628c2e132fa0337b85867890d1d7f6633b3fbca3a02260b19bd018768370332535b41690bdb532af0b9bed8fb0ae026855172e4869ef10f06666e3afaa05fa601fc230aa6736b9505d6c90091c16999cf640862aea644a69dc891e98e81985c621e36e7aec9b96029b21255d92fd590438e909cd0756a396f80af32b5ecbbb38d17a3c9eb956e7f4f15e02958385b6cf63e0f23d06ec1a59d5b39b05d8655e4fc334ea724004f8ed552d29aba255046480e245b717de609445d3e651641a7d764783ec57eb651b7608fb0d580f76a7ef9d0fa0d872ceefd42c70791ed0f02d4bc865181ab873151335e93ea3637799be160a3a045a11c8f7424bf064e1", @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0], 0x80, 0x80}, {&(0x7f0000000b00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000e80)=[{&(0x7f0000000b80)="bff717348274aa6f32d5627ebece51ebcd9e8c1c", 0x14}, {&(0x7f0000000bc0)="2cf2c1622b3ea0ff903494e58f3da21d9b1b519bc67f16f1103f76ea2aacd09df07afc4914f548e1e6ced3b90837727f27dbfa0275a7846e844efdfeb9af9957d658e1a6343d549aeaaa2206cc7df3cdb0f4da714a30d4842951716be7f3b07908e118eb6102385ad729cb5fb375f209aa12b222db6b8233be014c467dc492e635558f7c2f938fb8081f33258046e1ea113491992fded440507551ab9f32101aec826f5ab3887a25d61fa99c18575987b86134bbc22dc268d7676ec694cd6c87fed19b7749afd5f6fdc395d5f4bf22db33e0756906407e1536f454d320bc9495d131", 0xe2}, {&(0x7f0000000cc0)="35c2ff66757d0ce401684e02d234494f85a4db2b6ccd6cccb3110eaa4f8889db374c3b2b2ada2537ccee379a03a66b2e824241a2ff494853520d8922d1e88c8114fdff16400bdc92fe3736affce598676cbf689393597c37a57ce1b6", 0x5c}, {&(0x7f0000000d40)="987c666e7f2e17f44ea22b4165a2eace89333208c598cae608313a20a67f0348ce2eacc9e56dc6b95cb8b75baccd06639d5480b6d5f1ce636c603f31eef51a9f759dd746d65a4139858a496493c7d6965d1a7507c40c73059c77cdd32e99ba1b59e5f582756d1072fc39eb77bb385cfe75273bd01eff82f5463b6075afe84fad94443d693ef12a9f7dd3a618b1fbb750a3a8cf8a37f08bb63c5e0585b2250827126746a81f415edd2958e6f0daf50b6eb2cb672ce4181644974885bbcc716f3852d69fc003168e63daef366760c0415e07a6c70ca2a7d12c9a2864dd50a08444baf7a38889c5d9f38101cb6f344ca771fe30cd3c851e97", 0xf7}, {&(0x7f0000000e40)="1e5cacf5c6fdc0f83ad3288aaa8dffac4fec138c60edb666cd523b1dba33882f8557342604160d2932c33c597e5923aa4ed63cf81a", 0x35}], 0x5, &(0x7f0000001200)=[@rights={0x28, 0x1, 0x1, [r1, r1, r1, r1, r0, r1]}, @cred={0x20, 0x1, 0x2, r3, r4, r5}, @cred={0x20, 0x1, 0x2, r6, r7, r8}, @cred={0x20, 0x1, 0x2, r9, r10, r11}], 0x88, 0x40000}, {&(0x7f00000012c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001800)=[{&(0x7f0000001340)="2f9cf1d03d1c012c3166153e772772dd233146773438fc388a0ddd9cc5d0377cc5ecbc0498bec60a8a85380cd97dde99fab015969da0ae7e03a7c12f33b2032a7c9c1383202ee13f158265d46640f6f6764010baf93b9c163c2502a2f97c1642f1007767205bda9133984f6ad5c386a1d1ac313371a724849cdec5e436fe1438eaef9e6305a4bb407e87184ec9fade25e27c18bf97657ce0900cad688b8aabc8a79d136047c2a743f73d06bb7bf97ccd1a71bdb1", 0xb4}, {&(0x7f0000001400)="52d933f8f74f8c9aa035b01c075fc15f37c11281655704c94dcb96aa6b3300a20180c8f05d4e56acc3bd32ad754da243d6d501593b25e41d71b283c9f177b0735e181efb691c042ee2e937fcb22d0bcf48c5e632fe0e3dce83fa6afc667f266caec175a47e7c6851125bf6d75f282fef4ddb32dc68d4b55beeb923f141b6bdc7ed1cf1cbe02b1bdbbbc35296057192ab1c31cf0eed144bc948c2c421cf50919d1a91ec2225d87ccf59d16676771bba7dfa1ee2ec0f44a14d42dd1a6555b7c1e01f4c2a3cd8f49b9c7a23d3", 0xcb}, {&(0x7f0000001500)="bd4f9683ccac026a5496aee31f0efa0ffb6bb80177c1eb7753a46c258ecb04d323c56a97f6daffa4a845df51d6236b946ec6bd502070caf8d477d6f1c5c093ede4179519be53b500abe48b066206c4dd07d87a90a748e8ea00afa0e9a97611781cf832487bd44c", 0x67}, {&(0x7f0000001580)="a7acdc15ce33c2104eab88b6b9ed0df75df342c847b981bb78aa4689193e03dd264896eaf10a002e8d49746846f8f89c04ee34af07eee03197c7d8eda0e907a0f9766cb0b3cc69a7d5310e93b41240cb67ead76c08fbf97d00f3039863fe9c09d9ccfdc56a78bbe36b135ebf4c3aa200f8e4b4955fec51becf80a72b994c4a5af28b18ddabaf18f20807fb7fb1df7c1e132e991efd147ecb6aa484371655d234972a396a1441163c533d44fce0b46d", 0xaf}, {&(0x7f0000001640)}, {&(0x7f0000001680)="29f13a803b664b272c6d4a1bac3549c5406f3a028f9999d47bbaeb36dfc83d43c76f00f956a08b468d7f76498223", 0x2e}, {&(0x7f00000016c0)="1268b374dfa28ab315e3cf7ba4c50b6898485601a8f611e3c926911c01690d76f4fd893ff6e45fd69ceb5645c03d5c91db06088cb14331b26adb12", 0x3b}, {&(0x7f0000001700)="b54385d395aba23ed8a6d9a413d6659e49b26a37efa0cad9bf4ac246679a989fe20791e2b15fb8363cf795cb5e2c24e2fe5610407dd68a49b99930b17eeab4c8e4b86e58961eee6db5672c7ef311c9aff2754703a951465cce890925fb63e11a1485580080452425a7029e5db6e9637706da9f65ce3be46353673a6ad7371fdbd4bbdb6be75b70646331318ef7e9c13edba7ed326d224b32102c7db542d76cc6f4c0c70bcc6d5d8c23a4fbc71b8123ad6580be6a58e47ba9dd75c9fcc851441df505a78e4c2493787fe22af9991cfac461ee8aa8eb8021e10cde49c3c7ee899fd507d35149cdc3946d6588354b1fe8053d313c5f", 0xf4}], 0x8, &(0x7f0000001bc0)=[@cred={0x20, 0x1, 0x2, r12, r13, r14}, @cred={0x20, 0x1, 0x2, r15, r16, r17}, @cred={0x20, 0x1, 0x2, r18, r19, r20}], 0x60, 0x4080}, {&(0x7f0000001c40)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001e40)=[{&(0x7f0000001cc0)="e909f5b6efc85833c50eafa398d4229a1744", 0x12}, {&(0x7f0000001d00)="96ddcf99769333a254aea428d7ce38db5febf4d363ff3a0a5af5ae2bb7968b5846cbe1986cb22c769af66cccb2457f968b7398f7d96effed53335ece5d7d72c67253632d885993dc2b626f423273d01233d15ca9ce5116c124d2860f06772bdde5307c0196795e5c0fbe92b8c8c641548cb019ea", 0x74}, {&(0x7f0000001d80)="a3e28069ae46ad6b3eee2e19ed7142f4525b046aacf341cb51f0f7b4430abb7d73c3f0d0c080f3010f8fccf5890b536759e0503ae9921499e1e7708dfa978de58a7f307b1e200dfc8902201193dac44afd8138789e84f0c76fea9d49bff7a2a1a35c56b5683f06380993a51a80ae845d58292c27456d252b947517f779d7170d8da8accff5f09ad7684f808e6fbda47a01c4f905986d54afff4b21278833a644b18c087788e04627cefa4d58aa3b8f7e", 0xb0}], 0x3, 0x0, 0x0, 0x8881}], 0x4, 0x4008000)
r21 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r21, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:56:31 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x2000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:31 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x8100, 0x0)
getdents(r2, &(0x7f0000000040)=""/4, 0x4)
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f00000000c0), &(0x7f0000000100)=0x4)

23:56:31 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x0, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:31 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x48, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1280.392425][ T8774] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
23:56:31 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x0, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1280.447278][ T8774] CPU: 1 PID: 8774 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1280.456350][ T8774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1280.466440][ T8774] Call Trace:
[ 1280.469753][ T8774]  dump_stack+0x172/0x1f0
[ 1280.474104][ T8774]  warn_alloc.cold+0x88/0x184
[ 1280.478802][ T8774]  ? zone_watermark_ok_safe+0x260/0x260
[ 1280.484367][ T8774]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1280.490014][ T8774]  ? find_held_lock+0x35/0x130
[ 1280.494790][ T8774]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1280.500464][ T8774]  __vmalloc_node_range+0x48a/0x790
[ 1280.505684][ T8774]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1280.510750][ T8774]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1280.516310][ T8774]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1280.521350][ T8774]  vmalloc_user+0x6b/0x90
[ 1280.525753][ T8774]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1280.530785][ T8774]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1280.535637][ T8774]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1280.540692][ T8774]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
23:56:31 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_CLR_FLAGS(r0, 0x80044325, &(0x7f0000000040)=0x1)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:56:31 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x0, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1280.546509][ T8774]  __vb2_queue_alloc+0x5a6/0xf40
[ 1280.551474][ T8774]  vb2_core_create_bufs+0x2bc/0x790
[ 1280.556694][ T8774]  ? vim2m_buf_prepare+0x280/0x280
[ 1280.561817][ T8774]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1280.566948][ T8774]  ? lock_acquire+0x16f/0x3f0
[ 1280.571623][ T8774]  ? __video_do_ioctl+0x398/0xce0
[ 1280.576659][ T8774]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1280.582911][ T8774]  vb2_create_bufs+0x47e/0x7a0
[ 1280.587689][ T8774]  ? vb2_request_queue+0x120/0x120
[ 1280.592806][ T8774]  ? mark_held_locks+0xf0/0xf0
[ 1280.597594][ T8774]  ? debug_smp_processor_id+0x3c/0x280
[ 1280.603079][ T8774]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1280.608108][ T8774]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1280.613655][ T8774]  v4l_create_bufs+0xc0/0x180
[ 1280.618334][ T8774]  __video_do_ioctl+0x7f1/0xce0
[ 1280.623194][ T8774]  ? v4l_s_fmt+0xa40/0xa40
[ 1280.627621][ T8774]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1280.633860][ T8774]  ? _copy_from_user+0xdd/0x150
[ 1280.638725][ T8774]  video_usercopy+0x4c5/0x10d0
[ 1280.643486][ T8774]  ? v4l_s_fmt+0xa40/0xa40
[ 1280.647918][ T8774]  ? v4l_enumstd+0x70/0x70
[ 1280.652335][ T8774]  ? mark_held_locks+0xf0/0xf0
[ 1280.657099][ T8774]  ? debug_smp_processor_id+0x3c/0x280
[ 1280.662558][ T8774]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1280.668107][ T8774]  ? __fget+0x35a/0x550
[ 1280.672269][ T8774]  ? find_held_lock+0x35/0x130
[ 1280.677034][ T8774]  ? video_usercopy+0x10d0/0x10d0
[ 1280.682055][ T8774]  video_ioctl2+0x2d/0x35
[ 1280.686386][ T8774]  v4l2_ioctl+0x156/0x1b0
[ 1280.690720][ T8774]  ? video_devdata+0xa0/0xa0
[ 1280.695324][ T8774]  do_vfs_ioctl+0xd6e/0x1390
[ 1280.699928][ T8774]  ? kasan_check_read+0x11/0x20
[ 1280.704782][ T8774]  ? ioctl_preallocate+0x210/0x210
[ 1280.709892][ T8774]  ? __fget+0x381/0x550
[ 1280.714064][ T8774]  ? ksys_dup3+0x3e0/0x3e0
[ 1280.718481][ T8774]  ? nsecs_to_jiffies+0x30/0x30
[ 1280.723349][ T8774]  ? security_file_ioctl+0x93/0xc0
[ 1280.728468][ T8774]  ksys_ioctl+0xab/0xd0
[ 1280.732627][ T8774]  __x64_sys_ioctl+0x73/0xb0
[ 1280.737220][ T8774]  do_syscall_64+0x103/0x610
[ 1280.741822][ T8774]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1280.747709][ T8774] RIP: 0033:0x457e29
[ 1280.751604][ T8774] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1280.771206][ T8774] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1280.779650][ T8774] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1280.787618][ T8774] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:56:31 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x3000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:31 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c5dedbb836cb23b4eafa2c468afb24465b1c402c508239f04ba"], 0x1b)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

[ 1280.795589][ T8774] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1280.803562][ T8774] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1280.811540][ T8774] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:56:31 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$midi(&(0x7f0000000280)='/dev/midi#\x00', 0x7fffffff, 0x30180)
ioctl$RTC_ALM_SET(r2, 0x40247007, &(0x7f00000002c0)={0x4, 0x3b, 0x16, 0x15, 0x0, 0x8, 0x2, 0x74})
r3 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x0, 0x2)
r4 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x40, 0x60100)
getsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000200), &(0x7f0000000240)=0x4)
ioctl$KVM_SET_NR_MMU_PAGES(r3, 0xae44, 0xfffffffffffffffc)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89f2, &(0x7f0000000040)='ip6tnl0\x00\xe3\x1f\xa9U\xacbP\x17g\xc5\x9f\x8b\xf0\x15')
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000100)={0x1, 0x2, 0x0, 0x5, <r5=>0x0}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000180)=@assoc_value={r5, 0x5d2}, &(0x7f00000001c0)=0x8)

[ 1280.942987][ T8774] warn_alloc_show_mem: 1 callbacks suppressed
[ 1280.942993][ T8774] Mem-Info:
[ 1280.957776][ T8774] active_anon:166465 inactive_anon:192 isolated_anon:0
[ 1280.957776][ T8774]  active_file:13070 inactive_file:36074 isolated_file:0
[ 1280.957776][ T8774]  unevictable:2 dirty:199 writeback:0 unstable:0
[ 1280.957776][ T8774]  slab_reclaimable:17849 slab_unreclaimable:103260
[ 1280.957776][ T8774]  mapped:58686 shmem:493 pagetables:3411 bounce:0
[ 1280.957776][ T8774]  free:1056429 free_pcp:476 free_cma:0
23:56:32 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x0, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:32 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x101000, 0x0)
ioctl$VIDIOC_S_AUDOUT(r1, 0x40345632, &(0x7f0000000080)={0x3, "4e985d00f066914027a943ff265fc0cec6220389c2d90c71df5c4b85bfd949fd", 0x3, 0x1})
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:56:32 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x4000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1281.126101][ T8774] Node 0 active_anon:668028kB inactive_anon:768kB active_file:52140kB inactive_file:144296kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234744kB dirty:796kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 266240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
23:56:32 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600))
r1 = syz_open_pts(r0, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="e16c5dedbb836cb23b4eafa2c468afb24465b1c402c508239f04ba"], 0x1b)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17})

23:56:32 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x0, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1281.277109][ T8774] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1281.343715][ T8774] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1281.430163][ T8774] lowmem_reserve[]: 0 2553 2555 2555
[ 1281.435689][ T8774] Node 0 DMA32 free:424724kB min:36232kB low:45288kB high:54344kB active_anon:665936kB inactive_anon:768kB active_file:52140kB inactive_file:144296kB unevictable:8kB writepending:796kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10592kB pagetables:13644kB bounce:0kB free_pcp:1900kB local_pcp:896kB free_cma:0kB
[ 1281.468187][ T8774] lowmem_reserve[]: 0 0 2 2
[ 1281.472719][ T8774] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1281.499943][ T8774] lowmem_reserve[]: 0 0 0 0
[ 1281.504467][ T8774] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1281.533619][ T8774] lowmem_reserve[]: 0 0 0 0
[ 1281.538217][ T8774] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1281.552573][ T8774] Node 0 DMA32: 237809*4kB (UME) 198509*8kB (UME) 68285*16kB (UME) 30590*32kB (UME) 15304*64kB (UME) 6574*128kB (UME) 3009*256kB (UME) 1478*512kB (UM) 989*1024kB (UM) 4442*2048kB (ME) 25*4096kB (M) = 18171068kB
[ 1281.573254][ T8774] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1281.587673][ T8774] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1281.606648][ T8774] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1281.616276][ T8774] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1281.625593][ T8774] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1281.635181][ T8774] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1281.644525][ T8774] 49640 total pagecache pages
[ 1281.649914][ T8774] 0 pages in swap cache
[ 1281.654059][ T8774] Swap cache stats: add 0, delete 0, find 0/0
[ 1281.660205][ T8774] Free swap  = 0kB
[ 1281.663930][ T8774] Total swap = 0kB
[ 1281.667980][ T8774] 1965979 pages RAM
[ 1281.671809][ T8774] 0 pages HighMem/MovableOnly
[ 1281.676470][ T8774] 339409 pages reserved
23:56:32 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x4c, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:32 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0adc1f023c123f3188a070")
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, 0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x400, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x1, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0xdddc}, 0x1c)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:56:32 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x5000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:32 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x0, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:32 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:56:32 executing program 5:
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000340)='/proc/capi/capi20\x00', 0x20002, 0x0)
ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000380)={0xd000, &(0x7f0000000300), 0x6, r1, 0x8})
r2 = socket(0xa, 0x1, 0x0)
fstat(r2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setgid(r3)
r4 = syz_open_dev$mice(&(0x7f0000000240)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$RTC_WKALM_RD(r4, 0x80287010, &(0x7f0000000280))
r5 = socket(0x11, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
bind$llc(0xffffffffffffff9c, &(0x7f00000003c0)={0x1a, 0x339, 0x4, 0x80000001, 0x7, 0xf3, @dev={[], 0x29}}, 0x10)
setgroups(0x0, 0x0)
setresuid(0x0, r6, 0x0)
shmget$private(0x0, 0x4000, 0x1808, &(0x7f0000ffb000/0x4000)=nil)

[ 1281.681316][ T8774] 0 pages cma reserved
23:56:32 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x6000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:32 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x0, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1281.795816][ T9351] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1281.819283][ T9351] CPU: 1 PID: 9351 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1281.828345][ T9351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1281.838426][ T9351] Call Trace:
[ 1281.841752][ T9351]  dump_stack+0x172/0x1f0
[ 1281.846105][ T9351]  warn_alloc.cold+0x88/0x184
[ 1281.850802][ T9351]  ? zone_watermark_ok_safe+0x260/0x260
[ 1281.856359][ T9351]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1281.862007][ T9351]  ? find_held_lock+0x35/0x130
[ 1281.866784][ T9351]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1281.872472][ T9351]  __vmalloc_node_range+0x48a/0x790
[ 1281.877687][ T9351]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1281.882738][ T9351]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1281.888294][ T9351]  ? vb2_vmalloc_alloc+0xca/0x2a0
23:56:32 executing program 2:
syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x2)
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
ioctl$CAPI_GET_PROFILE(r0, 0xc0404309, &(0x7f0000000040)=0x3f)

23:56:32 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x0, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1281.893337][ T9351]  vmalloc_user+0x6b/0x90
[ 1281.897681][ T9351]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1281.902714][ T9351]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1281.907569][ T9351]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1281.912611][ T9351]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1281.918431][ T9351]  __vb2_queue_alloc+0x5a6/0xf40
[ 1281.923405][ T9351]  vb2_core_create_bufs+0x2bc/0x790
[ 1281.928627][ T9351]  ? vim2m_buf_prepare+0x280/0x280
[ 1281.933750][ T9351]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1281.938883][ T9351]  ? lock_acquire+0x16f/0x3f0
[ 1281.943589][ T9351]  ? __video_do_ioctl+0x398/0xce0
[ 1281.948642][ T9351]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1281.948664][ T9351]  vb2_create_bufs+0x47e/0x7a0
[ 1281.948686][ T9351]  ? vb2_request_queue+0x120/0x120
[ 1281.964793][ T9351]  ? mark_held_locks+0xf0/0xf0
[ 1281.969568][ T9351]  ? debug_smp_processor_id+0x3c/0x280
[ 1281.975046][ T9351]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1281.980087][ T9351]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1281.985643][ T9351]  v4l_create_bufs+0xc0/0x180
[ 1281.990342][ T9351]  __video_do_ioctl+0x7f1/0xce0
[ 1281.995221][ T9351]  ? v4l_s_fmt+0xa40/0xa40
[ 1281.999658][ T9351]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1282.005920][ T9351]  ? _copy_from_user+0xdd/0x150
[ 1282.010980][ T9351]  video_usercopy+0x4c5/0x10d0
[ 1282.015748][ T9351]  ? v4l_s_fmt+0xa40/0xa40
[ 1282.020175][ T9351]  ? v4l_enumstd+0x70/0x70
[ 1282.024616][ T9351]  ? mark_held_locks+0xf0/0xf0
[ 1282.029393][ T9351]  ? debug_smp_processor_id+0x3c/0x280
[ 1282.034865][ T9351]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1282.040447][ T9351]  ? __fget+0x35a/0x550
23:56:33 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x0, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1282.044611][ T9351]  ? find_held_lock+0x35/0x130
[ 1282.049389][ T9351]  ? video_usercopy+0x10d0/0x10d0
[ 1282.054444][ T9351]  video_ioctl2+0x2d/0x35
[ 1282.058796][ T9351]  v4l2_ioctl+0x156/0x1b0
[ 1282.063141][ T9351]  ? video_devdata+0xa0/0xa0
[ 1282.067749][ T9351]  do_vfs_ioctl+0xd6e/0x1390
[ 1282.072358][ T9351]  ? kasan_check_read+0x11/0x20
[ 1282.077250][ T9351]  ? ioctl_preallocate+0x210/0x210
[ 1282.082371][ T9351]  ? __fget+0x381/0x550
[ 1282.086562][ T9351]  ? ksys_dup3+0x3e0/0x3e0
[ 1282.090989][ T9351]  ? nsecs_to_jiffies+0x30/0x30
[ 1282.095860][ T9351]  ? security_file_ioctl+0x93/0xc0
[ 1282.101218][ T9351]  ksys_ioctl+0xab/0xd0
[ 1282.105386][ T9351]  __x64_sys_ioctl+0x73/0xb0
[ 1282.110051][ T9351]  do_syscall_64+0x103/0x610
[ 1282.114659][ T9351]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1282.120559][ T9351] RIP: 0033:0x457e29
[ 1282.124466][ T9351] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
23:56:33 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi}})

[ 1282.144076][ T9351] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1282.152499][ T9351] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1282.160476][ T9351] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1282.168456][ T9351] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1282.176442][ T9351] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1282.184432][ T9351] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1282.199145][ T9351] Mem-Info:
[ 1282.202312][ T9351] active_anon:167508 inactive_anon:193 isolated_anon:0
[ 1282.202312][ T9351]  active_file:13070 inactive_file:36076 isolated_file:0
[ 1282.202312][ T9351]  unevictable:2 dirty:201 writeback:0 unstable:0
[ 1282.202312][ T9351]  slab_reclaimable:17877 slab_unreclaimable:103352
[ 1282.202312][ T9351]  mapped:58663 shmem:493 pagetables:3457 bounce:0
[ 1282.202312][ T9351]  free:1055039 free_pcp:529 free_cma:0
[ 1282.281983][ T9351] Node 0 active_anon:670132kB inactive_anon:772kB active_file:52140kB inactive_file:144304kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234652kB dirty:804kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 262144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1282.312284][ T9351] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1282.339265][ T9351] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1282.382141][ T9351] lowmem_reserve[]: 0 2553 2555 2555
[ 1282.396907][ T9351] Node 0 DMA32 free:424816kB min:36232kB low:45288kB high:54344kB active_anon:665844kB inactive_anon:780kB active_file:52140kB inactive_file:144312kB unevictable:8kB writepending:804kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10624kB pagetables:13604kB bounce:0kB free_pcp:2440kB local_pcp:1124kB free_cma:0kB
[ 1282.431210][ T9351] lowmem_reserve[]: 0 0 2 2
[ 1282.445835][ T9351] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1282.473067][ T9351] lowmem_reserve[]: 0 0 0 0
[ 1282.478283][ T9351] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1282.507043][ T9351] lowmem_reserve[]: 0 0 0 0
[ 1282.511716][ T9351] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1282.526121][ T9351] Node 0 DMA32: 237713*4kB (ME) 198517*8kB (UME) 68282*16kB (UME) 30589*32kB (UME) 15304*64kB (UME) 6574*128kB (UME) 3009*256kB (UME) 1478*512kB (UM) 989*1024kB (UM) 4442*2048kB (ME) 25*4096kB (M) = 18170668kB
[ 1282.546712][ T9351] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1282.561059][ T9351] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1282.580030][ T9351] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1282.589668][ T9351] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1282.599549][ T9351] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1282.609251][ T9351] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1282.618617][ T9351] 49651 total pagecache pages
[ 1282.623294][ T9351] 0 pages in swap cache
[ 1282.627432][ T9351] Swap cache stats: add 0, delete 0, find 0/0
23:56:33 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x7000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:33 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi}})

23:56:33 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x60, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:33 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x7f, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0xb, 0x1, 0x10000000000000d, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:56:33 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x800, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:56:33 executing program 5:
r0 = syz_open_dev$sg(&(0x7f0000000100)='/dev/sg#\x00', 0x0, 0x10008002)
write(r0, &(0x7f0000000240)="b63db85e1e8d0200000000e1803599230000040000d2b13f00cebcfeffce4c15ef7adb5936794f4eb65bb1c5419f9405dd172a9b5154dcc5ff516195e927b3b3c331428a5187", 0x46)

[ 1282.633630][ T9351] Free swap  = 0kB
[ 1282.637342][ T9351] Total swap = 0kB
[ 1282.641133][ T9351] 1965979 pages RAM
[ 1282.644937][ T9351] 0 pages HighMem/MovableOnly
[ 1282.649681][ T9351] 339409 pages reserved
[ 1282.653829][ T9351] 0 pages cma reserved
[ 1282.712324][ T9652] sg_write: data in/out 167162/24 bytes for SCSI command 0x36-- guessing data in;
[ 1282.712324][ T9652]    program syz-executor.5 not setting count and/or reply_len properly
23:56:33 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi}})

23:56:33 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1282.754971][ T9687] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1282.812161][ T9687] CPU: 0 PID: 9687 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1282.821224][ T9687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1282.831288][ T9687] Call Trace:
[ 1282.834597][ T9687]  dump_stack+0x172/0x1f0
[ 1282.838963][ T9687]  warn_alloc.cold+0x88/0x184
[ 1282.844380][ T9687]  ? zone_watermark_ok_safe+0x260/0x260
[ 1282.849942][ T9687]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1282.855597][ T9687]  ? find_held_lock+0x35/0x130
[ 1282.860370][ T9687]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1282.866035][ T9687]  __vmalloc_node_range+0x48a/0x790
[ 1282.871246][ T9687]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1282.876282][ T9687]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1282.882972][ T9687]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1282.888010][ T9687]  vmalloc_user+0x6b/0x90
[ 1282.892349][ T9687]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1282.897389][ T9687]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1282.897405][ T9687]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1282.897436][ T9687]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1282.907296][ T9687]  __vb2_queue_alloc+0x5a6/0xf40
[ 1282.907338][ T9687]  vb2_core_create_bufs+0x2bc/0x790
[ 1282.923249][ T9687]  ? vim2m_buf_prepare+0x280/0x280
[ 1282.928367][ T9687]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1282.933517][ T9687]  ? lock_acquire+0x16f/0x3f0
[ 1282.938200][ T9687]  ? __video_do_ioctl+0x398/0xce0
[ 1282.943238][ T9687]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1282.943266][ T9687]  vb2_create_bufs+0x47e/0x7a0
[ 1282.954309][ T9687]  ? vb2_request_queue+0x120/0x120
[ 1282.959441][ T9687]  ? mark_held_locks+0xf0/0xf0
[ 1282.964211][ T9687]  ? debug_smp_processor_id+0x3c/0x280
[ 1282.969688][ T9687]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1282.974724][ T9687]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1282.980287][ T9687]  v4l_create_bufs+0xc0/0x180
[ 1282.984985][ T9687]  __video_do_ioctl+0x7f1/0xce0
[ 1282.989859][ T9687]  ? v4l_s_fmt+0xa40/0xa40
[ 1282.994305][ T9687]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1283.000590][ T9687]  ? _copy_from_user+0xdd/0x150
[ 1283.005476][ T9687]  video_usercopy+0x4c5/0x10d0
[ 1283.010268][ T9687]  ? v4l_s_fmt+0xa40/0xa40
[ 1283.014723][ T9687]  ? v4l_enumstd+0x70/0x70
[ 1283.019161][ T9687]  ? mark_held_locks+0xf0/0xf0
[ 1283.023958][ T9687]  ? debug_smp_processor_id+0x3c/0x280
[ 1283.029434][ T9687]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1283.034994][ T9687]  ? __fget+0x35a/0x550
[ 1283.039161][ T9687]  ? find_held_lock+0x35/0x130
[ 1283.043951][ T9687]  ? video_usercopy+0x10d0/0x10d0
[ 1283.048978][ T9687]  video_ioctl2+0x2d/0x35
[ 1283.053417][ T9687]  v4l2_ioctl+0x156/0x1b0
[ 1283.057757][ T9687]  ? video_devdata+0xa0/0xa0
[ 1283.062375][ T9687]  do_vfs_ioctl+0xd6e/0x1390
[ 1283.066975][ T9687]  ? kasan_check_read+0x11/0x20
[ 1283.066996][ T9687]  ? ioctl_preallocate+0x210/0x210
[ 1283.067017][ T9687]  ? __fget+0x381/0x550
[ 1283.081119][ T9687]  ? ksys_dup3+0x3e0/0x3e0
[ 1283.085543][ T9687]  ? nsecs_to_jiffies+0x30/0x30
[ 1283.090416][ T9687]  ? security_file_ioctl+0x93/0xc0
[ 1283.095543][ T9687]  ksys_ioctl+0xab/0xd0
[ 1283.099720][ T9687]  __x64_sys_ioctl+0x73/0xb0
[ 1283.104321][ T9687]  do_syscall_64+0x103/0x610
[ 1283.108943][ T9687]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1283.114850][ T9687] RIP: 0033:0x457e29
[ 1283.118753][ T9687] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1283.138368][ T9687] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1283.146786][ T9687] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1283.154767][ T9687] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:56:34 executing program 2:
recvmsg$kcm(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, <r0=>0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000100)=""/93, 0x5d}, {&(0x7f0000000180)=""/98, 0x62}, {&(0x7f0000000200)=""/27, 0x1b}, {&(0x7f0000000240)=""/146, 0x92}], 0x4, &(0x7f0000000340)=""/75, 0x4b}, 0x1)
accept$netrom(r0, &(0x7f0000000400)={{0x3, @rose}, [@remote, @bcast, @netrom, @default, @rose, @remote, @rose]}, &(0x7f0000000480)=0x48)
r1 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r1, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:56:34 executing program 5:
syz_emit_ethernet(0x6a, &(0x7f0000000400)={@local, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "119f13", 0x34, 0x0, 0x0, @dev, @initdev, {[@dstopts={0x0, 0x3, [], [@jumbo, @hao={0xc9, 0x10, @loopback}]}], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

23:56:34 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x8000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:34 executing program 5:
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3, 0x12, r0, 0x0)
mlock(&(0x7f0000ffa000/0x3000)=nil, 0x3000)

23:56:34 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x2, 0x0)
ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f0000000040))
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000940)='ip6tnl0\x00n\x88\x1f\x97\xd2\xd2\xfd=\xe4AT\xb5Ia\xad\xf5\xda\x03/o\xe8\xdc\xbdCt\x97\xb4\xe4g\n\x81?P \x8b\x18\xf2]\a\xec\x8fS)\xa0|\x0fo\x03\x00\x00\x00\x00\x00\x00\xa9\xd1O\r\n\x1b\x94?\x10d\xc4\x1d\x0ei\xaeW]\xdf[\xf9\x1dW0?6\xe7v\xd7\xdeZ\xf0\xb2n7`\x1en\x9e\xc6\xddZcF\xc3\'\xd6\x85\x1f\x17U\xcd\xf22\xbb\x11\xa4<\xb5\xba\x86ML\xfc\'\x11\xf3\xf4\xab\xe5\x129\x8e\xba\x7fr\x0fB3\xb0\x90\xc6\xa0YB\x9d\xb3\x88n\x00\x00\x00\x00\x00\x00\x00\x93\xd2\x1e\x06\r\xf1\xdb\xc1\x9f\n\xa2\xf8\xa6\xdc\xafK\xd0\xb6tgh\xdc\f\xfc\xca\x87\x94\x1a\x18\xeb\x92\xdf\xda6\x0f\xb3\a\xaa\x87\xe7k\xb5\v\x10\xf5\xf6\x9d\xa9\xf3\x94W\x873&^\xf3\x12\xe7\xbf\x87;\x7f\xbd)\xbe\x19\xfc\xe4k0\xdfS\xe2\xe0i\x8c\"%\xc9P0^A\xeaxm+r+\xaf_\x1fO\xd7\x95\x9d\xe5:E\xffR\x1c\x11`\x91\xf0\x9b\x9eN\\\xd7\x1bY\x19G8\x00\xcd\xde\x8c\x10\x04\xc2{\x81\xc4_\xbf\xcd\x95\xd3\xee\xb7\xb6\x13J\xa7l\xc8\x95/\x148\x17\x11\xdc\xe4\xd6z\xa5\x89\xe6J\xaa\xde)\x88\xcd}\x86\x14\x8bW\x80\xbd\x18\b\xb8\xd1\xe8\xa9\b')

23:56:34 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f0000000040)=0x10002)

[ 1283.162740][ T9687] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1283.162750][ T9687] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1283.162759][ T9687] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1283.231630][ T9687] Mem-Info:
[ 1283.235625][ T9687] active_anon:167005 inactive_anon:191 isolated_anon:0
[ 1283.235625][ T9687]  active_file:13070 inactive_file:36088 isolated_file:0
[ 1283.235625][ T9687]  unevictable:2 dirty:213 writeback:0 unstable:0
[ 1283.235625][ T9687]  slab_reclaimable:17897 slab_unreclaimable:103385
[ 1283.235625][ T9687]  mapped:58663 shmem:492 pagetables:3421 bounce:0
[ 1283.235625][ T9687]  free:1055084 free_pcp:448 free_cma:0
[ 1283.380764][ T9687] Node 0 active_anon:666052kB inactive_anon:764kB active_file:52140kB inactive_file:144352kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234752kB dirty:852kB writeback:0kB shmem:1968kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 268288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1283.411042][ T9687] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1283.439886][ T9687] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1283.466959][ T9687] lowmem_reserve[]: 0 2553 2555 2555
[ 1283.472358][ T9687] Node 0 DMA32 free:424980kB min:36232kB low:45288kB high:54344kB active_anon:665868kB inactive_anon:776kB active_file:52140kB inactive_file:144396kB unevictable:8kB writepending:896kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10592kB pagetables:13536kB bounce:0kB free_pcp:2192kB local_pcp:968kB free_cma:0kB
[ 1283.503342][ T9687] lowmem_reserve[]: 0 0 2 2
[ 1283.507970][ T9687] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1283.534775][ T9687] lowmem_reserve[]: 0 0 0 0
[ 1283.539419][ T9687] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1283.567871][ T9687] lowmem_reserve[]: 0 0 0 0
[ 1283.572419][ T9687] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1283.576860][ T9987] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1283.586774][ T9687] Node 0 DMA32: 237802*4kB (UME) 198672*8kB (UME) 68272*16kB (UME) 30589*32kB (UME) 15304*64kB (UME) 6574*128kB (UME) 3009*256kB (UME) 1478*512kB (UM) 989*1024kB (UM) 4442*2048kB (ME) 25*4096kB (M) = 18172104kB
[ 1283.600889][ T9987] CPU: 0 PID: 9987 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1283.629023][ T9687] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1283.630232][ T9987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1283.644597][ T9687] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1283.654493][ T9987] Call Trace:
[ 1283.654518][ T9987]  dump_stack+0x172/0x1f0
[ 1283.654544][ T9987]  warn_alloc.cold+0x88/0x184
[ 1283.654568][ T9987]  ? zone_watermark_ok_safe+0x260/0x260
[ 1283.673449][ T9687] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1283.676517][ T9987]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1283.680980][ T9687] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1283.686071][ T9987]  ? find_held_lock+0x35/0x130
[ 1283.686092][ T9987]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1283.686128][ T9987]  __vmalloc_node_range+0x48a/0x790
[ 1283.691945][ T9687] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1283.701199][ T9987]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1283.701232][ T9987]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1283.701258][ T9987]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1283.707039][ T9687] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1283.716254][ T9987]  vmalloc_user+0x6b/0x90
[ 1283.716273][ T9987]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1283.716291][ T9987]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1283.716311][ T9987]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1283.721209][ T9687] 49663 total pagecache pages
[ 1283.726686][ T9987]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1283.732008][ T9687] 0 pages in swap cache
[ 1283.741389][ T9987]  __vb2_queue_alloc+0x5a6/0xf40
[ 1283.741426][ T9987]  vb2_core_create_bufs+0x2bc/0x790
[ 1283.741448][ T9987]  ? vim2m_buf_prepare+0x280/0x280
[ 1283.746562][ T9687] Swap cache stats: add 0, delete 0, find 0/0
[ 1283.751991][ T9987]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1283.752008][ T9987]  ? lock_acquire+0x16f/0x3f0
[ 1283.752023][ T9987]  ? __video_do_ioctl+0x398/0xce0
[ 1283.752048][ T9987]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1283.757162][ T9687] Free swap  = 0kB
[ 1283.766323][ T9987]  vb2_create_bufs+0x47e/0x7a0
[ 1283.766374][ T9987]  ? vb2_request_queue+0x120/0x120
[ 1283.766400][ T9987]  ? mark_held_locks+0xf0/0xf0
[ 1283.770857][ T9687] Total swap = 0kB
[ 1283.775728][ T9987]  ? debug_smp_processor_id+0x3c/0x280
[ 1283.775754][ T9987]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1283.780718][ T9687] 1965979 pages RAM
[ 1283.785603][ T9987]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1283.790376][ T9687] 0 pages HighMem/MovableOnly
[ 1283.796056][ T9987]  v4l_create_bufs+0xc0/0x180
[ 1283.800314][ T9687] 339409 pages reserved
[ 1283.805123][ T9987]  __video_do_ioctl+0x7f1/0xce0
[ 1283.810431][ T9687] 0 pages cma reserved
[ 1283.815414][ T9987]  ? v4l_s_fmt+0xa40/0xa40
[ 1283.910825][ T9987]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1283.917051][ T9987]  ? _copy_from_user+0xdd/0x150
[ 1283.921902][ T9987]  video_usercopy+0x4c5/0x10d0
[ 1283.926653][ T9987]  ? v4l_s_fmt+0xa40/0xa40
[ 1283.931086][ T9987]  ? v4l_enumstd+0x70/0x70
[ 1283.935488][ T9987]  ? mark_held_locks+0xf0/0xf0
[ 1283.940231][ T9987]  ? debug_smp_processor_id+0x3c/0x280
[ 1283.945671][ T9987]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1283.951200][ T9987]  ? __fget+0x35a/0x550
[ 1283.955333][ T9987]  ? find_held_lock+0x35/0x130
[ 1283.960078][ T9987]  ? video_usercopy+0x10d0/0x10d0
[ 1283.965080][ T9987]  video_ioctl2+0x2d/0x35
[ 1283.969398][ T9987]  v4l2_ioctl+0x156/0x1b0
[ 1283.973709][ T9987]  ? video_devdata+0xa0/0xa0
[ 1283.978290][ T9987]  do_vfs_ioctl+0xd6e/0x1390
[ 1283.982862][ T9987]  ? kasan_check_read+0x11/0x20
[ 1283.987697][ T9987]  ? ioctl_preallocate+0x210/0x210
[ 1283.992789][ T9987]  ? __fget+0x381/0x550
[ 1283.996935][ T9987]  ? ksys_dup3+0x3e0/0x3e0
[ 1284.001335][ T9987]  ? nsecs_to_jiffies+0x30/0x30
[ 1284.006171][ T9987]  ? security_file_ioctl+0x93/0xc0
[ 1284.011264][ T9987]  ksys_ioctl+0xab/0xd0
[ 1284.015403][ T9987]  __x64_sys_ioctl+0x73/0xb0
[ 1284.019980][ T9987]  do_syscall_64+0x103/0x610
[ 1284.024554][ T9987]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1284.030424][ T9987] RIP: 0033:0x457e29
[ 1284.034304][ T9987] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1284.053892][ T9987] RSP: 002b:00007f7c2f160c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1284.062295][ T9987] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1284.070248][ T9987] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000004
23:56:35 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x68, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:35 executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000400)='/dev/loop#\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = memfd_create(&(0x7f00000000c0)='t\bnu\x00\x00\x00\x00\x00\x00\x00\x00\x00\x8c\x00', 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r2)
ioctl$LOOP_CLR_FD(r0, 0x4c01)

23:56:35 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x0, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:35 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x9000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:35 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x1, 0x2)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000100)={<r2=>0x0, 0x7f, "5159f65a2564147d5d2626f13a60a155845ec59adb334818e04f1e13899d69b3b9820a4f0661a4d329d46180847d3a3fb356baa08b4c8e000e4d943fdc8652d45e7fe35fe17ddbbeabde214bbc53cc20273c72cba713c783f34490b305a7c90316c210c072e5ef0dd447145106ce139c4f962c5cdcda86f86411f71f309401"}, &(0x7f0000000080)=0x87)
setsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000200)={r2, 0x4}, 0x8)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:56:35 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0xfffffffffffffffd, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
socketpair(0x3, 0x3, 0xb1, &(0x7f0000000000))
r1 = open(&(0x7f00000000c0)='./file0\x00', 0x400100, 0x5)
ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f0000000100)={0x3, 0xbb3})

[ 1284.078197][ T9987] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1284.086148][ T9987] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1616d4
[ 1284.094099][ T9987] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1284.208687][T10087] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1284.228751][T10087] CPU: 0 PID: 10087 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1284.237920][T10087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1284.247986][T10087] Call Trace:
[ 1284.251294][T10087]  dump_stack+0x172/0x1f0
[ 1284.255652][T10087]  warn_alloc.cold+0x88/0x184
[ 1284.260347][T10087]  ? zone_watermark_ok_safe+0x260/0x260
[ 1284.265930][T10087]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1284.271602][T10087]  ? find_held_lock+0x35/0x130
[ 1284.276378][T10087]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1284.282040][T10087]  __vmalloc_node_range+0x48a/0x790
[ 1284.287250][T10087]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1284.292312][T10087]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1284.297869][T10087]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1284.302941][T10087]  vmalloc_user+0x6b/0x90
[ 1284.307289][T10087]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1284.312317][T10087]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1284.312340][T10087]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1284.312354][T10087]  __vb2_queue_alloc+0x5a6/0xf40
[ 1284.312388][T10087]  vb2_core_create_bufs+0x2bc/0x790
[ 1284.333172][T10087]  ? vim2m_buf_prepare+0x280/0x280
[ 1284.338297][T10087]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1284.343418][T10087]  ? lock_acquire+0x16f/0x3f0
[ 1284.348099][T10087]  ? __video_do_ioctl+0x398/0xce0
[ 1284.353168][T10087]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1284.359451][T10087]  vb2_create_bufs+0x47e/0x7a0
[ 1284.364232][T10087]  ? vb2_request_queue+0x120/0x120
[ 1284.369361][T10087]  ? mark_held_locks+0xf0/0xf0
[ 1284.374136][T10087]  ? debug_smp_processor_id+0x3c/0x280
[ 1284.379620][T10087]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1284.384662][T10087]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1284.384866][T10212] FAULT_INJECTION: forcing a failure.
[ 1284.384866][T10212] name failslab, interval 1, probability 0, space 0, times 0
[ 1284.390236][T10087]  v4l_create_bufs+0xc0/0x180
[ 1284.390257][T10087]  __video_do_ioctl+0x7f1/0xce0
[ 1284.390283][T10087]  ? v4l_s_fmt+0xa40/0xa40
[ 1284.390313][T10087]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1284.423271][T10087]  ? _copy_from_user+0xdd/0x150
[ 1284.428145][T10087]  video_usercopy+0x4c5/0x10d0
[ 1284.432936][T10087]  ? v4l_s_fmt+0xa40/0xa40
[ 1284.437371][T10087]  ? v4l_enumstd+0x70/0x70
[ 1284.441803][T10087]  ? mark_held_locks+0xf0/0xf0
[ 1284.446575][T10087]  ? debug_smp_processor_id+0x3c/0x280
[ 1284.452096][T10087]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1284.457655][T10087]  ? __fget+0x35a/0x550
[ 1284.461819][T10087]  ? find_held_lock+0x35/0x130
[ 1284.466598][T10087]  ? video_usercopy+0x10d0/0x10d0
[ 1284.471632][T10087]  video_ioctl2+0x2d/0x35
[ 1284.475978][T10087]  v4l2_ioctl+0x156/0x1b0
[ 1284.480318][T10087]  ? video_devdata+0xa0/0xa0
[ 1284.484941][T10087]  do_vfs_ioctl+0xd6e/0x1390
[ 1284.489558][T10087]  ? kasan_check_read+0x11/0x20
[ 1284.494421][T10087]  ? ioctl_preallocate+0x210/0x210
[ 1284.499552][T10087]  ? __fget+0x381/0x550
[ 1284.503731][T10087]  ? ksys_dup3+0x3e0/0x3e0
[ 1284.508157][T10087]  ? nsecs_to_jiffies+0x30/0x30
[ 1284.513029][T10087]  ? security_file_ioctl+0x93/0xc0
[ 1284.518149][T10087]  ksys_ioctl+0xab/0xd0
[ 1284.522322][T10087]  __x64_sys_ioctl+0x73/0xb0
[ 1284.526937][T10087]  do_syscall_64+0x103/0x610
[ 1284.531543][T10087]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1284.537440][T10087] RIP: 0033:0x457e29
23:56:35 executing program 3:
openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x8000, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000000)=0x4, 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:56:35 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xa000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:35 executing program 5 (fault-call:1 fault-nth:0):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:35 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xb000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:35 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1b, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:56:35 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xc000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1284.541342][T10087] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1284.560952][T10087] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1284.569372][T10087] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1284.577345][T10087] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1284.585326][T10087] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1284.593315][T10087] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1284.601293][T10087] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1284.609299][T10212] CPU: 1 PID: 10212 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1284.618449][T10212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1284.628501][T10212] Call Trace:
[ 1284.631798][T10212]  dump_stack+0x172/0x1f0
[ 1284.636144][T10212]  should_fail.cold+0xa/0x15
[ 1284.640750][T10212]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1284.645035][T10087] warn_alloc_show_mem: 1 callbacks suppressed
[ 1284.645040][T10087] Mem-Info:
[ 1284.646572][T10212]  ? ___might_sleep+0x163/0x280
[ 1284.646595][T10212]  __should_failslab+0x121/0x190
[ 1284.646618][T10212]  should_failslab+0x9/0x14
[ 1284.652804][T10087] active_anon:167586 inactive_anon:194 isolated_anon:0
[ 1284.652804][T10087]  active_file:13070 inactive_file:36100 isolated_file:0
[ 1284.652804][T10087]  unevictable:2 dirty:226 writeback:0 unstable:0
[ 1284.652804][T10087]  slab_reclaimable:17903 slab_unreclaimable:103437
[ 1284.652804][T10087]  mapped:58686 shmem:493 pagetables:3461 bounce:0
[ 1284.652804][T10087]  free:1054376 free_pcp:441 free_cma:0
[ 1284.655778][T10212]  kmem_cache_alloc_node_trace+0x270/0x720
[ 1284.655797][T10212]  ? __lock_acquire+0x55d/0x4710
[ 1284.655822][T10212]  __kmalloc_node+0x3d/0x70
[ 1284.660747][T10087] Node 0 active_anon:670344kB inactive_anon:776kB active_file:52140kB inactive_file:144400kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234744kB dirty:904kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 266240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1284.665603][T10212]  kvmalloc_node+0x68/0x100
[ 1284.665623][T10212]  video_usercopy+0x454/0x10d0
[ 1284.665641][T10212]  ? v4l_s_fmt+0xa40/0xa40
[ 1284.670237][T10087] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1284.708244][T10212]  ? v4l_enumstd+0x70/0x70
[ 1284.708262][T10212]  ? mark_held_locks+0xf0/0xf0
[ 1284.708279][T10212]  ? debug_smp_processor_id+0x3c/0x280
[ 1284.708297][T10212]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1284.708312][T10212]  ? __f_unlock_pos+0x19/0x20
[ 1284.708329][T10212]  ? __fget+0x35a/0x550
[ 1284.708345][T10212]  ? find_held_lock+0x35/0x130
[ 1284.708369][T10212]  ? video_usercopy+0x10d0/0x10d0
[ 1284.714226][T10087] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1284.719091][T10212]  video_ioctl2+0x2d/0x35
[ 1284.719112][T10212]  v4l2_ioctl+0x156/0x1b0
[ 1284.719127][T10212]  ? video_devdata+0xa0/0xa0
[ 1284.719146][T10212]  do_vfs_ioctl+0xd6e/0x1390
[ 1284.719173][T10212]  ? kasan_check_read+0x11/0x20
[ 1284.723689][T10087] lowmem_reserve[]: 0 2553 2555 2555
[ 1284.752639][T10212]  ? ioctl_preallocate+0x210/0x210
[ 1284.752655][T10212]  ? __fget+0x381/0x550
[ 1284.752678][T10212]  ? ksys_dup3+0x3e0/0x3e0
[ 1284.752694][T10212]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1284.752707][T10212]  ? fput_many+0x12c/0x1a0
[ 1284.752722][T10212]  ? fput+0x1b/0x20
[ 1284.752744][T10212]  ? security_file_ioctl+0x93/0xc0
[ 1284.752761][T10212]  ksys_ioctl+0xab/0xd0
[ 1284.752780][T10212]  __x64_sys_ioctl+0x73/0xb0
[ 1284.752799][T10212]  do_syscall_64+0x103/0x610
[ 1284.752822][T10212]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1284.752841][T10212] RIP: 0033:0x457e29
[ 1284.768183][T10087] Node 0 DMA32 free:419140kB min:36232kB low:45288kB high:54344kB active_anon:670344kB inactive_anon:776kB active_file:52140kB inactive_file:144400kB unevictable:8kB writepending:904kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10784kB pagetables:13844kB bounce:0kB free_pcp:1784kB local_pcp:1304kB free_cma:0kB
[ 1284.792943][T10212] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1284.792953][T10212] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1284.792977][T10212] RAX: ffffffffffffffda RBX: 00007fab66e65c90 RCX: 0000000000457e29
[ 1284.792999][T10212] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1284.793008][T10212] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1284.793017][T10212] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1284.793026][T10212] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 0000000000000004
[ 1284.964259][T10087] lowmem_reserve[]: 0 0 2 2
[ 1284.994624][T10087] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1285.038167][T10087] lowmem_reserve[]: 0 0 0 0
[ 1285.061208][T10087] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1285.093805][T10087] lowmem_reserve[]: 0 0 0 0
[ 1285.119842][T10087] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1285.141383][T10087] Node 0 DMA32: 237847*4kB (UME) 198701*8kB (UME) 68276*16kB (ME) 30573*32kB (UME) 15304*64kB (UME) 6574*128kB (UME) 3009*256kB (UME) 1478*512kB (UM) 989*1024kB (UM) 4442*2048kB (ME) 25*4096kB (M) = 18172068kB
[ 1285.162248][T10087] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1285.179808][T10087] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1285.199040][T10087] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1285.209015][T10087] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1285.218560][T10087] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1285.228346][T10087] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1285.237857][T10087] 49674 total pagecache pages
[ 1285.242565][T10087] 0 pages in swap cache
[ 1285.246711][T10087] Swap cache stats: add 0, delete 0, find 0/0
[ 1285.253139][T10087] Free swap  = 0kB
[ 1285.256860][T10087] Total swap = 0kB
[ 1285.260706][T10087] 1965979 pages RAM
23:56:36 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x6c, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:36 executing program 0:
io_getevents(0x0, 0x1f, 0x0, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x2, 0x84)
ioctl(r0, 0x6, &(0x7f0000000100))
r1 = memfd_create(&(0x7f0000000080)=':+lo#\x00`vo\xdc.\a8\xddA\xc9~\'\x06\xed\xd6\xb4\xb2!\x82\x16\xa1\xc5\b\xf7\xf3_\x9dy\\\xb6\xe3b\x02\xdc\x87\xaed\xa8\xd0 X\xd8\xff\x19\teP0\xe1?6\a\xb1\xa7\xdd \x94D\xfe\xd0\x16\x7f\xc2\xce\x93\xf8i', 0x0)
r2 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040)='/dev/capi20\x00', 0x800, 0x0)
r3 = syz_open_dev$admmidi(&(0x7f0000000100)='/dev/admmidi#\x00', 0x778, 0x80)
write$UHID_SET_REPORT_REPLY(r3, &(0x7f0000000180)=ANY=[@ANYBLOB="0e00000003000000de434b004576fb993bc7c662137bb9cc18f1e0bad97444d467401f57a8edd87549f2b10f505df2ba5eb636c06e3d8cb8b913fe4e9ec3a3acc75bd22a6d3c39f66a3675b920fd51a3be3d5f57a9a956"], 0x57)
ioctl$CAPI_REGISTER(r2, 0x400c4301, &(0x7f00000000c0)={0x0, 0x0, 0x10000000015e})
read(r2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
io_submit(0x0, 0x1, &(0x7f0000000940)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x2, 0x0, r1, 0x0}])
ioctl$RTC_ALM_READ(r3, 0x80247008, &(0x7f0000000200))

23:56:36 executing program 2:
r0 = openat$vfio(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vfio/vfio\x00', 0x400200, 0x0)
ioctl$VIDIOC_S_AUDIO(r0, 0x40345622, &(0x7f0000000200)={0x81, "866cff1f03c9caa15f37772ac7058e50cf433c31cf27370fa60f4612e6d14b10", 0x2, 0x1})
r1 = open(&(0x7f0000000040)='./file0\x00', 0x8002, 0x100)
write$vhci(r1, &(0x7f0000000080)=@HCI_VENDOR_PKT, 0x2)
r2 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$EVIOCGABS20(r1, 0x80184560, &(0x7f0000000100)=""/184)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000280)='TIPC\x00')
sendmsg$TIPC_CMD_GET_NETID(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x802}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, r3, 0x10, 0x70bd2c, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x40000)
fchmod(r2, 0x20)
ioctl$CAPI_GET_PROFILE(r2, 0xc0044308, &(0x7f00000000c0)=0x10000)
statx(r1, &(0x7f0000000380)='./file0\x00', 0x6100, 0x140, &(0x7f00000003c0))

23:56:36 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xd000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:36 executing program 5 (fault-call:1 fault-nth:1):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:36 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x4, 0x202)
write$P9_RWALK(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="4a0000006f010005000004000000030000000000000014030000000700000002000000100206000004000000000000000004000007020000000000000000040000000200000000000000132684594f947a43ad52d6474d91be943d49b4891beb99c657919ac49e89eed7d26f59202e12f6a5a9acc4fd4cac443aa4c5ba5258736a92c63b54e99e117e8870a9714ba58350c5a19a6ae939f8251364229d77009ebf4e577da70dddb7f5c86a036dd548ba988593c9d71aa35b5f6eeb5f5bd354"], 0x4a)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000140)='fou\x00')
sendmsg$FOU_CMD_GET(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="32d27396965052593cf8d13133ace4d88561f1f0c656dd63979f2245962db32b3b27a4375232182eb71037e098ab3ceb5488a90f1d0c5af79a8dd91d1303b5d23dfcd5a429b309fe1c430af94f03b90f2bfa32ed41f7234e54a22303611f2c2801a15645da12839b7c1d2462247964e467ac6ad960591375848465a90dc696918e84ddc3ae02b8f349998630059225020deccf7d518bb96b0e8b398543c32726485b96c204af7fc39375bd2e3fcb4f9efe1672c37474a5a430d8ff57e894fae6f5b4b6bab5", @ANYRES16=r3, @ANYBLOB="00022abd7000fedbdf2503000000040005000400080002000a000000080003006c000000080003003300000000000000000000000000e5d2feb21225c981dc4f247e8a80abe68b94813579ba7122f0c4d9bdb887cc428fc7a2e99159aafac06b4bac0c"], 0x3c}, 0x1, 0x0, 0x0, 0x4004000}, 0x48080)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

[ 1285.264517][T10087] 0 pages HighMem/MovableOnly
[ 1285.269259][T10087] 339409 pages reserved
[ 1285.273417][T10087] 0 pages cma reserved
[ 1285.348315][T10455] FAULT_INJECTION: forcing a failure.
[ 1285.348315][T10455] name failslab, interval 1, probability 0, space 0, times 0
[ 1285.361349][T10456] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1285.409905][T10455] CPU: 1 PID: 10455 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1285.419065][T10455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1285.429130][T10455] Call Trace:
[ 1285.432444][T10455]  dump_stack+0x172/0x1f0
[ 1285.436805][T10455]  should_fail.cold+0xa/0x15
[ 1285.441436][T10455]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1285.447268][T10455]  ? ___might_sleep+0x163/0x280
[ 1285.452131][T10455]  __should_failslab+0x121/0x190
23:56:36 executing program 0:
r0 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffff9c, 0xc010640b, &(0x7f0000000180)={0x0, <r1=>0x0, 0x3})
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rfkill\x00', 0x2200, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000200)={r1, 0x80000, r2})
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r5=>0x0})
sendmsg$can_raw(r4, &(0x7f0000000100)={&(0x7f0000000040)={0x1d, r5}, 0x10, &(0x7f00000000c0)={&(0x7f0000000080)=@can={{}, 0x0, 0x0, 0x0, 0x0, "76fec1a03d0ee3f3"}, 0x10}}, 0x0)

[ 1285.457081][T10455]  should_failslab+0x9/0x14
[ 1285.461598][T10455]  __kmalloc+0x2dc/0x740
[ 1285.465856][T10455]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1285.470908][T10455]  __vb2_queue_alloc+0xf5/0xf40
[ 1285.475773][T10455]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1285.481320][T10455]  ? __sanitizer_cov_trace_switch+0x49/0x80
[ 1285.481341][T10455]  ? vim2m_queue_setup+0x266/0x370
[ 1285.481363][T10455]  vb2_core_create_bufs+0x2bc/0x790
[ 1285.481383][T10455]  ? vim2m_buf_prepare+0x280/0x280
[ 1285.481403][T10455]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1285.507837][T10455]  ? lock_acquire+0x16f/0x3f0
[ 1285.512525][T10455]  ? __video_do_ioctl+0x398/0xce0
[ 1285.517581][T10455]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1285.523837][T10455]  vb2_create_bufs+0x47e/0x7a0
[ 1285.528630][T10455]  ? vb2_request_queue+0x120/0x120
[ 1285.533763][T10455]  ? mark_held_locks+0xf0/0xf0
[ 1285.538538][T10455]  ? debug_smp_processor_id+0x3c/0x280
[ 1285.544015][T10455]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1285.549049][T10455]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1285.554607][T10455]  v4l_create_bufs+0xc0/0x180
23:56:36 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xe000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1285.559302][T10455]  __video_do_ioctl+0x7f1/0xce0
[ 1285.564167][T10455]  ? v4l_s_fmt+0xa40/0xa40
[ 1285.568601][T10455]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1285.574853][T10455]  ? _copy_from_user+0xdd/0x150
[ 1285.579734][T10455]  video_usercopy+0x4c5/0x10d0
[ 1285.584505][T10455]  ? v4l_s_fmt+0xa40/0xa40
[ 1285.588943][T10455]  ? v4l_enumstd+0x70/0x70
[ 1285.593375][T10455]  ? mark_held_locks+0xf0/0xf0
[ 1285.598156][T10455]  ? debug_smp_processor_id+0x3c/0x280
[ 1285.603633][T10455]  ? perf_trace_lock_acquire+0xf5/0x580
23:56:36 executing program 0:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, 0x0)
getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100), 0x10)
getegid()
bind$bt_sco(0xffffffffffffffff, &(0x7f0000000040), 0x8)
getsockopt$IP6T_SO_GET_ENTRIES(r1, 0x29, 0x41, 0x0, &(0x7f00000001c0))
listen(0xffffffffffffffff, 0x0)
prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000140), 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
move_pages(0x0, 0x0, &(0x7f0000000ac0), 0x0, 0x0, 0x0)
getsockopt$bt_BT_CHANNEL_POLICY(0xffffffffffffffff, 0x112, 0xa, 0x0, &(0x7f0000000080))
getsockname(0xffffffffffffffff, &(0x7f0000000280)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev}}}, &(0x7f0000000000)=0x80)
clone(0x1002102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f00000004c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00'], 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, 0x0, 0x0)
accept$unix(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$xfs(&(0x7f0000000080)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={[{@filestreams='filestreams'}]})
r2 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0xd, 0x401)
ioctl$FS_IOC_FSGETXATTR(r2, 0xc0185502, 0x0)

[ 1285.609189][T10455]  ? __f_unlock_pos+0x19/0x20
[ 1285.613879][T10455]  ? __fget+0x35a/0x550
[ 1285.618068][T10455]  ? find_held_lock+0x35/0x130
[ 1285.622846][T10455]  ? video_usercopy+0x10d0/0x10d0
[ 1285.627875][T10455]  video_ioctl2+0x2d/0x35
[ 1285.632223][T10455]  v4l2_ioctl+0x156/0x1b0
[ 1285.636557][T10455]  ? video_devdata+0xa0/0xa0
[ 1285.641163][T10455]  do_vfs_ioctl+0xd6e/0x1390
[ 1285.645767][T10455]  ? kasan_check_read+0x11/0x20
[ 1285.650629][T10455]  ? ioctl_preallocate+0x210/0x210
[ 1285.655747][T10455]  ? __fget+0x381/0x550
[ 1285.659932][T10455]  ? ksys_dup3+0x3e0/0x3e0
[ 1285.664367][T10455]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1285.670608][T10455]  ? fput_many+0x12c/0x1a0
[ 1285.675030][T10455]  ? fput+0x1b/0x20
[ 1285.678855][T10455]  ? security_file_ioctl+0x93/0xc0
[ 1285.683994][T10455]  ksys_ioctl+0xab/0xd0
[ 1285.688163][T10455]  __x64_sys_ioctl+0x73/0xb0
[ 1285.692760][T10455]  do_syscall_64+0x103/0x610
[ 1285.697382][T10455]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1285.703291][T10455] RIP: 0033:0x457e29
[ 1285.707184][T10455] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1285.726789][T10455] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1285.735206][T10455] RAX: ffffffffffffffda RBX: 00007fab66e65c90 RCX: 0000000000457e29
[ 1285.743181][T10455] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1285.751155][T10455] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
23:56:36 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xfab, 0x80000)
ioctl$TIOCGSOFTCAR(r1, 0x5419, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:56:36 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f0000000080)=0x4010000)
ioctl$UI_GET_VERSION(0xffffffffffffffff, 0x8004552d, &(0x7f00000001c0))
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)=<r1=>0x0)
get_robust_list(r1, &(0x7f0000000180)=&(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)}}, &(0x7f0000000240)=0x274)

[ 1285.751171][T10455] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1285.767112][T10455] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 0000000000000004
[ 1285.791216][T10456] CPU: 0 PID: 10456 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1285.800368][T10456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1285.810429][T10456] Call Trace:
[ 1285.813735][T10456]  dump_stack+0x172/0x1f0
[ 1285.818091][T10456]  warn_alloc.cold+0x88/0x184
[ 1285.822790][T10456]  ? zone_watermark_ok_safe+0x260/0x260
[ 1285.822807][T10456]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1285.822826][T10456]  ? find_held_lock+0x35/0x130
[ 1285.822844][T10456]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1285.822876][T10456]  __vmalloc_node_range+0x48a/0x790
[ 1285.850330][T10456]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1285.855369][T10456]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1285.860940][T10456]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1285.865971][T10456]  vmalloc_user+0x6b/0x90
[ 1285.865991][T10456]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1285.866008][T10456]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1285.866028][T10456]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1285.886375][T10456]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1285.892192][T10456]  __vb2_queue_alloc+0x5a6/0xf40
[ 1285.897163][T10456]  vb2_core_create_bufs+0x2bc/0x790
[ 1285.902376][T10456]  ? vim2m_buf_prepare+0x280/0x280
[ 1285.907485][T10456]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1285.907503][T10456]  ? lock_acquire+0x16f/0x3f0
[ 1285.907517][T10456]  ? __video_do_ioctl+0x398/0xce0
[ 1285.907544][T10456]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1285.928561][T10456]  vb2_create_bufs+0x47e/0x7a0
[ 1285.928584][T10456]  ? vb2_request_queue+0x120/0x120
[ 1285.928616][T10456]  ? mark_held_locks+0xf0/0xf0
[ 1285.943223][T10456]  ? debug_smp_processor_id+0x3c/0x280
[ 1285.948703][T10456]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1285.953735][T10456]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1285.959290][T10456]  v4l_create_bufs+0xc0/0x180
[ 1285.963977][T10456]  __video_do_ioctl+0x7f1/0xce0
[ 1285.964004][T10456]  ? v4l_s_fmt+0xa40/0xa40
[ 1285.964029][T10456]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1285.975234][T11000] FAULT_INJECTION: forcing a failure.
[ 1285.975234][T11000] name failslab, interval 1, probability 0, space 0, times 0
[ 1285.979523][T10456]  ? _copy_from_user+0xdd/0x150
[ 1285.979545][T10456]  video_usercopy+0x4c5/0x10d0
[ 1285.979573][T10456]  ? v4l_s_fmt+0xa40/0xa40
[ 1285.979593][T10456]  ? v4l_enumstd+0x70/0x70
[ 1285.979617][T10456]  ? mark_held_locks+0xf0/0xf0
[ 1286.015324][T10456]  ? debug_smp_processor_id+0x3c/0x280
[ 1286.020792][T10456]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1286.020814][T10456]  ? __fget+0x35a/0x550
[ 1286.020830][T10456]  ? find_held_lock+0x35/0x130
[ 1286.020852][T10456]  ? video_usercopy+0x10d0/0x10d0
[ 1286.040305][T10456]  video_ioctl2+0x2d/0x35
[ 1286.044648][T10456]  v4l2_ioctl+0x156/0x1b0
[ 1286.049000][T10456]  ? video_devdata+0xa0/0xa0
[ 1286.053618][T10456]  do_vfs_ioctl+0xd6e/0x1390
[ 1286.058233][T10456]  ? kasan_check_read+0x11/0x20
[ 1286.063103][T10456]  ? ioctl_preallocate+0x210/0x210
[ 1286.068229][T10456]  ? __fget+0x381/0x550
[ 1286.072399][T10456]  ? ksys_dup3+0x3e0/0x3e0
[ 1286.076821][T10456]  ? nsecs_to_jiffies+0x30/0x30
[ 1286.081690][T10456]  ? security_file_ioctl+0x93/0xc0
[ 1286.086823][T10456]  ksys_ioctl+0xab/0xd0
[ 1286.090988][T10456]  __x64_sys_ioctl+0x73/0xb0
[ 1286.095592][T10456]  do_syscall_64+0x103/0x610
[ 1286.100197][T10456]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1286.106621][T10456] RIP: 0033:0x457e29
[ 1286.110518][T10456] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1286.130129][T10456] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1286.138546][T10456] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1286.146520][T10456] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1286.154493][T10456] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
23:56:36 executing program 5 (fault-call:1 fault-nth:2):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1286.162468][T10456] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1286.170452][T10456] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1286.178454][T11000] CPU: 1 PID: 11000 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1286.187573][T11000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1286.197631][T11000] Call Trace:
[ 1286.200937][T11000]  dump_stack+0x172/0x1f0
[ 1286.205289][T11000]  should_fail.cold+0xa/0x15
[ 1286.210358][T11000]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1286.216177][T11000]  ? ___might_sleep+0x163/0x280
[ 1286.221039][T11000]  __should_failslab+0x121/0x190
[ 1286.225988][T11000]  should_failslab+0x9/0x14
[ 1286.230501][T11000]  kmem_cache_alloc_trace+0x2d1/0x760
[ 1286.235888][T11000]  ? rcu_read_lock_sched_held+0x110/0x130
[ 1286.241632][T11000]  ? __kmalloc+0x5d5/0x740
[ 1286.246071][T11000]  vb2_vmalloc_alloc+0x8c/0x2a0
[ 1286.250935][T11000]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1286.255971][T11000]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1286.261786][T11000]  __vb2_queue_alloc+0x5a6/0xf40
[ 1286.266758][T11000]  vb2_core_create_bufs+0x2bc/0x790
[ 1286.271972][T11000]  ? vim2m_buf_prepare+0x280/0x280
[ 1286.277093][T11000]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1286.282215][T11000]  ? lock_acquire+0x16f/0x3f0
[ 1286.286915][T11000]  ? __video_do_ioctl+0x398/0xce0
[ 1286.291967][T11000]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1286.295571][T10456] Mem-Info:
[ 1286.298223][T11000]  vb2_create_bufs+0x47e/0x7a0
[ 1286.298247][T11000]  ? vb2_request_queue+0x120/0x120
[ 1286.298268][T11000]  ? mark_held_locks+0xf0/0xf0
[ 1286.298285][T11000]  ? debug_smp_processor_id+0x3c/0x280
[ 1286.298309][T11000]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1286.298329][T11000]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1286.298346][T11000]  v4l_create_bufs+0xc0/0x180
[ 1286.298366][T11000]  __video_do_ioctl+0x7f1/0xce0
[ 1286.298392][T11000]  ? v4l_s_fmt+0xa40/0xa40
[ 1286.323889][T10456] active_anon:167591 inactive_anon:192 isolated_anon:0
[ 1286.323889][T10456]  active_file:13070 inactive_file:36110 isolated_file:0
[ 1286.323889][T10456]  unevictable:2 dirty:262 writeback:0 unstable:0
[ 1286.323889][T10456]  slab_reclaimable:17904 slab_unreclaimable:103418
[ 1286.323889][T10456]  mapped:58682 shmem:493 pagetables:3508 bounce:0
[ 1286.323889][T10456]  free:1054766 free_pcp:502 free_cma:0
[ 1286.326563][T11000]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1286.326582][T11000]  ? _copy_from_user+0xdd/0x150
[ 1286.326604][T11000]  video_usercopy+0x4c5/0x10d0
[ 1286.370379][T10456] Node 0 active_anon:668244kB inactive_anon:768kB active_file:52140kB inactive_file:144440kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234728kB dirty:1048kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 268288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1286.384137][T11000]  ? v4l_s_fmt+0xa40/0xa40
[ 1286.384160][T11000]  ? v4l_enumstd+0x70/0x70
[ 1286.384179][T11000]  ? mark_held_locks+0xf0/0xf0
[ 1286.384195][T11000]  ? debug_smp_processor_id+0x3c/0x280
[ 1286.384214][T11000]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1286.384231][T11000]  ? __f_unlock_pos+0x19/0x20
[ 1286.384249][T11000]  ? __fget+0x35a/0x550
[ 1286.384264][T11000]  ? find_held_lock+0x35/0x130
[ 1286.384278][T11000]  ? video_usercopy+0x10d0/0x10d0
[ 1286.384291][T11000]  video_ioctl2+0x2d/0x35
[ 1286.384318][T11000]  v4l2_ioctl+0x156/0x1b0
[ 1286.420674][T10456] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1286.429254][T11000]  ? video_devdata+0xa0/0xa0
[ 1286.429276][T11000]  do_vfs_ioctl+0xd6e/0x1390
[ 1286.429297][T11000]  ? kasan_check_read+0x11/0x20
[ 1286.429315][T11000]  ? ioctl_preallocate+0x210/0x210
[ 1286.429332][T11000]  ? __fget+0x381/0x550
[ 1286.429357][T11000]  ? ksys_dup3+0x3e0/0x3e0
[ 1286.429374][T11000]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1286.429388][T11000]  ? fput_many+0x12c/0x1a0
[ 1286.429417][T11000]  ? fput+0x1b/0x20
[ 1286.442112][T10456] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1286.442987][T11000]  ? security_file_ioctl+0x93/0xc0
[ 1286.452281][T10456] lowmem_reserve[]: 0 2553 2555 2555
[ 1286.453975][T11000]  ksys_ioctl+0xab/0xd0
[ 1286.453997][T11000]  __x64_sys_ioctl+0x73/0xb0
[ 1286.454019][T11000]  do_syscall_64+0x103/0x610
[ 1286.477359][T10456] Node 0 DMA32 free:421032kB min:36232kB low:45288kB high:54344kB active_anon:668224kB inactive_anon:772kB active_file:52140kB inactive_file:144540kB unevictable:8kB writepending:1080kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10688kB pagetables:13768kB bounce:0kB free_pcp:1976kB local_pcp:1332kB free_cma:0kB
[ 1286.481240][T11000]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1286.481254][T11000] RIP: 0033:0x457e29
[ 1286.481270][T11000] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1286.481279][T11000] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1286.481294][T11000] RAX: ffffffffffffffda RBX: 00007fab66e65c90 RCX: 0000000000457e29
[ 1286.481303][T11000] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1286.481312][T11000] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1286.481322][T11000] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1286.481331][T11000] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 0000000000000004
[ 1286.579768][T10456] lowmem_reserve[]: 0 0 2 2
[ 1286.593408][T10456] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1286.742292][T10456] lowmem_reserve[]: 0 0 0 0
[ 1286.746849][T10456] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1286.776184][T10456] lowmem_reserve[]: 0 0 0 0
[ 1286.781314][T10456] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1286.795869][T10456] Node 0 DMA32: 237839*4kB (UME) 198713*8kB (UME) 68285*16kB (UME) 30577*32kB (UME) 15304*64kB (UME) 6574*128kB (UME) 3009*256kB (UME) 1478*512kB (UM) 989*1024kB (UM) 4442*2048kB (ME) 25*4096kB (M) = 18172404kB
[ 1286.816469][T10456] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1286.830825][T10456] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1286.849943][T10456] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1286.859542][T10456] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1286.869993][T10456] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1286.879635][T10456] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1286.888994][T10456] 49700 total pagecache pages
[ 1286.893694][T10456] 0 pages in swap cache
[ 1286.897940][T10456] Swap cache stats: add 0, delete 0, find 0/0
[ 1286.904012][T10456] Free swap  = 0kB
[ 1286.907793][T10456] Total swap = 0kB
[ 1286.911529][T10456] 1965979 pages RAM
23:56:38 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xf000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:38 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0xfffffffffffffc01, 0x40000)
openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0xc0000, 0x0)
setsockopt$TIPC_MCAST_REPLICAST(r1, 0x10f, 0x86)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:56:38 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x74, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:38 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x100, 0x0)
r2 = getpid()
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r1, 0xc1105518, &(0x7f00000000c0)={{0x5, 0x1, 0x5, 0xfffffffeffffffff, 'syz0\x00'}, 0x0, 0x10000000, 0x40, r2, 0x9, 0xffff, 'syz0\x00', &(0x7f0000000040)=['ip6tnl0\x00', 'ip6tnl0\x00', '\x00', '-vboxnet1}\x00', 'eth0\x00', 'ip6tnl0\x00', 'GPL+\x00', 'ip6tnl0\x00', ',\x00'], 0x38, [], [0x9, 0x8, 0x0, 0x4]})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

23:56:38 executing program 0:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0xfcda)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r0, 0xc040564a, &(0x7f0000000080)={0x80, 0x0, 0x1015, 0x1f, 0x8, 0x101, 0x1})
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000180)=0xd568, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="e821d0023c123f3188a054")
ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d2, &(0x7f0000000100)={0x9, &(0x7f0000000300)=[{}, {}, {}, {}, {}, {}, {}, {}, {}]})
sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
ioctl$BLKFLSBUF(r0, 0x1261, &(0x7f0000000000)=0x70a)
ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, 0xfffffffffffffffd)
uname(&(0x7f0000000240)=""/170)
recvmmsg(r0, &(0x7f0000001800)=[{{&(0x7f0000000480)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, 0x80, &(0x7f0000000800)=[{&(0x7f0000000500)=""/184, 0xb8}, {&(0x7f00000005c0)=""/191, 0xbf}, {&(0x7f0000000680)=""/87, 0x57}, {&(0x7f0000000700)=""/249, 0xf9}], 0x4, &(0x7f0000000840)=""/228, 0xe4}, 0x800}, {{&(0x7f0000000940)=@rc, 0x80, &(0x7f0000000d80)=[{&(0x7f00000009c0)=""/226, 0xe2}, {&(0x7f0000000ac0)=""/93, 0x5d}, {&(0x7f0000000b40)=""/141, 0x8d}, {&(0x7f0000000c00)=""/242, 0xf2}], 0x4, &(0x7f0000000dc0)=""/31, 0x1f}, 0x8}, {{&(0x7f0000000e00)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={[], [], @loopback}}}}, 0x80, &(0x7f0000001140)=[{&(0x7f0000000e80)=""/20, 0x14}, {&(0x7f0000000ec0)=""/236, 0xec}, {&(0x7f0000000fc0)=""/52, 0x34}, {&(0x7f0000001000)=""/92, 0x5c}, {&(0x7f0000001080)=""/123, 0x7b}, {&(0x7f0000001100)=""/38, 0x26}], 0x6, &(0x7f00000011c0)=""/245, 0xf5}, 0x3}, {{&(0x7f00000012c0)=@in={0x2, 0x0, @empty}, 0x80, &(0x7f0000001700)=[{&(0x7f0000001900)=""/88, 0x1d8}, {&(0x7f00000013c0)=""/83, 0x53}, {&(0x7f0000001440)=""/215, 0xd7}, {&(0x7f0000001540)=""/69, 0x45}, {&(0x7f00000015c0)=""/97, 0x61}, {&(0x7f0000001640)=""/149, 0x95}], 0x6, &(0x7f0000001780)=""/99, 0x63}, 0x3}], 0x4, 0x0, 0x0)

23:56:38 executing program 5 (fault-call:1 fault-nth:3):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1286.915317][T10456] 0 pages HighMem/MovableOnly
[ 1286.920065][T10456] 339409 pages reserved
[ 1286.924217][T10456] 0 pages cma reserved
[ 1286.998812][T11166] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1287.023609][T11204] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
23:56:38 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x10000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1287.059100][T11166] CPU: 1 PID: 11166 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1287.068245][T11166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1287.078320][T11166] Call Trace:
[ 1287.081653][T11166]  dump_stack+0x172/0x1f0
[ 1287.086001][T11166]  warn_alloc.cold+0x88/0x184
[ 1287.090695][T11166]  ? zone_watermark_ok_safe+0x260/0x260
[ 1287.096257][T11166]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1287.101910][T11166]  ? find_held_lock+0x35/0x130
23:56:38 executing program 3:
r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0xd, 0x401)
ioctl$FS_IOC_FSGETXATTR(r0, 0x551f, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
rt_sigtimedwait(&(0x7f00000002c0)={0xfab}, &(0x7f0000000300), &(0x7f0000000380)={0x77359400}, 0x8)
getresuid(&(0x7f00000003c0), &(0x7f0000000400)=<r3=>0x0, &(0x7f0000000440))
lstat(&(0x7f0000000480)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000580)={{{@in6=@ipv4={[], [], @dev}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@empty}, 0x0, @in6=@ipv4={[], [], @broadcast}}}, &(0x7f0000000680)=0xe8)
setresuid(r3, r4, r5)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f00000001c0)=""/251, &(0x7f0000000000)=0xfb)
ioctl$KVM_SET_NR_MMU_PAGES(r0, 0xae44, 0x0)
ioctl$SIOCX25SSUBSCRIP(r1, 0x89e1, &(0x7f00000000c0)={'syzkaller0\x00', 0x3, 0x6})

[ 1287.106687][T11166]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1287.112362][T11166]  __vmalloc_node_range+0x48a/0x790
[ 1287.117564][T11166]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1287.122622][T11166]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1287.128274][T11166]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1287.133339][T11166]  vmalloc_user+0x6b/0x90
[ 1287.137685][T11166]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1287.142725][T11166]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1287.147583][T11166]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1287.152618][T11166]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1287.158437][T11166]  __vb2_queue_alloc+0x5a6/0xf40
[ 1287.163404][T11166]  vb2_core_create_bufs+0x2bc/0x790
[ 1287.168625][T11166]  ? vim2m_buf_prepare+0x280/0x280
[ 1287.173744][T11166]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1287.178858][T11166]  ? lock_acquire+0x16f/0x3f0
[ 1287.183562][T11166]  ? __video_do_ioctl+0x398/0xce0
[ 1287.188616][T11166]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1287.194866][T11166]  vb2_create_bufs+0x47e/0x7a0
[ 1287.199649][T11166]  ? vb2_request_queue+0x120/0x120
[ 1287.204771][T11166]  ? mark_held_locks+0xf0/0xf0
[ 1287.209543][T11166]  ? debug_smp_processor_id+0x3c/0x280
[ 1287.215013][T11166]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1287.220046][T11166]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1287.225595][T11166]  v4l_create_bufs+0xc0/0x180
[ 1287.230285][T11166]  __video_do_ioctl+0x7f1/0xce0
[ 1287.235150][T11166]  ? v4l_s_fmt+0xa40/0xa40
[ 1287.239588][T11166]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1287.245837][T11166]  ? _copy_from_user+0xdd/0x150
[ 1287.250695][T11166]  video_usercopy+0x4c5/0x10d0
[ 1287.255466][T11166]  ? v4l_s_fmt+0xa40/0xa40
[ 1287.259890][T11166]  ? v4l_enumstd+0x70/0x70
[ 1287.264332][T11166]  ? mark_held_locks+0xf0/0xf0
[ 1287.269112][T11166]  ? debug_smp_processor_id+0x3c/0x280
[ 1287.274578][T11166]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1287.280134][T11166]  ? __f_unlock_pos+0x19/0x20
[ 1287.284835][T11166]  ? __fget+0x35a/0x550
[ 1287.288997][T11166]  ? find_held_lock+0x35/0x130
[ 1287.293777][T11166]  ? video_usercopy+0x10d0/0x10d0
[ 1287.298808][T11166]  video_ioctl2+0x2d/0x35
[ 1287.303147][T11166]  v4l2_ioctl+0x156/0x1b0
[ 1287.307493][T11166]  ? video_devdata+0xa0/0xa0
[ 1287.312099][T11166]  do_vfs_ioctl+0xd6e/0x1390
[ 1287.316696][T11166]  ? kasan_check_read+0x11/0x20
[ 1287.321557][T11166]  ? ioctl_preallocate+0x210/0x210
[ 1287.326702][T11166]  ? __fget+0x381/0x550
[ 1287.330874][T11166]  ? ksys_dup3+0x3e0/0x3e0
[ 1287.335309][T11166]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1287.341551][T11166]  ? fput_many+0x12c/0x1a0
[ 1287.345970][T11166]  ? fput+0x1b/0x20
[ 1287.349795][T11166]  ? security_file_ioctl+0x93/0xc0
[ 1287.354931][T11166]  ksys_ioctl+0xab/0xd0
[ 1287.359100][T11166]  __x64_sys_ioctl+0x73/0xb0
[ 1287.363699][T11166]  do_syscall_64+0x103/0x610
[ 1287.368302][T11166]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1287.374198][T11166] RIP: 0033:0x457e29
[ 1287.378093][T11166] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1287.397701][T11166] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1287.406119][T11166] RAX: ffffffffffffffda RBX: 00007fab66e65c90 RCX: 0000000000457e29
[ 1287.414090][T11166] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1287.422063][T11166] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1287.430038][T11166] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1287.438009][T11166] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 0000000000000004
[ 1287.446011][T11204] CPU: 0 PID: 11204 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1287.455128][T11204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1287.460883][T11166] Mem-Info:
[ 1287.465181][T11204] Call Trace:
[ 1287.465206][T11204]  dump_stack+0x172/0x1f0
[ 1287.465232][T11204]  warn_alloc.cold+0x88/0x184
[ 1287.465255][T11204]  ? zone_watermark_ok_safe+0x260/0x260
[ 1287.468705][T11166] active_anon:169160 inactive_anon:194 isolated_anon:0
[ 1287.468705][T11166]  active_file:13070 inactive_file:36140 isolated_file:0
[ 1287.468705][T11166]  unevictable:2 dirty:276 writeback:0 unstable:0
[ 1287.468705][T11166]  slab_reclaimable:17921 slab_unreclaimable:103313
[ 1287.468705][T11166]  mapped:58661 shmem:493 pagetables:3514 bounce:0
[ 1287.468705][T11166]  free:1053423 free_pcp:373 free_cma:0
[ 1287.471635][T11204]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1287.471654][T11204]  ? find_held_lock+0x35/0x130
[ 1287.471673][T11204]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1287.471709][T11204]  __vmalloc_node_range+0x48a/0x790
[ 1287.476322][T11166] Node 0 active_anon:676640kB inactive_anon:776kB active_file:52140kB inactive_file:144560kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1104kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 274432kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1287.480702][T11204]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1287.480723][T11204]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1287.480740][T11204]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1287.480758][T11204]  vmalloc_user+0x6b/0x90
[ 1287.480775][T11204]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1287.480795][T11204]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1287.487667][T11166] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1287.524426][T11204]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1287.524447][T11204]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1287.524462][T11204]  __vb2_queue_alloc+0x5a6/0xf40
[ 1287.524497][T11204]  vb2_core_create_bufs+0x2bc/0x790
[ 1287.524517][T11204]  ? vim2m_buf_prepare+0x280/0x280
[ 1287.524532][T11204]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1287.524548][T11204]  ? lock_acquire+0x16f/0x3f0
[ 1287.524562][T11204]  ? __video_do_ioctl+0x398/0xce0
[ 1287.524587][T11204]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1287.545041][T11166] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1287.545788][T11204]  vb2_create_bufs+0x47e/0x7a0
[ 1287.545811][T11204]  ? vb2_request_queue+0x120/0x120
[ 1287.545833][T11204]  ? mark_held_locks+0xf0/0xf0
[ 1287.545856][T11204]  ? debug_smp_processor_id+0x3c/0x280
[ 1287.586348][T11166] lowmem_reserve[]: 0 2553 2555 2555
[ 1287.590526][T11204]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1287.590548][T11204]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1287.590566][T11204]  v4l_create_bufs+0xc0/0x180
[ 1287.590586][T11204]  __video_do_ioctl+0x7f1/0xce0
[ 1287.590616][T11204]  ? v4l_s_fmt+0xa40/0xa40
23:56:38 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x40, 0x40)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000000100)={{0x8, 0x8000}, 'port0\x00', 0x8, 0x101041, 0x21, 0x8, 0x32a, 0xfffffffffffffc01, 0x10001, 0x0, 0x0, 0x1000})

[ 1287.603365][T11166] Node 0 DMA32 free:413420kB min:36232kB low:45288kB high:54344kB active_anon:676648kB inactive_anon:776kB active_file:52140kB inactive_file:144560kB unevictable:8kB writepending:1104kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10912kB pagetables:14056kB bounce:0kB free_pcp:1684kB local_pcp:680kB free_cma:0kB
[ 1287.604894][T11204]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1287.604932][T11204]  ? _copy_from_user+0xdd/0x150
[ 1287.604953][T11204]  video_usercopy+0x4c5/0x10d0
[ 1287.604973][T11204]  ? v4l_s_fmt+0xa40/0xa40
[ 1287.638771][T11166] lowmem_reserve[]: 0 0 2 2
[ 1287.642255][T11204]  ? v4l_enumstd+0x70/0x70
[ 1287.642275][T11204]  ? mark_held_locks+0xf0/0xf0
[ 1287.642293][T11204]  ? debug_smp_processor_id+0x3c/0x280
[ 1287.642312][T11204]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1287.642334][T11204]  ? __fget+0x35a/0x550
[ 1287.652478][T11204]  ? find_held_lock+0x35/0x130
[ 1287.660489][T11166] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1287.662679][T11204]  ? video_usercopy+0x10d0/0x10d0
[ 1287.662695][T11204]  video_ioctl2+0x2d/0x35
[ 1287.662715][T11204]  v4l2_ioctl+0x156/0x1b0
[ 1287.662737][T11204]  ? video_devdata+0xa0/0xa0
[ 1287.672426][T11204]  do_vfs_ioctl+0xd6e/0x1390
[ 1287.672446][T11204]  ? kasan_check_read+0x11/0x20
[ 1287.672465][T11204]  ? ioctl_preallocate+0x210/0x210
[ 1287.672485][T11204]  ? __fget+0x381/0x550
[ 1287.679160][T11166] lowmem_reserve[]: 0 0 0 0
23:56:38 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')
ioctl$FICLONE(r0, 0x40049409, r0)

23:56:39 executing program 0:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000000000000010000104000600200000000a00000000000000000500e50000070000001f0000000000000300000000000002000100f5000000000000020000000005000500000000000a00000000000000000000000000000000170000000000000000000000000000"], 0x80}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x400000000000002, 0x0)
pipe2(&(0x7f0000000000), 0x84800)
syz_emit_ethernet(0x36, &(0x7f0000007000)={@local, @random="cb7ecb076fe2", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x4, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x5}}}}}}, 0x0)

[ 1287.705544][T11204]  ? ksys_dup3+0x3e0/0x3e0
[ 1287.705575][T11204]  ? nsecs_to_jiffies+0x30/0x30
[ 1287.705617][T11204]  ? security_file_ioctl+0x93/0xc0
[ 1287.705649][T11204]  ksys_ioctl+0xab/0xd0
[ 1287.705680][T11204]  __x64_sys_ioctl+0x73/0xb0
[ 1287.749852][T11166] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
23:56:39 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x11000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:39 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x7a, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1287.751083][T11204]  do_syscall_64+0x103/0x610
[ 1287.751109][T11204]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1287.751122][T11204] RIP: 0033:0x457e29
[ 1287.751145][T11204] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1287.755811][T11166] lowmem_reserve[]: 0 0 0 0
[ 1287.786261][T11204] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1287.786276][T11204] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1287.786285][T11204] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1287.786294][T11204] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1287.786304][T11204] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1287.786314][T11204] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1287.990380][T11166] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1288.066576][T11596] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1288.119569][T11596] CPU: 0 PID: 11596 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1288.128716][T11596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1288.138807][T11596] Call Trace:
[ 1288.142115][T11596]  dump_stack+0x172/0x1f0
[ 1288.146461][T11596]  warn_alloc.cold+0x88/0x184
[ 1288.151150][T11596]  ? zone_watermark_ok_safe+0x260/0x260
[ 1288.156701][T11596]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1288.162345][T11596]  ? find_held_lock+0x35/0x130
[ 1288.167851][T11596]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1288.171201][T11166] Node 0 DMA32: 237648*4kB (UME) 198718*8kB (UME) 68300*16kB (UME) 30570*32kB (UME) 15306*64kB (UME) 6574*128kB (UME) 3009*256kB (UME) 1478*512kB (UM) 989*1024kB (UM) 4439*2048kB (ME) 25*4096kB (M) = 18165680kB
[ 1288.173510][T11596]  __vmalloc_node_range+0x48a/0x790
[ 1288.173531][T11596]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1288.173555][T11596]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1288.209939][T11596]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1288.214982][T11596]  vmalloc_user+0x6b/0x90
[ 1288.219326][T11596]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1288.224359][T11596]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1288.229217][T11596]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1288.233472][T11166] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1288.234252][T11596]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1288.255243][T11596]  __vb2_queue_alloc+0x5a6/0xf40
[ 1288.259172][T11166] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1288.260208][T11596]  vb2_core_create_bufs+0x2bc/0x790
[ 1288.283594][T11166] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1288.284037][T11596]  ? vim2m_buf_prepare+0x280/0x280
[ 1288.284055][T11596]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1288.284077][T11596]  ? lock_acquire+0x16f/0x3f0
[ 1288.303562][T11166] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1288.303803][T11596]  ? __video_do_ioctl+0x398/0xce0
[ 1288.312001][T11166] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1288.317753][T11596]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1288.317776][T11596]  vb2_create_bufs+0x47e/0x7a0
[ 1288.317797][T11596]  ? vb2_request_queue+0x120/0x120
[ 1288.322855][T11166] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1288.332337][T11596]  ? mark_held_locks+0xf0/0xf0
[ 1288.332354][T11596]  ? debug_smp_processor_id+0x3c/0x280
[ 1288.332387][T11596]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1288.349949][T11166] 49704 total pagecache pages
[ 1288.357740][T11596]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1288.357758][T11596]  v4l_create_bufs+0xc0/0x180
[ 1288.357777][T11596]  __video_do_ioctl+0x7f1/0xce0
[ 1288.371792][T11166] 0 pages in swap cache
[ 1288.373023][T11596]  ? v4l_s_fmt+0xa40/0xa40
[ 1288.377703][T11166] Swap cache stats: add 0, delete 0, find 0/0
[ 1288.383220][T11596]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1288.388655][T11166] Free swap  = 0kB
[ 1288.392731][T11596]  ? _copy_from_user+0xdd/0x150
[ 1288.392754][T11596]  video_usercopy+0x4c5/0x10d0
[ 1288.392773][T11596]  ? v4l_s_fmt+0xa40/0xa40
[ 1288.397482][T11166] Total swap = 0kB
[ 1288.401357][T11596]  ? v4l_enumstd+0x70/0x70
[ 1288.407400][T11166] 1965979 pages RAM
[ 1288.413630][T11596]  ? mark_held_locks+0xf0/0xf0
[ 1288.413647][T11596]  ? debug_smp_processor_id+0x3c/0x280
[ 1288.413671][T11596]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1288.427512][T11166] 0 pages HighMem/MovableOnly
[ 1288.431370][T11596]  ? __fget+0x35a/0x550
[ 1288.431388][T11596]  ? find_held_lock+0x35/0x130
[ 1288.431409][T11596]  ? video_usercopy+0x10d0/0x10d0
[ 1288.437492][T11166] 339409 pages reserved
[ 1288.439530][T11596]  video_ioctl2+0x2d/0x35
[ 1288.443327][T11166] 0 pages cma reserved
[ 1288.448084][T11596]  v4l2_ioctl+0x156/0x1b0
[ 1288.448100][T11596]  ? video_devdata+0xa0/0xa0
[ 1288.448122][T11596]  do_vfs_ioctl+0xd6e/0x1390
[ 1288.463994][T11166] FAULT_INJECTION: forcing a failure.
[ 1288.463994][T11166] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1288.467945][T11596]  ? kasan_check_read+0x11/0x20
[ 1288.467967][T11596]  ? ioctl_preallocate+0x210/0x210
[ 1288.467984][T11596]  ? __fget+0x381/0x550
[ 1288.468007][T11596]  ? ksys_dup3+0x3e0/0x3e0
[ 1288.535405][T11596]  ? nsecs_to_jiffies+0x30/0x30
[ 1288.540274][T11596]  ? security_file_ioctl+0x93/0xc0
[ 1288.545394][T11596]  ksys_ioctl+0xab/0xd0
[ 1288.549581][T11596]  __x64_sys_ioctl+0x73/0xb0
[ 1288.554178][T11596]  do_syscall_64+0x103/0x610
[ 1288.558778][T11596]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1288.564676][T11596] RIP: 0033:0x457e29
[ 1288.568583][T11596] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1288.589004][T11596] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1288.597414][T11596] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1288.605388][T11596] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1288.613386][T11596] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
23:56:39 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x12000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:39 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x13000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:39 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x14000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1288.621365][T11596] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1288.629345][T11596] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1288.637394][T11166] CPU: 1 PID: 11166 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1288.646544][T11166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1288.656596][T11166] Call Trace:
[ 1288.656619][T11166]  dump_stack+0x172/0x1f0
[ 1288.656641][T11166]  should_fail.cold+0xa/0x15
[ 1288.656662][T11166]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 1288.674630][T11166]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1288.680200][T11166]  should_fail_alloc_page+0x50/0x60
[ 1288.685402][T11166]  __alloc_pages_nodemask+0x1a1/0x7e0
[ 1288.685426][T11166]  ? find_held_lock+0x35/0x130
[ 1288.685448][T11166]  ? __alloc_pages_slowpath+0x28f0/0x28f0
[ 1288.685469][T11166]  ? lock_downgrade+0x880/0x880
[ 1288.706138][T11166]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1288.712402][T11166]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1288.718668][T11166]  alloc_pages_current+0x107/0x210
[ 1288.723794][T11166]  __get_free_pages+0xc/0x40
[ 1288.728395][T11166]  __tlb_remove_page_size+0x2ee/0x510
[ 1288.733787][T11166]  unmap_page_range+0xedf/0x2330
[ 1288.738752][T11166]  ? vm_normal_page_pmd+0x400/0x400
[ 1288.743961][T11166]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1288.750202][T11166]  ? uprobe_munmap+0xad/0x2b0
[ 1288.754886][T11166]  ? __kasan_slab_free+0x102/0x150
[ 1288.760022][T11166]  unmap_single_vma+0x19d/0x300
[ 1288.764913][T11166]  unmap_vmas+0x115/0x250
23:56:39 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000980), 0x0, 0x0, 0x0, 0x20000001}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
chroot(&(0x7f0000000000)='./file0\x00')
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)='ip6tnl0\x00')

[ 1288.769268][T11166]  ? zap_vma_ptes+0x110/0x110
[ 1288.773978][T11166]  ? kasan_check_write+0x14/0x20
[ 1288.778937][T11166]  ? kasan_check_write+0x14/0x20
[ 1288.783891][T11166]  exit_mmap+0x2c2/0x530
[ 1288.788166][T11166]  ? __ia32_sys_munmap+0x80/0x80
[ 1288.793121][T11166]  ? __sanitizer_cov_trace_const_cmp1+0x9/0x20
[ 1288.799296][T11166]  ? rcu_read_lock_sched_held+0x110/0x130
[ 1288.805027][T11166]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1288.811277][T11166]  ? __khugepaged_exit+0xcf/0x400
[ 1288.816316][T11166]  mmput+0x15f/0x4c0
[ 1288.820232][T11166]  do_exit+0x816/0x2fa0
[ 1288.823686][T11596] warn_alloc_show_mem: 1 callbacks suppressed
[ 1288.823691][T11596] Mem-Info:
[ 1288.824390][T11166]  ? find_held_lock+0x35/0x130
[ 1288.824421][T11166]  ? get_signal+0x331/0x1d50
[ 1288.824448][T11166]  ? mm_update_next_owner+0x640/0x640
[ 1288.835132][T11596] active_anon:167080 inactive_anon:194 isolated_anon:0
[ 1288.835132][T11596]  active_file:13070 inactive_file:36140 isolated_file:0
[ 1288.835132][T11596]  unevictable:2 dirty:276 writeback:0 unstable:0
[ 1288.835132][T11596]  slab_reclaimable:17899 slab_unreclaimable:103231
[ 1288.835132][T11596]  mapped:58661 shmem:493 pagetables:3458 bounce:0
[ 1288.835132][T11596]  free:1055473 free_pcp:630 free_cma:0
[ 1288.838367][T11166]  ? kasan_check_write+0x14/0x20
[ 1288.838390][T11166]  ? _raw_spin_unlock_irq+0x28/0x90
[ 1288.838405][T11166]  ? get_signal+0x331/0x1d50
[ 1288.838427][T11166]  ? _raw_spin_unlock_irq+0x28/0x90
[ 1288.838450][T11166]  do_group_exit+0x135/0x370
[ 1288.838470][T11166]  get_signal+0x399/0x1d50
[ 1288.838497][T11166]  ? video_devdata+0xa0/0xa0
[ 1288.838517][T11166]  ? do_vfs_ioctl+0x120/0x1390
[ 1288.838537][T11166]  do_signal+0x87/0x1940
[ 1288.838549][T11166]  ? ioctl_preallocate+0x210/0x210
[ 1288.838574][T11166]  ? __fget+0x381/0x550
[ 1288.856973][T11596] Node 0 active_anon:668320kB inactive_anon:776kB active_file:52140kB inactive_file:144560kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1104kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 272384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
23:56:39 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:39 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x10)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f0000000100)=0x10000)
mq_unlink(&(0x7f0000000040)='/dev/capi20\x00')

23:56:39 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x15000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1288.887217][T11166]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1288.887235][T11166]  ? setup_sigcontext+0x7d0/0x7d0
[ 1288.887251][T11166]  ? kick_process+0xef/0x180
[ 1288.887274][T11166]  ? exit_to_usermode_loop+0x43/0x2c0
[ 1288.887288][T11166]  ? do_syscall_64+0x52d/0x610
[ 1288.887303][T11166]  ? exit_to_usermode_loop+0x43/0x2c0
[ 1288.887319][T11166]  ? lockdep_hardirqs_on+0x418/0x5d0
[ 1288.887338][T11166]  ? trace_hardirqs_on+0x67/0x230
[ 1288.887359][T11166]  exit_to_usermode_loop+0x244/0x2c0
[ 1288.887380][T11166]  do_syscall_64+0x52d/0x610
[ 1288.887402][T11166]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1288.887424][T11166] RIP: 0033:0x457e29
[ 1288.887440][T11166] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1288.887449][T11166] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1288.887464][T11166] RAX: fffffffffffffff4 RBX: 00007fab66e65c90 RCX: 0000000000457e29
23:56:40 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockname(r0, &(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff}}, &(0x7f0000000100)=0x3cb)
r2 = dup3(r0, r1, 0x80000)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000000c0)={'ipddp0\x00', &(0x7f0000000140)=ANY=[@ANYBLOB="0200000000000000000000000000000000000000000000000000000000000000000000000000000000000000"]})
ioctl$ASHMEM_GET_NAME(r2, 0x81007702, &(0x7f0000000000)=""/79)

[ 1288.887473][T11166] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1288.887482][T11166] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1288.887492][T11166] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1288.887501][T11166] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 0000000000000004
[ 1289.019084][T11996] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
23:56:40 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x18000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1289.113448][T11596] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1289.151298][T11996] CPU: 0 PID: 11996 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1289.160433][T11996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1289.170494][T11996] Call Trace:
[ 1289.173796][T11996]  dump_stack+0x172/0x1f0
[ 1289.178145][T11996]  warn_alloc.cold+0x88/0x184
[ 1289.182944][T11996]  ? zone_watermark_ok_safe+0x260/0x260
[ 1289.188496][T11996]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1289.194141][T11996]  ? find_held_lock+0x35/0x130
[ 1289.197498][T11596] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1289.198926][T11996]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1289.198969][T11996]  __vmalloc_node_range+0x48a/0x790
[ 1289.227018][T11596] lowmem_reserve[]: 0 2553 2555 2555
[ 1289.231410][T11996]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1289.231432][T11996]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1289.231450][T11996]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1289.231469][T11996]  vmalloc_user+0x6b/0x90
[ 1289.231495][T11996]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1289.238958][T11596] Node 0 DMA32 free:417348kB min:36232kB low:45288kB high:54344kB active_anon:672388kB inactive_anon:768kB active_file:52140kB inactive_file:144616kB unevictable:8kB writepending:1160kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10848kB pagetables:13824kB bounce:0kB free_pcp:1972kB local_pcp:856kB free_cma:0kB
[ 1289.241981][T11996]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1289.241999][T11996]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1289.242020][T11996]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1289.242041][T11996]  __vb2_queue_alloc+0x5a6/0xf40
[ 1289.247154][T11596] lowmem_reserve[]: 0 0 2 2
[ 1289.252651][T11996]  vb2_core_create_bufs+0x2bc/0x790
[ 1289.252674][T11996]  ? vim2m_buf_prepare+0x280/0x280
[ 1289.252691][T11996]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1289.252709][T11996]  ? lock_acquire+0x16f/0x3f0
[ 1289.252729][T11996]  ? __video_do_ioctl+0x398/0xce0
[ 1289.258651][T11596] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1289.262097][T11996]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1289.262121][T11996]  vb2_create_bufs+0x47e/0x7a0
[ 1289.262149][T11996]  ? vb2_request_queue+0x120/0x120
[ 1289.267256][T11596] lowmem_reserve[]: 0 0 0 0
[ 1289.298168][T11996]  ? mark_held_locks+0xf0/0xf0
[ 1289.298184][T11996]  ? debug_smp_processor_id+0x3c/0x280
[ 1289.298207][T11996]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1289.298227][T11996]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1289.298245][T11996]  v4l_create_bufs+0xc0/0x180
[ 1289.298263][T11996]  __video_do_ioctl+0x7f1/0xce0
[ 1289.298286][T11996]  ? v4l_s_fmt+0xa40/0xa40
[ 1289.306000][T11596] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1289.308150][T11996]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1289.308171][T11996]  ? _copy_from_user+0xdd/0x150
[ 1289.308193][T11996]  video_usercopy+0x4c5/0x10d0
[ 1289.308209][T11996]  ? v4l_s_fmt+0xa40/0xa40
[ 1289.308233][T11996]  ? v4l_enumstd+0x70/0x70
[ 1289.314436][T11596] lowmem_reserve[]: 0 0 0 0
[ 1289.318962][T11996]  ? mark_held_locks+0xf0/0xf0
[ 1289.318981][T11996]  ? debug_smp_processor_id+0x3c/0x280
[ 1289.319001][T11996]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1289.319024][T11996]  ? __fget+0x35a/0x550
[ 1289.319040][T11996]  ? find_held_lock+0x35/0x130
[ 1289.319061][T11996]  ? video_usercopy+0x10d0/0x10d0
[ 1289.324062][T11596] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1289.328740][T11996]  video_ioctl2+0x2d/0x35
[ 1289.328763][T11996]  v4l2_ioctl+0x156/0x1b0
[ 1289.328780][T11996]  ? video_devdata+0xa0/0xa0
[ 1289.328801][T11996]  do_vfs_ioctl+0xd6e/0x1390
[ 1289.328821][T11996]  ? kasan_check_read+0x11/0x20
[ 1289.328842][T11996]  ? ioctl_preallocate+0x210/0x210
23:56:40 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x25}}, 0x10)
connect$inet(r0, 0x0, 0x0)

23:56:40 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cachefiles\x00', 0x640040, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000440)={0x2, 0x80000000, 0x201, 0x3931, 0x1, 0xb4, 0xffff, 0x2, <r2=>0x0}, &(0x7f0000000480)=0x20)
getsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f00000004c0)={r2, 0x5, 0x101}, &(0x7f0000000500)=0x10)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
socketpair(0x2, 0x5, 0xfffffffffffffffe, &(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_inet_udp_SIOCINQ(r3, 0x541b, &(0x7f0000000200))
setsockopt$IP_VS_SO_SET_ZERO(r4, 0x0, 0x48f, &(0x7f0000000140)={0x3b, @empty, 0x4e24, 0x1, 'dh\x00', 0x10, 0x0, 0x72}, 0x2c)
r5 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x400, 0x0)
socket$bt_hidp(0x1f, 0x3, 0x6)
connect$pptp(r5, &(0x7f0000000080)={0x18, 0x2, {0x2, @multicast2}}, 0x1e)
prctl$PR_GET_NO_NEW_PRIVS(0x27)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={r5, 0x10, &(0x7f0000000180)={&(0x7f0000000240)=""/159, 0x9f, <r6=>0xffffffffffffffff}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000300)=r6, 0x4)

[ 1289.334438][T11596] Node 0 DMA32: 237705*4kB (UME) 198659*8kB (UME) 68304*16kB (UME) 30569*32kB (UME) 15306*64kB (UME) 6574*128kB (UME) 3009*256kB (UME) 1478*512kB (UM) 989*1024kB (UM) 4439*2048kB (ME) 25*4096kB (M) = 18165468kB
[ 1289.339041][T11996]  ? __fget+0x381/0x550
[ 1289.339067][T11996]  ? ksys_dup3+0x3e0/0x3e0
[ 1289.339085][T11996]  ? nsecs_to_jiffies+0x30/0x30
[ 1289.339114][T11996]  ? security_file_ioctl+0x93/0xc0
[ 1289.339136][T11996]  ksys_ioctl+0xab/0xd0
[ 1289.344295][T11596] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1289.348823][T11996]  __x64_sys_ioctl+0x73/0xb0
[ 1289.348846][T11996]  do_syscall_64+0x103/0x610
[ 1289.348870][T11996]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1289.348883][T11996] RIP: 0033:0x457e29
[ 1289.348926][T11996] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1289.375882][T11596] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1289.381595][T11996] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1289.381611][T11996] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1289.381621][T11996] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1289.381631][T11996] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1289.381641][T11996] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1289.381651][T11996] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1289.511264][T11596] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1289.575282][T11596] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1289.797854][T11596] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1289.814135][T11596] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1289.832733][T11596] 49718 total pagecache pages
[ 1289.837524][T11596] 0 pages in swap cache
[ 1289.841680][T11596] Swap cache stats: add 0, delete 0, find 0/0
[ 1289.841692][T11596] Free swap  = 0kB
[ 1289.851649][T11596] Total swap = 0kB
[ 1289.871240][T11596] 1965979 pages RAM
[ 1289.875053][T11596] 0 pages HighMem/MovableOnly
23:56:40 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x1a0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:40 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x2, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:40 executing program 3:
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0)
fcntl$setsig(r0, 0xa, 0xb)
fcntl$setlease(r0, 0x400, 0x1)
rt_sigtimedwait(&(0x7f00005a1000)={0xfffffffffffffffd}, 0x0, 0x0, 0x8)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'lo\x00'}, 0x18)

23:56:40 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xa0010000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:40 executing program 0:
mkdirat(0xffffffffffffffff, &(0x7f0000000ac0)='./bus\x00', 0x0)
r0 = open$dir(&(0x7f0000000980)='./file1\x00', 0xfffffffffffffffe, 0x0)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
r2 = dup(r1)
setsockopt$inet6_tcp_int(r1, 0x6, 0xa, &(0x7f0000000000)=0x81, 0x4)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$inet6_opts(r1, 0x29, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="8700000000000000050200002a000000"], 0x10)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={<r3=>0x0, <r4=>0x0}, &(0x7f0000000240)=0xc)
setfsuid(r4)
getsockname$packet(0xffffffffffffffff, &(0x7f00000002c0), 0x0)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x35, &(0x7f0000000100)=0x1, 0x4)
tgkill(r3, r3, 0x0)
ioctl$GIO_SCRNMAP(0xffffffffffffffff, 0x4b40, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x0)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$BLKROSET(0xffffffffffffffff, 0x125d, 0x0)
ioctl$sock_inet_SIOCGIFDSTADDR(0xffffffffffffffff, 0x8917, 0x0)
ioctl$FIDEDUPERANGE(r0, 0xc0189436, 0x0)
mmap(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
r6 = open(&(0x7f0000000140)='./bus\x00', 0x200000000141042, 0x2000000)
fdatasync(r5)
setxattr$security_evm(&(0x7f0000000340)='./file1\x00', &(0x7f0000000540)='security.evm\x00', &(0x7f0000000380)=ANY=[@ANYBLOB="000037f04000f997ac94a15b350b29e5435e1bb8ae72586c24db7975f5a15e40c03a0acbea93326e5bfa961c6ebe31777c9e91f16209ad42a5e002af2e89dabafe4cc6341b9dd40113a61cfd11aba4042375837aad547547c3f361aa2bd9a3b147ca36dcafd6c136b86042423b612a882d10a3844a926a774430176c120153"], 0x1, 0x0)
ftruncate(r0, 0x7fff)
sendfile(r2, r6, &(0x7f0000d83ff8), 0x8000fffffffe)

23:56:40 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
write$binfmt_script(r0, &(0x7f0000000100)={'#! ', './file0', [{0x20, 'eth0'}, {0x20, '%'}, {0x20, '/dev/capi20\x00'}, {0x20, '\xb8$ppp1$'}, {0x20, '(}($bdevbdev'}, {0x20, 'md5sum,posix_acl_access[ppp0ppp0-'}, {0x20, 'md5sumGPL$@'}, {0x20, '/dev/capi20\x00'}], 0xa, "c00a23ebe29023b96882e61e3972a8e867ad5324fe91890c2cadebd04ccf3103898e09eed83c8e6705aa5dfe62e5a72269fcc8e2b3435dfa394e1ea069ab196b14697f2ad61f4d6a246e40e83604b2f23b0db07bb6b74e47935d5650aa62fd2b2161653f9c965230dd9e58ad71f7416ef3bc10b9e9d70562dfb1f904d1ef73292e028907c9a989d893aebe3a0008f7939ca9902c126bf5e993c49c074518b70791254d65802f730e50f65cb4d8ffbc54c8a2ee185874"}, 0x125)

[ 1289.896403][T11596] 339409 pages reserved
[ 1289.906513][T11596] 0 pages cma reserved
[ 1290.005371][T12437] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1290.032571][T12437] CPU: 0 PID: 12437 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1290.041698][T12437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1290.051756][T12437] Call Trace:
[ 1290.055062][T12437]  dump_stack+0x172/0x1f0
[ 1290.059420][T12437]  warn_alloc.cold+0x88/0x184
[ 1290.064118][T12437]  ? zone_watermark_ok_safe+0x260/0x260
[ 1290.069669][T12437]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1290.069689][T12437]  ? find_held_lock+0x35/0x130
[ 1290.069707][T12437]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1290.069753][T12437]  __vmalloc_node_range+0x48a/0x790
[ 1290.090937][T12437]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1290.090959][T12437]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1290.090988][T12437]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1290.091007][T12437]  vmalloc_user+0x6b/0x90
[ 1290.091028][T12437]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1290.116372][T12437]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1290.121231][T12437]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1290.126268][T12437]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1290.132087][T12437]  __vb2_queue_alloc+0x5a6/0xf40
[ 1290.137062][T12437]  vb2_core_create_bufs+0x2bc/0x790
[ 1290.142277][T12437]  ? vim2m_buf_prepare+0x280/0x280
[ 1290.147403][T12437]  ? __vb2_queue_alloc+0xf40/0xf40
23:56:41 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1a0ffffffff, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:41 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x5421, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:41 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1290.152531][T12437]  ? lock_acquire+0x16f/0x3f0
[ 1290.157215][T12437]  ? __video_do_ioctl+0x398/0xce0
[ 1290.162255][T12437]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1290.168512][T12437]  vb2_create_bufs+0x47e/0x7a0
[ 1290.173294][T12437]  ? vb2_request_queue+0x120/0x120
[ 1290.178422][T12437]  ? mark_held_locks+0xf0/0xf0
[ 1290.183196][T12437]  ? debug_smp_processor_id+0x3c/0x280
[ 1290.188674][T12437]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1290.193718][T12437]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1290.199276][T12437]  v4l_create_bufs+0xc0/0x180
23:56:41 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x5450, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1290.203965][T12437]  __video_do_ioctl+0x7f1/0xce0
[ 1290.209042][T12437]  ? v4l_s_fmt+0xa40/0xa40
[ 1290.213477][T12437]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1290.219729][T12437]  ? _copy_from_user+0xdd/0x150
[ 1290.224590][T12437]  video_usercopy+0x4c5/0x10d0
[ 1290.229352][T12437]  ? v4l_s_fmt+0xa40/0xa40
[ 1290.229375][T12437]  ? v4l_enumstd+0x70/0x70
[ 1290.229393][T12437]  ? mark_held_locks+0xf0/0xf0
[ 1290.229415][T12437]  ? debug_smp_processor_id+0x3c/0x280
[ 1290.248454][T12437]  ? perf_trace_lock_acquire+0xf5/0x580
23:56:41 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x2001, 0x0)
ioctl$KVM_GET_API_VERSION(r1, 0xae00, 0x0)
ioctl$PPPIOCSDEBUG(r1, 0x40047440, &(0x7f0000000080)=0x81)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r1, 0xc10c5541, &(0x7f0000000100)={0xae, 0xcb, 0xfffffffffffffff9, 0x0, 0x0, [], [], [], 0xfff, 0x7fff})

[ 1290.254035][T12437]  ? __fget+0x35a/0x550
[ 1290.258199][T12437]  ? find_held_lock+0x35/0x130
[ 1290.262975][T12437]  ? video_usercopy+0x10d0/0x10d0
[ 1290.268008][T12437]  video_ioctl2+0x2d/0x35
[ 1290.272352][T12437]  v4l2_ioctl+0x156/0x1b0
[ 1290.276695][T12437]  ? video_devdata+0xa0/0xa0
[ 1290.281311][T12437]  do_vfs_ioctl+0xd6e/0x1390
[ 1290.285921][T12437]  ? kasan_check_read+0x11/0x20
[ 1290.290783][T12437]  ? ioctl_preallocate+0x210/0x210
[ 1290.295939][T12437]  ? __fget+0x381/0x550
[ 1290.300118][T12437]  ? ksys_dup3+0x3e0/0x3e0
[ 1290.304550][T12437]  ? nsecs_to_jiffies+0x30/0x30
[ 1290.309417][T12437]  ? security_file_ioctl+0x93/0xc0
[ 1290.309441][T12437]  ksys_ioctl+0xab/0xd0
[ 1290.309463][T12437]  __x64_sys_ioctl+0x73/0xb0
[ 1290.309484][T12437]  do_syscall_64+0x103/0x610
[ 1290.309508][T12437]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1290.318751][T12437] RIP: 0033:0x457e29
23:56:41 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x5451, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1290.318768][T12437] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1290.318777][T12437] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1290.318793][T12437] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1290.318802][T12437] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1290.318812][T12437] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1290.318822][T12437] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1290.318831][T12437] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1290.336803][T12437] warn_alloc_show_mem: 1 callbacks suppressed
[ 1290.336808][T12437] Mem-Info:
[ 1290.527758][T12437] active_anon:167631 inactive_anon:194 isolated_anon:0
[ 1290.527758][T12437]  active_file:13070 inactive_file:36182 isolated_file:0
[ 1290.527758][T12437]  unevictable:2 dirty:322 writeback:0 unstable:0
[ 1290.527758][T12437]  slab_reclaimable:17922 slab_unreclaimable:103224
[ 1290.527758][T12437]  mapped:58686 shmem:493 pagetables:3464 bounce:0
[ 1290.527758][T12437]  free:1055035 free_pcp:458 free_cma:0
[ 1290.569009][T12437] Node 0 active_anon:668456kB inactive_anon:776kB active_file:52140kB inactive_file:144728kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234744kB dirty:1288kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 274432kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1290.600458][T12437] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1290.627591][T12437] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1290.660132][T12437] lowmem_reserve[]: 0 2553 2555 2555
[ 1290.665584][T12437] Node 0 DMA32 free:423968kB min:36232kB low:45288kB high:54344kB active_anon:666308kB inactive_anon:776kB active_file:52140kB inactive_file:144728kB unevictable:8kB writepending:1288kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10624kB pagetables:13560kB bounce:0kB free_pcp:2284kB local_pcp:1272kB free_cma:0kB
[ 1290.697851][T12437] lowmem_reserve[]: 0 0 2 2
[ 1290.702399][T12437] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1290.734679][T12437] lowmem_reserve[]: 0 0 0 0
[ 1290.739432][T12437] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1290.767961][T12437] lowmem_reserve[]: 0 0 0 0
[ 1290.772499][T12437] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1290.787081][T12437] Node 0 DMA32: 237735*4kB (UME) 198526*8kB (UME) 68341*16kB (UME) 30577*32kB (UME) 15304*64kB (UME) 6574*128kB (UME) 3009*256kB (UME) 1478*512kB (UM) 989*1024kB (UM) 4442*2048kB (ME) 25*4096kB (M) = 18171388kB
[ 1290.807688][T12437] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1290.823054][T12437] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1290.841939][T12437] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1290.851699][T12437] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1290.862202][T12437] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
23:56:41 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x300, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:41 executing program 0:
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000900)={0x2, 0x0, @multicast2}, &(0x7f0000000e00)=0x10, 0x800)
ioctl(r0, 0x4, &(0x7f0000001200)="0a5cc84267bd19a8b40a08d5bdfaff55436b0fca2fb3b088626ff34f4b3dfc7281f3a8267ad879e6879211ec8dcd5a9bdc94f809d9d225bc4696cf162a09f785b2e1142cb71c7a50794d55fbad2b0be3338f63f904d7f68374ffc999937745c6848df5783f74bb99dc67ea819afa1aabb71639e752ae58dd59403cd0d9a1ca7e0b85537d4c391796b9af70b1618b647e59d0c1b4493543f0321828bb57f9a628c236d6c88f538d")
openat$tun(0xffffffffffffff9c, &(0x7f0000000640)='/dev/net/tun\x00', 0x0, 0x0)
socket$inet6(0xa, 0x1000000000002, 0x100000000)
syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x8000002, 0x68002)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vcs\x00', 0x0, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(r1, 0x0, 0x42, &(0x7f00000002c0)={'ah\x00'}, &(0x7f0000000340)=0x1e)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000007c0)=0x800000000000002, 0x4)
sendmsg$alg(r1, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f0000000ec0)="1d49e3685d9d8c35ef739167997b26a4e592951f4b7cda362f8ab99067dc40beba7bde6918fc85e1d97ea326fa609a6518419a8d06c6a48a037e59aac27c887195b6c60bcf080007ed4cb0a9e960be8789984af9131c125c7b10792bcb367088a314a55b2d7b91c75afe0a8e6b8721bf02003f7b5c0354d1332d7df10e33d782771860b36d663a479041899d970b7bf2153552a85b33d11fa5bc59e758a55c947a9b2054a5571a8704c88695983c82ee637eef16651791539d098a6a73b19727c9e9dd265da7752174c3f2ac9ffb2bc2fd6bcb192e496bc9d9355193de2288", 0xdf}], 0x1, 0x0, 0x0, 0x8000}, 0x20000000)
epoll_create(0x1)
timer_create(0x5, &(0x7f0000000d40)={0x0, 0x23, 0x2, @thr={&(0x7f0000000880)="f4333d1da5e4383802659ab6f5e12e7986c2dfc68b0f50eda5415f748f363988a831584a41dfa196b05037c8338bc9ca0ef19700483e714b991b8ef6a20845491d019069c20eec35f70173741e76b16f6f7d61a1520d24d755", 0x0}}, &(0x7f0000000d80)=<r3=>0x0)
timer_gettime(r3, &(0x7f0000000dc0))
write$FUSE_POLL(r1, &(0x7f00000000c0)={0xfffffe51, 0x1, 0xfffffffffffffffe, {0x400}}, 0x18)
pwrite64(r1, &(0x7f0000000540)="3f277f944ddeecfc55cbf59cc689972f88165ff974e5e054146317729bab5525e315f204dce1933f10dca767929994eb25c8f5181c0b1c04b1b268595345aa51a77d8af130f955f9841bf8b09618207b0d8b8eed2c5efbd2397432bffd8b7036da4854ea202609e74f6db413eb9c6f13e9c774b1dd4ff18e7a5a904cdc97d44a5be832c041c3659ea4972b5adb5f98b72e925bd0dde42751fb4c4b329ec340b03a1a7e93110686c14210c166ca70f2804e103be29b5e59ce2afe5adc8c378a3308aa3d14d3770484c77e93abcc1fce5409d6c533f64798c5b4", 0xd9, 0x0)
r4 = socket(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0xe88, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200007c0], 0x0, &(0x7f0000000080), &(0x7f0000001680)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000001100000000000000000076657468305f746f5f7465616d0000006970646470300000000000000000000062726992ea655f736c6176655f3000007465616d5f73ff5e76655f3000400000aaaaaaaaaaaa0000000000000180c2000000000000000000000038090000b00a0000e00a0000616d6f6e6700000000000000000000000000000000000000000000000000000050080000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000ac1414000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000ac1414000000000000000000ac1414aa0000000000000000ffffffff0000000068656c7065720000000000000000000000000000000000000000000000000000280000000000000000000000482e323435000000000000000000000000000000000000000000000000000000000000005241544545535400000000000000000000000000000000000000000000000000200000000000000073797a30000000000000000000000000000000000000000000000000000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000000000000000000073797374656d5f753a6f626a6563745f723a7573625f6465766963655f743a7330000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004e465155455545000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000011000000000000000000626f6e645f736c6176655f300000000076657468315f746f5f6272696467650073797a5f74756e00000000000000000065716c00000000000000000000000000ffffffffffff000000000000ffffffffffff0000000000000000a8000000d8010000080300006d6163000000000000000000000000000000000000000000000053fc730b1bcf69a749ac38a6ea136fe90000000000001000000000000000000000000000000000000000000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000000000000000000073797374656d5f753a6f626a6563745f723a7661725f73706f6f6c5f743a733000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000000000000000000073797374656d5f753a6f626a6563745f723a6273647074795f6465766963655f743a733000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080084374956ab60000000000000000000000000000000000000000000000000002000000fc"]}, 0xf00)
bind$inet(r2, &(0x7f0000000840)={0x2, 0x4e20, @loopback}, 0x10)
r5 = mq_open(&(0x7f0000000080)='bdev\x00', 0x41, 0xc4, &(0x7f00000000c0)={0x3f, 0x6, 0x94, 0xffffffff, 0x3, 0x10000, 0x1, 0x7})
mq_timedsend(r5, &(0x7f0000000000)="e1bd6cd0afde34321df09a6d21a196923c8789fbec2ea693ba8964b3fe243e2d42cdc1b9eef3721daa36ba559839d6", 0x2f, 0x6, 0x0)
mq_timedsend(r5, &(0x7f0000000100)="73b3cafec3dbd277099115feb843043bcd21914a3dd770451ca1844af1702112de1c7734850769393d14c839755a14d817df51fee3f9c0eb552a2c2ed1587ddc4541f459edf88ac4aeb604daa86338ecf4a9ac6ff010cf7c5811", 0x5a, 0x401, 0x0)
inotify_init()
mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000012c0)=ANY=[@ANYBLOB="b60000000400000001000000b857117bbb0592244cd56949659e28dd8c3bbf8efa901978d470f6c2bf2edcb2094729d352c4a6ba1d5ca1fbf684ce77de9312338c843d4c6fd31cfeefc3c59b8a98e2d179a3a64ecf646d382a63b845d3358667677b7a3bf2807b3de3dd21edea25cc89c46396876cebd2584b0d9dce013e734ea31a8564e06b5e8ef0996678df8bc5148f1c036e140845bd74002e4db133e324e046bb38b76ffa363f8f4d7f4922a2102220b7f9e655a70f5915fbed76a8f89f6a8c6c553677f48dd0ffda2e260dca03ae9802fb26d18227d21b5d0bee8940ed185e5abf42a78179ea2668106d8033482d12a6bded7153fbcd88a4345cccbd820f27a35a26815e14f268103929a2297d95fd91e8d6f163f36f52d500000000000068a41124ed1b6b26be28f3846aaeb8d073665564b3a4fe7f69309bd7f3452b702c4e39a0bcf136afa4e7b9eb49a4440a21cd6be1ae1bb9ab9561cb8c6d79e288c8ffbbb1b612a8056c1fd3225259c610226dce90f9cd695e707e8c123a230668a6e9128e3ddb33a7b03183e0a8234b925a0cd908fd1d870896ec35855d52f02af73a146a00000000"])
ioctl$KVM_SET_XSAVE(r1, 0x5000aea5, &(0x7f0000000940)={"98f566d86b94e567c4a2e4508defbb31d82a81aeb9d8d20917cc3feb9887915d0b145b4079d433571660c8a66028e5e1adf7698988f84c632edd1716e0a55408697e2a9a9184f73b22f5e1e2ad9e7b6c55ba32d3d78fb9429650c77fafdab4d9238be585af95205e9841e6867f72a58da08847dd63e1017719046cab9009bcf8cca0557608b775bc13cf5603976679876ef2784c2c3e6dd2886b7066a987e69815efa9e077f28bfaa3dd5de46daaf014c582589abaae8a04e1e29e2bc83ebc61cd9dc35cb1b07d94a5e73ee8b60cacbd94437f856935127ff2ec18495384e587d5b15205bb5439a0e24e4f34e789a6e46d1df8a6135b6710a29a2fd44c21cc53125ec6a2221c97aa4e50e33e2747daf3c77b4cc7fc271e8f9bcf8f3477e1c1bb248d7e37f16431452c4f4d1ac12851f382d75a966c1744ea52bba538ba9815bbdb079cf37cc21fc1ec0a7e0e5f5f9d838b5082180ee38352094e9cb1949ad2f73323792792384e0d447090eefe432793c51fe1b17a4c5ba9f6c8cafce679e78a6df49cabf4d67cadcc3ee7829e94e59d8b0bb0311d70490f50fff41ef9af8385a373a42bb48692b27cd912edf19bb7dfed0e74c5d92789a41a1febe9725ad64e1098bccdcd7aab167417bde780b25ee26ab4ec3111c59c1904b8d1065d67eafcaf23bdd915b612aa543c47017c13c6a8ec7456ea31152f9939997ce190b7668a0bbe1845f245f92a5052d54a53df33d2dad4a1d66488e7089ccf9ff47909e2384d96a64a21d9b3561acfd83a728cb539c0a855fcca9d305013805924e0f51f988b488b522835a19a1edbbf934c5c78c0f715e3219594aa22cb137f591f6be13678f129edacf44a47f4ed9e2aa14fcbab21b4d23300644166da845b287590a033a721605a86aea4720abe6f2a24cb5a9582d77d25a4413aaa8be454c728f29d4f1bb6a642b515ab6c0432e2a2bc751cd93fd6477bba6ec929024359c1c8a674da6ad393245af98621e500a66a5c17e877d658751faecff1c41ae1c34df03caa2a83bf2bf5e88681b0e85abc696cd7ee59ef286fea1883889a16c5a3f08862abdb989554cedcbd0fd377977ee98c81cb2c0d6459d2f37d4adb0def7d9d890f4100709e315387e11d8cefdbb7550025c7777ccc1b10803459a64233192bbf57138bea13ae1050033d139e63b540ad87d98cb584ef9ead904643354eb00cb518b08a1fbeb7063d2c3ff873af51a7a1fa5fa8b2c5b82515cb84e6178422150c620bf038a0ebc49731aa6eb5279f1d50c783230a01b7cd72cb98f72daff729c23986369c1ecafae7c40226b509f2b427c576289f9eceb4253867b5baa1e4763d8e6d4ffcb8fed9b3097b0e9992325705ef393afa4b850e71b5a37ce9b0fd8ce344a2556c73036af62a7dbe03016461e1d6d9363633f148663295d2afdd78b618f05c92"})
write$RDMA_USER_CM_CMD_GET_EVENT(r2, &(0x7f0000000500)={0xc, 0x8, 0xfa00, {&(0x7f0000000380)}}, 0x10)
socket$vsock_dgram(0x28, 0x2, 0x0)
sendto$inet(r2, &(0x7f0000000a00), 0x0, 0x0, 0x0, 0x0)

23:56:41 executing program 3:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@dellink={0x28, 0x11, 0xc03, 0x0, 0x0, {}, [@IFLA_NET_NS_FD={0x8}]}, 0x28}}, 0x0)
sendto$isdn(r1, &(0x7f0000000000)={0xffff, 0x5, "b20f53e1780142fb75cd164781b0be4b6f3ce16ff9c878b8badaab344936e5dc3209b2fca028677b7d58f4690d4da63123f4d5c1"}, 0x3c, 0x24000010, &(0x7f0000000080)={0x22, 0xfdf, 0x10001, 0x3, 0x8}, 0x6)
sendmmsg$alg(r1, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0)

23:56:41 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x200000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:41 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000100)='/dev/capi20\x00', 0xfffffffffffffffe, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x80, 0x0)
write$FUSE_STATFS(r1, &(0x7f0000000040)={0x60, 0x0, 0x2, {{0x2f, 0x3, 0x100000000, 0x8, 0x1a7b, 0xf51d, 0x0, 0x5}}}, 0x60)
setsockopt$inet6_opts(r1, 0x29, 0x39, &(0x7f0000000140)=ANY=[@ANYBLOB="1d120409ff4000040800000000000000000000000000000000000000000000010000000000000000000000000000000100000000ebffffffffff000000000000000000aa00000000000000000000000000000000fe80ca49123e97599853265d29000000000000000000000000000cfe880000000000000000000000000001fe80000000"], 0x98)

23:56:41 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x5452, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1290.871819][T12437] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1290.881161][T12437] 49746 total pagecache pages
[ 1290.885843][T12437] 0 pages in swap cache
[ 1290.890087][T12437] Swap cache stats: add 0, delete 0, find 0/0
[ 1290.896146][T12437] Free swap  = 0kB
[ 1290.899937][T12437] Total swap = 0kB
[ 1290.903661][T12437] 1965979 pages RAM
[ 1290.907513][T12437] 0 pages HighMem/MovableOnly
[ 1290.912193][T12437] 339409 pages reserved
[ 1290.916334][T12437] 0 pages cma reserved
23:56:42 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:42 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x5460, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1291.036983][T12879] kernel msg: ebtables bug: please report to author: entries_size too small
[ 1291.039887][T12932] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1291.120165][T12932] CPU: 1 PID: 12932 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1291.129324][T12932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1291.139829][T12932] Call Trace:
[ 1291.143132][T12932]  dump_stack+0x172/0x1f0
[ 1291.147482][T12932]  warn_alloc.cold+0x88/0x184
[ 1291.152175][T12932]  ? zone_watermark_ok_safe+0x260/0x260
[ 1291.157730][T12932]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1291.163370][T12932]  ? find_held_lock+0x35/0x130
[ 1291.168153][T12932]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1291.173817][T12932]  __vmalloc_node_range+0x48a/0x790
[ 1291.179035][T12932]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1291.184068][T12932]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1291.189623][T12932]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1291.194669][T12932]  vmalloc_user+0x6b/0x90
[ 1291.199008][T12932]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1291.204047][T12932]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1291.208925][T12932]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1291.213964][T12932]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1291.219784][T12932]  __vb2_queue_alloc+0x5a6/0xf40
[ 1291.224754][T12932]  vb2_core_create_bufs+0x2bc/0x790
[ 1291.229962][T12932]  ? vim2m_buf_prepare+0x280/0x280
[ 1291.235082][T12932]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1291.240199][T12932]  ? lock_acquire+0x16f/0x3f0
[ 1291.244890][T12932]  ? __video_do_ioctl+0x398/0xce0
[ 1291.249952][T12932]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1291.256204][T12932]  vb2_create_bufs+0x47e/0x7a0
[ 1291.260986][T12932]  ? vb2_request_queue+0x120/0x120
[ 1291.266108][T12932]  ? mark_held_locks+0xf0/0xf0
[ 1291.270892][T12932]  ? debug_smp_processor_id+0x3c/0x280
[ 1291.276374][T12932]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1291.281423][T12932]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1291.286998][T12932]  v4l_create_bufs+0xc0/0x180
[ 1291.291702][T12932]  __video_do_ioctl+0x7f1/0xce0
[ 1291.296630][T12932]  ? v4l_s_fmt+0xa40/0xa40
[ 1291.301073][T12932]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1291.307317][T12932]  ? _copy_from_user+0xdd/0x150
[ 1291.312177][T12932]  video_usercopy+0x4c5/0x10d0
[ 1291.316978][T12932]  ? v4l_s_fmt+0xa40/0xa40
[ 1291.321408][T12932]  ? v4l_enumstd+0x70/0x70
[ 1291.325840][T12932]  ? mark_held_locks+0xf0/0xf0
[ 1291.330624][T12932]  ? debug_smp_processor_id+0x3c/0x280
[ 1291.336094][T12932]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1291.341652][T12932]  ? __fget+0x35a/0x550
[ 1291.345816][T12932]  ? find_held_lock+0x35/0x130
[ 1291.350594][T12932]  ? video_usercopy+0x10d0/0x10d0
[ 1291.355624][T12932]  video_ioctl2+0x2d/0x35
[ 1291.359960][T12932]  v4l2_ioctl+0x156/0x1b0
[ 1291.364302][T12932]  ? video_devdata+0xa0/0xa0
23:56:42 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x40049409, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:42 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0x4020940d, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1291.368917][T12932]  do_vfs_ioctl+0xd6e/0x1390
[ 1291.373522][T12932]  ? kasan_check_read+0x11/0x20
[ 1291.378405][T12932]  ? ioctl_preallocate+0x210/0x210
[ 1291.383560][T12932]  ? __fget+0x381/0x550
[ 1291.387735][T12932]  ? ksys_dup3+0x3e0/0x3e0
[ 1291.392166][T12932]  ? nsecs_to_jiffies+0x30/0x30
[ 1291.397039][T12932]  ? security_file_ioctl+0x93/0xc0
[ 1291.402166][T12932]  ksys_ioctl+0xab/0xd0
[ 1291.406337][T12932]  __x64_sys_ioctl+0x73/0xb0
[ 1291.410952][T12932]  do_syscall_64+0x103/0x610
[ 1291.415557][T12932]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1291.421466][T12932] RIP: 0033:0x457e29
[ 1291.425363][T12932] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1291.444969][T12932] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1291.444985][T12932] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1291.444994][T12932] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:56:42 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0xffffffffffffffff, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:56:42 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000080)='/dev/capi20\x00', 0x4000, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x7, 0x400000)
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000000040)={0x846f, 0x0, 0x5, 0x2})
r2 = getpid()
ptrace$getregs(0xe, r2, 0xa, &(0x7f0000000200)=""/248)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1291.445003][T12932] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1291.445012][T12932] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1291.445021][T12932] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1291.504732][T12932] Mem-Info:
[ 1291.514439][T12932] active_anon:168155 inactive_anon:194 isolated_anon:0
[ 1291.514439][T12932]  active_file:13070 inactive_file:36185 isolated_file:0
[ 1291.514439][T12932]  unevictable:2 dirty:330 writeback:0 unstable:0
[ 1291.514439][T12932]  slab_reclaimable:17925 slab_unreclaimable:102916
[ 1291.514439][T12932]  mapped:58661 shmem:493 pagetables:3436 bounce:0
[ 1291.514439][T12932]  free:1054776 free_pcp:510 free_cma:0
[ 1291.645387][T12932] Node 0 active_anon:668528kB inactive_anon:776kB active_file:52140kB inactive_file:144740kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234744kB dirty:1320kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 268288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1291.678375][T12932] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1291.718852][T12932] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1291.767959][T12932] lowmem_reserve[]: 0 2553 2555 2555
[ 1291.773379][T12932] Node 0 DMA32 free:424108kB min:36232kB low:45288kB high:54344kB active_anon:666420kB inactive_anon:776kB active_file:52140kB inactive_file:144740kB unevictable:8kB writepending:1320kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10624kB pagetables:13596kB bounce:0kB free_pcp:2288kB local_pcp:1244kB free_cma:0kB
[ 1291.804578][T12932] lowmem_reserve[]: 0 0 2 2
[ 1291.809282][T12932] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1291.836537][T12932] lowmem_reserve[]: 0 0 0 0
[ 1291.841652][T12932] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1291.870104][T12932] lowmem_reserve[]: 0 0 0 0
[ 1291.874657][T12932] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1291.889112][T12932] Node 0 DMA32: 237669*4kB (ME) 198789*8kB (UME) 68351*16kB (UME) 30579*32kB (UME) 15302*64kB (UME) 6574*128kB (UME) 3009*256kB (UME) 1478*512kB (UM) 989*1024kB (UM) 4442*2048kB (ME) 25*4096kB (M) = 18173324kB
[ 1291.909627][T12932] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1291.923990][T12932] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1291.942850][T12932] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1291.952429][T12932] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1291.961775][T12932] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1291.971393][T12932] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1291.980766][T12932] 49749 total pagecache pages
[ 1291.985446][T12932] 0 pages in swap cache
[ 1291.989657][T12932] Swap cache stats: add 0, delete 0, find 0/0
[ 1291.995726][T12932] Free swap  = 0kB
[ 1291.999515][T12932] Total swap = 0kB
[ 1292.003241][T12932] 1965979 pages RAM
[ 1292.007036][T12932] 0 pages HighMem/MovableOnly
[ 1292.011738][T12932] 339409 pages reserved
23:56:43 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x500, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:43 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
r1 = dup2(r0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64)
eventfd(0xffffffffffff0000)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = gettid()
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000500)=ANY=[@ANYBLOB="874f9a7b90e42e5708000000001414d06e561436595526140909e5b6aeeacabac1950cb397ed4ed7d0c3171c12b8f55d6877ab667f2c4437c911635961cab440d8f894ddf77fd13eb6076346f212238ef794dc0f98bfec8b6849d2fb16b3be1e1cea96866d69661dfdfbc5d4724e12202eeec325b8c3d1ea55d0cd9c244b1a34ab91639a25cbfd36841c8a3fbbc6fcb9bae838af10f77b3b40fe74852546b500dcb9ec5167f2eece471f0e41b9342c08eb972671891ab7dd7e8caef9b758f278fc14a870aa9ecbd9ab165c011779a9241046496958c6acbc4661bcbcb3c49fec3b02cd72abee2eb0810e2f48e1773c44db89ac3b903b14e74282b542f90a6e48e63158323d32499179ea6e9bab2e8d4257c8fbf137845c6290c01eb143d82851f93719fc139a7485414f20b176948c3f715803e12f7a493c58b98a8a341d4a3fb1bad69d5a7c14240a94290a85b1d2388f3f85633e34a1fff8a6af5764f2db26e7e142460a19d19f4bdabc19549f1f16dbfc97d1c15c68f57b6ac2dab322d0296926388192bbb25ce47166c0b47cc6ceaa75b8b63db3c7012fb00460620179fde43a2d9bed89c38c899819cc4c80a705a1ac89016d8ed1ec0faaa196ed68686b82237340a569d3b9eca55b704cf21840b624de9d526cc852aaa76504bfe7074ce0e6e5d1a71cd05ecc275e496dfb1f66620c283ee391a3f0d2b24614b6e9f213587ba9fac54700d5fc054c3095b0b68e64"], 0x1)
dup3(r1, r0, 0x80000)
ptrace$setopts(0x4206, r2, 0x0, 0x0)
fcntl$setstatus(r1, 0x4, 0x42803)
setsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000000)=0x6, 0x4)

23:56:43 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0045878, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:43 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x400000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:43 executing program 3:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r1 = dup(r0)
ioctl$FIONREAD(r1, 0x541b, &(0x7f0000000040))

23:56:43 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = socket(0x11, 0xa, 0xffff)
getpeername$ax25(r1, &(0x7f0000000100)={{0x3, @default}, [@bcast, @bcast, @netrom, @default, @rose, @remote, @rose, @default]}, &(0x7f0000000080)=0x48)
syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x4, 0x40)

[ 1292.015892][T12932] 0 pages cma reserved
23:56:43 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0045878, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1292.115624][T13329] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
23:56:43 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x500000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:43 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0189436, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1292.293437][T13329] CPU: 1 PID: 13329 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1292.302585][T13329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1292.312646][T13329] Call Trace:
[ 1292.315955][T13329]  dump_stack+0x172/0x1f0
[ 1292.320314][T13329]  warn_alloc.cold+0x88/0x184
[ 1292.325015][T13329]  ? zone_watermark_ok_safe+0x260/0x260
[ 1292.330571][T13329]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1292.336216][T13329]  ? find_held_lock+0x35/0x130
[ 1292.340988][T13329]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1292.346641][T13329]  __vmalloc_node_range+0x48a/0x790
[ 1292.351853][T13329]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1292.356887][T13329]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1292.362481][T13329]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1292.367513][T13329]  vmalloc_user+0x6b/0x90
[ 1292.371879][T13329]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1292.376941][T13329]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1292.381811][T13329]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1292.386889][T13329]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1292.392710][T13329]  __vb2_queue_alloc+0x5a6/0xf40
[ 1292.397707][T13329]  vb2_core_create_bufs+0x2bc/0x790
[ 1292.402947][T13329]  ? vim2m_buf_prepare+0x280/0x280
[ 1292.408060][T13329]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1292.413178][T13329]  ? lock_acquire+0x16f/0x3f0
[ 1292.417858][T13329]  ? __video_do_ioctl+0x398/0xce0
[ 1292.422914][T13329]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1292.429163][T13329]  vb2_create_bufs+0x47e/0x7a0
[ 1292.433961][T13329]  ? vb2_request_queue+0x120/0x120
[ 1292.439082][T13329]  ? mark_held_locks+0xf0/0xf0
23:56:43 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070")
r1 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x5, 0x800)
write$P9_RLINK(r1, &(0x7f0000000180)={0x7, 0x47, 0x2}, 0x7)
r2 = perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xfffffffffffff800, 0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000080)={0x4, 0x70, 0x4, 0x7fffffff, 0x4, 0x3ff, 0x0, 0x1f, 0x20, 0x4, 0x400, 0x7, 0xfff, 0x8, 0x989, 0x938, 0x3, 0x5, 0xfffffffeffffffff, 0xffffffff, 0x1f, 0x1, 0x1, 0xfffffffffffffffe, 0x80, 0x2, 0x4, 0x3ff, 0x0, 0x3, 0x8, 0x100400, 0x14000000000, 0x0, 0x3, 0x4, 0x3, 0x8000, 0x0, 0x3f, 0x0, @perf_config_ext={0x5, 0x1}, 0x24000, 0x4cac, 0x4, 0x3, 0x474b, 0x6, 0x3})

[ 1292.443873][T13329]  ? debug_smp_processor_id+0x3c/0x280
[ 1292.449367][T13329]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1292.454433][T13329]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1292.459990][T13329]  v4l_create_bufs+0xc0/0x180
[ 1292.464674][T13329]  __video_do_ioctl+0x7f1/0xce0
[ 1292.469544][T13329]  ? v4l_s_fmt+0xa40/0xa40
[ 1292.473973][T13329]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1292.480222][T13329]  ? _copy_from_user+0xdd/0x150
[ 1292.485084][T13329]  video_usercopy+0x4c5/0x10d0
[ 1292.489852][T13329]  ? v4l_s_fmt+0xa40/0xa40
23:56:43 executing program 3:
r0 = creat(&(0x7f0000000400)='./file0\x00', 0x0)
write$P9_RREMOVE(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioprio_get$uid(0x0, 0x0)
r1 = getpgrp(0xffffffffffffffff)
getresuid(&(0x7f00000000c0), &(0x7f0000000240), &(0x7f0000000340))
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r0, 0xc034564b, &(0x7f0000000000)={0xf000000000000000, 0x35327553, 0xe0bc, 0x2, 0x3, @discrete={0x5e3, 0xa2}})
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x7fff, 0x8001, 0x1, 0x400, 0x0, 0x100, 0x1404, 0xd, 0x0, 0x5, 0x2, 0x9, 0x80000001, 0x0, 0x6, 0x4, 0x6, 0x1, 0x4, 0xfffffffffffffffb, 0x10001, 0x3, 0x3f, 0x0, 0x9, 0x9e, 0x3ff, 0xb, 0x0, 0x3, 0x2bdb, 0x6, 0x69, 0xff3b, 0xefdd, 0x9ac, 0x0, 0x4, 0x0, @perf_config_ext={0x4, 0x9ea}, 0x1010c, 0x1000, 0x0, 0x1, 0x0, 0x7f, 0x1}, r1, 0x2, r0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
clone(0x20002103, 0x0, 0xfffffffffffffffe, &(0x7f00000002c0), 0xffffffffffffffff)
mount(&(0x7f0000000440)=ANY=[@ANYBLOB="3a5c2c2e0a6e75010001000013eb623915fbb7cee32a08aebc8e7e2fafc1294ae4d43c3da565b6bc01f3a6f4db43b78857a4587827569c44b7c8f7d979b90ac84987b2737a066cb5593b6c2d0436313fbdb17284a37605353cbffd9ceb8eed3b0e06cdd4128a9512fdaafe0b3b97e46faab2aa044a2a95af8981f1a0746f25dbfa41415ab0ceb646a88e649ee129857fd45f7a32140785eb016668e01cf94edf07eda3c3e61de882bf49743e83c155acaf19"], &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='ceph\x00', 0x0, 0x0)

[ 1292.494278][T13329]  ? v4l_enumstd+0x70/0x70
[ 1292.498704][T13329]  ? mark_held_locks+0xf0/0xf0
[ 1292.503481][T13329]  ? debug_smp_processor_id+0x3c/0x280
[ 1292.508958][T13329]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1292.514527][T13329]  ? __fget+0x35a/0x550
[ 1292.518696][T13329]  ? find_held_lock+0x35/0x130
[ 1292.523473][T13329]  ? video_usercopy+0x10d0/0x10d0
[ 1292.528522][T13329]  video_ioctl2+0x2d/0x35
[ 1292.532894][T13329]  v4l2_ioctl+0x156/0x1b0
[ 1292.537272][T13329]  ? video_devdata+0xa0/0xa0
[ 1292.541869][T13329]  do_vfs_ioctl+0xd6e/0x1390
[ 1292.546480][T13329]  ? kasan_check_read+0x11/0x20
[ 1292.551347][T13329]  ? ioctl_preallocate+0x210/0x210
[ 1292.556493][T13329]  ? __fget+0x381/0x550
[ 1292.560680][T13329]  ? ksys_dup3+0x3e0/0x3e0
[ 1292.565115][T13329]  ? nsecs_to_jiffies+0x30/0x30
[ 1292.569990][T13329]  ? security_file_ioctl+0x93/0xc0
[ 1292.575114][T13329]  ksys_ioctl+0xab/0xd0
[ 1292.579304][T13329]  __x64_sys_ioctl+0x73/0xb0
[ 1292.583919][T13329]  do_syscall_64+0x103/0x610
[ 1292.588549][T13329]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1292.594472][T13329] RIP: 0033:0x457e29
[ 1292.598373][T13329] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1292.617990][T13329] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1292.626407][T13329] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1292.634391][T13329] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:56:43 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x600000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1292.642372][T13329] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1292.650371][T13329] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1292.658353][T13329] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1292.698017][T13329] Mem-Info:
[ 1292.701283][T13329] active_anon:168703 inactive_anon:194 isolated_anon:0
[ 1292.701283][T13329]  active_file:13070 inactive_file:36197 isolated_file:0
[ 1292.701283][T13329]  unevictable:2 dirty:343 writeback:0 unstable:0
[ 1292.701283][T13329]  slab_reclaimable:17912 slab_unreclaimable:103011
[ 1292.701283][T13329]  mapped:58661 shmem:493 pagetables:3457 bounce:0
[ 1292.701283][T13329]  free:1054259 free_pcp:360 free_cma:0
[ 1292.739935][T13329] Node 0 active_anon:674812kB inactive_anon:776kB active_file:52140kB inactive_file:144788kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1372kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 266240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1292.769957][T13329] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1292.797124][T13329] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1292.892870][T13329] lowmem_reserve[]: 0 2553 2555 2555
[ 1292.899634][T13329] Node 0 DMA32 free:425072kB min:36232kB low:45288kB high:54344kB active_anon:666512kB inactive_anon:776kB active_file:52140kB inactive_file:144788kB unevictable:8kB writepending:1372kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10592kB pagetables:13532kB bounce:0kB free_pcp:2108kB local_pcp:632kB free_cma:0kB
[ 1292.931059][T13329] lowmem_reserve[]: 0 0 2 2
[ 1292.935681][T13329] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1292.940417][T13841] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1292.963659][T13329] lowmem_reserve[]: 0 0 0 0
[ 1292.981452][T13329] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1292.984738][T13841] CPU: 0 PID: 13841 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1293.010234][T13329] lowmem_reserve[]: 0 0 0 0
[ 1293.018894][T13841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1293.018917][T13841] Call Trace:
[ 1293.018941][T13841]  dump_stack+0x172/0x1f0
[ 1293.018967][T13841]  warn_alloc.cold+0x88/0x184
[ 1293.018989][T13841]  ? zone_watermark_ok_safe+0x260/0x260
[ 1293.024868][T13329] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1293.033520][T13841]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1293.033540][T13841]  ? find_held_lock+0x35/0x130
[ 1293.033558][T13841]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1293.033593][T13841]  __vmalloc_node_range+0x48a/0x790
[ 1293.038081][T13329] Node 0 DMA32: 237722*4kB (UME) 198722*8kB (UME) 68381*16kB (UME) 30579*32kB (UME) 15300*64kB (UME) 6574*128kB (UME) 3009*256kB (UME) 1478*512kB (UM) 989*1024kB (UM) 4442*2048kB (ME) 25*4096kB (M) = 18173352kB
[ 1293.041185][T13841]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1293.041207][T13841]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1293.041228][T13841]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1293.045940][T13329] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1293.051465][T13841]  vmalloc_user+0x6b/0x90
[ 1293.051484][T13841]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1293.051501][T13841]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1293.051515][T13841]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1293.051547][T13841]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1293.066453][T13329] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1293.071381][T13841]  __vb2_queue_alloc+0x5a6/0xf40
[ 1293.071417][T13841]  vb2_core_create_bufs+0x2bc/0x790
[ 1293.071439][T13841]  ? vim2m_buf_prepare+0x280/0x280
[ 1293.071459][T13841]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1293.077294][T13329] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1293.081829][T13841]  ? lock_acquire+0x16f/0x3f0
[ 1293.081845][T13841]  ? __video_do_ioctl+0x398/0xce0
[ 1293.081872][T13841]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1293.081894][T13841]  vb2_create_bufs+0x47e/0x7a0
[ 1293.081932][T13841]  ? vb2_request_queue+0x120/0x120
[ 1293.088646][T13329] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1293.107503][T13841]  ? mark_held_locks+0xf0/0xf0
[ 1293.107520][T13841]  ? debug_smp_processor_id+0x3c/0x280
[ 1293.107547][T13841]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1293.107575][T13841]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1293.113800][T13329] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1293.118158][T13841]  v4l_create_bufs+0xc0/0x180
[ 1293.118179][T13841]  __video_do_ioctl+0x7f1/0xce0
[ 1293.118204][T13841]  ? v4l_s_fmt+0xa40/0xa40
[ 1293.118228][T13841]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1293.124439][T13329] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1293.137454][T13841]  ? _copy_from_user+0xdd/0x150
[ 1293.137475][T13841]  video_usercopy+0x4c5/0x10d0
[ 1293.137490][T13841]  ? v4l_s_fmt+0xa40/0xa40
[ 1293.137510][T13841]  ? v4l_enumstd+0x70/0x70
[ 1293.137532][T13841]  ? mark_held_locks+0xf0/0xf0
[ 1293.143270][T13329] 49761 total pagecache pages
[ 1293.146865][T13841]  ? debug_smp_processor_id+0x3c/0x280
[ 1293.146886][T13841]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1293.146926][T13841]  ? __fget+0x35a/0x550
[ 1293.152120][T13329] 0 pages in swap cache
[ 1293.156768][T13841]  ? find_held_lock+0x35/0x130
[ 1293.156788][T13841]  ? video_usercopy+0x10d0/0x10d0
[ 1293.156807][T13841]  video_ioctl2+0x2d/0x35
[ 1293.162990][T13329] Swap cache stats: add 0, delete 0, find 0/0
[ 1293.181260][T13841]  v4l2_ioctl+0x156/0x1b0
[ 1293.181276][T13841]  ? video_devdata+0xa0/0xa0
[ 1293.181297][T13841]  do_vfs_ioctl+0xd6e/0x1390
[ 1293.181316][T13841]  ? kasan_check_read+0x11/0x20
[ 1293.181337][T13841]  ? ioctl_preallocate+0x210/0x210
[ 1293.187714][T13329] Free swap  = 0kB
[ 1293.191448][T13841]  ? __fget+0x381/0x550
[ 1293.191473][T13841]  ? ksys_dup3+0x3e0/0x3e0
[ 1293.191495][T13841]  ? nsecs_to_jiffies+0x30/0x30
[ 1293.196647][T13329] Total swap = 0kB
[ 1293.201710][T13841]  ? security_file_ioctl+0x93/0xc0
[ 1293.201733][T13841]  ksys_ioctl+0xab/0xd0
[ 1293.201756][T13841]  __x64_sys_ioctl+0x73/0xb0
[ 1293.201779][T13841]  do_syscall_64+0x103/0x610
[ 1293.211890][T13329] 1965979 pages RAM
[ 1293.215977][T13841]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1293.215990][T13841] RIP: 0033:0x457e29
[ 1293.216010][T13841] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1293.221419][T13329] 0 pages HighMem/MovableOnly
[ 1293.227242][T13841] RSP: 002b:00007f7c2f160c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1293.227262][T13841] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
23:56:44 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x600, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:44 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0205647, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:44 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = dup2(r0, r0)
setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000040)=0x60, 0x2)
inotify_init1(0x800)
fadvise64(r1, 0x0, 0xf99, 0x3)

23:56:44 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070")
socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
close(r1)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x802, 0x0)
write$vnet(r2, &(0x7f00000000c0)={0x1, {&(0x7f0000000040)=""/94, 0x5e, &(0x7f0000000180)=""/166, 0x1, 0x5}}, 0x68)
ioctl$BLKROGET(r2, 0x125e, &(0x7f0000000240))

23:56:44 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x700000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:44 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070")
r1 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x20, 0x101002)
write$evdev(r1, &(0x7f00006f7fe8)=[{{}, 0x1, 0x40000000000004a, 0x400000002}], 0x15a)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x800, 0x0)
ioctl$SCSI_IOCTL_SYNC(r2, 0x4)

[ 1293.227271][T13841] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000004
[ 1293.227289][T13841] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1293.232466][T13329] 339409 pages reserved
[ 1293.237224][T13841] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1616d4
[ 1293.237235][T13841] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1293.527146][T13329] 0 pages cma reserved
[ 1293.624210][T13873] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1293.646304][T13873] CPU: 0 PID: 13873 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1293.655462][T13873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1293.665541][T13873] Call Trace:
[ 1293.668851][T13873]  dump_stack+0x172/0x1f0
23:56:44 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x800000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1293.673217][T13873]  warn_alloc.cold+0x88/0x184
[ 1293.677933][T13873]  ? zone_watermark_ok_safe+0x260/0x260
[ 1293.683499][T13873]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1293.689140][T13873]  ? find_held_lock+0x35/0x130
[ 1293.694542][T13873]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1293.700203][T13873]  __vmalloc_node_range+0x48a/0x790
[ 1293.705412][T13873]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1293.710443][T13873]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1293.715986][T13873]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1293.720994][T13873]  vmalloc_user+0x6b/0x90
[ 1293.725325][T13873]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1293.730335][T13873]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1293.735168][T13873]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1293.740175][T13873]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1293.745959][T13873]  __vb2_queue_alloc+0x5a6/0xf40
[ 1293.750923][T13873]  vb2_core_create_bufs+0x2bc/0x790
[ 1293.756125][T13873]  ? vim2m_buf_prepare+0x280/0x280
[ 1293.761218][T13873]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1293.766311][T13873]  ? lock_acquire+0x16f/0x3f0
[ 1293.770967][T13873]  ? __video_do_ioctl+0x398/0xce0
[ 1293.775978][T13873]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1293.782200][T13873]  vb2_create_bufs+0x47e/0x7a0
[ 1293.786950][T13873]  ? vb2_request_queue+0x120/0x120
[ 1293.792051][T13873]  ? mark_held_locks+0xf0/0xf0
[ 1293.796814][T13873]  ? debug_smp_processor_id+0x3c/0x280
[ 1293.802261][T13873]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1293.807270][T13873]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1293.812800][T13873]  v4l_create_bufs+0xc0/0x180
[ 1293.817472][T13873]  __video_do_ioctl+0x7f1/0xce0
[ 1293.822319][T13873]  ? v4l_s_fmt+0xa40/0xa40
[ 1293.826721][T13873]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1293.832946][T13873]  ? _copy_from_user+0xdd/0x150
[ 1293.837782][T13873]  video_usercopy+0x4c5/0x10d0
[ 1293.842527][T13873]  ? v4l_s_fmt+0xa40/0xa40
[ 1293.846937][T13873]  ? v4l_enumstd+0x70/0x70
[ 1293.851367][T13873]  ? mark_held_locks+0xf0/0xf0
[ 1293.856112][T13873]  ? debug_smp_processor_id+0x3c/0x280
[ 1293.861555][T13873]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1293.867085][T13873]  ? __fget+0x35a/0x550
[ 1293.871232][T13873]  ? find_held_lock+0x35/0x130
[ 1293.875995][T13873]  ? video_usercopy+0x10d0/0x10d0
[ 1293.881001][T13873]  video_ioctl2+0x2d/0x35
[ 1293.885313][T13873]  v4l2_ioctl+0x156/0x1b0
[ 1293.889628][T13873]  ? video_devdata+0xa0/0xa0
[ 1293.894205][T13873]  do_vfs_ioctl+0xd6e/0x1390
[ 1293.898779][T13873]  ? kasan_check_read+0x11/0x20
[ 1293.903613][T13873]  ? ioctl_preallocate+0x210/0x210
[ 1293.908717][T13873]  ? __fget+0x381/0x550
[ 1293.912880][T13873]  ? ksys_dup3+0x3e0/0x3e0
[ 1293.917297][T13873]  ? nsecs_to_jiffies+0x30/0x30
[ 1293.922155][T13873]  ? security_file_ioctl+0x93/0xc0
[ 1293.927276][T13873]  ksys_ioctl+0xab/0xd0
[ 1293.931439][T13873]  __x64_sys_ioctl+0x73/0xb0
[ 1293.936012][T13873]  do_syscall_64+0x103/0x610
[ 1293.940598][T13873]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1293.946469][T13873] RIP: 0033:0x457e29
[ 1293.950346][T13873] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
23:56:45 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0205649, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:45 executing program 2:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070")
syz_emit_ethernet(0x211d49, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa02070000000086522e44f2182e005729dd60b4090000302900ed000000000000000000ffffe0000002de020000000000000000000000000001870090780009290060b680fa000000000000000000000000"], 0x0)
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
ioctl$UI_GET_VERSION(r1, 0x8004552d, &(0x7f0000000140))
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1293.969932][T13873] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1293.978321][T13873] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1293.986292][T13873] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1293.994247][T13873] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1294.002198][T13873] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1294.010148][T13873] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1294.038162][T13873] warn_alloc_show_mem: 1 callbacks suppressed
[ 1294.038168][T13873] Mem-Info:
[ 1294.049201][T13873] active_anon:169239 inactive_anon:194 isolated_anon:0
[ 1294.049201][T13873]  active_file:13070 inactive_file:36203 isolated_file:0
[ 1294.049201][T13873]  unevictable:2 dirty:356 writeback:0 unstable:0
[ 1294.049201][T13873]  slab_reclaimable:17913 slab_unreclaimable:102867
[ 1294.049201][T13873]  mapped:58661 shmem:493 pagetables:3495 bounce:0
[ 1294.049201][T13873]  free:1053680 free_pcp:460 free_cma:0
23:56:45 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x900000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1294.120105][T14090] QAT: Invalid ioctl
23:56:45 executing program 3:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x101000, 0x0)
ioctl$EVIOCGID(r0, 0x80084502, &(0x7f00000000c0)=""/252)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4)
connect$inet6(r1, &(0x7f0000000080), 0x1c)
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f00000001c0)={{0x7, 0x9}, {0xffffffff, 0xff}, 0x8, 0x6, 0x8})
accept4$packet(r0, &(0x7f0000000240)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000002c0)=0x14, 0x80800)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000300)={r2, 0x1, 0x6, @broadcast}, 0x10)
r3 = dup2(r1, r1)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000440), 0x132224)
ioctl$sock_SIOCINQ(r1, 0x541b, &(0x7f0000000040))

23:56:45 executing program 0:
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000040)=0xffffffffff30c280, 0x4)
listen(r0, 0x20000000)
r1 = socket$inet6(0xa, 0x6, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='schedstat\x00')
ioctl$UI_SET_LEDBIT(r2, 0x40045569, 0xe)
connect$inet6(r1, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r3 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg(r3, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)

[ 1294.211019][T13873] Node 0 active_anon:670600kB inactive_anon:776kB active_file:52140kB inactive_file:144812kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1424kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 264192kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1294.334865][T13873] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1294.370715][T13873] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1294.430088][T13873] lowmem_reserve[]: 0 2553 2555 2555
[ 1294.436430][T13873] Node 0 DMA32 free:418180kB min:36232kB low:45288kB high:54344kB active_anon:668540kB inactive_anon:776kB active_file:52140kB inactive_file:144848kB unevictable:8kB writepending:1436kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10624kB pagetables:13580kB bounce:0kB free_pcp:2276kB local_pcp:1324kB free_cma:0kB
[ 1294.484713][T13873] lowmem_reserve[]: 0 0 2 2
[ 1294.489659][T13873] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1294.525365][T13873] lowmem_reserve[]: 0 0 0 0
[ 1294.530448][T13873] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1294.559036][T13873] lowmem_reserve[]: 0 0 0 0
[ 1294.563557][T13873] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1294.578036][T13873] Node 0 DMA32: 237672*4kB (ME) 198652*8kB (UME) 68400*16kB (UME) 30578*32kB (UME) 15294*64kB (UME) 6575*128kB (UME) 3009*256kB (UME) 1478*512kB (UM) 989*1024kB (UM) 4442*2048kB (ME) 24*4096kB (M) = 18168512kB
[ 1294.599180][T13873] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1294.615262][T13873] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1294.634158][T13873] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1294.643776][T13873] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1294.653127][T13873] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1294.662735][T13873] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1294.672072][T13873] 49781 total pagecache pages
[ 1294.676756][T13873] 0 pages in swap cache
23:56:45 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x700, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:45 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc020660b, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:45 executing program 2:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x400, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x9, 0x400100)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)
ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000080)=0x81)
ioctl$CAPI_GET_PROFILE(0xffffffffffffffff, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:56:45 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xa00000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:45 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'eql\x00\x00\x00\x05\x00', 0x803})
socketpair$unix(0x1, 0x40000000001, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x100, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x13f, 0x1009}}, 0x20)
write$RDMA_USER_CM_CMD_CONNECT(r2, &(0x7f0000000140)={0x6, 0x118, 0xfa00, {{0x2, 0x2, "0a0ab57d3fe7dd3608921d0a11d9b029b6ec303a129944d9982c2eaf46e5792f7c3a3426ea0643029ffad4957d04e341ab7cd69dc0112723a8427ab37e0560596e54bf225b96a2a89323f36b04517aca4fa3d3bc8d727dfff8e764090f7702bf0839edf51a3b6e81e5a40782aa9eb36efda0b7508c596e77409315df30f3b11533f6277b71f8daef245338634ba8823366af20f784621e7e9af89aa1fbd9b963402d16b8afcd1ee8dc03050849c4c4e0d1b2be6ff63ea42e7649e1c359bbd86e02ec41513a6f9092244040f655fb744b8c8cc11002034b29898fc340a7d86fa6265f05f015fa0fca08f99235db240f6cdfe28be8c98864476f4f67cfca2544b4", 0x26, 0x80, 0x1, 0x100000000000000, 0x40, 0x1ff, 0x3959}, r3}}, 0x120)
syz_open_dev$mouse(&(0x7f0000000280)='/dev/input/mouse#\x00', 0xb85e, 0x101000)
ioctl$TUNSETOFFLOAD(r0, 0x400454e2, 0x712000)

23:56:45 executing program 3:
munmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x44000, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x7000, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0}, 0x68)
r1 = syz_open_procfs(0x0, &(0x7f0000000440)='cmdline\x00')
read$FUSE(r1, 0x0, 0xc670831c)

[ 1294.680981][T13873] Swap cache stats: add 0, delete 0, find 0/0
[ 1294.687051][T13873] Free swap  = 0kB
[ 1294.690831][T13873] Total swap = 0kB
[ 1294.694576][T13873] 1965979 pages RAM
[ 1294.698441][T13873] 0 pages HighMem/MovableOnly
[ 1294.703114][T13873] 339409 pages reserved
[ 1294.707256][T13873] 0 pages cma reserved
23:56:45 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xb00000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:45 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0285628, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1294.817063][T14549] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
23:56:45 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0285629, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1294.906664][T14549] CPU: 0 PID: 14549 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1294.915832][T14549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1294.925893][T14549] Call Trace:
[ 1294.929217][T14549]  dump_stack+0x172/0x1f0
[ 1294.933570][T14549]  warn_alloc.cold+0x88/0x184
[ 1294.938260][T14549]  ? zone_watermark_ok_safe+0x260/0x260
[ 1294.943819][T14549]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1294.949458][T14549]  ? find_held_lock+0x35/0x130
23:56:46 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0585609, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:46 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x82501)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x106, 0x1000}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f0000000140)={0x7, 0x8, 0xfa00, {r2, 0xc0}}, 0x10)

[ 1294.954230][T14549]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1294.959919][T14549]  __vmalloc_node_range+0x48a/0x790
[ 1294.965133][T14549]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1294.970168][T14549]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1294.975724][T14549]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1294.980762][T14549]  vmalloc_user+0x6b/0x90
[ 1294.985103][T14549]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1294.990139][T14549]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1294.994998][T14549]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1295.000043][T14549]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1295.005877][T14549]  __vb2_queue_alloc+0x5a6/0xf40
[ 1295.010856][T14549]  vb2_core_create_bufs+0x2bc/0x790
[ 1295.016068][T14549]  ? vim2m_buf_prepare+0x280/0x280
[ 1295.021185][T14549]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1295.026306][T14549]  ? lock_acquire+0x16f/0x3f0
[ 1295.031375][T14549]  ? __video_do_ioctl+0x398/0xce0
[ 1295.036419][T14549]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1295.042680][T14549]  vb2_create_bufs+0x47e/0x7a0
[ 1295.047470][T14549]  ? vb2_request_queue+0x120/0x120
[ 1295.052596][T14549]  ? mark_held_locks+0xf0/0xf0
23:56:46 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc058560f, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1295.057370][T14549]  ? debug_smp_processor_id+0x3c/0x280
[ 1295.062850][T14549]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1295.067894][T14549]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1295.073471][T14549]  v4l_create_bufs+0xc0/0x180
[ 1295.078161][T14549]  __video_do_ioctl+0x7f1/0xce0
[ 1295.083038][T14549]  ? v4l_s_fmt+0xa40/0xa40
[ 1295.087492][T14549]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1295.093789][T14549]  ? _copy_from_user+0xdd/0x150
[ 1295.098660][T14549]  video_usercopy+0x4c5/0x10d0
[ 1295.103433][T14549]  ? v4l_s_fmt+0xa40/0xa40
[ 1295.107867][T14549]  ? v4l_enumstd+0x70/0x70
[ 1295.112307][T14549]  ? mark_held_locks+0xf0/0xf0
[ 1295.117084][T14549]  ? debug_smp_processor_id+0x3c/0x280
[ 1295.122560][T14549]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1295.128123][T14549]  ? __fget+0x35a/0x550
[ 1295.132294][T14549]  ? find_held_lock+0x35/0x130
[ 1295.137080][T14549]  ? video_usercopy+0x10d0/0x10d0
[ 1295.142115][T14549]  video_ioctl2+0x2d/0x35
[ 1295.146455][T14549]  v4l2_ioctl+0x156/0x1b0
[ 1295.150799][T14549]  ? video_devdata+0xa0/0xa0
[ 1295.155408][T14549]  do_vfs_ioctl+0xd6e/0x1390
[ 1295.160010][T14549]  ? kasan_check_read+0x11/0x20
[ 1295.164875][T14549]  ? ioctl_preallocate+0x210/0x210
[ 1295.170012][T14549]  ? __fget+0x381/0x550
[ 1295.174187][T14549]  ? ksys_dup3+0x3e0/0x3e0
[ 1295.178612][T14549]  ? nsecs_to_jiffies+0x30/0x30
[ 1295.183490][T14549]  ? security_file_ioctl+0x93/0xc0
[ 1295.188621][T14549]  ksys_ioctl+0xab/0xd0
[ 1295.188642][T14549]  __x64_sys_ioctl+0x73/0xb0
[ 1295.188662][T14549]  do_syscall_64+0x103/0x610
[ 1295.188685][T14549]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1295.188704][T14549] RIP: 0033:0x457e29
[ 1295.207908][T14549] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1295.207925][T14549] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1295.207942][T14549] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1295.207952][T14549] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1295.207961][T14549] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1295.207970][T14549] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1295.207980][T14549] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1295.221162][T14549] Mem-Info:
[ 1295.294070][T14549] active_anon:167672 inactive_anon:194 isolated_anon:0
[ 1295.294070][T14549]  active_file:13070 inactive_file:36217 isolated_file:0
[ 1295.294070][T14549]  unevictable:2 dirty:365 writeback:0 unstable:0
[ 1295.294070][T14549]  slab_reclaimable:17915 slab_unreclaimable:104345
[ 1295.294070][T14549]  mapped:58686 shmem:493 pagetables:3434 bounce:0
[ 1295.294070][T14549]  free:1053900 free_pcp:402 free_cma:0
[ 1295.332650][T14549] Node 0 active_anon:670588kB inactive_anon:776kB active_file:52140kB inactive_file:144868kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1460kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 266240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1295.362642][T14549] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1295.389250][T14549] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1295.417073][T14549] lowmem_reserve[]: 0 2553 2555 2555
[ 1295.422462][T14549] Node 0 DMA32 free:419788kB min:36232kB low:45288kB high:54344kB active_anon:666460kB inactive_anon:776kB active_file:52140kB inactive_file:144896kB unevictable:8kB writepending:1512kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10592kB pagetables:13536kB bounce:0kB free_pcp:2080kB local_pcp:596kB free_cma:0kB
[ 1295.453562][T14549] lowmem_reserve[]: 0 0 2 2
[ 1295.458151][T14549] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1295.484723][T14549] lowmem_reserve[]: 0 0 0 0
[ 1295.490290][T14549] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1295.518744][T14549] lowmem_reserve[]: 0 0 0 0
[ 1295.523278][T14549] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1295.537658][T14549] Node 0 DMA32: 237744*4kB (UME) 198635*8kB (UME) 68402*16kB (UME) 30577*32kB (UME) 15291*64kB (UME) 6575*128kB (UME) 3009*256kB (UME) 1478*512kB (UM) 989*1024kB (UM) 4442*2048kB (ME) 24*4096kB (M) = 18168472kB
[ 1295.558186][T14549] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1295.573110][T14549] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1295.592009][T14549] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1295.601676][T14549] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1295.611068][T14549] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1295.621246][T14549] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1295.630602][T14549] 49794 total pagecache pages
[ 1295.635279][T14549] 0 pages in swap cache
[ 1295.639507][T14549] Swap cache stats: add 0, delete 0, find 0/0
[ 1295.645567][T14549] Free swap  = 0kB
[ 1295.649406][T14549] Total swap = 0kB
[ 1295.653127][T14549] 1965979 pages RAM
23:56:46 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x900, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:46 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc0585611, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:46 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000040)='io.weight\x00', 0x2, 0x0)
write$FUSE_CREATE_OPEN(r1, 0x0, 0x0)

23:56:46 executing program 0:
perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$inet6(0x10, 0x2000000003, 0x0)
listen(r0, 0x0)
sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000000080)="5500000019007f5300fe01b2a4a280930a600000ffa843359100000039000100f000000000d1000019000500fe800000000000d21338d54400136ef75afb83de448daa7227c440b8220000060cec4fab91d4000000", 0x55}], 0x1}, 0x0)
getresuid(0x0, 0x0, 0x0)

23:56:46 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:56:46 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xc00000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1295.656922][T14549] 0 pages HighMem/MovableOnly
[ 1295.661661][T14549] 339409 pages reserved
[ 1295.665818][T14549] 0 pages cma reserved
23:56:46 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video0\x00', 0x2, 0x0)

[ 1295.757016][T14870] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
23:56:46 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xd00000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:46 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc058565d, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1295.854558][T14870] CPU: 0 PID: 14870 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1295.863710][T14870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1295.873781][T14870] Call Trace:
[ 1295.877082][T14870]  dump_stack+0x172/0x1f0
[ 1295.881449][T14870]  warn_alloc.cold+0x88/0x184
[ 1295.886145][T14870]  ? zone_watermark_ok_safe+0x260/0x260
[ 1295.891700][T14870]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1295.897341][T14870]  ? find_held_lock+0x35/0x130
23:56:46 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip_vs\x00')
read(r0, &(0x7f0000000140)=""/171, 0xab)

[ 1295.902117][T14870]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1295.907777][T14870]  __vmalloc_node_range+0x48a/0x790
[ 1295.912986][T14870]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1295.918024][T14870]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1295.923584][T14870]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1295.928623][T14870]  vmalloc_user+0x6b/0x90
[ 1295.932972][T14870]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1295.938010][T14870]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1295.942871][T14870]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1295.947944][T14870]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
23:56:47 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc1005667, &(0x7f0000000100)={0x0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:47 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet6(0xa, 0x80002, 0x0)
r2 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x8}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000140)={{{@in6=@loopback, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x20}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0xff}, 0x0, @in=@empty}}, 0xe8)
r3 = dup3(r2, r1, 0x0)
write$FUSE_IOCTL(r3, 0x0, 0x0)

[ 1295.953759][T14870]  __vb2_queue_alloc+0x5a6/0xf40
[ 1295.958726][T14870]  vb2_core_create_bufs+0x2bc/0x790
[ 1295.963964][T14870]  ? vim2m_buf_prepare+0x280/0x280
[ 1295.969084][T14870]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1295.974203][T14870]  ? lock_acquire+0x16f/0x3f0
[ 1295.978890][T14870]  ? __video_do_ioctl+0x398/0xce0
[ 1295.983961][T14870]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1295.990217][T14870]  vb2_create_bufs+0x47e/0x7a0
[ 1295.994996][T14870]  ? vb2_request_queue+0x120/0x120
[ 1296.000119][T14870]  ? mark_held_locks+0xf0/0xf0
[ 1296.004889][T14870]  ? debug_smp_processor_id+0x3c/0x280
[ 1296.010382][T14870]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1296.015435][T14870]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1296.020996][T14870]  v4l_create_bufs+0xc0/0x180
[ 1296.026499][T14870]  __video_do_ioctl+0x7f1/0xce0
[ 1296.031369][T14870]  ? v4l_s_fmt+0xa40/0xa40
[ 1296.035811][T14870]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1296.042069][T14870]  ? _copy_from_user+0xdd/0x150
[ 1296.046945][T14870]  video_usercopy+0x4c5/0x10d0
[ 1296.051717][T14870]  ? v4l_s_fmt+0xa40/0xa40
[ 1296.056157][T14870]  ? v4l_enumstd+0x70/0x70
[ 1296.060589][T14870]  ? mark_held_locks+0xf0/0xf0
[ 1296.065367][T14870]  ? debug_smp_processor_id+0x3c/0x280
[ 1296.070841][T14870]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1296.076406][T14870]  ? __fget+0x35a/0x550
[ 1296.080591][T14870]  ? find_held_lock+0x35/0x130
[ 1296.085369][T14870]  ? video_usercopy+0x10d0/0x10d0
[ 1296.090408][T14870]  video_ioctl2+0x2d/0x35
[ 1296.094762][T14870]  v4l2_ioctl+0x156/0x1b0
[ 1296.099106][T14870]  ? video_devdata+0xa0/0xa0
[ 1296.104223][T14870]  do_vfs_ioctl+0xd6e/0x1390
[ 1296.108829][T14870]  ? kasan_check_read+0x11/0x20
[ 1296.113721][T14870]  ? ioctl_preallocate+0x210/0x210
[ 1296.118849][T14870]  ? __fget+0x381/0x550
[ 1296.123027][T14870]  ? ksys_dup3+0x3e0/0x3e0
[ 1296.127460][T14870]  ? nsecs_to_jiffies+0x30/0x30
[ 1296.132335][T14870]  ? security_file_ioctl+0x93/0xc0
[ 1296.137461][T14870]  ksys_ioctl+0xab/0xd0
[ 1296.141629][T14870]  __x64_sys_ioctl+0x73/0xb0
[ 1296.146228][T14870]  do_syscall_64+0x103/0x610
[ 1296.150834][T14870]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1296.156738][T14870] RIP: 0033:0x457e29
[ 1296.160640][T14870] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1296.180252][T14870] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1296.188667][T14870] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1296.196641][T14870] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:56:47 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x2, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:47 executing program 3:
clone(0x0, 0x0, 0x0, 0x0, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x8, 0x0)

23:56:47 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0xa00, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1296.196657][T14870] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1296.212832][T14870] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1296.212843][T14870] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:56:47 executing program 0:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = timerfd_create(0x0, 0x0)
readv(r1, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r1, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = pkey_alloc(0x0, 0x0)
pkey_free(0xffffffffffffffff)
pkey_free(r2)

23:56:47 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1296.283287][T15245] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1296.340438][T15251] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1296.348527][T15245] CPU: 0 PID: 15245 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1296.363484][T15245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1296.373539][T15245] Call Trace:
[ 1296.376841][T15245]  dump_stack+0x172/0x1f0
[ 1296.381195][T15245]  warn_alloc.cold+0x88/0x184
[ 1296.385883][T15245]  ? zone_watermark_ok_safe+0x260/0x260
[ 1296.391447][T15245]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1296.397086][T15245]  ? find_held_lock+0x35/0x130
[ 1296.401856][T15245]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1296.407531][T15245]  __vmalloc_node_range+0x48a/0x790
[ 1296.412742][T15245]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1296.417776][T15245]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1296.423326][T15245]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1296.428362][T15245]  vmalloc_user+0x6b/0x90
[ 1296.432696][T15245]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1296.437726][T15245]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1296.442590][T15245]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1296.447650][T15245]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1296.453457][T15245]  __vb2_queue_alloc+0x5a6/0xf40
[ 1296.458418][T15245]  vb2_core_create_bufs+0x2bc/0x790
[ 1296.463634][T15245]  ? vim2m_buf_prepare+0x280/0x280
[ 1296.468750][T15245]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1296.473868][T15245]  ? lock_acquire+0x16f/0x3f0
[ 1296.478573][T15245]  ? __video_do_ioctl+0x398/0xce0
[ 1296.483673][T15245]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1296.489942][T15245]  vb2_create_bufs+0x47e/0x7a0
[ 1296.494741][T15245]  ? vb2_request_queue+0x120/0x120
[ 1296.499859][T15245]  ? mark_held_locks+0xf0/0xf0
[ 1296.504632][T15245]  ? debug_smp_processor_id+0x3c/0x280
[ 1296.510099][T15245]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1296.515129][T15245]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1296.520678][T15245]  v4l_create_bufs+0xc0/0x180
[ 1296.525364][T15245]  __video_do_ioctl+0x7f1/0xce0
[ 1296.530230][T15245]  ? v4l_s_fmt+0xa40/0xa40
[ 1296.534662][T15245]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1296.540927][T15245]  ? _copy_from_user+0xdd/0x150
[ 1296.545790][T15245]  video_usercopy+0x4c5/0x10d0
[ 1296.550565][T15245]  ? v4l_s_fmt+0xa40/0xa40
[ 1296.554993][T15245]  ? v4l_enumstd+0x70/0x70
[ 1296.559417][T15245]  ? mark_held_locks+0xf0/0xf0
[ 1296.564186][T15245]  ? debug_smp_processor_id+0x3c/0x280
[ 1296.569649][T15245]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1296.575204][T15245]  ? __fget+0x35a/0x550
[ 1296.579363][T15245]  ? find_held_lock+0x35/0x130
[ 1296.584134][T15245]  ? video_usercopy+0x10d0/0x10d0
[ 1296.589159][T15245]  video_ioctl2+0x2d/0x35
[ 1296.593500][T15245]  v4l2_ioctl+0x156/0x1b0
[ 1296.597838][T15245]  ? video_devdata+0xa0/0xa0
[ 1296.602457][T15245]  do_vfs_ioctl+0xd6e/0x1390
[ 1296.607048][T15245]  ? kasan_check_read+0x11/0x20
[ 1296.611930][T15245]  ? ioctl_preallocate+0x210/0x210
[ 1296.617055][T15245]  ? __fget+0x381/0x550
[ 1296.621225][T15245]  ? ksys_dup3+0x3e0/0x3e0
[ 1296.625664][T15245]  ? nsecs_to_jiffies+0x30/0x30
[ 1296.630549][T15245]  ? security_file_ioctl+0x93/0xc0
[ 1296.635668][T15245]  ksys_ioctl+0xab/0xd0
[ 1296.639833][T15245]  __x64_sys_ioctl+0x73/0xb0
[ 1296.644429][T15245]  do_syscall_64+0x103/0x610
[ 1296.649043][T15245]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1296.654946][T15245] RIP: 0033:0x457e29
[ 1296.658846][T15245] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1296.678454][T15245] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
23:56:47 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xe00000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1296.686864][T15245] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1296.694845][T15245] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1296.702815][T15245] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1296.710790][T15245] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1296.718761][T15245] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1296.726799][T15251] CPU: 1 PID: 15251 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1296.735938][T15251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1296.745994][T15251] Call Trace:
[ 1296.749299][T15251]  dump_stack+0x172/0x1f0
[ 1296.753646][T15251]  warn_alloc.cold+0x88/0x184
[ 1296.758352][T15251]  ? zone_watermark_ok_safe+0x260/0x260
[ 1296.763911][T15251]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1296.769557][T15251]  ? find_held_lock+0x35/0x130
[ 1296.774327][T15251]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1296.779996][T15251]  __vmalloc_node_range+0x48a/0x790
[ 1296.785207][T15251]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1296.790250][T15251]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1296.795805][T15251]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1296.800843][T15251]  vmalloc_user+0x6b/0x90
[ 1296.805182][T15251]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1296.810218][T15251]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1296.815074][T15251]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1296.820111][T15251]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1296.825940][T15251]  __vb2_queue_alloc+0x5a6/0xf40
[ 1296.830918][T15251]  vb2_core_create_bufs+0x2bc/0x790
[ 1296.836130][T15251]  ? vim2m_buf_prepare+0x280/0x280
23:56:47 executing program 0:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000280)='io.max\x00\xe3\xc6\xa1\xbc\x16\x94p`R\xfbqcm\xab\x87\xf6\xb6y1uoG\x18\xd4\xc8*R6\x84\xfb\xfbU\t\x00\x00\x00\x00\x00\x00\x00\xe83Q\xf1\xda\xedt\x93\xb4\xa5\x8d\xbd\xb5<\x1a\x90\xa3U\xb9{\xba\x99\xdf(\x9a%\xef\x0eO5\xcd\xbf\xe7\n\x13\xc3+(<\x02\x83|S0\xed\x0f9:\xc8\xb5\xa0\"\x00x\xe9\x1f\xe9\xee\x17\x88%\x19\xe3\x9d\x9d|P,\xb5+\x84\xaa\x1cZd\xb1fj\xde\xc7\xf0\xd8D\xaf\x01\x01\x8e\x95\x83X\xb9\xf5J\xb0\v\x0fC\xd3\x8e\x9d\xe1\x1e:!|\xa3%\xd2@M\x1b\xf3\xfe\xf1\x94\xffl~\x18\xedp\xa0\x10\x9fn\xcd\x9eKu\xf3\xa0\x1f\x93\xf3\xc0\x86\x04Y\xd5\xd5,\xc4\xf58y\xec\f\x16p\x9fs7\xb7\xc9\x85)\xe4\x1c\r\xdd\xe4\xe6\x91C\xec\x0e\x0e\"\xde\f\x99\xe3\xbaP\x0e\x94\xcd\x1fXl\x11\x13\xe3\xcf+>0\x8d\x01\xd4\xc3\xdf\x00\x0eDn\x05\x9dH\x9f\xa7\xceC\x18D\xe3\xf1\x1e\xb8\xa4\x9d\xae\xb9\x19\xa1\x1a\xa6\x13\x86q)/x\x85\x16\x8b2\xd5\x82dS\xd7\x16\xfc\xc6\xb3\xf6\x90\xa6\x14\x88\x1c;\xaex\x82(\xe0\xab\x91\xf0,\x9f=\xf2\x91g\xf0\xc9', 0x2, 0x0)
write$binfmt_misc(r1, 0x0, 0x0)

[ 1296.841252][T15251]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1296.846373][T15251]  ? lock_acquire+0x16f/0x3f0
[ 1296.851062][T15251]  ? __video_do_ioctl+0x398/0xce0
[ 1296.856109][T15251]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1296.862360][T15251]  vb2_create_bufs+0x47e/0x7a0
[ 1296.867132][T15251]  ? vb2_request_queue+0x120/0x120
[ 1296.872253][T15251]  ? mark_held_locks+0xf0/0xf0
[ 1296.872271][T15251]  ? debug_smp_processor_id+0x3c/0x280
[ 1296.872302][T15251]  v4l2_m2m_create_bufs+0x7c/0xe0
23:56:47 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000280)='io.max\x00\xe3\xc6\xa1\xbc\x16\x94p`R\xfbqcm\xab\x87\xf6\xb6y1uoG\x18\xd4\xc8*R6\x84\xfb\xfbU\t\x00\x00\x00\x00\x00\x00\x00\xe83Q\xf1\xda\xedt\x93\xb4\xa5\x8d\xbd\xb5<\x1a\x90\xa3U\xb9{\xba\x99\xdf(\x9a%\xef\x0eO5\xcd\xbf\xe7\n\x13\xc3+(<\x02\x83|S0\xed\x0f9:\xc8\xb5\xa0\"\x00x\xe9\x1f\xe9\xee\x17\x88%\x19\xe3\x9d\x9d|P,\xb5+\x84\xaa\x1cZd\xb1fj\xde\xc7\xf0\xd8D\xaf\x01\x01\x8e\x95\x83X\xb9\xf5J\xb0\v\x0fC\xd3\x8e\x9d\xe1\x1e:!|\xa3%\xd2@M\x1b\xf3\xfe\xf1\x94\xffl~\x18\xedp\xa0\x10\x9fn\xcd\x9eKu\xf3\xa0\x1f\x93\xf3\xc0\x86\x04Y\xd5\xd5,\xc4\xf58y\xec\f\x16p\x9fs7\xb7\xc9\x85)\xe4\x1c\r\xdd\xe4\xe6\x91C\xec\x0e\x0e\"\xde\f\x99\xe3\xbaP\x0e\x94\xcd\x1fXl\x11\x13\xe3\xcf+>0\x8d\x01\xd4\xc3\xdf\x00\x0eDn\x05\x9dH\x9f\xa7\xceC\x18D\xe3\xf1\x1e\xb8\xa4\x9d\xae\xb9\x19\xa1\x1a\xa6\x13\x86q)/x\x85\x16\x8b2\xd5\x82dS\xd7\x16\xfc\xc6\xb3\xf6\x90\xa6\x14\x88\x1c;\xaex\x82(\xe0\xab\x91\xf0,\x9f=\xf2\x91g\xf0\xc9', 0x2, 0x0)
sendfile(r1, r1, 0x0, 0x100000000000004)

[ 1296.882508][T15251]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1296.882526][T15251]  v4l_create_bufs+0xc0/0x180
[ 1296.882545][T15251]  __video_do_ioctl+0x7f1/0xce0
[ 1296.882568][T15251]  ? v4l_s_fmt+0xa40/0xa40
[ 1296.882594][T15251]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1296.914107][T15251]  ? _copy_from_user+0xdd/0x150
[ 1296.918973][T15251]  video_usercopy+0x4c5/0x10d0
[ 1296.923749][T15251]  ? v4l_s_fmt+0xa40/0xa40
[ 1296.928186][T15251]  ? v4l_enumstd+0x70/0x70
[ 1296.932614][T15251]  ? mark_held_locks+0xf0/0xf0
[ 1296.937393][T15251]  ? debug_smp_processor_id+0x3c/0x280
[ 1296.942871][T15251]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1296.948445][T15251]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1296.954005][T15251]  ? __fget+0x35a/0x550
[ 1296.958176][T15251]  ? find_held_lock+0x35/0x130
[ 1296.962960][T15251]  ? video_usercopy+0x10d0/0x10d0
[ 1296.963255][T15245] warn_alloc_show_mem: 1 callbacks suppressed
[ 1296.963260][T15245] Mem-Info:
[ 1296.967989][T15251]  video_ioctl2+0x2d/0x35
[ 1296.968011][T15251]  v4l2_ioctl+0x156/0x1b0
[ 1296.968028][T15251]  ? video_devdata+0xa0/0xa0
23:56:48 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
memfd_create(&(0x7f0000000040)='/dev/capi20\x00', 0x5)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f0000000100)=0x1)
socket$caif_seqpacket(0x25, 0x5, 0x4)
prctl$PR_SET_NAME(0xf, &(0x7f0000000080)='/dev/capi20\x00')

[ 1296.968049][T15251]  do_vfs_ioctl+0xd6e/0x1390
[ 1296.968068][T15251]  ? kasan_check_read+0x11/0x20
[ 1296.968088][T15251]  ? ioctl_preallocate+0x210/0x210
[ 1296.968103][T15251]  ? __fget+0x381/0x550
[ 1296.968127][T15251]  ? ksys_dup3+0x3e0/0x3e0
[ 1296.968158][T15251]  ? security_file_ioctl+0x93/0xc0
[ 1296.968185][T15251]  ksys_ioctl+0xab/0xd0
[ 1296.986618][T15245] active_anon:168244 inactive_anon:193 isolated_anon:0
[ 1296.986618][T15245]  active_file:13070 inactive_file:36234 isolated_file:0
[ 1296.986618][T15245]  unevictable:2 dirty:383 writeback:0 unstable:0
[ 1296.986618][T15245]  slab_reclaimable:17920 slab_unreclaimable:103948
[ 1296.986618][T15245]  mapped:58686 shmem:493 pagetables:3492 bounce:0
[ 1296.986618][T15245]  free:1053518 free_pcp:477 free_cma:0
[ 1296.990555][T15251]  __x64_sys_ioctl+0x73/0xb0
[ 1296.990577][T15251]  do_syscall_64+0x103/0x610
[ 1296.990601][T15251]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1296.990614][T15251] RIP: 0033:0x457e29
[ 1296.990630][T15251] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1296.990640][T15251] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1296.990654][T15251] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1296.990663][T15251] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1296.990673][T15251] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1296.990682][T15251] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
23:56:48 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x3, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1296.990691][T15251] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:56:48 executing program 2:
ioctl$CAPI_GET_PROFILE(0xffffffffffffffff, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1297.200313][T15245] Node 0 active_anon:666744kB inactive_anon:768kB active_file:52140kB inactive_file:144952kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234728kB dirty:1556kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 272384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
23:56:48 executing program 3:
r0 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
sendfile(r0, r0, 0x0, 0x2b)

23:56:48 executing program 0:
socket$netlink(0x10, 0x3, 0x4)
r0 = socket$inet6(0xa, 0x47, 0x200084)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unshare(0x40000000)
link(&(0x7f0000000040)='./file0\x00', 0x0)
fstat(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x4, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = inotify_init1(0x80800)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ptrace(0x4207, 0x0)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f0000000200)={@mcast2}, &(0x7f0000000240)=0x14)
fcntl$dupfd(r1, 0x3, r0)
nanosleep(&(0x7f0000000180)={0x77359400}, &(0x7f00000001c0))
ioctl$GIO_UNISCRNMAP(0xffffffffffffffff, 0x4b69, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r2 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x800005, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff)
pipe(&(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = open(&(0x7f0000000080)='./file0\x00', 0x8040, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
ioctl$EVIOCSREP(r3, 0x40084503, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000300)={0xfffffffffffffffe}, 0x0, 0x8)
rt_sigtimedwait(&(0x7f0000000100)={0x8}, 0x0, 0x0, 0x69bc)
fgetxattr(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="75736d727ef4b415a02a000000000000000000000000000000af70dbc0c3f69fdf81b9085da89e6a47bc524b00f40f842a88a9ab8a763cdc1f75164862fcc6a2171515eeb4fb2f61d00dd2d6040005285722e68cf969ff75e98f08b60c294640535ba09638165cd70631e7b6f7bcd7fce0a2e1e289e40ea59814938728cfd1fd52d510a8b18c31f34d47b2a0ffcc146c9073d58b54ea815e7daaf19c62cb0b807e22f30167"], 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x104a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
eventfd(0x1000)
getdents(r4, 0x0, 0x0)

[ 1297.244265][T15878] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1297.285047][T15878] CPU: 1 PID: 15878 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1297.294194][T15878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1297.304510][T15878] Call Trace:
[ 1297.307823][T15878]  dump_stack+0x172/0x1f0
[ 1297.312172][T15878]  warn_alloc.cold+0x88/0x184
[ 1297.316867][T15878]  ? zone_watermark_ok_safe+0x260/0x260
[ 1297.322437][T15878]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1297.328079][T15878]  ? find_held_lock+0x35/0x130
[ 1297.332846][T15878]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1297.338500][T15878]  __vmalloc_node_range+0x48a/0x790
[ 1297.338521][T15878]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1297.338540][T15878]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1297.338557][T15878]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1297.338577][T15878]  vmalloc_user+0x6b/0x90
[ 1297.363776][T15878]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1297.368811][T15878]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1297.373668][T15878]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1297.378705][T15878]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1297.384515][T15878]  __vb2_queue_alloc+0x5a6/0xf40
[ 1297.389484][T15878]  vb2_core_create_bufs+0x2bc/0x790
[ 1297.394698][T15878]  ? vim2m_buf_prepare+0x280/0x280
[ 1297.399823][T15878]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1297.404946][T15878]  ? lock_acquire+0x16f/0x3f0
[ 1297.409633][T15878]  ? __video_do_ioctl+0x398/0xce0
[ 1297.414678][T15878]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1297.420941][T15878]  vb2_create_bufs+0x47e/0x7a0
[ 1297.425717][T15878]  ? vb2_request_queue+0x120/0x120
[ 1297.430840][T15878]  ? mark_held_locks+0xf0/0xf0
[ 1297.435625][T15878]  ? debug_smp_processor_id+0x3c/0x280
[ 1297.441111][T15878]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1297.446150][T15878]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1297.451704][T15878]  v4l_create_bufs+0xc0/0x180
[ 1297.456422][T15878]  __video_do_ioctl+0x7f1/0xce0
[ 1297.461288][T15878]  ? v4l_s_fmt+0xa40/0xa40
[ 1297.465733][T15878]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1297.471990][T15878]  ? _copy_from_user+0xdd/0x150
[ 1297.476858][T15878]  video_usercopy+0x4c5/0x10d0
[ 1297.481644][T15878]  ? v4l_s_fmt+0xa40/0xa40
[ 1297.486075][T15878]  ? v4l_enumstd+0x70/0x70
[ 1297.490503][T15878]  ? mark_held_locks+0xf0/0xf0
[ 1297.495272][T15878]  ? debug_smp_processor_id+0x3c/0x280
[ 1297.500746][T15878]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1297.506304][T15878]  ? __fget+0x35a/0x550
[ 1297.510475][T15878]  ? find_held_lock+0x35/0x130
[ 1297.515251][T15878]  ? video_usercopy+0x10d0/0x10d0
[ 1297.520285][T15878]  video_ioctl2+0x2d/0x35
[ 1297.524631][T15878]  v4l2_ioctl+0x156/0x1b0
[ 1297.528981][T15878]  ? video_devdata+0xa0/0xa0
[ 1297.533580][T15878]  do_vfs_ioctl+0xd6e/0x1390
[ 1297.538188][T15878]  ? kasan_check_read+0x11/0x20
[ 1297.543051][T15878]  ? ioctl_preallocate+0x210/0x210
[ 1297.545411][T15882] IPVS: ftp: loaded support on port[0] = 21
[ 1297.548167][T15878]  ? __fget+0x381/0x550
[ 1297.548192][T15878]  ? ksys_dup3+0x3e0/0x3e0
[ 1297.548210][T15878]  ? nsecs_to_jiffies+0x30/0x30
[ 1297.548239][T15878]  ? security_file_ioctl+0x93/0xc0
[ 1297.548260][T15878]  ksys_ioctl+0xab/0xd0
[ 1297.548282][T15878]  __x64_sys_ioctl+0x73/0xb0
[ 1297.548303][T15878]  do_syscall_64+0x103/0x610
[ 1297.548326][T15878]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1297.548340][T15878] RIP: 0033:0x457e29
[ 1297.548357][T15878] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1297.548367][T15878] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1297.548382][T15878] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1297.548392][T15878] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1297.548402][T15878] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1297.548420][T15878] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1297.548430][T15878] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1297.738557][T15245] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1297.768483][T15245] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1297.799088][T15245] lowmem_reserve[]: 0 2553 2555 2555
[ 1297.816987][T15245] Node 0 DMA32 free:417464kB min:36232kB low:45288kB high:54344kB active_anon:669000kB inactive_anon:768kB active_file:52140kB inactive_file:144952kB unevictable:8kB writepending:1556kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10624kB pagetables:13648kB bounce:0kB free_pcp:1852kB local_pcp:1244kB free_cma:0kB
[ 1297.879446][T15245] lowmem_reserve[]: 0 0 2 2
[ 1297.884085][T15245] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1297.911027][T15245] lowmem_reserve[]: 0 0 0 0
[ 1297.915655][T15245] Node 1 Normal free:3784520kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1297.944379][T15245] lowmem_reserve[]: 0 0 0 0
[ 1297.944405][T15245] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
[ 1297.963389][T15245] Node 0 DMA32: 237632*4kB (UME) 198695*8kB (UME) 68438*16kB (UME) 30578*32kB (UME) 15287*64kB (UME) 6575*128kB (UME) 3009*256kB (UME) 1478*512kB (UM) 989*1024kB (UM) 4441*2048kB (ME) 24*4096kB (M) = 18166808kB
[ 1297.984650][T15245] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1297.999283][T15245] Node 1 Normal: 8606*4kB (U) 5622*8kB (U) 3132*16kB (UE) 1500*32kB (UME) 744*64kB (UME) 377*128kB (UE) 190*256kB (UM) 96*512kB (UME) 51*1024kB (UME) 25*2048kB (U) 919*4096kB (M) = 4238824kB
[ 1298.018362][T15245] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
23:56:49 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0xa20, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:49 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xf00000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:49 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x40, 0x0)
ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x7ff)

23:56:49 executing program 3:
creat(&(0x7f0000007340)='./file1\x00', 0x0)
creat(&(0x7f0000000000)='./file1\x00', 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
getdents(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$cgroup(0xffffffffffffff9c, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
setsockopt$inet_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0)
write$binfmt_misc(r0, 0x0, 0x0)

23:56:49 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x4, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1298.018376][T15245] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1298.018388][T15245] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1298.018401][T15245] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1298.018408][T15245] 49802 total pagecache pages
[ 1298.018432][T15245] 0 pages in swap cache
[ 1298.018443][T15245] Swap cache stats: add 0, delete 0, find 0/0
[ 1298.018449][T15245] Free swap  = 0kB
[ 1298.018455][T15245] Total swap = 0kB
[ 1298.018463][T15245] 1965979 pages RAM
[ 1298.018469][T15245] 0 pages HighMem/MovableOnly
[ 1298.018475][T15245] 339409 pages reserved
[ 1298.018481][T15245] 0 pages cma reserved
[ 1298.099848][T16098] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1298.117814][T16098] CPU: 1 PID: 16098 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1298.126946][T16098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1298.137003][T16098] Call Trace:
[ 1298.137031][T16098]  dump_stack+0x172/0x1f0
[ 1298.137059][T16098]  warn_alloc.cold+0x88/0x184
[ 1298.137082][T16098]  ? zone_watermark_ok_safe+0x260/0x260
[ 1298.137106][T16098]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1298.149375][T16098]  ? find_held_lock+0x35/0x130
[ 1298.149397][T16098]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1298.149440][T16098]  __vmalloc_node_range+0x48a/0x790
[ 1298.149460][T16098]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1298.149483][T16098]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1298.160646][T16098]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1298.160666][T16098]  vmalloc_user+0x6b/0x90
[ 1298.160685][T16098]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1298.160703][T16098]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1298.160717][T16098]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1298.160738][T16098]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1298.160754][T16098]  __vb2_queue_alloc+0x5a6/0xf40
[ 1298.160790][T16098]  vb2_core_create_bufs+0x2bc/0x790
[ 1298.160818][T16098]  ? vim2m_buf_prepare+0x280/0x280
[ 1298.171196][T16098]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1298.171215][T16098]  ? lock_acquire+0x16f/0x3f0
[ 1298.171230][T16098]  ? __video_do_ioctl+0x398/0xce0
[ 1298.171258][T16098]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1298.171284][T16098]  vb2_create_bufs+0x47e/0x7a0
[ 1298.181483][T16098]  ? vb2_request_queue+0x120/0x120
[ 1298.181506][T16098]  ? mark_held_locks+0xf0/0xf0
[ 1298.181523][T16098]  ? debug_smp_processor_id+0x3c/0x280
[ 1298.181558][T16098]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1298.206292][T16098]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1298.206312][T16098]  v4l_create_bufs+0xc0/0x180
[ 1298.206331][T16098]  __video_do_ioctl+0x7f1/0xce0
[ 1298.206355][T16098]  ? v4l_s_fmt+0xa40/0xa40
[ 1298.217441][T16098]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1298.258401][T16098]  ? _copy_from_user+0xdd/0x150
[ 1298.258432][T16098]  video_usercopy+0x4c5/0x10d0
[ 1298.258448][T16098]  ? v4l_s_fmt+0xa40/0xa40
[ 1298.258471][T16098]  ? v4l_enumstd+0x70/0x70
[ 1298.258489][T16098]  ? mark_held_locks+0xf0/0xf0
23:56:49 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
ioctl$VIDIOC_QUERYCTRL(r1, 0xc0445624, &(0x7f0000000100)={0x10001, 0x101, "8246875d8c9c64a1066f6d1be976f7d4ccd2a0110cbf0e5cc1f029acc3367593", 0x101, 0x7, 0x7, 0x0, 0x210})
ioctl$CAPI_SET_FLAGS(r0, 0x80044324, &(0x7f0000000080)=0x1)

23:56:49 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req3={0x6000000, 0x3, 0x6000000, 0x3}, 0x1c)
setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000000040), 0x4)

[ 1298.258506][T16098]  ? debug_smp_processor_id+0x3c/0x280
[ 1298.258526][T16098]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1298.258547][T16098]  ? __fget+0x35a/0x550
[ 1298.258565][T16098]  ? find_held_lock+0x35/0x130
[ 1298.258584][T16098]  ? video_usercopy+0x10d0/0x10d0
[ 1298.258608][T16098]  video_ioctl2+0x2d/0x35
[ 1298.273962][T16098]  v4l2_ioctl+0x156/0x1b0
[ 1298.273980][T16098]  ? video_devdata+0xa0/0xa0
[ 1298.274002][T16098]  do_vfs_ioctl+0xd6e/0x1390
[ 1298.274021][T16098]  ? kasan_check_read+0x11/0x20
[ 1298.274042][T16098]  ? ioctl_preallocate+0x210/0x210
[ 1298.309581][T16098]  ? __fget+0x381/0x550
[ 1298.309606][T16098]  ? ksys_dup3+0x3e0/0x3e0
[ 1298.327953][T16098]  ? nsecs_to_jiffies+0x30/0x30
[ 1298.327986][T16098]  ? security_file_ioctl+0x93/0xc0
[ 1298.328008][T16098]  ksys_ioctl+0xab/0xd0
[ 1298.328030][T16098]  __x64_sys_ioctl+0x73/0xb0
[ 1298.328050][T16098]  do_syscall_64+0x103/0x610
[ 1298.328074][T16098]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1298.328087][T16098] RIP: 0033:0x457e29
[ 1298.328103][T16098] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1298.328112][T16098] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1298.328127][T16098] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1298.328137][T16098] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1298.328147][T16098] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1298.328156][T16098] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1298.328166][T16098] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1298.389191][T16206] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1298.406776][T16206] CPU: 1 PID: 16206 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1298.420943][T16206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1298.420950][T16206] Call Trace:
[ 1298.420971][T16206]  dump_stack+0x172/0x1f0
[ 1298.420998][T16206]  warn_alloc.cold+0x88/0x184
[ 1298.421018][T16206]  ? zone_watermark_ok_safe+0x260/0x260
[ 1298.421033][T16206]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1298.421054][T16206]  ? find_held_lock+0x35/0x130
[ 1298.444543][T16206]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1298.444582][T16206]  __vmalloc_node_range+0x48a/0x790
[ 1298.444603][T16206]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1298.444624][T16206]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1298.444640][T16206]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1298.444659][T16206]  vmalloc_user+0x6b/0x90
[ 1298.444678][T16206]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1298.444697][T16206]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1298.444711][T16206]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1298.444732][T16206]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1298.444747][T16206]  __vb2_queue_alloc+0x5a6/0xf40
[ 1298.444783][T16206]  vb2_core_create_bufs+0x2bc/0x790
[ 1298.444806][T16206]  ? vim2m_buf_prepare+0x280/0x280
[ 1298.461170][T16206]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1298.461189][T16206]  ? lock_acquire+0x16f/0x3f0
[ 1298.461204][T16206]  ? __video_do_ioctl+0x398/0xce0
[ 1298.461230][T16206]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1298.461254][T16206]  vb2_create_bufs+0x47e/0x7a0
[ 1298.469744][T16098] warn_alloc_show_mem: 2 callbacks suppressed
[ 1298.469748][T16098] Mem-Info:
[ 1298.477188][T16206]  ? vb2_request_queue+0x120/0x120
[ 1298.477210][T16206]  ? mark_held_locks+0xf0/0xf0
[ 1298.477227][T16206]  ? debug_smp_processor_id+0x3c/0x280
[ 1298.477250][T16206]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1298.493178][T16206]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1298.493197][T16206]  v4l_create_bufs+0xc0/0x180
[ 1298.493216][T16206]  __video_do_ioctl+0x7f1/0xce0
[ 1298.493242][T16206]  ? v4l_s_fmt+0xa40/0xa40
[ 1298.493275][T16206]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1298.513109][T16098] active_anon:169867 inactive_anon:192 isolated_anon:0
[ 1298.513109][T16098]  active_file:13070 inactive_file:36266 isolated_file:0
[ 1298.513109][T16098]  unevictable:2 dirty:417 writeback:0 unstable:0
[ 1298.513109][T16098]  slab_reclaimable:17942 slab_unreclaimable:104410
23:56:49 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1000000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1298.513109][T16098]  mapped:58661 shmem:493 pagetables:3521 bounce:0
[ 1298.513109][T16098]  free:1050804 free_pcp:287 free_cma:0
[ 1298.516263][T16206]  ? _copy_from_user+0xdd/0x150
[ 1298.516286][T16206]  video_usercopy+0x4c5/0x10d0
[ 1298.516301][T16206]  ? v4l_s_fmt+0xa40/0xa40
[ 1298.516322][T16206]  ? v4l_enumstd+0x70/0x70
23:56:49 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_NCCI_GETUNIT(r0, 0x80044327, &(0x7f0000000040)=0x7ff)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1298.526700][T16098] Node 0 active_anon:679468kB inactive_anon:768kB active_file:52140kB inactive_file:145064kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1668kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 272384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1298.529684][T16206]  ? mark_held_locks+0xf0/0xf0
[ 1298.529701][T16206]  ? debug_smp_processor_id+0x3c/0x280
[ 1298.529721][T16206]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1298.529743][T16206]  ? __fget+0x35a/0x550
[ 1298.529760][T16206]  ? find_held_lock+0x35/0x130
[ 1298.529778][T16206]  ? video_usercopy+0x10d0/0x10d0
[ 1298.529792][T16206]  video_ioctl2+0x2d/0x35
[ 1298.529812][T16206]  v4l2_ioctl+0x156/0x1b0
[ 1298.529827][T16206]  ? video_devdata+0xa0/0xa0
[ 1298.529848][T16206]  do_vfs_ioctl+0xd6e/0x1390
[ 1298.544374][T16206]  ? kasan_check_read+0x11/0x20
[ 1298.544396][T16206]  ? ioctl_preallocate+0x210/0x210
[ 1298.544420][T16206]  ? __fget+0x381/0x550
[ 1298.544446][T16206]  ? ksys_dup3+0x3e0/0x3e0
[ 1298.544464][T16206]  ? nsecs_to_jiffies+0x30/0x30
[ 1298.544505][T16206]  ? security_file_ioctl+0x93/0xc0
[ 1298.552960][T16098] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1298.554870][T16206]  ksys_ioctl+0xab/0xd0
[ 1298.554892][T16206]  __x64_sys_ioctl+0x73/0xb0
[ 1298.554924][T16206]  do_syscall_64+0x103/0x610
[ 1298.554947][T16206]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1298.554966][T16206] RIP: 0033:0x457e29
[ 1298.565782][T16206] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1298.565791][T16206] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1298.565807][T16206] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1298.565818][T16206] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1298.565827][T16206] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1298.565844][T16206] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1298.573725][T16098] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1298.576379][T16206] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:56:50 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1100000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:50 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0xc00, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1299.292534][T16526] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1299.376020][T16526] CPU: 0 PID: 16526 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1299.385174][T16526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1299.395230][T16526] Call Trace:
[ 1299.398534][T16526]  dump_stack+0x172/0x1f0
[ 1299.402885][T16526]  warn_alloc.cold+0x88/0x184
[ 1299.407619][T16526]  ? zone_watermark_ok_safe+0x260/0x260
[ 1299.413166][T16526]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1299.418799][T16526]  ? find_held_lock+0x35/0x130
[ 1299.423564][T16526]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1299.429214][T16526]  __vmalloc_node_range+0x48a/0x790
[ 1299.434414][T16526]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1299.439441][T16526]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1299.445515][T16526]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1299.450552][T16526]  vmalloc_user+0x6b/0x90
[ 1299.454888][T16526]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1299.460353][T16526]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1299.465200][T16526]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1299.470225][T16526]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1299.476030][T16526]  __vb2_queue_alloc+0x5a6/0xf40
[ 1299.480989][T16526]  vb2_core_create_bufs+0x2bc/0x790
[ 1299.486193][T16526]  ? vim2m_buf_prepare+0x280/0x280
[ 1299.491305][T16526]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1299.496423][T16526]  ? lock_acquire+0x16f/0x3f0
[ 1299.501104][T16526]  ? __video_do_ioctl+0x398/0xce0
[ 1299.506135][T16526]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1299.512382][T16526]  vb2_create_bufs+0x47e/0x7a0
[ 1299.517153][T16526]  ? vb2_request_queue+0x120/0x120
[ 1299.522267][T16526]  ? mark_held_locks+0xf0/0xf0
[ 1299.528161][T16526]  ? debug_smp_processor_id+0x3c/0x280
[ 1299.533621][T16526]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1299.538643][T16526]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1299.544186][T16526]  v4l_create_bufs+0xc0/0x180
[ 1299.548865][T16526]  __video_do_ioctl+0x7f1/0xce0
[ 1299.553732][T16526]  ? v4l_s_fmt+0xa40/0xa40
[ 1299.558157][T16526]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1299.564403][T16526]  ? _copy_from_user+0xdd/0x150
[ 1299.569252][T16526]  video_usercopy+0x4c5/0x10d0
[ 1299.574015][T16526]  ? v4l_s_fmt+0xa40/0xa40
[ 1299.578438][T16526]  ? v4l_enumstd+0x70/0x70
[ 1299.582852][T16526]  ? mark_held_locks+0xf0/0xf0
[ 1299.587619][T16526]  ? debug_smp_processor_id+0x3c/0x280
[ 1299.593083][T16526]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1299.598635][T16526]  ? __fget+0x35a/0x550
[ 1299.602791][T16526]  ? find_held_lock+0x35/0x130
[ 1299.607554][T16526]  ? video_usercopy+0x10d0/0x10d0
[ 1299.612581][T16526]  video_ioctl2+0x2d/0x35
[ 1299.616951][T16526]  v4l2_ioctl+0x156/0x1b0
[ 1299.621281][T16526]  ? video_devdata+0xa0/0xa0
[ 1299.625871][T16526]  do_vfs_ioctl+0xd6e/0x1390
[ 1299.630480][T16526]  ? kasan_check_read+0x11/0x20
[ 1299.635331][T16526]  ? ioctl_preallocate+0x210/0x210
[ 1299.640453][T16526]  ? __fget+0x381/0x550
[ 1299.644656][T16526]  ? ksys_dup3+0x3e0/0x3e0
[ 1299.649076][T16526]  ? nsecs_to_jiffies+0x30/0x30
[ 1299.653952][T16526]  ? security_file_ioctl+0x93/0xc0
[ 1299.659064][T16526]  ksys_ioctl+0xab/0xd0
[ 1299.663224][T16526]  __x64_sys_ioctl+0x73/0xb0
[ 1299.667820][T16526]  do_syscall_64+0x103/0x610
[ 1299.672420][T16526]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1299.678307][T16526] RIP: 0033:0x457e29
[ 1299.682199][T16526] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1299.701801][T16526] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1299.710209][T16526] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1299.718454][T16526] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1299.726426][T16526] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1299.734392][T16526] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1299.742381][T16526] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1299.752717][    C0] protocol 88fb is buggy, dev hsr_slave_0
[ 1299.757691][    C1] protocol 88fb is buggy, dev hsr_slave_0
[ 1299.758556][    C0] protocol 88fb is buggy, dev hsr_slave_1
[ 1299.764210][    C1] protocol 88fb is buggy, dev hsr_slave_1
[ 1299.770054][    C0] protocol 88fb is buggy, dev hsr_slave_0
[ 1299.781449][    C0] protocol 88fb is buggy, dev hsr_slave_1
[ 1299.787285][    C0] protocol 88fb is buggy, dev hsr_slave_0
[ 1299.793122][    C0] protocol 88fb is buggy, dev hsr_slave_1
[ 1299.841932][T16098] lowmem_reserve[]: 0 2553 2555 2555
[ 1299.886123][T16098] Node 0 DMA32 free:179452kB min:36232kB low:45288kB high:54344kB active_anon:671048kB inactive_anon:768kB active_file:52096kB inactive_file:139820kB unevictable:8kB writepending:1752kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10720kB pagetables:13848kB bounce:0kB free_pcp:2484kB local_pcp:1080kB free_cma:0kB
[ 1300.018876][T16526] warn_alloc_show_mem: 1 callbacks suppressed
[ 1300.018882][T16526] Mem-Info:
[ 1300.028360][T16526] active_anon:167762 inactive_anon:192 isolated_anon:19
[ 1300.028360][T16526]  active_file:13133 inactive_file:34867 isolated_file:217
[ 1300.028360][T16526]  unevictable:2 dirty:438 writeback:0 unstable:0
[ 1300.028360][T16526]  slab_reclaimable:17919 slab_unreclaimable:103173
[ 1300.028360][T16526]  mapped:58661 shmem:493 pagetables:3462 bounce:0
[ 1300.028360][T16526]  free:985093 free_pcp:633 free_cma:0
[ 1300.068284][T16098] lowmem_reserve[]: 0 0 2 2
[ 1300.072815][T16098] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1300.102719][T16526] Node 0 active_anon:671048kB inactive_anon:768kB active_file:52392kB inactive_file:139468kB unevictable:8kB isolated(anon):76kB isolated(file):868kB mapped:234644kB dirty:1752kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 270336kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1300.132435][T16098] lowmem_reserve[]: 0 0 0 0
[ 1300.137060][T16098] Node 1 Normal free:3784016kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1300.166759][T16526] Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1300.193445][T16098] lowmem_reserve[]: 0 0 0 0
[ 1300.199118][T16098] Node 0 DMA: 680*4kB (M) 341*8kB (U) 173*16kB (UM) 88*32kB (UM) 45*64kB (UM) 24*128kB (UM) 12*256kB (M) 7*512kB (M) 4*1024kB (M) 1*2048kB () 2*4096kB (M) = 37976kB
[ 1300.216113][T16526] Node 0 DMA free:10476kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1300.243288][T16098] Node 0 DMA32: 276173*4kB (UME) 216635*8kB (ME) 75935*16kB (UME) 33047*32kB (UME) 15913*64kB (UM) 6997*128kB (UM) 3239*256kB () 1585*512kB () 1033*1024kB () 4457*2048kB () 0*4096kB = 18850716kB
[ 1300.262546][T16526] lowmem_reserve[]: 0 2553 2555 2555
[ 1300.268265][T16098] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1300.283139][T16526] Node 0 DMA32 free:114744kB min:107912kB low:116968kB high:126024kB active_anon:671048kB inactive_anon:768kB active_file:52096kB inactive_file:139820kB unevictable:8kB writepending:1752kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10656kB pagetables:13848kB bounce:0kB free_pcp:2664kB local_pcp:1340kB free_cma:0kB
[ 1300.314993][T16098] Node 1 Normal: 14564*4kB () 8325*8kB (M) 4200*16kB (E) 2077*32kB (UME) 1037*64kB (UME) 518*128kB (UE) 259*256kB (UM) 131*512kB (UME) 69*1024kB (UME) 34*2048kB (U) 910*4096kB (M) = 4392216kB
[ 1300.335417][T16526] lowmem_reserve[]: 0 0 2 2
[ 1300.340400][T16098] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1300.350301][T16526] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1300.377606][T16098] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1300.378211][    C1] protocol 88fb is buggy, dev hsr_slave_0
[ 1300.387012][T16098] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1300.392721][    C1] protocol 88fb is buggy, dev hsr_slave_1
[ 1300.402691][T16526] lowmem_reserve[]: 0 0 0 0
[ 1300.412870][T16098] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1300.422570][T16526] Node 1 Normal free:3720544kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:592kB local_pcp:240kB free_cma:0kB
[ 1300.451766][T16098] 48740 total pagecache pages
[ 1300.456528][T16098] 0 pages in swap cache
[ 1300.462291][T16098] Swap cache stats: add 0, delete 0, find 0/0
[ 1300.468742][T16098] Free swap  = 0kB
[ 1300.472558][T16098] Total swap = 0kB
[ 1300.476356][T16526] lowmem_reserve[]: 0 0 0 0
[ 1300.481371][T16098] 1965979 pages RAM
[ 1300.485269][T16526] Node 0 DMA: 680*4kB (M) 341*8kB (U) 173*16kB (UM) 88*32kB (UM) 45*64kB (UM) 24*128kB (UM) 12*256kB (M) 7*512kB (M) 4*1024kB (M) 1*2048kB () 2*4096kB (M) = 37976kB
[ 1300.503287][T16098] 0 pages HighMem/MovableOnly
[ 1300.508364][T16098] 339409 pages reserved
[ 1300.512605][T16098] 0 pages cma reserved
23:56:51 executing program 0:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x158)
timerfd_settime(r0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x600000082000003, 0x8031, 0xffffffffffffffff, 0x0)
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = pkey_alloc(0x0, 0x0)
pkey_free(r1)
pkey_free(r1)

23:56:51 executing program 2:
openat$capi20(0xffffffffffffff9c, &(0x7f0000000040)='/dev/capi20\x00', 0x1, 0x0)
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:56:51 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1200000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1300.517907][T16526] Node 0 DMA32: 276173*4kB (UME) 216635*8kB (ME) 75935*16kB (UME) 33047*32kB (UME) 15913*64kB (UM) 6997*128kB (UM) 3239*256kB () 1585*512kB () 1033*1024kB () 4458*2048kB (M) 0*4096kB = 18852764kB
23:56:51 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x5, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1300.566936][T16526] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1300.666880][T16526] Node 1 Normal: 19007*4kB (M) 10546*8kB (M) 5312*16kB (UE) 2634*32kB (ME) 1315*64kB (ME) 657*128kB (UE) 327*256kB (U) 164*512kB (ME) 86*1024kB (UME) 41*2048kB () 902*4096kB (M) = 4532236kB
23:56:51 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1300000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:51 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0))
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x0, 0x2)
ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r1, 0xc040564b, &(0x7f0000000100)={0x1, 0x0, 0x3009, 0xfffffffffffffffb, 0x1, {0x1000, 0xffffffffc3c53729}, 0x1})
write$P9_RCLUNK(r1, &(0x7f0000000080)={0x7, 0x79, 0x2}, 0x7)

[ 1300.739491][T16526] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1300.751445][T16710] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
23:56:51 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000300)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0xfffffffffffffffd, 0x0, 0x0, 0x100a0})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
keyctl$search(0xa, 0x0, 0x0, 0x0, 0x0)
ioctl$VIDIOC_G_PRIORITY(0xffffffffffffffff, 0x80045643, 0x0)

[ 1300.807962][T16526] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1300.848185][T16710] CPU: 1 PID: 16710 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1300.857357][T16710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1300.867434][T16710] Call Trace:
[ 1300.870756][T16710]  dump_stack+0x172/0x1f0
[ 1300.875110][T16710]  warn_alloc.cold+0x88/0x184
[ 1300.879813][T16710]  ? zone_watermark_ok_safe+0x260/0x260
[ 1300.885371][T16710]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1300.891041][T16710]  ? find_held_lock+0x35/0x130
[ 1300.895843][T16710]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1300.901560][T16710]  __vmalloc_node_range+0x48a/0x790
[ 1300.906791][T16710]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1300.906813][T16710]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1300.906850][T16710]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1300.917429][T16710]  vmalloc_user+0x6b/0x90
[ 1300.926762][T16710]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1300.931800][T16710]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1300.936660][T16710]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1300.941699][T16710]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1300.947558][T16710]  __vb2_queue_alloc+0x5a6/0xf40
[ 1300.952545][T16710]  vb2_core_create_bufs+0x2bc/0x790
[ 1300.957749][T16710]  ? vim2m_buf_prepare+0x280/0x280
[ 1300.962885][T16710]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1300.968005][T16710]  ? lock_acquire+0x16f/0x3f0
[ 1300.972680][T16710]  ? __video_do_ioctl+0x398/0xce0
[ 1300.977715][T16710]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1300.983954][T16710]  vb2_create_bufs+0x47e/0x7a0
[ 1300.988726][T16710]  ? vb2_request_queue+0x120/0x120
[ 1300.993841][T16710]  ? mark_held_locks+0xf0/0xf0
[ 1300.998607][T16710]  ? debug_smp_processor_id+0x3c/0x280
[ 1301.004072][T16710]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1301.009103][T16710]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1301.014648][T16710]  v4l_create_bufs+0xc0/0x180
[ 1301.019340][T16710]  __video_do_ioctl+0x7f1/0xce0
[ 1301.024195][T16710]  ? v4l_s_fmt+0xa40/0xa40
[ 1301.028617][T16710]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1301.034861][T16710]  ? _copy_from_user+0xdd/0x150
[ 1301.039720][T16710]  video_usercopy+0x4c5/0x10d0
[ 1301.044483][T16710]  ? v4l_s_fmt+0xa40/0xa40
[ 1301.048911][T16710]  ? v4l_enumstd+0x70/0x70
[ 1301.053334][T16710]  ? mark_held_locks+0xf0/0xf0
[ 1301.058096][T16710]  ? debug_smp_processor_id+0x3c/0x280
[ 1301.063562][T16710]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1301.069109][T16710]  ? __fget+0x35a/0x550
[ 1301.073262][T16710]  ? find_held_lock+0x35/0x130
[ 1301.078038][T16710]  ? video_usercopy+0x10d0/0x10d0
[ 1301.083059][T16710]  video_ioctl2+0x2d/0x35
[ 1301.087389][T16710]  v4l2_ioctl+0x156/0x1b0
[ 1301.091731][T16710]  ? video_devdata+0xa0/0xa0
[ 1301.096320][T16710]  do_vfs_ioctl+0xd6e/0x1390
[ 1301.100944][T16710]  ? kasan_check_read+0x11/0x20
[ 1301.105802][T16710]  ? ioctl_preallocate+0x210/0x210
[ 1301.110956][T16710]  ? __fget+0x381/0x550
[ 1301.115121][T16710]  ? ksys_dup3+0x3e0/0x3e0
[ 1301.119535][T16710]  ? nsecs_to_jiffies+0x30/0x30
[ 1301.124401][T16710]  ? security_file_ioctl+0x93/0xc0
[ 1301.129534][T16710]  ksys_ioctl+0xab/0xd0
[ 1301.133695][T16710]  __x64_sys_ioctl+0x73/0xb0
[ 1301.138289][T16710]  do_syscall_64+0x103/0x610
[ 1301.142882][T16710]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1301.148785][T16710] RIP: 0033:0x457e29
[ 1301.152678][T16710] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1301.172285][T16710] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1301.180694][T16710] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1301.188659][T16710] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1301.196628][T16710] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1301.204611][T16710] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1301.213034][T16710] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1301.222818][T16526] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1301.251602][T16526] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1301.261982][T16526] 48777 total pagecache pages
[ 1301.267250][T16526] 0 pages in swap cache
[ 1301.272358][T16526] Swap cache stats: add 0, delete 0, find 0/0
[ 1301.279367][T16526] Free swap  = 0kB
[ 1301.283376][T16526] Total swap = 0kB
[ 1301.287424][T16526] 1965979 pages RAM
[ 1301.297634][T16710] Mem-Info:
[ 1301.301274][T16710] active_anon:167826 inactive_anon:192 isolated_anon:19
[ 1301.301274][T16710]  active_file:13333 inactive_file:34867 isolated_file:17
[ 1301.301274][T16710]  unevictable:2 dirty:438 writeback:0 unstable:0
[ 1301.301274][T16710]  slab_reclaimable:17919 slab_unreclaimable:103104
[ 1301.301274][T16710]  mapped:58661 shmem:493 pagetables:3462 bounce:0
[ 1301.301274][T16710]  free:959018 free_pcp:779 free_cma:0
[ 1301.344664][T16526] 0 pages HighMem/MovableOnly
[ 1301.364724][T16526] 339409 pages reserved
[ 1301.377156][T16526] 0 pages cma reserved
[ 1301.412379][T16710] Node 0 active_anon:668964kB inactive_anon:764kB active_file:53208kB inactive_file:139584kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1768kB writeback:0kB shmem:1960kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 266240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1301.510076][T16710] Node 1 active_anon:172kB inactive_anon:12kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:44kB writeback:0kB shmem:12kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1301.548611][T16710] Node 0 DMA free:10488kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1301.595172][T16710] lowmem_reserve[]: 0 2553 2555 2555
[ 1301.624674][T16710] Node 0 DMA32 free:248792kB min:107912kB low:116968kB high:126024kB active_anon:668964kB inactive_anon:764kB active_file:53208kB inactive_file:139584kB unevictable:8kB writepending:1768kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10592kB pagetables:13652kB bounce:0kB free_pcp:2988kB local_pcp:1644kB free_cma:0kB
[ 1301.693532][T16710] lowmem_reserve[]: 0 0 2 2
[ 1301.706573][T16710] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1301.747203][T16710] lowmem_reserve[]: 0 0 0 0
[ 1301.765703][T16710] Node 1 Normal free:3700524kB min:53624kB low:67028kB high:80432kB active_anon:172kB inactive_anon:12kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:44kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:32kB pagetables:44kB bounce:0kB free_pcp:1140kB local_pcp:820kB free_cma:0kB
[ 1301.870709][T16710] lowmem_reserve[]: 0 0 0 0
[ 1301.887712][T16710] Node 0 DMA: 679*4kB () 341*8kB (U) 172*16kB (U) 87*32kB (U) 44*64kB (U) 23*128kB (U) 11*256kB () 6*512kB () 3*1024kB () 2*2048kB (M) 2*4096kB (M) = 37988kB
[ 1301.922414][T16710] Node 0 DMA32: 276852*4kB (UME) 218262*8kB (UME) 76860*16kB (UME) 33955*32kB (UME) 16529*64kB (UME) 7223*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4466*2048kB (UM) 11*4096kB (U) = 19120736kB
[ 1301.975624][T16710] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1301.999786][T16710] Node 1 Normal: 19007*4kB (M) 10546*8kB (M) 5311*16kB (E) 2636*32kB (ME) 1316*64kB (ME) 658*128kB (UE) 327*256kB (U) 164*512kB (ME) 86*1024kB (UME) 41*2048kB () 902*4096kB (M) = 4532476kB
[ 1302.026865][T16710] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1302.036783][T16710] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1302.056744][T16710] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
23:56:53 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000440)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmmsg(r1, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000000)=""/84, 0x54}], 0x1}}], 0x1, 0x0, 0x0)

23:56:53 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1400000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:53 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0xc40, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:53 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
openat$capi20(0xffffffffffffff9c, &(0x7f0000000040)='/dev/capi20\x00', 0x400, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f0000000140)=0x100010003)

23:56:53 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000000100)='/dev/sg#\x00', 0x0, 0x10008002)
write(r0, &(0x7f0000000240)="b63db85e1e8d0200000000e1803599230000040000d2b13f00cebcfeffce4c15ef7adb5936794f4eb65bb1c5419f9405dd17", 0x32)

[ 1302.087664][T16710] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1302.107601][T16710] 48751 total pagecache pages
[ 1302.112379][T16710] 0 pages in swap cache
[ 1302.116640][T16710] Swap cache stats: add 0, delete 0, find 0/0
[ 1302.135150][T16710] Free swap  = 0kB
[ 1302.147575][T16710] Total swap = 0kB
[ 1302.151326][T16710] 1965979 pages RAM
[ 1302.172216][T16967] sg_write: data in/out 167162/4 bytes for SCSI command 0x36-- guessing data in;
23:56:53 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x6, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1302.172216][T16967]    program syz-executor.0 not setting count and/or reply_len properly
[ 1302.190235][T16710] 0 pages HighMem/MovableOnly
[ 1302.190779][T16968] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1302.194933][T16710] 339409 pages reserved
[ 1302.194940][T16710] 0 pages cma reserved
23:56:53 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1500000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1302.310757][T16968] CPU: 1 PID: 16968 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1302.319914][T16968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1302.329971][T16968] Call Trace:
[ 1302.333272][T16968]  dump_stack+0x172/0x1f0
[ 1302.337622][T16968]  warn_alloc.cold+0x88/0x184
[ 1302.342316][T16968]  ? zone_watermark_ok_safe+0x260/0x260
[ 1302.347867][T16968]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1302.353538][T16968]  ? find_held_lock+0x35/0x130
[ 1302.358395][T16968]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1302.364056][T16968]  __vmalloc_node_range+0x48a/0x790
[ 1302.369262][T16968]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1302.374289][T16968]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1302.379860][T16968]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1302.384941][T16968]  vmalloc_user+0x6b/0x90
[ 1302.389311][T16968]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1302.394350][T16968]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1302.399208][T16968]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1302.404248][T16968]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1302.410061][T16968]  __vb2_queue_alloc+0x5a6/0xf40
[ 1302.415027][T16968]  vb2_core_create_bufs+0x2bc/0x790
[ 1302.420260][T16968]  ? vim2m_buf_prepare+0x280/0x280
[ 1302.425389][T16968]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1302.430516][T16968]  ? lock_acquire+0x16f/0x3f0
[ 1302.435200][T16968]  ? __video_do_ioctl+0x398/0xce0
[ 1302.440239][T16968]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1302.446494][T16968]  vb2_create_bufs+0x47e/0x7a0
[ 1302.451295][T16968]  ? vb2_request_queue+0x120/0x120
[ 1302.456423][T16968]  ? mark_held_locks+0xf0/0xf0
[ 1302.461208][T16968]  ? debug_smp_processor_id+0x3c/0x280
[ 1302.466680][T16968]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1302.471712][T16968]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1302.477261][T16968]  v4l_create_bufs+0xc0/0x180
[ 1302.481963][T16968]  __video_do_ioctl+0x7f1/0xce0
[ 1302.486833][T16968]  ? v4l_s_fmt+0xa40/0xa40
[ 1302.491267][T16968]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1302.497517][T16968]  ? _copy_from_user+0xdd/0x150
[ 1302.502381][T16968]  video_usercopy+0x4c5/0x10d0
[ 1302.507151][T16968]  ? v4l_s_fmt+0xa40/0xa40
[ 1302.511594][T16968]  ? v4l_enumstd+0x70/0x70
[ 1302.516029][T16968]  ? mark_held_locks+0xf0/0xf0
[ 1302.520822][T16968]  ? debug_smp_processor_id+0x3c/0x280
[ 1302.526294][T16968]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1302.531850][T16968]  ? __fget+0x35a/0x550
[ 1302.536024][T16968]  ? find_held_lock+0x35/0x130
[ 1302.540798][T16968]  ? video_usercopy+0x10d0/0x10d0
[ 1302.545830][T16968]  video_ioctl2+0x2d/0x35
[ 1302.550176][T16968]  v4l2_ioctl+0x156/0x1b0
[ 1302.554510][T16968]  ? video_devdata+0xa0/0xa0
[ 1302.559133][T16968]  do_vfs_ioctl+0xd6e/0x1390
[ 1302.563769][T16968]  ? kasan_check_read+0x11/0x20
[ 1302.568627][T16968]  ? ioctl_preallocate+0x210/0x210
[ 1302.573742][T16968]  ? __fget+0x381/0x550
[ 1302.577923][T16968]  ? ksys_dup3+0x3e0/0x3e0
[ 1302.582378][T16968]  ? nsecs_to_jiffies+0x30/0x30
[ 1302.587247][T16968]  ? security_file_ioctl+0x93/0xc0
[ 1302.592385][T16968]  ksys_ioctl+0xab/0xd0
[ 1302.596563][T16968]  __x64_sys_ioctl+0x73/0xb0
[ 1302.601164][T16968]  do_syscall_64+0x103/0x610
[ 1302.605766][T16968]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1302.611660][T16968] RIP: 0033:0x457e29
[ 1302.615558][T16968] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1302.635179][T16968] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1302.643609][T16968] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1302.651579][T16968] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1302.659554][T16968] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1302.667524][T16968] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1302.675510][T16968] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:56:53 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070")
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/fib_triestat\x00')
preadv(r2, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000280)=""/4096, 0x1000}], 0x2, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1302.765491][T17078] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1302.831643][T17078] CPU: 1 PID: 17078 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1302.840791][T17078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1302.850851][T17078] Call Trace:
[ 1302.854167][T17078]  dump_stack+0x172/0x1f0
[ 1302.858543][T17078]  warn_alloc.cold+0x88/0x184
[ 1302.863235][T17078]  ? zone_watermark_ok_safe+0x260/0x260
[ 1302.868788][T17078]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1302.874460][T17078]  ? find_held_lock+0x35/0x130
[ 1302.879233][T17078]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1302.884890][T17078]  __vmalloc_node_range+0x48a/0x790
[ 1302.890111][T17078]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1302.895148][T17078]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1302.900699][T17078]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1302.905732][T17078]  vmalloc_user+0x6b/0x90
[ 1302.910070][T17078]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1302.915101][T17078]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1302.919975][T17078]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1302.925023][T17078]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1302.930835][T17078]  __vb2_queue_alloc+0x5a6/0xf40
[ 1302.935812][T17078]  vb2_core_create_bufs+0x2bc/0x790
[ 1302.941020][T17078]  ? vim2m_buf_prepare+0x280/0x280
[ 1302.946135][T17078]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1302.951254][T17078]  ? lock_acquire+0x16f/0x3f0
[ 1302.955962][T17078]  ? __video_do_ioctl+0x398/0xce0
[ 1302.961008][T17078]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1302.967266][T17078]  vb2_create_bufs+0x47e/0x7a0
[ 1302.972046][T17078]  ? vb2_request_queue+0x120/0x120
[ 1302.977170][T17078]  ? mark_held_locks+0xf0/0xf0
[ 1302.981941][T17078]  ? debug_smp_processor_id+0x3c/0x280
[ 1302.987420][T17078]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1302.992460][T17078]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1302.998015][T17078]  v4l_create_bufs+0xc0/0x180
[ 1303.002701][T17078]  __video_do_ioctl+0x7f1/0xce0
[ 1303.007567][T17078]  ? v4l_s_fmt+0xa40/0xa40
[ 1303.012005][T17078]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1303.018258][T17078]  ? _copy_from_user+0xdd/0x150
[ 1303.023120][T17078]  video_usercopy+0x4c5/0x10d0
[ 1303.027886][T17078]  ? v4l_s_fmt+0xa40/0xa40
[ 1303.032325][T17078]  ? v4l_enumstd+0x70/0x70
[ 1303.036750][T17078]  ? mark_held_locks+0xf0/0xf0
[ 1303.041522][T17078]  ? debug_smp_processor_id+0x3c/0x280
[ 1303.047004][T17078]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1303.052580][T17078]  ? __fget+0x35a/0x550
[ 1303.056744][T17078]  ? find_held_lock+0x35/0x130
[ 1303.061514][T17078]  ? video_usercopy+0x10d0/0x10d0
[ 1303.066534][T17078]  video_ioctl2+0x2d/0x35
[ 1303.070868][T17078]  v4l2_ioctl+0x156/0x1b0
[ 1303.075208][T17078]  ? video_devdata+0xa0/0xa0
[ 1303.079818][T17078]  do_vfs_ioctl+0xd6e/0x1390
[ 1303.084501][T17078]  ? kasan_check_read+0x11/0x20
[ 1303.089404][T17078]  ? ioctl_preallocate+0x210/0x210
[ 1303.094554][T17078]  ? __fget+0x381/0x550
[ 1303.098734][T17078]  ? ksys_dup3+0x3e0/0x3e0
[ 1303.103169][T17078]  ? nsecs_to_jiffies+0x30/0x30
[ 1303.108045][T17078]  ? security_file_ioctl+0x93/0xc0
[ 1303.113165][T17078]  ksys_ioctl+0xab/0xd0
[ 1303.117332][T17078]  __x64_sys_ioctl+0x73/0xb0
[ 1303.121939][T17078]  do_syscall_64+0x103/0x610
[ 1303.126547][T17078]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
23:56:54 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000380)="0adc1f023c123f3188a070")
r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x0)
dup3(r0, r1, 0x0)
syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0)

[ 1303.132441][T17078] RIP: 0033:0x457e29
[ 1303.136351][T17078] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1303.155962][T17078] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1303.164376][T17078] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1303.172353][T17078] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1303.172362][T17078] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1303.172372][T17078] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1303.172381][T17078] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:56:54 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x1800000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1303.245598][T16968] Mem-Info:
[ 1303.262456][T16968] active_anon:167860 inactive_anon:192 isolated_anon:0
[ 1303.262456][T16968]  active_file:13350 inactive_file:34916 isolated_file:0
[ 1303.262456][T16968]  unevictable:2 dirty:463 writeback:0 unstable:0
[ 1303.262456][T16968]  slab_reclaimable:17899 slab_unreclaimable:103047
[ 1303.262456][T16968]  mapped:58679 shmem:493 pagetables:3520 bounce:0
[ 1303.262456][T16968]  free:1054489 free_pcp:1184 free_cma:0
23:56:54 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x7, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:54 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xffffffffa0010000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1303.592201][T16968] Node 0 active_anon:669248kB inactive_anon:768kB active_file:53208kB inactive_file:139620kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234816kB dirty:1808kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 268288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1303.637974][T17394] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1303.652944][T16968] Node 1 active_anon:12kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:44kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1303.728379][T17394] CPU: 0 PID: 17394 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1303.737519][T17394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1303.747573][T17394] Call Trace:
[ 1303.750871][T17394]  dump_stack+0x172/0x1f0
[ 1303.755235][T17394]  warn_alloc.cold+0x88/0x184
[ 1303.759948][T17394]  ? zone_watermark_ok_safe+0x260/0x260
[ 1303.765499][T17394]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1303.771164][T17394]  ? find_held_lock+0x35/0x130
[ 1303.775950][T17394]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1303.780330][T16968] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1303.781611][T17394]  __vmalloc_node_range+0x48a/0x790
[ 1303.781631][T17394]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1303.781654][T17394]  ? kmem_cache_alloc_trace+0x354/0x760
23:56:54 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000440)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmmsg(r1, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000000)=""/84, 0x54}], 0x1}}], 0x1, 0x0, 0x0)

23:56:54 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000000100)='/dev/sg#\x00', 0x0, 0x10008002)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
readv(r0, &(0x7f00000016c0)=[{&(0x7f0000000180)=""/140, 0x2000020c}], 0x1)
write(r0, &(0x7f0000000240)="b63db85e1e8d0200000000e1803599230000040000d2b13f00cebcfeffce4c15ef7adb5936794f4eb65bb1c5419f9405dd172a9b5154dcc5ff516195e927b3b3c331428a5187", 0x46)

[ 1303.824196][T17394]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1303.829238][T17394]  vmalloc_user+0x6b/0x90
[ 1303.833577][T17394]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1303.838618][T17394]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1303.843472][T17394]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1303.848520][T17394]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1303.854332][T17394]  __vb2_queue_alloc+0x5a6/0xf40
[ 1303.859301][T17394]  vb2_core_create_bufs+0x2bc/0x790
[ 1303.864520][T17394]  ? vim2m_buf_prepare+0x280/0x280
[ 1303.869642][T17394]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1303.874762][T17394]  ? lock_acquire+0x16f/0x3f0
[ 1303.879447][T17394]  ? __video_do_ioctl+0x398/0xce0
[ 1303.884484][T17394]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1303.890728][T17394]  vb2_create_bufs+0x47e/0x7a0
[ 1303.895506][T17394]  ? vb2_request_queue+0x120/0x120
[ 1303.900631][T17394]  ? mark_held_locks+0xf0/0xf0
[ 1303.905400][T17394]  ? debug_smp_processor_id+0x3c/0x280
[ 1303.910876][T17394]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1303.915950][T17394]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1303.921504][T17394]  v4l_create_bufs+0xc0/0x180
[ 1303.926195][T17394]  __video_do_ioctl+0x7f1/0xce0
[ 1303.931060][T17394]  ? v4l_s_fmt+0xa40/0xa40
[ 1303.935493][T17394]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1303.941740][T17394]  ? _copy_from_user+0xdd/0x150
[ 1303.946612][T17394]  video_usercopy+0x4c5/0x10d0
[ 1303.951379][T17394]  ? v4l_s_fmt+0xa40/0xa40
[ 1303.955809][T17394]  ? v4l_enumstd+0x70/0x70
[ 1303.960236][T17394]  ? mark_held_locks+0xf0/0xf0
[ 1303.965014][T17394]  ? debug_smp_processor_id+0x3c/0x280
[ 1303.970495][T17394]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1303.976068][T17394]  ? __fget+0x35a/0x550
[ 1303.980229][T17394]  ? find_held_lock+0x35/0x130
[ 1303.984997][T17394]  ? video_usercopy+0x10d0/0x10d0
[ 1303.990036][T17394]  video_ioctl2+0x2d/0x35
[ 1303.994376][T17394]  v4l2_ioctl+0x156/0x1b0
[ 1303.998713][T17394]  ? video_devdata+0xa0/0xa0
[ 1304.003354][T17394]  do_vfs_ioctl+0xd6e/0x1390
[ 1304.007955][T17394]  ? kasan_check_read+0x11/0x20
[ 1304.012818][T17394]  ? ioctl_preallocate+0x210/0x210
[ 1304.017947][T17394]  ? __fget+0x381/0x550
[ 1304.022117][T17394]  ? ksys_dup3+0x3e0/0x3e0
[ 1304.026549][T17394]  ? nsecs_to_jiffies+0x30/0x30
[ 1304.031435][T17394]  ? security_file_ioctl+0x93/0xc0
[ 1304.036579][T17394]  ksys_ioctl+0xab/0xd0
[ 1304.040772][T17394]  __x64_sys_ioctl+0x73/0xb0
[ 1304.045370][T17394]  do_syscall_64+0x103/0x610
[ 1304.049976][T17394]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1304.055867][T17394] RIP: 0033:0x457e29
[ 1304.059805][T17394] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1304.079412][T17394] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1304.087833][T17394] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1304.095809][T17394] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1304.104267][T17394] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1304.112241][T17394] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1304.120216][T17394] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1304.144356][T16968] lowmem_reserve[]: 0 2553 2555 2555
[ 1304.158015][T16968] Node 0 DMA32 free:420188kB min:107912kB low:116968kB high:126024kB active_anon:673472kB inactive_anon:768kB active_file:53208kB inactive_file:139620kB unevictable:8kB writepending:1808kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10752kB pagetables:13932kB bounce:0kB free_pcp:2216kB local_pcp:1288kB free_cma:0kB
[ 1304.349568][T16968] lowmem_reserve[]: 0 0 2 2
[ 1304.368883][T16968] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1304.443134][T16968] lowmem_reserve[]: 0 0 0 0
[ 1304.451126][T16968] Node 1 Normal free:3781732kB min:53624kB low:67028kB high:80432kB active_anon:12kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:44kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:2420kB local_pcp:960kB free_cma:0kB
[ 1304.489072][T16968] lowmem_reserve[]: 0 0 0 0
[ 1304.494541][T16968] Node 0 DMA: 680*4kB (U) 340*8kB () 171*16kB () 87*32kB (U) 45*64kB (U) 23*128kB (U) 12*256kB (U) 6*512kB () 4*1024kB (U) 2*2048kB (M) 3*4096kB (UM) = 43408kB
[ 1304.517865][T16968] Node 0 DMA32: 276723*4kB (UME) 218494*8kB (UME) 77386*16kB (UME) 34350*32kB (UME) 16773*64kB (UME) 7265*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4470*2048kB (UM) 10*4096kB (UM) = 19168220kB
[ 1304.549370][T16968] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1304.572415][T16968] Node 1 Normal: 19069*4kB (UM) 10754*8kB (UM) 5573*16kB (UME) 2695*32kB (UME) 1335*64kB (UME) 670*128kB (UME) 332*256kB (U) 165*512kB (UME) 87*1024kB (UME) 42*2048kB (U) 918*4096kB (UM) = 4613620kB
[ 1304.602428][T16968] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1304.617242][T16968] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1304.634691][T16968] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1304.655642][T16968] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1304.666807][T16968] 48767 total pagecache pages
[ 1304.682432][T16968] 0 pages in swap cache
[ 1304.695719][T16968] Swap cache stats: add 0, delete 0, find 0/0
[ 1304.712146][T16968] Free swap  = 0kB
[ 1304.722767][T16968] Total swap = 0kB
[ 1304.727057][T16968] 1965979 pages RAM
[ 1304.745617][T16968] 0 pages HighMem/MovableOnly
[ 1304.755490][T16968] 339409 pages reserved
23:56:55 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x2000, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:55 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x6, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:55 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x8, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:55 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000000100)='/dev/sg#\x00', 0x0, 0x10008002)
prctl$PR_SET_KEEPCAPS(0x8, 0x0)
write$input_event(r0, 0x0, 0x0)

23:56:55 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000200)={{0x2, 0x0, @empty}, {0x0, @local}, 0x4a, {0x2, 0x0, @dev}, 'ip6_vti0\x00'})

23:56:55 executing program 2:
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)=<r0=>0x0)
r1 = getpid()
r2 = accept$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000100)=0x1c)
r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000140)='/proc/capi/capi20\x00', 0x406101, 0x0)
kcmp(r0, r1, 0x7, r2, r3)
r4 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0xfffffffffffffffe, 0x0)
ioctl$CAPI_GET_PROFILE(r4, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1304.763644][T16968] 0 pages cma reserved
[ 1304.839549][T17504] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1304.849635][T17511] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1304.875646][T17504] CPU: 1 PID: 17504 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1304.884774][T17504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1304.894835][T17504] Call Trace:
[ 1304.898151][T17504]  dump_stack+0x172/0x1f0
[ 1304.902531][T17504]  warn_alloc.cold+0x88/0x184
[ 1304.907323][T17504]  ? zone_watermark_ok_safe+0x260/0x260
[ 1304.912894][T17504]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1304.918561][T17504]  ? find_held_lock+0x35/0x130
[ 1304.923348][T17504]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1304.929020][T17504]  __vmalloc_node_range+0x48a/0x790
[ 1304.934235][T17504]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1304.939279][T17504]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1304.944835][T17504]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1304.949866][T17504]  vmalloc_user+0x6b/0x90
[ 1304.954216][T17504]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1304.959252][T17504]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1304.964110][T17504]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1304.969150][T17504]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1304.974987][T17504]  __vb2_queue_alloc+0x5a6/0xf40
[ 1304.979989][T17504]  vb2_core_create_bufs+0x2bc/0x790
[ 1304.985201][T17504]  ? vim2m_buf_prepare+0x280/0x280
[ 1304.990324][T17504]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1304.995456][T17504]  ? lock_acquire+0x16f/0x3f0
[ 1305.000145][T17504]  ? __video_do_ioctl+0x398/0xce0
[ 1305.005194][T17504]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1305.011451][T17504]  vb2_create_bufs+0x47e/0x7a0
[ 1305.011474][T17504]  ? vb2_request_queue+0x120/0x120
[ 1305.011508][T17504]  ? mark_held_locks+0xf0/0xf0
[ 1305.011536][T17504]  ? debug_smp_processor_id+0x3c/0x280
[ 1305.011569][T17504]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1305.021438][T17504]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1305.021457][T17504]  v4l_create_bufs+0xc0/0x180
[ 1305.021477][T17504]  __video_do_ioctl+0x7f1/0xce0
[ 1305.021502][T17504]  ? v4l_s_fmt+0xa40/0xa40
[ 1305.021528][T17504]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1305.021544][T17504]  ? _copy_from_user+0xdd/0x150
[ 1305.021568][T17504]  video_usercopy+0x4c5/0x10d0
[ 1305.072038][T17504]  ? v4l_s_fmt+0xa40/0xa40
[ 1305.076472][T17504]  ? v4l_enumstd+0x70/0x70
[ 1305.080919][T17504]  ? mark_held_locks+0xf0/0xf0
[ 1305.085698][T17504]  ? debug_smp_processor_id+0x3c/0x280
[ 1305.091166][T17504]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1305.096731][T17504]  ? __fget+0x35a/0x550
[ 1305.100908][T17504]  ? find_held_lock+0x35/0x130
[ 1305.105687][T17504]  ? video_usercopy+0x10d0/0x10d0
[ 1305.110725][T17504]  video_ioctl2+0x2d/0x35
[ 1305.115072][T17504]  v4l2_ioctl+0x156/0x1b0
[ 1305.119423][T17504]  ? video_devdata+0xa0/0xa0
[ 1305.124031][T17504]  do_vfs_ioctl+0xd6e/0x1390
[ 1305.128634][T17504]  ? kasan_check_read+0x11/0x20
[ 1305.133500][T17504]  ? ioctl_preallocate+0x210/0x210
[ 1305.138617][T17504]  ? __fget+0x381/0x550
[ 1305.142792][T17504]  ? ksys_dup3+0x3e0/0x3e0
[ 1305.147221][T17504]  ? nsecs_to_jiffies+0x30/0x30
[ 1305.152100][T17504]  ? security_file_ioctl+0x93/0xc0
[ 1305.157224][T17504]  ksys_ioctl+0xab/0xd0
[ 1305.161400][T17504]  __x64_sys_ioctl+0x73/0xb0
[ 1305.166014][T17504]  do_syscall_64+0x103/0x610
[ 1305.170621][T17504]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1305.176517][T17504] RIP: 0033:0x457e29
[ 1305.180439][T17504] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1305.200053][T17504] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1305.208472][T17504] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1305.216467][T17504] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1305.224448][T17504] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1305.232453][T17504] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
23:56:56 executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x100082)
r1 = memfd_create(&(0x7f0000000c80)='[trusted$\x00', 0x0)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c00, r1)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070")
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, "b92481f2b6049517f74de08916cf213343b15d035fc2fe51426f3c9125e1da89cad2929cd06aca1bd4b0a988279268e61234ff8a41cd19abd481eb55130d64ca", "a3510a8deb27705deb2fac58f4f379ddd8e50e8d868ee0425ecfc1c6f4a716df3e4be867d973bcc3e056a1a04eafdeacbd0e434a62db69a6bd53316c42f16b21", "f0642b0793a51cd04ad5c00d6cf24b506d17a8df96c5968a4226e09f847e4b08"})

23:56:56 executing program 2:
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1305.240441][T17504] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1305.252513][T17511] CPU: 0 PID: 17511 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1305.261642][T17511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1305.271689][T17511] Call Trace:
[ 1305.274992][T17511]  dump_stack+0x172/0x1f0
[ 1305.279344][T17511]  warn_alloc.cold+0x88/0x184
[ 1305.284037][T17511]  ? zone_watermark_ok_safe+0x260/0x260
[ 1305.289590][T17511]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1305.295233][T17511]  ? find_held_lock+0x35/0x130
[ 1305.300009][T17511]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1305.301691][T17504] warn_alloc_show_mem: 2 callbacks suppressed
[ 1305.301695][T17504] Mem-Info:
[ 1305.305665][T17511]  __vmalloc_node_range+0x48a/0x790
[ 1305.305687][T17511]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1305.305708][T17511]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1305.305730][T17511]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1305.312177][T17504] active_anon:169948 inactive_anon:194 isolated_anon:0
[ 1305.312177][T17504]  active_file:13350 inactive_file:34938 isolated_file:0
[ 1305.312177][T17504]  unevictable:2 dirty:485 writeback:0 unstable:0
[ 1305.312177][T17504]  slab_reclaimable:17883 slab_unreclaimable:103571
[ 1305.312177][T17504]  mapped:58661 shmem:493 pagetables:3510 bounce:0
[ 1305.312177][T17504]  free:1052509 free_pcp:1058 free_cma:0
[ 1305.314890][T17511]  vmalloc_user+0x6b/0x90
[ 1305.314938][T17511]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1305.314958][T17511]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1305.314973][T17511]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1305.314994][T17511]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1305.320732][T17504] Node 0 active_anon:679792kB inactive_anon:776kB active_file:53208kB inactive_file:139708kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1896kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 268288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1305.325186][T17511]  __vb2_queue_alloc+0x5a6/0xf40
[ 1305.325225][T17511]  vb2_core_create_bufs+0x2bc/0x790
[ 1305.325247][T17511]  ? vim2m_buf_prepare+0x280/0x280
[ 1305.325268][T17511]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1305.331173][T17504] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:44kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1305.335808][T17511]  ? lock_acquire+0x16f/0x3f0
[ 1305.335824][T17511]  ? __video_do_ioctl+0x398/0xce0
[ 1305.335851][T17511]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1305.335884][T17511]  vb2_create_bufs+0x47e/0x7a0
[ 1305.335925][T17511]  ? vb2_request_queue+0x120/0x120
[ 1305.374774][T17504] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1305.379017][T17511]  ? mark_held_locks+0xf0/0xf0
[ 1305.379035][T17511]  ? debug_smp_processor_id+0x3c/0x280
[ 1305.379061][T17511]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1305.379082][T17511]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1305.379098][T17511]  v4l_create_bufs+0xc0/0x180
[ 1305.379118][T17511]  __video_do_ioctl+0x7f1/0xce0
[ 1305.384433][T17504] lowmem_reserve[]: 0 2553 2555 2555
[ 1305.388979][T17511]  ? v4l_s_fmt+0xa40/0xa40
[ 1305.389006][T17511]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1305.389025][T17511]  ? _copy_from_user+0xdd/0x150
[ 1305.389045][T17511]  video_usercopy+0x4c5/0x10d0
[ 1305.389060][T17511]  ? v4l_s_fmt+0xa40/0xa40
[ 1305.389080][T17511]  ? v4l_enumstd+0x70/0x70
[ 1305.394393][T17504] Node 0 DMA32 free:412396kB min:107912kB low:116968kB high:126024kB active_anon:679792kB inactive_anon:776kB active_file:53208kB inactive_file:139708kB unevictable:8kB writepending:1896kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10880kB pagetables:14040kB bounce:0kB free_pcp:1812kB local_pcp:916kB free_cma:0kB
[ 1305.399882][T17511]  ? mark_held_locks+0xf0/0xf0
[ 1305.399916][T17511]  ? debug_smp_processor_id+0x3c/0x280
[ 1305.399937][T17511]  ? perf_trace_lock_acquire+0xf5/0x580
23:56:56 executing program 2:
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x4040, 0x0)
accept$unix(r0, 0x0, &(0x7f0000000080))
r1 = syz_open_dev$sndpcmp(&(0x7f0000001600)='/dev/snd/pcmC#D#p\x00', 0x9, 0x82002)
bind$ax25(r1, &(0x7f0000001640)={{0x3, @default, 0x3}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @null, @default, @default]}, 0x48)
r2 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r2, 0xc0044308, &(0x7f00000000c0)=0xfffa)

[ 1305.399958][T17511]  ? __fget+0x35a/0x550
[ 1305.399981][T17511]  ? find_held_lock+0x35/0x130
[ 1305.430736][T17504] lowmem_reserve[]: 0 0 2 2
[ 1305.434066][T17511]  ? video_usercopy+0x10d0/0x10d0
[ 1305.434082][T17511]  video_ioctl2+0x2d/0x35
[ 1305.434103][T17511]  v4l2_ioctl+0x156/0x1b0
[ 1305.434119][T17511]  ? video_devdata+0xa0/0xa0
[ 1305.434143][T17511]  do_vfs_ioctl+0xd6e/0x1390
23:56:56 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x200a, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1305.439868][T17504] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1305.444429][T17511]  ? kasan_check_read+0x11/0x20
[ 1305.444451][T17511]  ? ioctl_preallocate+0x210/0x210
[ 1305.444468][T17511]  ? __fget+0x381/0x550
[ 1305.444493][T17511]  ? ksys_dup3+0x3e0/0x3e0
[ 1305.444515][T17511]  ? nsecs_to_jiffies+0x30/0x30
[ 1305.450137][T17504] lowmem_reserve[]: 0 0 0 0
[ 1305.476267][T17511]  ? security_file_ioctl+0x93/0xc0
[ 1305.476303][T17511]  ksys_ioctl+0xab/0xd0
[ 1305.476323][T17511]  __x64_sys_ioctl+0x73/0xb0
[ 1305.476342][T17511]  do_syscall_64+0x103/0x610
[ 1305.476363][T17511]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1305.476375][T17511] RIP: 0033:0x457e29
[ 1305.476394][T17511] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1305.481730][T17504] Node 1 Normal free:3781732kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:44kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:2420kB local_pcp:1460kB free_cma:0kB
[ 1305.486075][T17511] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1305.486091][T17511] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1305.486101][T17511] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1305.486110][T17511] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
23:56:56 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x17, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1305.486120][T17511] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1305.486130][T17511] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1305.530280][T17504] lowmem_reserve[]: 0 0 0 0
[ 1305.659362][T17504] Node 0 DMA: 680*4kB (U) 340*8kB () 171*16kB () 87*32kB (U) 45*64kB (U) 23*128kB (U) 12*256kB (U) 6*512kB () 4*1024kB (U) 2*2048kB (M) 3*4096kB (UM) = 43408kB
[ 1305.797495][T17504] Node 0 DMA32: 276640*4kB (UME) 218518*8kB (UME) 77400*16kB (UME) 34356*32kB (UME) 16772*64kB (UME) 7265*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4472*2048kB (UM) 10*4096kB (UM) = 19172528kB
[ 1305.877167][T17947] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
23:56:57 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0xcef, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1306.072872][T17947] CPU: 0 PID: 17947 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1306.077618][T17504] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1306.082031][T17947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1306.082044][T17947] Call Trace:
[ 1306.099606][T17504] Node 1 Normal: 19070*4kB (UM) 10757*8kB (UM) 5575*16kB (UME) 2697*32kB (UME) 1335*64kB (UME) 671*128kB (UME) 332*256kB (U) 165*512kB (UME) 87*1024kB (UME) 42*2048kB (U) 918*4096kB (UM) = 4613872kB
[ 1306.106794][T17947]  dump_stack+0x172/0x1f0
[ 1306.110375][T17504] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1306.129416][T17947]  warn_alloc.cold+0x88/0x184
[ 1306.129437][T17947]  ? zone_watermark_ok_safe+0x260/0x260
[ 1306.129453][T17947]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1306.129475][T17947]  ? find_held_lock+0x35/0x130
[ 1306.134888][T17504] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1306.143326][T17947]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1306.143364][T17947]  __vmalloc_node_range+0x48a/0x790
[ 1306.143387][T17947]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1306.148372][T17504] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1306.153597][T17947]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1306.159506][T17504] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1306.163969][T17947]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1306.173521][T17504] 48797 total pagecache pages
[ 1306.178856][T17947]  vmalloc_user+0x6b/0x90
[ 1306.178876][T17947]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1306.178894][T17947]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1306.178926][T17947]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1306.185181][T17504] 0 pages in swap cache
[ 1306.189144][T17947]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1306.189160][T17947]  __vb2_queue_alloc+0x5a6/0xf40
[ 1306.189198][T17947]  vb2_core_create_bufs+0x2bc/0x790
[ 1306.199115][T17504] Swap cache stats: add 0, delete 0, find 0/0
[ 1306.204254][T17947]  ? vim2m_buf_prepare+0x280/0x280
[ 1306.214323][T17504] Free swap  = 0kB
[ 1306.219062][T17947]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1306.219080][T17947]  ? lock_acquire+0x16f/0x3f0
[ 1306.219108][T17947]  ? __video_do_ioctl+0x398/0xce0
[ 1306.219144][T17947]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1306.224929][T17504] Total swap = 0kB
[ 1306.228129][T17947]  vb2_create_bufs+0x47e/0x7a0
[ 1306.228151][T17947]  ? vb2_request_queue+0x120/0x120
[ 1306.228184][T17947]  ? mark_held_locks+0xf0/0xf0
[ 1306.233301][T17504] 1965979 pages RAM
23:56:57 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000080)='/dev/capi20\x00', 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
fcntl$setown(r0, 0x8, r1)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:56:57 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0xef0c, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1306.238028][T17947]  ? debug_smp_processor_id+0x3c/0x280
[ 1306.238053][T17947]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1306.238073][T17947]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1306.243079][T17504] 0 pages HighMem/MovableOnly
[ 1306.247230][T17947]  v4l_create_bufs+0xc0/0x180
[ 1306.255014][T17504] 339409 pages reserved
[ 1306.257955][T17947]  __video_do_ioctl+0x7f1/0xce0
[ 1306.257979][T17947]  ? v4l_s_fmt+0xa40/0xa40
[ 1306.258005][T17947]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1306.264124][T17504] 0 pages cma reserved
[ 1306.269246][T17947]  ? _copy_from_user+0xdd/0x150
[ 1306.269267][T17947]  video_usercopy+0x4c5/0x10d0
[ 1306.269282][T17947]  ? v4l_s_fmt+0xa40/0xa40
[ 1306.269302][T17947]  ? v4l_enumstd+0x70/0x70
[ 1306.388644][T17947]  ? mark_held_locks+0xf0/0xf0
[ 1306.393441][T17947]  ? debug_smp_processor_id+0x3c/0x280
[ 1306.398951][T17947]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1306.404513][T17947]  ? __fget+0x35a/0x550
[ 1306.408693][T17947]  ? find_held_lock+0x35/0x130
[ 1306.413478][T17947]  ? video_usercopy+0x10d0/0x10d0
[ 1306.418503][T17947]  video_ioctl2+0x2d/0x35
[ 1306.422843][T17947]  v4l2_ioctl+0x156/0x1b0
[ 1306.427175][T17947]  ? video_devdata+0xa0/0xa0
[ 1306.431777][T17947]  do_vfs_ioctl+0xd6e/0x1390
[ 1306.436382][T17947]  ? kasan_check_read+0x11/0x20
[ 1306.441249][T17947]  ? ioctl_preallocate+0x210/0x210
[ 1306.446369][T17947]  ? __fget+0x381/0x550
[ 1306.450546][T17947]  ? ksys_dup3+0x3e0/0x3e0
[ 1306.450563][T17947]  ? nsecs_to_jiffies+0x30/0x30
[ 1306.450611][T17947]  ? security_file_ioctl+0x93/0xc0
[ 1306.464978][T17947]  ksys_ioctl+0xab/0xd0
[ 1306.469150][T17947]  __x64_sys_ioctl+0x73/0xb0
[ 1306.473757][T17947]  do_syscall_64+0x103/0x610
[ 1306.478383][T17947]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1306.484278][T17947] RIP: 0033:0x457e29
[ 1306.488154][T17947] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1306.507736][T17947] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1306.516126][T17947] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
23:56:57 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0xa, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:57 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0xcef, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1306.524077][T17947] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1306.532051][T17947] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1306.540018][T17947] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1306.547969][T17947] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1306.558933][T17947] warn_alloc_show_mem: 1 callbacks suppressed
[ 1306.558938][T17947] Mem-Info:
[ 1306.565131][T17947] active_anon:167896 inactive_anon:191 isolated_anon:0
[ 1306.565131][T17947]  active_file:13350 inactive_file:34953 isolated_file:0
[ 1306.565131][T17947]  unevictable:2 dirty:500 writeback:0 unstable:0
[ 1306.565131][T17947]  slab_reclaimable:17866 slab_unreclaimable:103300
[ 1306.565131][T17947]  mapped:58682 shmem:493 pagetables:3434 bounce:0
[ 1306.565131][T17947]  free:1055052 free_pcp:1004 free_cma:0
23:56:57 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup/syz0\x00', 0x200002, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r0, 0x50, &(0x7f0000000100)}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x0, 0xfffffffffffbfffd}, 0x10)
pipe(&(0x7f0000000ac0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000580)={'ip6gretap0\x00'})
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000440), 0x3e9)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000280), &(0x7f0000000600)=0x4)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e23, @remote}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000640)='dctcp\x00N\xc7\xfcd\xf7\x8a\x06\xa2>k;\x9eOP\xe1?\xe4\xe2R>\xec\xd3;\x80\x9f\x92\x8d;>\xee\xb8[w\n\xa7M\n\xec\xe8t\xf4{3f\x97\xf8?\xee\x93$T\xc1\xd4N8\xd6\a\x10%=\xc6G\xc2\xa0\xfe]Q\x01Bd\\\xe2\x05i$\xb5\xf9|T\x16Hy\xb4\x9f\xa2i\xe0s\x14\x9c\xefDn\xb2y\x86\xa3]\x81\t\x9e\x86\xb3z\xb5\xf5dQ6\xaf\xab\x938-SL\xa0.\xd5V\x95g\xbax\x9b-W\x06\xd3{\x92\x8d=\x18\xbe$\x88*}\xaf\x12f\x93\xde\x00\x01~m\x95\xe9\x11\xbd\x8c\xa9\xfb\xbe}\xdc\x05}+\xa3q\xf0\xa8\xfe\x16.\xf42ZI,\f3{\xd8I\x84\xdb\xd2\x1er\x93\xe58z\x94\xfb\xc3\x8c\xd9Gj\xd6\x18\a\'\xc1w|u/\x9a6\xc2\x03,8\x9f9\xe3u\x846\x06\x191a\\\xcb\x17\xf9\x1f\xda\xb8\x80B!\x9d~\xde', 0x10000000f)
ioctl(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_EDIT(0xffffffffffffffff, 0x0, 0x483, 0x0, 0x87)
sendto$inet(r4, 0x0, 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23}, 0x10)
socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x3dd)
bind$alg(0xffffffffffffffff, 0x0, 0xffffffffffffff1e)
socketpair(0x0, 0x0, 0x0, 0x0)
getsockopt$XDP_MMAP_OFFSETS(0xffffffffffffffff, 0x11b, 0x1, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
ioctl$sock_inet_tcp_SIOCOUTQ(r1, 0x5411, 0x0)
sendto$inet(r4, &(0x7f00000001c0)="c3401c344654f3c7d9b41ba48c8d319aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0001c0d32cc1f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c3400080000000000009d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x4080, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000000c0)='yeah\x00', 0x5)
shutdown(r4, 0x1)

23:56:57 executing program 2:
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video1\x00', 0x2, 0x0)
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
fsetxattr(r0, &(0x7f00000002c0)=@random={'security.', 'proc\x00'}, &(0x7f0000000300)='/dev/capi20\x00', 0xc, 0x3)
r1 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x8, 0x2000)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0x5, &(0x7f0000000280)=0x101, 0x4)
r2 = getpgrp(0x0)
r3 = syz_open_dev$vcsn(&(0x7f0000000180)='/dev/vcs#\x00', 0x63, 0x40000)
ioctl$IMDELTIMER(r3, 0x80044941, &(0x7f00000001c0)=0x3)
symlink(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00')
fcntl$getownex(r3, 0x10, &(0x7f0000000200))
sched_getattr(r2, &(0x7f0000000040), 0x30, 0x0)

23:56:57 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x5)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0xffffffff00000000, @empty}}, 0xac14141a, 0x0, 0xfffc, 0x0, 0x54}, 0x98)

[ 1306.627612][T17947] Node 0 active_anon:669428kB inactive_anon:776kB active_file:53208kB inactive_file:139796kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1992kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 268288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
23:56:57 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0xef0c, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1306.718876][T18249] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1306.753239][T18249] CPU: 0 PID: 18249 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1306.762384][T18249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1306.772444][T18249] Call Trace:
[ 1306.775747][T18249]  dump_stack+0x172/0x1f0
[ 1306.780098][T18249]  warn_alloc.cold+0x88/0x184
[ 1306.784797][T18249]  ? zone_watermark_ok_safe+0x260/0x260
[ 1306.790367][T18249]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1306.796010][T18249]  ? find_held_lock+0x35/0x130
[ 1306.800786][T18249]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1306.806447][T18249]  __vmalloc_node_range+0x48a/0x790
[ 1306.811663][T18249]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1306.816704][T18249]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1306.822268][T18249]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1306.827301][T18249]  vmalloc_user+0x6b/0x90
[ 1306.831643][T18249]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1306.836690][T18249]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1306.841544][T18249]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1306.846591][T18249]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1306.852975][T18249]  __vb2_queue_alloc+0x5a6/0xf40
[ 1306.857971][T18249]  vb2_core_create_bufs+0x2bc/0x790
[ 1306.863186][T18249]  ? vim2m_buf_prepare+0x280/0x280
[ 1306.863204][T18249]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1306.863222][T18249]  ? lock_acquire+0x16f/0x3f0
[ 1306.863236][T18249]  ? __video_do_ioctl+0x398/0xce0
[ 1306.863261][T18249]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1306.873478][T18249]  vb2_create_bufs+0x47e/0x7a0
[ 1306.894157][T18249]  ? vb2_request_queue+0x120/0x120
[ 1306.899283][T18249]  ? mark_held_locks+0xf0/0xf0
[ 1306.904060][T18249]  ? debug_smp_processor_id+0x3c/0x280
[ 1306.909537][T18249]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1306.914581][T18249]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1306.920135][T18249]  v4l_create_bufs+0xc0/0x180
[ 1306.924824][T18249]  __video_do_ioctl+0x7f1/0xce0
[ 1306.929697][T18249]  ? v4l_s_fmt+0xa40/0xa40
[ 1306.934136][T18249]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1306.940381][T18249]  ? _copy_from_user+0xdd/0x150
[ 1306.945242][T18249]  video_usercopy+0x4c5/0x10d0
[ 1306.950010][T18249]  ? v4l_s_fmt+0xa40/0xa40
[ 1306.954443][T18249]  ? v4l_enumstd+0x70/0x70
[ 1306.958869][T18249]  ? mark_held_locks+0xf0/0xf0
[ 1306.963657][T18249]  ? debug_smp_processor_id+0x3c/0x280
[ 1306.969125][T18249]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1306.974692][T18249]  ? __fget+0x35a/0x550
[ 1306.978866][T18249]  ? find_held_lock+0x35/0x130
[ 1306.983653][T18249]  ? video_usercopy+0x10d0/0x10d0
[ 1306.988696][T18249]  video_ioctl2+0x2d/0x35
[ 1306.993036][T18249]  v4l2_ioctl+0x156/0x1b0
[ 1306.997370][T18249]  ? video_devdata+0xa0/0xa0
[ 1307.001970][T18249]  do_vfs_ioctl+0xd6e/0x1390
[ 1307.006568][T18249]  ? kasan_check_read+0x11/0x20
[ 1307.011431][T18249]  ? ioctl_preallocate+0x210/0x210
[ 1307.016560][T18249]  ? __fget+0x381/0x550
[ 1307.020729][T18249]  ? ksys_dup3+0x3e0/0x3e0
[ 1307.025156][T18249]  ? nsecs_to_jiffies+0x30/0x30
[ 1307.030029][T18249]  ? security_file_ioctl+0x93/0xc0
[ 1307.035147][T18249]  ksys_ioctl+0xab/0xd0
[ 1307.039312][T18249]  __x64_sys_ioctl+0x73/0xb0
[ 1307.043930][T18249]  do_syscall_64+0x103/0x610
[ 1307.048535][T18249]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1307.054426][T18249] RIP: 0033:0x457e29
[ 1307.058977][T18249] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1307.078589][T18249] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1307.087002][T18249] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
23:56:58 executing program 2:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x0, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, &(0x7f0000000080)=0x80000000, 0x4)
openat$capi20(0xffffffffffffff9c, &(0x7f0000000100)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x2ff46a35)

[ 1307.088566][T17947] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:44kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1307.094976][T18249] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1307.094986][T18249] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1307.094996][T18249] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1307.095006][T18249] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1307.157688][T17947] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1307.282996][T17947] lowmem_reserve[]: 0 2553 2555 2555
[ 1307.315581][T17947] Node 0 DMA32 free:424056kB min:107912kB low:116968kB high:126024kB active_anon:669596kB inactive_anon:776kB active_file:53208kB inactive_file:139796kB unevictable:8kB writepending:660kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10624kB pagetables:13744kB bounce:0kB free_pcp:1780kB local_pcp:312kB free_cma:0kB
[ 1307.358687][T17947] lowmem_reserve[]: 0 0 2 2
[ 1307.364933][T17947] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1307.427639][T17947] lowmem_reserve[]: 0 0 0 0
[ 1307.432292][T17947] Node 1 Normal free:3781984kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:16kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:2168kB local_pcp:708kB free_cma:0kB
[ 1307.461439][T17947] lowmem_reserve[]: 0 0 0 0
[ 1307.466064][T17947] Node 0 DMA: 680*4kB (U) 340*8kB () 171*16kB () 87*32kB (U) 45*64kB (U) 23*128kB (U) 12*256kB (U) 6*512kB () 4*1024kB (U) 2*2048kB (M) 3*4096kB (UM) = 43408kB
[ 1307.482289][T17947] Node 0 DMA32: 276729*4kB (UME) 218344*8kB (UME) 77428*16kB (UME) 34364*32kB (UME) 16776*64kB (UME) 7265*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4476*2048kB (UM) 11*4096kB (UM) = 19184740kB
[ 1307.504139][T17947] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1307.518614][T17947] Node 1 Normal: 19070*4kB (UM) 10757*8kB (UM) 5575*16kB (UME) 2697*32kB (UME) 1335*64kB (UME) 671*128kB (UME) 332*256kB (U) 165*512kB (UME) 87*1024kB (UME) 42*2048kB (U) 918*4096kB (UM) = 4613872kB
[ 1307.538300][T17947] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1307.548002][T17947] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1307.557373][T17947] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1307.567103][T17947] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
23:56:58 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00')
sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x909, 0x0, 0x0, {{}, 0x0, 0x8001, 0x0, {0x8}}}, 0x24}}, 0x0)

23:56:58 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0xc, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:58 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x4000, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:56:58 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='autogroup\x00')
ioctl$VIDIOC_SUBDEV_G_FMT(r1, 0xc0585604, &(0x7f0000000100)={0x1, 0x0, {0x5, 0x5, 0x200e, 0x4, 0x9, 0x1, 0x1, 0x7}})
ioctl$CAPI_NCCI_OPENCOUNT(r0, 0x80044326, &(0x7f0000000040)=0x6)

23:56:58 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x400000, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:58 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x5)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0xfffc, 0xe00000000000000, 0x54}, 0x98)

[ 1307.576772][T17947] 48818 total pagecache pages
[ 1307.581619][T17947] 0 pages in swap cache
[ 1307.585867][T17947] Swap cache stats: add 0, delete 0, find 0/0
[ 1307.592109][T17947] Free swap  = 0kB
[ 1307.595986][T17947] Total swap = 0kB
[ 1307.599850][T17947] 1965979 pages RAM
[ 1307.603782][T17947] 0 pages HighMem/MovableOnly
[ 1307.608627][T17947] 339409 pages reserved
[ 1307.612833][T17947] 0 pages cma reserved
[ 1307.655347][T18673] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1307.721376][T18761] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1307.732972][T18673] CPU: 1 PID: 18673 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1307.744458][T18673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1307.754532][T18673] Call Trace:
[ 1307.757837][T18673]  dump_stack+0x172/0x1f0
[ 1307.762182][T18673]  warn_alloc.cold+0x88/0x184
[ 1307.766879][T18673]  ? zone_watermark_ok_safe+0x260/0x260
[ 1307.772467][T18673]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1307.778127][T18673]  ? find_held_lock+0x35/0x130
[ 1307.782913][T18673]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1307.788574][T18673]  __vmalloc_node_range+0x48a/0x790
[ 1307.793779][T18673]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1307.798814][T18673]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1307.804366][T18673]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1307.809456][T18673]  vmalloc_user+0x6b/0x90
[ 1307.813793][T18673]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1307.818828][T18673]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1307.823682][T18673]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1307.828748][T18673]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1307.834578][T18673]  __vb2_queue_alloc+0x5a6/0xf40
[ 1307.839547][T18673]  vb2_core_create_bufs+0x2bc/0x790
[ 1307.844759][T18673]  ? vim2m_buf_prepare+0x280/0x280
[ 1307.849968][T18673]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1307.855089][T18673]  ? lock_acquire+0x16f/0x3f0
[ 1307.859769][T18673]  ? __video_do_ioctl+0x398/0xce0
[ 1307.864809][T18673]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
23:56:58 executing program 0:

23:56:58 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0xcef, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1307.871065][T18673]  vb2_create_bufs+0x47e/0x7a0
[ 1307.875835][T18673]  ? vb2_request_queue+0x120/0x120
[ 1307.880961][T18673]  ? mark_held_locks+0xf0/0xf0
[ 1307.885736][T18673]  ? debug_smp_processor_id+0x3c/0x280
[ 1307.891225][T18673]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1307.896265][T18673]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1307.901813][T18673]  v4l_create_bufs+0xc0/0x180
[ 1307.901835][T18673]  __video_do_ioctl+0x7f1/0xce0
[ 1307.901859][T18673]  ? v4l_s_fmt+0xa40/0xa40
[ 1307.911374][T18673]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1307.911392][T18673]  ? _copy_from_user+0xdd/0x150
[ 1307.911419][T18673]  video_usercopy+0x4c5/0x10d0
[ 1307.911434][T18673]  ? v4l_s_fmt+0xa40/0xa40
[ 1307.911458][T18673]  ? v4l_enumstd+0x70/0x70
[ 1307.940494][T18673]  ? mark_held_locks+0xf0/0xf0
[ 1307.945291][T18673]  ? debug_smp_processor_id+0x3c/0x280
[ 1307.950755][T18673]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1307.956320][T18673]  ? __fget+0x35a/0x550
[ 1307.960503][T18673]  ? find_held_lock+0x35/0x130
[ 1307.965274][T18673]  ? video_usercopy+0x10d0/0x10d0
23:56:59 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0xef0c, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:56:59 executing program 0:

[ 1307.970306][T18673]  video_ioctl2+0x2d/0x35
[ 1307.974650][T18673]  v4l2_ioctl+0x156/0x1b0
[ 1307.978989][T18673]  ? video_devdata+0xa0/0xa0
[ 1307.983592][T18673]  do_vfs_ioctl+0xd6e/0x1390
[ 1307.988194][T18673]  ? kasan_check_read+0x11/0x20
[ 1307.993060][T18673]  ? ioctl_preallocate+0x210/0x210
[ 1307.998182][T18673]  ? __fget+0x381/0x550
[ 1308.002351][T18673]  ? ksys_dup3+0x3e0/0x3e0
[ 1308.006783][T18673]  ? nsecs_to_jiffies+0x30/0x30
[ 1308.011660][T18673]  ? security_file_ioctl+0x93/0xc0
[ 1308.016789][T18673]  ksys_ioctl+0xab/0xd0
[ 1308.020963][T18673]  __x64_sys_ioctl+0x73/0xb0
[ 1308.025567][T18673]  do_syscall_64+0x103/0x610
[ 1308.030170][T18673]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1308.036063][T18673] RIP: 0033:0x457e29
[ 1308.039967][T18673] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1308.059584][T18673] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
23:56:59 executing program 0:

[ 1308.068003][T18673] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1308.075991][T18673] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1308.083972][T18673] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1308.091952][T18673] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1308.099941][T18673] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1308.111492][T18761] CPU: 0 PID: 18761 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1308.120615][T18761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1308.130767][T18761] Call Trace:
[ 1308.134066][T18761]  dump_stack+0x172/0x1f0
[ 1308.138449][T18761]  warn_alloc.cold+0x88/0x184
[ 1308.143145][T18761]  ? zone_watermark_ok_safe+0x260/0x260
[ 1308.148699][T18761]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1308.154339][T18761]  ? find_held_lock+0x35/0x130
[ 1308.159111][T18761]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1308.164773][T18761]  __vmalloc_node_range+0x48a/0x790
[ 1308.169987][T18761]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1308.175024][T18761]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1308.180578][T18761]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1308.185609][T18761]  vmalloc_user+0x6b/0x90
[ 1308.189978][T18761]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1308.195007][T18761]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1308.199861][T18761]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1308.204948][T18761]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1308.211006][T18761]  __vb2_queue_alloc+0x5a6/0xf40
[ 1308.215981][T18761]  vb2_core_create_bufs+0x2bc/0x790
[ 1308.221186][T18761]  ? vim2m_buf_prepare+0x280/0x280
[ 1308.226303][T18761]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1308.231417][T18761]  ? lock_acquire+0x16f/0x3f0
[ 1308.236101][T18761]  ? __video_do_ioctl+0x398/0xce0
[ 1308.241137][T18761]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1308.247437][T18761]  vb2_create_bufs+0x47e/0x7a0
[ 1308.252217][T18761]  ? vb2_request_queue+0x120/0x120
[ 1308.257349][T18761]  ? mark_held_locks+0xf0/0xf0
[ 1308.262116][T18761]  ? debug_smp_processor_id+0x3c/0x280
[ 1308.267591][T18761]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1308.273468][T18761]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1308.279015][T18761]  v4l_create_bufs+0xc0/0x180
[ 1308.283709][T18761]  __video_do_ioctl+0x7f1/0xce0
[ 1308.288572][T18761]  ? v4l_s_fmt+0xa40/0xa40
[ 1308.293006][T18761]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1308.293417][T18673] warn_alloc_show_mem: 1 callbacks suppressed
[ 1308.293423][T18673] Mem-Info:
[ 1308.299254][T18761]  ? _copy_from_user+0xdd/0x150
[ 1308.299276][T18761]  video_usercopy+0x4c5/0x10d0
[ 1308.299298][T18761]  ? v4l_s_fmt+0xa40/0xa40
[ 1308.299336][T18761]  ? v4l_enumstd+0x70/0x70
[ 1308.299366][T18761]  ? mark_held_locks+0xf0/0xf0
[ 1308.305559][T18673] active_anon:168437 inactive_anon:192 isolated_anon:0
[ 1308.305559][T18673]  active_file:13350 inactive_file:34974 isolated_file:0
[ 1308.305559][T18673]  unevictable:2 dirty:166 writeback:0 unstable:0
[ 1308.305559][T18673]  slab_reclaimable:17781 slab_unreclaimable:103328
[ 1308.305559][T18673]  mapped:58661 shmem:493 pagetables:3497 bounce:0
[ 1308.305559][T18673]  free:1054523 free_pcp:935 free_cma:0
[ 1308.308520][T18761]  ? debug_smp_processor_id+0x3c/0x280
[ 1308.308541][T18761]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1308.308563][T18761]  ? __fget+0x35a/0x550
[ 1308.308580][T18761]  ? find_held_lock+0x35/0x130
[ 1308.308601][T18761]  ? video_usercopy+0x10d0/0x10d0
23:56:59 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000680)='/dev/video2\x00', 0x2, 0x0)
ioctl$VIDIOC_G_CTRL(r1, 0xc008561b, &(0x7f00000006c0)={0x2, 0x9})
r2 = fcntl$dupfd(0xffffffffffffff9c, 0x406, r0)
fcntl$notify(r0, 0x402, 0x10)
execveat(r2, &(0x7f0000000240)='./file0\x00', &(0x7f00000004c0)=[&(0x7f0000000280)='\x00', &(0x7f00000002c0)='/dev/capi20\x00', &(0x7f0000000300)='/dev/capi20\x00', &(0x7f0000000340)='/dev/capi20\x00', &(0x7f0000000380)='em1%\x00', &(0x7f00000003c0)='/dev/capi20\x00', &(0x7f0000000400)='/dev/capi20\x00', &(0x7f0000000440)='/dev/capi20\x00', &(0x7f0000000480)='/dev/capi20\x00'], &(0x7f0000000600)=[&(0x7f0000000540)='em0vboxnet0/+\x00', &(0x7f0000000580)='/dev/capi20\x00', &(0x7f00000005c0)='/dev/capi20\x00'], 0x1100)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{<r3=>0x0}, {}]})
ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f0000000780)={0x9, &(0x7f0000000700)=[{}, {}, {}, {}, {}, {}, {}, {}, {}]})
ioctl$DRM_IOCTL_DMA(r0, 0xc0406429, &(0x7f0000000200)={r3, 0x1, &(0x7f0000000100)=[0x8], &(0x7f0000000140)=[0x1], 0x51, 0x9, 0x80, &(0x7f0000000180)=[0x3, 0x3ff, 0x5, 0x6a, 0x400, 0x92b0, 0x0, 0x7, 0x2], &(0x7f00000001c0)=[0x100000001, 0xa0, 0x9, 0x1, 0x2]})
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000640)=0x4)

[ 1308.313548][T18673] Node 0 active_anon:673748kB inactive_anon:768kB active_file:53208kB inactive_file:139852kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:648kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 264192kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1308.318206][T18761]  video_ioctl2+0x2d/0x35
[ 1308.318227][T18761]  v4l2_ioctl+0x156/0x1b0
[ 1308.318267][T18761]  ? video_devdata+0xa0/0xa0
[ 1308.318287][T18761]  do_vfs_ioctl+0xd6e/0x1390
[ 1308.318322][T18761]  ? kasan_check_read+0x11/0x20
[ 1308.322845][T18673] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:16kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1308.327143][T18761]  ? ioctl_preallocate+0x210/0x210
[ 1308.327160][T18761]  ? __fget+0x381/0x550
[ 1308.327196][T18761]  ? ksys_dup3+0x3e0/0x3e0
[ 1308.327217][T18761]  ? nsecs_to_jiffies+0x30/0x30
[ 1308.332080][T18673] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1308.370080][T18761]  ? security_file_ioctl+0x93/0xc0
[ 1308.370102][T18761]  ksys_ioctl+0xab/0xd0
[ 1308.370124][T18761]  __x64_sys_ioctl+0x73/0xb0
[ 1308.370142][T18761]  do_syscall_64+0x103/0x610
[ 1308.370163][T18761]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1308.370184][T18761] RIP: 0033:0x457e29
[ 1308.375757][T18673] lowmem_reserve[]: 0 2553 2555 2555
[ 1308.381160][T18761] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
23:56:59 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x400000, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1308.381169][T18761] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1308.381185][T18761] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1308.381195][T18761] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1308.381205][T18761] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1308.381214][T18761] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1308.381223][T18761] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1308.386590][T18673] Node 0 DMA32 free:420200kB min:107912kB low:116968kB high:126024kB active_anon:673748kB inactive_anon:768kB active_file:53208kB inactive_file:139852kB unevictable:8kB writepending:648kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10720kB pagetables:13988kB bounce:0kB free_pcp:1500kB local_pcp:636kB free_cma:0kB
[ 1308.508740][T18673] lowmem_reserve[]: 0 0 2 2
[ 1308.674057][T18673] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1308.714563][T18673] lowmem_reserve[]: 0 0 0 0
[ 1308.720867][T18673] Node 1 Normal free:3782184kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:16kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1916kB local_pcp:1460kB free_cma:0kB
[ 1308.764173][T18673] lowmem_reserve[]: 0 0 0 0
[ 1308.770010][T18673] Node 0 DMA: 680*4kB (U) 340*8kB () 171*16kB () 87*32kB (U) 45*64kB (U) 23*128kB (U) 12*256kB (U) 6*512kB () 4*1024kB (U) 2*2048kB (M) 3*4096kB (UM) = 43408kB
[ 1308.787186][T18673] Node 0 DMA32: 276585*4kB (UME) 218310*8kB (UME) 77449*16kB (UME) 34365*32kB (UME) 16776*64kB (UME) 7265*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4479*2048kB (UM) 11*4096kB (UM) = 19190404kB
[ 1308.809187][T18673] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1308.824670][T18673] Node 1 Normal: 19083*4kB (UM) 10760*8kB (UM) 5578*16kB (UME) 2697*32kB (UME) 1337*64kB (UME) 671*128kB (UME) 332*256kB (U) 165*512kB (UME) 87*1024kB (UME) 42*2048kB (U) 918*4096kB (UM) = 4614124kB
[ 1308.844583][T18673] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1308.855212][T18673] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1308.865529][T18673] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
23:57:00 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x48, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:00 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x400c, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:00 executing program 3:

23:57:00 executing program 0:

23:57:00 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:57:00 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x101000, 0x0)
ioctl$EVIOCGBITSND(r0, 0x80404532, &(0x7f00000000c0)=""/111)
setxattr$security_selinux(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='security.selinux\x00', &(0x7f0000000180)='system_u:object_r:gpg_exec_t:s0\x00', 0x20, 0x3)
openat$capi20(0xffffffffffffff9c, &(0x7f0000000080)='/dev/capi20\x00', 0x20000, 0x0)

[ 1308.875225][T18673] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1308.884796][T18673] 48835 total pagecache pages
[ 1308.889644][T18673] 0 pages in swap cache
[ 1308.893885][T18673] Swap cache stats: add 0, delete 0, find 0/0
[ 1308.900127][T18673] Free swap  = 0kB
[ 1308.903945][T18673] Total swap = 0kB
[ 1308.907814][T18673] 1965979 pages RAM
[ 1308.911753][T18673] 0 pages HighMem/MovableOnly
[ 1308.916522][T18673] 339409 pages reserved
[ 1308.920808][T18673] 0 pages cma reserved
[ 1308.989738][T19102] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
23:57:00 executing program 3:

[ 1309.037818][T19106] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1309.050040][T19102] CPU: 0 PID: 19102 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1309.060885][T19102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1309.070966][T19102] Call Trace:
[ 1309.074269][T19102]  dump_stack+0x172/0x1f0
[ 1309.078623][T19102]  warn_alloc.cold+0x88/0x184
23:57:00 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x3, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1309.083318][T19102]  ? zone_watermark_ok_safe+0x260/0x260
[ 1309.088876][T19102]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1309.094537][T19102]  ? find_held_lock+0x35/0x130
[ 1309.099310][T19102]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1309.104990][T19102]  __vmalloc_node_range+0x48a/0x790
[ 1309.110203][T19102]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1309.115247][T19102]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1309.120802][T19102]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1309.125844][T19102]  vmalloc_user+0x6b/0x90
[ 1309.130220][T19102]  ? vb2_vmalloc_alloc+0xca/0x2a0
23:57:00 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x200, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x100000001)

[ 1309.135254][T19102]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1309.140112][T19102]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1309.145170][T19102]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1309.150976][T19102]  __vb2_queue_alloc+0x5a6/0xf40
[ 1309.155953][T19102]  vb2_core_create_bufs+0x2bc/0x790
[ 1309.161174][T19102]  ? vim2m_buf_prepare+0x280/0x280
[ 1309.166290][T19102]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1309.171410][T19102]  ? lock_acquire+0x16f/0x3f0
[ 1309.176092][T19102]  ? __video_do_ioctl+0x398/0xce0
[ 1309.181133][T19102]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1309.187394][T19102]  vb2_create_bufs+0x47e/0x7a0
[ 1309.192171][T19102]  ? vb2_request_queue+0x120/0x120
[ 1309.197300][T19102]  ? mark_held_locks+0xf0/0xf0
[ 1309.202072][T19102]  ? debug_smp_processor_id+0x3c/0x280
[ 1309.208416][T19102]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1309.213471][T19102]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1309.219031][T19102]  v4l_create_bufs+0xc0/0x180
[ 1309.223719][T19102]  __video_do_ioctl+0x7f1/0xce0
[ 1309.228609][T19102]  ? v4l_s_fmt+0xa40/0xa40
23:57:00 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
openat$capi20(0xffffffffffffff9c, &(0x7f0000000040)='/dev/capi20\x00', 0x200, 0x0)

[ 1309.233058][T19102]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1309.239307][T19102]  ? _copy_from_user+0xdd/0x150
[ 1309.244167][T19102]  video_usercopy+0x4c5/0x10d0
[ 1309.248953][T19102]  ? v4l_s_fmt+0xa40/0xa40
[ 1309.253386][T19102]  ? v4l_enumstd+0x70/0x70
[ 1309.257827][T19102]  ? mark_held_locks+0xf0/0xf0
[ 1309.262597][T19102]  ? debug_smp_processor_id+0x3c/0x280
[ 1309.268068][T19102]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1309.273620][T19102]  ? __fget+0x35a/0x550
[ 1309.277801][T19102]  ? find_held_lock+0x35/0x130
[ 1309.282574][T19102]  ? video_usercopy+0x10d0/0x10d0
[ 1309.288330][T19102]  video_ioctl2+0x2d/0x35
[ 1309.292675][T19102]  v4l2_ioctl+0x156/0x1b0
[ 1309.297013][T19102]  ? video_devdata+0xa0/0xa0
[ 1309.301630][T19102]  do_vfs_ioctl+0xd6e/0x1390
[ 1309.306229][T19102]  ? kasan_check_read+0x11/0x20
[ 1309.311113][T19102]  ? ioctl_preallocate+0x210/0x210
[ 1309.316885][T19102]  ? __fget+0x381/0x550
[ 1309.321084][T19102]  ? ksys_dup3+0x3e0/0x3e0
[ 1309.325512][T19102]  ? nsecs_to_jiffies+0x30/0x30
[ 1309.330391][T19102]  ? security_file_ioctl+0x93/0xc0
[ 1309.335514][T19102]  ksys_ioctl+0xab/0xd0
[ 1309.339688][T19102]  __x64_sys_ioctl+0x73/0xb0
[ 1309.344293][T19102]  do_syscall_64+0x103/0x610
[ 1309.348918][T19102]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1309.354829][T19102] RIP: 0033:0x457e29
[ 1309.358734][T19102] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1309.378344][T19102] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
23:57:00 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f0000000040)=0x4)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x400000, 0x0)
write$P9_RFLUSH(r1, &(0x7f00000000c0)={0x7, 0x6d, 0x1}, 0x7)

23:57:00 executing program 0:

[ 1309.386759][T19102] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1309.394759][T19102] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1309.402740][T19102] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1309.410720][T19102] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1309.418695][T19102] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1309.459028][T19106] CPU: 1 PID: 19106 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1309.468175][T19106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1309.481621][T19106] Call Trace:
[ 1309.484935][T19106]  dump_stack+0x172/0x1f0
[ 1309.489283][T19106]  warn_alloc.cold+0x88/0x184
[ 1309.489301][T19102] warn_alloc_show_mem: 1 callbacks suppressed
[ 1309.489305][T19102] Mem-Info:
[ 1309.493982][T19106]  ? zone_watermark_ok_safe+0x260/0x260
[ 1309.493999][T19106]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1309.494016][T19106]  ? find_held_lock+0x35/0x130
[ 1309.494038][T19106]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1309.506852][T19102] active_anon:169029 inactive_anon:194 isolated_anon:0
[ 1309.506852][T19102]  active_file:13350 inactive_file:34997 isolated_file:0
[ 1309.506852][T19102]  unevictable:2 dirty:222 writeback:0 unstable:0
[ 1309.506852][T19102]  slab_reclaimable:17797 slab_unreclaimable:103054
[ 1309.506852][T19102]  mapped:58661 shmem:493 pagetables:3484 bounce:0
[ 1309.506852][T19102]  free:1054300 free_pcp:772 free_cma:0
[ 1309.508984][T19106]  __vmalloc_node_range+0x48a/0x790
[ 1309.509005][T19106]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1309.509024][T19106]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1309.509040][T19106]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1309.509057][T19106]  vmalloc_user+0x6b/0x90
[ 1309.509079][T19106]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1309.515397][T19102] Node 0 active_anon:676116kB inactive_anon:776kB active_file:53208kB inactive_file:139944kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:872kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 266240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1309.519516][T19106]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1309.519532][T19106]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1309.519550][T19106]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1309.519564][T19106]  __vb2_queue_alloc+0x5a6/0xf40
[ 1309.519597][T19106]  vb2_core_create_bufs+0x2bc/0x790
[ 1309.519622][T19106]  ? vim2m_buf_prepare+0x280/0x280
[ 1309.525928][T19102] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:16kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1309.563355][T19106]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1309.563372][T19106]  ? lock_acquire+0x16f/0x3f0
[ 1309.563386][T19106]  ? __video_do_ioctl+0x398/0xce0
[ 1309.563417][T19106]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1309.563437][T19106]  vb2_create_bufs+0x47e/0x7a0
[ 1309.563458][T19106]  ? vb2_request_queue+0x120/0x120
[ 1309.563477][T19106]  ? mark_held_locks+0xf0/0xf0
[ 1309.563492][T19106]  ? debug_smp_processor_id+0x3c/0x280
[ 1309.563512][T19106]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1309.563528][T19106]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1309.563542][T19106]  v4l_create_bufs+0xc0/0x180
[ 1309.563561][T19106]  __video_do_ioctl+0x7f1/0xce0
[ 1309.563585][T19106]  ? v4l_s_fmt+0xa40/0xa40
[ 1309.563610][T19106]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1309.579016][T19102] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1309.579367][T19106]  ? _copy_from_user+0xdd/0x150
[ 1309.586171][T19102] lowmem_reserve[]: 0 2553 2555 2555
[ 1309.588690][T19106]  video_usercopy+0x4c5/0x10d0
[ 1309.588707][T19106]  ? v4l_s_fmt+0xa40/0xa40
[ 1309.588728][T19106]  ? v4l_enumstd+0x70/0x70
[ 1309.588746][T19106]  ? mark_held_locks+0xf0/0xf0
[ 1309.588761][T19106]  ? debug_smp_processor_id+0x3c/0x280
[ 1309.588779][T19106]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1309.588800][T19106]  ? __fget+0x35a/0x550
[ 1309.588817][T19106]  ? find_held_lock+0x35/0x130
[ 1309.588834][T19106]  ? video_usercopy+0x10d0/0x10d0
[ 1309.588853][T19106]  video_ioctl2+0x2d/0x35
23:57:00 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x4c, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1309.601444][T19102] Node 0 DMA32 free:418856kB min:107912kB low:116968kB high:126024kB active_anon:676116kB inactive_anon:776kB active_file:53208kB inactive_file:139944kB unevictable:8kB writepending:872kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10784kB pagetables:13936kB bounce:0kB free_pcp:1404kB local_pcp:1024kB free_cma:0kB
[ 1309.622956][T19106]  v4l2_ioctl+0x156/0x1b0
[ 1309.622974][T19106]  ? video_devdata+0xa0/0xa0
[ 1309.622995][T19106]  do_vfs_ioctl+0xd6e/0x1390
[ 1309.623014][T19106]  ? kasan_check_read+0x11/0x20
[ 1309.623033][T19106]  ? ioctl_preallocate+0x210/0x210
[ 1309.623049][T19106]  ? __fget+0x381/0x550
[ 1309.623072][T19106]  ? ksys_dup3+0x3e0/0x3e0
[ 1309.623090][T19106]  ? nsecs_to_jiffies+0x30/0x30
[ 1309.623119][T19106]  ? security_file_ioctl+0x93/0xc0
[ 1309.623140][T19106]  ksys_ioctl+0xab/0xd0
[ 1309.623162][T19106]  __x64_sys_ioctl+0x73/0xb0
[ 1309.643552][T19102] lowmem_reserve[]: 0 0 2 2
[ 1309.643758][T19106]  do_syscall_64+0x103/0x610
[ 1309.643783][T19106]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1309.643801][T19106] RIP: 0033:0x457e29
[ 1309.654928][T19102] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1309.680729][T19106] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1309.680738][T19106] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1309.680752][T19106] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1309.680761][T19106] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1309.680771][T19106] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1309.680781][T19106] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1309.680791][T19106] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1309.708166][T19102] lowmem_reserve[]: 0 0 0 0
[ 1309.732575][T19102] Node 1 Normal free:3782436kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:16kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1664kB local_pcp:456kB free_cma:0kB
[ 1309.856696][T19102] lowmem_reserve[]: 0 0 0 0
[ 1309.916214][T19102] Node 0 DMA: 680*4kB (U) 340*8kB () 171*16kB () 87*32kB (U) 45*64kB (U) 23*128kB (U) 12*256kB (U) 6*512kB () 4*1024kB (U) 2*2048kB (M) 3*4096kB (UM) = 43408kB
[ 1309.931032][T19102] Node 0 DMA32: 276585*4kB (UME) 218216*8kB (UME) 77474*16kB (UME) 34365*32kB (UME) 16776*64kB (UME) 7265*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4479*2048kB (UM) 11*4096kB (UM) = 19190052kB
[ 1309.931156][T19102] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1309.963413][T19102] Node 1 Normal: 19088*4kB (UM) 10761*8kB (UM) 5578*16kB (UME) 2698*32kB (UME) 1336*64kB (UME) 671*128kB (UME) 333*256kB (U) 165*512kB (UME) 87*1024kB (UME) 42*2048kB (U) 918*4096kB (UM) = 4614376kB
[ 1310.002427][T19102] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1310.015801][T19102] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1310.173143][T19102] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1310.185944][T19102] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1310.217665][T19102] 48841 total pagecache pages
[ 1310.227930][T19102] 0 pages in swap cache
[ 1310.244669][T19102] Swap cache stats: add 0, delete 0, find 0/0
[ 1310.251780][T19102] Free swap  = 0kB
[ 1310.256745][T19102] Total swap = 0kB
23:57:01 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x4800, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:01 executing program 0:

23:57:01 executing program 3:

23:57:01 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:57:01 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = getpid()
move_pages(r1, 0x5, &(0x7f0000000040)=[&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil], &(0x7f0000000080), &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], 0x4)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000180)='team\x00')
ioctl$sock_ifreq(0xffffffffffffffff, 0x897f, &(0x7f00000001c0)={'hsr0\x00', @ifru_addrs=@xdp={0x2c, 0x4, <r4=>0x0, 0x1}})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000200)={<r5=>0x0, @broadcast, @empty}, &(0x7f0000000240)=0xc)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000540)={@loopback, @dev, <r6=>0x0}, &(0x7f0000000580)=0xc)
sendmsg$TEAM_CMD_NOOP(r2, &(0x7f0000000700)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000006c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="e0000000", @ANYRES16=r3, @ANYBLOB="2a01df2500000000e6ff0100000000cc735b584cfb1bb4c61e249301acf99cbe587a707287d11030b952cdf03f833612761010857ef2e9af43f7d8fa342ef932b49c511b19e657429de4c3c1e6c3e3699ea29f610e41dfe4d81c89b46f907827c59fba94e31e1ba79b7a878fc076ca2ae1c6b47b7a21e783f128d603214003f9dfdd75b8a986ea8eb2040ccdca34b08787405c835ddf61057f1676a32c447b7fa4dbc13ec1e5649621e651f0f910478aaaa8dfed0526f1000000000000000000000000", @ANYRES32=r4, @ANYBLOB="400002003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=r6, @ANYBLOB="7c00020040000100240001006d6f646500000000000000000000000000000000000000000000000000000000080003000500000010000400726f756e64726f62696e000038000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000008000300030000000800040006000000"], 0xe0}, 0x1, 0x0, 0x0, 0x10}, 0x40)

23:57:01 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x68, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1310.267833][T19102] 1965979 pages RAM
[ 1310.273417][T19102] 0 pages HighMem/MovableOnly
[ 1310.284086][T19102] 339409 pages reserved
[ 1310.289122][T19102] 0 pages cma reserved
[ 1310.376915][T19431] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1310.393800][T19431] CPU: 1 PID: 19431 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1310.402932][T19431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1310.412997][T19431] Call Trace:
[ 1310.416304][T19431]  dump_stack+0x172/0x1f0
[ 1310.420658][T19431]  warn_alloc.cold+0x88/0x184
[ 1310.425347][T19431]  ? zone_watermark_ok_safe+0x260/0x260
[ 1310.430911][T19431]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1310.436553][T19431]  ? find_held_lock+0x35/0x130
[ 1310.441325][T19431]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1310.446987][T19431]  __vmalloc_node_range+0x48a/0x790
[ 1310.452192][T19431]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1310.457226][T19431]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1310.462779][T19431]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1310.467811][T19431]  vmalloc_user+0x6b/0x90
[ 1310.467830][T19431]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1310.467848][T19431]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1310.467862][T19431]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1310.467883][T19431]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1310.467911][T19431]  __vb2_queue_alloc+0x5a6/0xf40
[ 1310.467945][T19431]  vb2_core_create_bufs+0x2bc/0x790
[ 1310.477286][T19431]  ? vim2m_buf_prepare+0x280/0x280
[ 1310.508237][T19431]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1310.508256][T19431]  ? lock_acquire+0x16f/0x3f0
[ 1310.508269][T19431]  ? __video_do_ioctl+0x398/0xce0
[ 1310.508295][T19431]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1310.508315][T19431]  vb2_create_bufs+0x47e/0x7a0
[ 1310.508335][T19431]  ? vb2_request_queue+0x120/0x120
[ 1310.508356][T19431]  ? mark_held_locks+0xf0/0xf0
[ 1310.508371][T19431]  ? debug_smp_processor_id+0x3c/0x280
[ 1310.508393][T19431]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1310.508422][T19431]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1310.523205][T19431]  v4l_create_bufs+0xc0/0x180
[ 1310.523226][T19431]  __video_do_ioctl+0x7f1/0xce0
[ 1310.523250][T19431]  ? v4l_s_fmt+0xa40/0xa40
[ 1310.569578][T19431]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1310.569598][T19431]  ? _copy_from_user+0xdd/0x150
[ 1310.569620][T19431]  video_usercopy+0x4c5/0x10d0
[ 1310.569635][T19431]  ? v4l_s_fmt+0xa40/0xa40
[ 1310.569656][T19431]  ? v4l_enumstd+0x70/0x70
[ 1310.569675][T19431]  ? mark_held_locks+0xf0/0xf0
[ 1310.569692][T19431]  ? debug_smp_processor_id+0x3c/0x280
[ 1310.569711][T19431]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1310.569733][T19431]  ? __fget+0x35a/0x550
[ 1310.569754][T19431]  ? find_held_lock+0x35/0x130
[ 1310.580403][T19431]  ? video_usercopy+0x10d0/0x10d0
[ 1310.580426][T19431]  video_ioctl2+0x2d/0x35
[ 1310.580445][T19431]  v4l2_ioctl+0x156/0x1b0
[ 1310.580461][T19431]  ? video_devdata+0xa0/0xa0
[ 1310.580480][T19431]  do_vfs_ioctl+0xd6e/0x1390
[ 1310.580499][T19431]  ? kasan_check_read+0x11/0x20
[ 1310.580518][T19431]  ? ioctl_preallocate+0x210/0x210
[ 1310.580533][T19431]  ? __fget+0x381/0x550
[ 1310.580563][T19431]  ? ksys_dup3+0x3e0/0x3e0
[ 1310.656290][T19431]  ? nsecs_to_jiffies+0x30/0x30
[ 1310.664853][T19431]  ? security_file_ioctl+0x93/0xc0
23:57:01 executing program 0:

23:57:01 executing program 0:

23:57:01 executing program 0:

23:57:01 executing program 0:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000280)='io.max\x00\xe3\xc6\xa1\xbc\x16\x94p`R\xfbqcm\xab\x87\xf6\xb6y1uoG\x18\xd4\xc8*R6\x84\xfb\xfbU\t\x00\x00\x00\x00\x00\x00\x00\xe83Q\xf1\xda\xedt\x93\xb4\xa5\x8d\xbd\xb5<\x1a\x90\xa3U\xb9{\xba\x99\xdf(\x9a%\xef\x0eO5\xcd\xbf\xe7\n\x13\xc3+(<\x02\x83|S0\xed\x0f9:\xc8\xb5\xa0\"\x00x\xe9\x1f\xe9\xee\x17\x88%\x19\xe3\x9d\x9d|P,\xb5+\x84\xaa\x1cZd\xb1fj\xde\xc7\xf0\xd8D\xaf\x01\x01\x8e\x95\x83X\xb9\xf5J\xb0\v\x0fC\xd3\x8e\x9d\xe1\x1e:!|\xa3%\xd2@M\x1b\xf3\xfe\xf1\x94\xffl~\x18\xedp\xa0\x10\x9fn\xcd\x9eKu\xf3\xa0\x1f\x93\xf3\xc0\x86\x04Y\xd5\xd5,\xc4\xf58y\xec\f\x16p\x9fs7\xb7\xc9\x85)\xe4\x1c\r\xdd\xe4\xe6\x91C\xec\x0e\x0e\"\xde\f\x99\xe3\xbaP\x0e\x94\xcd\x1fXl\x11\x13\xe3\xcf+>0\x8d\x01\xd4\xc3\xdf\x00\x0eDn\x05\x9dH\x9f\xa7\xceC\x18D\xe3\xf1\x1e\xb8\xa4\x9d\xae\xb9\x19\xa1\x1a\xa6\x13\x86q)/x\x85\x16\x8b2\xd5\x82dS\xd7\x16\xfc\xc6\xb3\xf6\x90\xa6\x14\x88\x1c;\xaex\x82(\xe0\xab\x91\xf0,\x9f=\xf2\x91g\xf0\xc9', 0x2, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000140)='io.stat\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x7)

[ 1310.664879][T19431]  ksys_ioctl+0xab/0xd0
[ 1310.678981][T19431]  __x64_sys_ioctl+0x73/0xb0
[ 1310.683583][T19431]  do_syscall_64+0x103/0x610
[ 1310.688186][T19431]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1310.694086][T19431] RIP: 0033:0x457e29
[ 1310.697990][T19431] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1310.717600][T19431] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
23:57:01 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x4c00, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:01 executing program 3:

[ 1310.726013][T19431] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1310.733989][T19431] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1310.741963][T19431] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1310.749949][T19431] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1310.757945][T19431] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:57:01 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1310.808820][T19431] warn_alloc_show_mem: 1 callbacks suppressed
[ 1310.808826][T19431] Mem-Info:
[ 1310.841016][T19575] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1310.861200][T19431] active_anon:168593 inactive_anon:192 isolated_anon:0
[ 1310.861200][T19431]  active_file:13350 inactive_file:35015 isolated_file:0
[ 1310.861200][T19431]  unevictable:2 dirty:244 writeback:0 unstable:0
[ 1310.861200][T19431]  slab_reclaimable:17794 slab_unreclaimable:102960
[ 1310.861200][T19431]  mapped:58686 shmem:493 pagetables:3502 bounce:0
[ 1310.861200][T19431]  free:1054684 free_pcp:827 free_cma:0
23:57:02 executing program 0:

23:57:02 executing program 3:

23:57:02 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000140)='/dev/capi20\x00', 0x42c00, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1310.956971][ T9383] device bridge_slave_1 left promiscuous mode
[ 1310.991043][ T9383] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1311.027795][T19575] CPU: 1 PID: 19575 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1311.036943][T19575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1311.046996][T19575] Call Trace:
[ 1311.050299][T19575]  dump_stack+0x172/0x1f0
[ 1311.054651][T19575]  warn_alloc.cold+0x88/0x184
23:57:02 executing program 0:

[ 1311.057828][T19431] Node 0 active_anon:670144kB inactive_anon:768kB active_file:53208kB inactive_file:140016kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234844kB dirty:960kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 272384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1311.059339][T19575]  ? zone_watermark_ok_safe+0x260/0x260
[ 1311.059359][T19575]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1311.059388][T19575]  ? find_held_lock+0x35/0x130
[ 1311.104379][T19575]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1311.110045][T19575]  __vmalloc_node_range+0x48a/0x790
[ 1311.115250][T19575]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1311.120291][T19575]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1311.125852][T19575]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1311.130884][T19575]  vmalloc_user+0x6b/0x90
[ 1311.135232][T19575]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1311.140269][T19575]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1311.145131][T19575]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1311.150175][T19575]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1311.155988][T19575]  __vb2_queue_alloc+0x5a6/0xf40
[ 1311.160967][T19575]  vb2_core_create_bufs+0x2bc/0x790
[ 1311.166180][T19575]  ? vim2m_buf_prepare+0x280/0x280
[ 1311.171300][T19575]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1311.172939][T19431] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:16kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1311.176428][T19575]  ? lock_acquire+0x16f/0x3f0
[ 1311.176444][T19575]  ? __video_do_ioctl+0x398/0xce0
[ 1311.176471][T19575]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1311.176492][T19575]  vb2_create_bufs+0x47e/0x7a0
[ 1311.223792][T19575]  ? vb2_request_queue+0x120/0x120
[ 1311.228928][T19575]  ? mark_held_locks+0xf0/0xf0
[ 1311.233699][T19575]  ? debug_smp_processor_id+0x3c/0x280
[ 1311.234472][T19431] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1311.239174][T19575]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1311.239195][T19575]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1311.239213][T19575]  v4l_create_bufs+0xc0/0x180
[ 1311.239232][T19575]  __video_do_ioctl+0x7f1/0xce0
[ 1311.239257][T19575]  ? v4l_s_fmt+0xa40/0xa40
[ 1311.239282][T19575]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1311.239299][T19575]  ? _copy_from_user+0xdd/0x150
[ 1311.239319][T19575]  video_usercopy+0x4c5/0x10d0
[ 1311.239338][T19575]  ? v4l_s_fmt+0xa40/0xa40
[ 1311.307073][T19431] lowmem_reserve[]: 0 2553 2555 2555
[ 1311.310833][T19575]  ? v4l_enumstd+0x70/0x70
[ 1311.310852][T19575]  ? mark_held_locks+0xf0/0xf0
[ 1311.310870][T19575]  ? debug_smp_processor_id+0x3c/0x280
[ 1311.310889][T19575]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1311.310922][T19575]  ? __fget+0x35a/0x550
[ 1311.310938][T19575]  ? find_held_lock+0x35/0x130
[ 1311.310955][T19575]  ? video_usercopy+0x10d0/0x10d0
[ 1311.310968][T19575]  video_ioctl2+0x2d/0x35
[ 1311.310987][T19575]  v4l2_ioctl+0x156/0x1b0
[ 1311.311001][T19575]  ? video_devdata+0xa0/0xa0
[ 1311.311019][T19575]  do_vfs_ioctl+0xd6e/0x1390
[ 1311.311037][T19575]  ? kasan_check_read+0x11/0x20
[ 1311.311055][T19575]  ? ioctl_preallocate+0x210/0x210
[ 1311.311069][T19575]  ? __fget+0x381/0x550
[ 1311.311092][T19575]  ? ksys_dup3+0x3e0/0x3e0
[ 1311.311108][T19575]  ? nsecs_to_jiffies+0x30/0x30
[ 1311.311135][T19575]  ? security_file_ioctl+0x93/0xc0
[ 1311.311153][T19575]  ksys_ioctl+0xab/0xd0
[ 1311.311186][T19575]  __x64_sys_ioctl+0x73/0xb0
[ 1311.311205][T19575]  do_syscall_64+0x103/0x610
[ 1311.311229][T19575]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1311.311241][T19575] RIP: 0033:0x457e29
[ 1311.311263][T19575] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1311.327586][T19431] Node 0 DMA32 free:423412kB min:107912kB low:116968kB high:126024kB active_anon:670044kB inactive_anon:768kB active_file:53208kB inactive_file:140016kB unevictable:8kB writepending:960kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10560kB pagetables:13712kB bounce:0kB free_pcp:1924kB local_pcp:1372kB free_cma:0kB
[ 1311.331136][T19575] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1311.331152][T19575] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1311.331162][T19575] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1311.331181][T19575] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1311.345136][T19431] lowmem_reserve[]: 0 0 2 2
[ 1311.345614][T19575] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1311.354080][T19431] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1311.354933][T19575] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1311.373030][T19431] lowmem_reserve[]: 0 0 0 0
[ 1311.381313][T19431] Node 1 Normal free:3782488kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:16kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1664kB local_pcp:456kB free_cma:0kB
[ 1311.442478][T19431] lowmem_reserve[]: 0 0 0 0
[ 1311.503127][T19431] Node 0 DMA: 680*4kB (U) 340*8kB () 171*16kB () 87*32kB (U) 45*64kB (U) 23*128kB (U) 12*256kB (U) 6*512kB () 4*1024kB (U) 2*2048kB (M) 3*4096kB (UM) = 43408kB
[ 1311.516028][T19431] Node 0 DMA32: 276507*4kB (UME) 218060*8kB (UME) 77495*16kB (UME) 34373*32kB (UME) 16776*64kB (UME) 7267*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4481*2048kB (UM) 11*4096kB (UM) = 19193436kB
[ 1311.552057][ T9383] device bridge_slave_0 left promiscuous mode
[ 1311.579871][T19431] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1311.605167][ T9383] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1311.606066][T19431] Node 1 Normal: 19095*4kB (UM) 10763*8kB (UM) 5575*16kB (UME) 2698*32kB (UME) 1336*64kB (UME) 671*128kB (UME) 334*256kB (U) 165*512kB (UME) 87*1024kB (UME) 42*2048kB (U) 918*4096kB (UM) = 4614628kB
[ 1311.647509][T19431] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1311.673594][T19431] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1311.692605][T19431] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1311.702306][T19431] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1311.711659][T19431] 48880 total pagecache pages
[ 1311.711676][T19431] 0 pages in swap cache
[ 1311.711686][T19431] Swap cache stats: add 0, delete 0, find 0/0
[ 1311.711691][T19431] Free swap  = 0kB
23:57:02 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x6c, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:02 executing program 3:

23:57:02 executing program 0:

23:57:02 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:57:02 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
ioctl$CAPI_GET_PROFILE(r0, 0xc0404309, &(0x7f0000000040)=0xffffffffffffacbc)

23:57:02 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x6000, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1311.711696][T19431] Total swap = 0kB
[ 1311.711703][T19431] 1965979 pages RAM
[ 1311.711710][T19431] 0 pages HighMem/MovableOnly
[ 1311.711723][T19431] 339409 pages reserved
[ 1311.726725][T19431] 0 pages cma reserved
23:57:02 executing program 3:

[ 1311.797147][T19688] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1311.834161][T19723] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1311.848868][T19688] CPU: 1 PID: 19688 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1311.858001][T19688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1311.868061][T19688] Call Trace:
[ 1311.871371][T19688]  dump_stack+0x172/0x1f0
[ 1311.875726][T19688]  warn_alloc.cold+0x88/0x184
[ 1311.880427][T19688]  ? zone_watermark_ok_safe+0x260/0x260
[ 1311.885982][T19688]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1311.891626][T19688]  ? find_held_lock+0x35/0x130
[ 1311.896402][T19688]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1311.902074][T19688]  __vmalloc_node_range+0x48a/0x790
[ 1311.907283][T19688]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1311.912322][T19688]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1311.917883][T19688]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1311.922942][T19688]  vmalloc_user+0x6b/0x90
[ 1311.927282][T19688]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1311.932310][T19688]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1311.937163][T19688]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1311.942197][T19688]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1311.948010][T19688]  __vb2_queue_alloc+0x5a6/0xf40
[ 1311.952980][T19688]  vb2_core_create_bufs+0x2bc/0x790
[ 1311.958186][T19688]  ? vim2m_buf_prepare+0x280/0x280
[ 1311.958204][T19688]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1311.958221][T19688]  ? lock_acquire+0x16f/0x3f0
[ 1311.958236][T19688]  ? __video_do_ioctl+0x398/0xce0
[ 1311.958262][T19688]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1311.958283][T19688]  vb2_create_bufs+0x47e/0x7a0
[ 1311.958305][T19688]  ? vb2_request_queue+0x120/0x120
[ 1311.958332][T19688]  ? mark_held_locks+0xf0/0xf0
[ 1311.989248][T19688]  ? debug_smp_processor_id+0x3c/0x280
[ 1311.989278][T19688]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1311.989298][T19688]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1311.989315][T19688]  v4l_create_bufs+0xc0/0x180
[ 1311.989337][T19688]  __video_do_ioctl+0x7f1/0xce0
[ 1311.989362][T19688]  ? v4l_s_fmt+0xa40/0xa40
[ 1311.999244][T19688]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1311.999262][T19688]  ? _copy_from_user+0xdd/0x150
[ 1311.999283][T19688]  video_usercopy+0x4c5/0x10d0
[ 1311.999297][T19688]  ? v4l_s_fmt+0xa40/0xa40
[ 1311.999316][T19688]  ? v4l_enumstd+0x70/0x70
[ 1311.999334][T19688]  ? mark_held_locks+0xf0/0xf0
[ 1311.999355][T19688]  ? debug_smp_processor_id+0x3c/0x280
[ 1312.020025][T19688]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1312.029267][T19688]  ? __fget+0x35a/0x550
[ 1312.029284][T19688]  ? find_held_lock+0x35/0x130
[ 1312.029303][T19688]  ? video_usercopy+0x10d0/0x10d0
[ 1312.029316][T19688]  video_ioctl2+0x2d/0x35
[ 1312.029336][T19688]  v4l2_ioctl+0x156/0x1b0
[ 1312.029353][T19688]  ? video_devdata+0xa0/0xa0
[ 1312.029373][T19688]  do_vfs_ioctl+0xd6e/0x1390
[ 1312.029391][T19688]  ? kasan_check_read+0x11/0x20
[ 1312.029418][T19688]  ? ioctl_preallocate+0x210/0x210
[ 1312.029439][T19688]  ? __fget+0x381/0x550
[ 1312.115698][T19688]  ? ksys_dup3+0x3e0/0x3e0
[ 1312.120125][T19688]  ? nsecs_to_jiffies+0x30/0x30
[ 1312.124997][T19688]  ? security_file_ioctl+0x93/0xc0
[ 1312.130116][T19688]  ksys_ioctl+0xab/0xd0
[ 1312.134283][T19688]  __x64_sys_ioctl+0x73/0xb0
[ 1312.138883][T19688]  do_syscall_64+0x103/0x610
[ 1312.143498][T19688]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1312.149394][T19688] RIP: 0033:0x457e29
[ 1312.153311][T19688] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1312.172933][T19688] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1312.181359][T19688] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1312.189331][T19688] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:57:03 executing program 2:
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x400000, 0x0)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00')
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000002}, 0xc, &(0x7f0000000340)={&(0x7f0000000140)={0x1c8, r1, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x74, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}]}, @TIPC_NLA_BEARER={0x4c, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @empty}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x8, @local, 0xfff}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7f}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6be9}]}, @TIPC_NLA_MEDIA={0x40, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffffffff001}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}]}, @TIPC_NLA_MEDIA={0x48, 0x5, [@TIPC_NLA_MEDIA_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3d7}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_SOCK={0x28, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfffffffffffffffb}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MON={0x44, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x8001}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x81}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x613}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}]}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x10}, 0x840)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r2 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r2, 0xc0044308, &(0x7f00000000c0)=0x10000)
syz_genetlink_get_family_id$tipc(&(0x7f00000003c0)='TIPC\x00')

23:57:03 executing program 3:

23:57:03 executing program 0:

[ 1312.189341][T19688] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1312.189350][T19688] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1312.189359][T19688] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1312.214013][T19723] CPU: 1 PID: 19723 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1312.230999][T19723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1312.241056][T19723] Call Trace:
[ 1312.244352][T19723]  dump_stack+0x172/0x1f0
[ 1312.248713][T19723]  warn_alloc.cold+0x88/0x184
[ 1312.253402][T19723]  ? zone_watermark_ok_safe+0x260/0x260
[ 1312.258957][T19723]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1312.264606][T19723]  ? find_held_lock+0x35/0x130
[ 1312.269369][T19723]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1312.275030][T19723]  __vmalloc_node_range+0x48a/0x790
[ 1312.280232][T19723]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1312.285269][T19723]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1312.290815][T19723]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1312.295842][T19723]  vmalloc_user+0x6b/0x90
[ 1312.300175][T19723]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1312.305200][T19723]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1312.310049][T19723]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1312.315074][T19723]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1312.320875][T19723]  __vb2_queue_alloc+0x5a6/0xf40
[ 1312.325845][T19723]  vb2_core_create_bufs+0x2bc/0x790
[ 1312.331049][T19723]  ? vim2m_buf_prepare+0x280/0x280
[ 1312.336166][T19723]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1312.341283][T19723]  ? lock_acquire+0x16f/0x3f0
[ 1312.345967][T19723]  ? __video_do_ioctl+0x398/0xce0
[ 1312.351003][T19723]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1312.357270][T19723]  vb2_create_bufs+0x47e/0x7a0
[ 1312.362041][T19723]  ? vb2_request_queue+0x120/0x120
[ 1312.367154][T19723]  ? mark_held_locks+0xf0/0xf0
[ 1312.371923][T19723]  ? debug_smp_processor_id+0x3c/0x280
[ 1312.377391][T19723]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1312.382430][T19723]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1312.387975][T19723]  v4l_create_bufs+0xc0/0x180
[ 1312.392651][T19723]  __video_do_ioctl+0x7f1/0xce0
[ 1312.397508][T19723]  ? v4l_s_fmt+0xa40/0xa40
[ 1312.401942][T19723]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1312.408183][T19723]  ? _copy_from_user+0xdd/0x150
[ 1312.413038][T19723]  video_usercopy+0x4c5/0x10d0
[ 1312.417802][T19723]  ? v4l_s_fmt+0xa40/0xa40
[ 1312.422228][T19723]  ? v4l_enumstd+0x70/0x70
[ 1312.426643][T19723]  ? mark_held_locks+0xf0/0xf0
[ 1312.431404][T19723]  ? debug_smp_processor_id+0x3c/0x280
[ 1312.436872][T19723]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1312.442433][T19723]  ? __fget+0x35a/0x550
[ 1312.446591][T19723]  ? find_held_lock+0x35/0x130
[ 1312.451358][T19723]  ? video_usercopy+0x10d0/0x10d0
[ 1312.456377][T19723]  video_ioctl2+0x2d/0x35
[ 1312.460714][T19723]  v4l2_ioctl+0x156/0x1b0
[ 1312.465040][T19723]  ? video_devdata+0xa0/0xa0
[ 1312.469635][T19723]  do_vfs_ioctl+0xd6e/0x1390
[ 1312.474228][T19723]  ? kasan_check_read+0x11/0x20
[ 1312.479079][T19723]  ? ioctl_preallocate+0x210/0x210
[ 1312.484187][T19723]  ? __fget+0x381/0x550
[ 1312.488355][T19723]  ? ksys_dup3+0x3e0/0x3e0
[ 1312.492771][T19723]  ? nsecs_to_jiffies+0x30/0x30
[ 1312.497635][T19723]  ? security_file_ioctl+0x93/0xc0
[ 1312.502753][T19723]  ksys_ioctl+0xab/0xd0
[ 1312.506925][T19723]  __x64_sys_ioctl+0x73/0xb0
[ 1312.511524][T19723]  do_syscall_64+0x103/0x610
[ 1312.516128][T19723]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1312.522019][T19723] RIP: 0033:0x457e29
[ 1312.525920][T19723] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
23:57:03 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1312.545571][T19723] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1312.553984][T19723] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1312.561955][T19723] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1312.569932][T19723] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1312.577919][T19723] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1312.585911][T19723] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:57:03 executing program 3:

[ 1312.643983][T19723] warn_alloc_show_mem: 1 callbacks suppressed
[ 1312.643989][T19723] Mem-Info:
[ 1312.666166][T19723] active_anon:168582 inactive_anon:193 isolated_anon:0
[ 1312.666166][T19723]  active_file:13350 inactive_file:35044 isolated_file:0
[ 1312.666166][T19723]  unevictable:2 dirty:276 writeback:1 unstable:0
[ 1312.666166][T19723]  slab_reclaimable:17787 slab_unreclaimable:103925
[ 1312.666166][T19723]  mapped:58661 shmem:493 pagetables:3436 bounce:0
[ 1312.666166][T19723]  free:1053409 free_pcp:690 free_cma:0
[ 1312.723536][T19723] Node 0 active_anon:676424kB inactive_anon:772kB active_file:53208kB inactive_file:140132kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1088kB writeback:4kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 266240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1312.754733][T19723] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:16kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1312.812930][T19723] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1312.863278][T19723] lowmem_reserve[]: 0 2553 2555 2555
[ 1312.869108][T19723] Node 0 DMA32 free:422448kB min:107912kB low:116968kB high:126024kB active_anon:668096kB inactive_anon:772kB active_file:53208kB inactive_file:140132kB unevictable:8kB writepending:1092kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10560kB pagetables:13596kB bounce:0kB free_pcp:1648kB local_pcp:1420kB free_cma:0kB
[ 1312.917442][T19723] lowmem_reserve[]: 0 0 2 2
[ 1312.922172][T19723] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1312.969633][T19723] lowmem_reserve[]: 0 0 0 0
[ 1312.974278][T19723] Node 1 Normal free:3782940kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:16kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:1160kB local_pcp:204kB free_cma:0kB
[ 1313.004043][T19723] lowmem_reserve[]: 0 0 0 0
[ 1313.009462][T19723] Node 0 DMA: 680*4kB (U) 340*8kB () 171*16kB () 87*32kB (U) 45*64kB (U) 23*128kB (U) 12*256kB (U) 6*512kB () 4*1024kB (U) 2*2048kB (M) 3*4096kB (UM) = 43408kB
[ 1313.026051][T19723] Node 0 DMA32: 276557*4kB (UME) 217714*8kB (UME) 77500*16kB (UME) 34373*32kB (UME) 16776*64kB (UME) 7267*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4484*2048kB (UM) 10*4096kB (UM) = 19192996kB
[ 1313.048425][T19723] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1313.063266][T19723] Node 1 Normal: 19094*4kB (UM) 10763*8kB (UM) 5575*16kB (UME) 2698*32kB (UME) 1336*64kB (UME) 671*128kB (UME) 333*256kB (U) 166*512kB (UME) 87*1024kB (UME) 42*2048kB (U) 918*4096kB (UM) = 4614880kB
[ 1313.083310][T19723] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1313.115769][T19723] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1313.130760][T19723] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1313.140844][T19723] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1313.153039][T19723] 48892 total pagecache pages
[ 1313.158237][T19723] 0 pages in swap cache
23:57:04 executing program 3:

23:57:04 executing program 0:

23:57:04 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x74, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:04 executing program 2:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@dev={0xfe, 0x80, [], 0x24}, 0x9, 0x2, 0xff, 0x1, 0xffffffffffffffcc, 0x3}, &(0x7f00000001c0)=0x20)
getsockopt$inet6_tcp_buf(r1, 0x6, 0x1a, &(0x7f0000000100)=""/71, &(0x7f0000000080)=0x47)
r2 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r2, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:57:04 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x6800, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:04 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1313.162480][T19723] Swap cache stats: add 0, delete 0, find 0/0
[ 1313.171132][T19723] Free swap  = 0kB
[ 1313.174959][T19723] Total swap = 0kB
[ 1313.182548][T19723] 1965979 pages RAM
[ 1313.187382][T19723] 0 pages HighMem/MovableOnly
[ 1313.192548][T19723] 339409 pages reserved
[ 1313.196788][T19723] 0 pages cma reserved
23:57:04 executing program 3:

23:57:04 executing program 0:

23:57:04 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1313.355065][T19944] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
23:57:04 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x6c00, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:04 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0xff, 0x80800)
ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r1, 0xc008551c, &(0x7f0000000100)={0x10000, 0x8, [0xffff, 0x38]})
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
socket$xdp(0x2c, 0x3, 0x0)
r2 = dup3(r0, r0, 0x80000)
ioctl$SG_SET_RESERVED_SIZE(r2, 0x2275, &(0x7f0000000040)=0x7f)
openat$capi20(0xffffffffffffff9c, &(0x7f0000000140)='/dev/capi20\x00', 0x200801, 0x0)

23:57:04 executing program 3:

23:57:04 executing program 0:

[ 1313.547757][T19944] CPU: 0 PID: 19944 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1313.556924][T19944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1313.566985][T19944] Call Trace:
[ 1313.570291][T19944]  dump_stack+0x172/0x1f0
[ 1313.574640][T19944]  warn_alloc.cold+0x88/0x184
[ 1313.578478][T20011] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1313.579993][T19944]  ? zone_watermark_ok_safe+0x260/0x260
[ 1313.580013][T19944]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1313.580033][T19944]  ? find_held_lock+0x35/0x130
[ 1313.580057][T19944]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1313.615483][T19944]  __vmalloc_node_range+0x48a/0x790
[ 1313.620705][T19944]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1313.625751][T19944]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1313.631390][T19944]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1313.636432][T19944]  vmalloc_user+0x6b/0x90
[ 1313.640777][T19944]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1313.645975][T19944]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1313.650841][T19944]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1313.655892][T19944]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1313.661717][T19944]  __vb2_queue_alloc+0x5a6/0xf40
[ 1313.666686][T19944]  vb2_core_create_bufs+0x2bc/0x790
[ 1313.671905][T19944]  ? vim2m_buf_prepare+0x280/0x280
[ 1313.677036][T19944]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1313.682151][T19944]  ? lock_acquire+0x16f/0x3f0
[ 1313.686837][T19944]  ? __video_do_ioctl+0x398/0xce0
[ 1313.691881][T19944]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1313.698363][T19944]  vb2_create_bufs+0x47e/0x7a0
[ 1313.703142][T19944]  ? vb2_request_queue+0x120/0x120
[ 1313.708264][T19944]  ? mark_held_locks+0xf0/0xf0
[ 1313.713030][T19944]  ? debug_smp_processor_id+0x3c/0x280
[ 1313.718540][T19944]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1313.723580][T19944]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1313.729126][T19944]  v4l_create_bufs+0xc0/0x180
[ 1313.733829][T19944]  __video_do_ioctl+0x7f1/0xce0
[ 1313.738695][T19944]  ? v4l_s_fmt+0xa40/0xa40
[ 1313.743125][T19944]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1313.749373][T19944]  ? _copy_from_user+0xdd/0x150
[ 1313.754234][T19944]  video_usercopy+0x4c5/0x10d0
[ 1313.759001][T19944]  ? v4l_s_fmt+0xa40/0xa40
[ 1313.763436][T19944]  ? v4l_enumstd+0x70/0x70
[ 1313.767863][T19944]  ? mark_held_locks+0xf0/0xf0
[ 1313.772643][T19944]  ? debug_smp_processor_id+0x3c/0x280
[ 1313.778105][T19944]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1313.783663][T19944]  ? __fget+0x35a/0x550
[ 1313.787827][T19944]  ? find_held_lock+0x35/0x130
[ 1313.792596][T19944]  ? video_usercopy+0x10d0/0x10d0
[ 1313.797631][T19944]  video_ioctl2+0x2d/0x35
[ 1313.801970][T19944]  v4l2_ioctl+0x156/0x1b0
[ 1313.806306][T19944]  ? video_devdata+0xa0/0xa0
[ 1313.810940][T19944]  do_vfs_ioctl+0xd6e/0x1390
[ 1313.815548][T19944]  ? kasan_check_read+0x11/0x20
[ 1313.820439][T19944]  ? ioctl_preallocate+0x210/0x210
[ 1313.825605][T19944]  ? __fget+0x381/0x550
[ 1313.829776][T19944]  ? ksys_dup3+0x3e0/0x3e0
[ 1313.834196][T19944]  ? nsecs_to_jiffies+0x30/0x30
[ 1313.839063][T19944]  ? security_file_ioctl+0x93/0xc0
[ 1313.844185][T19944]  ksys_ioctl+0xab/0xd0
[ 1313.848353][T19944]  __x64_sys_ioctl+0x73/0xb0
[ 1313.852958][T19944]  do_syscall_64+0x103/0x610
[ 1313.858382][T19944]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1313.864290][T19944] RIP: 0033:0x457e29
[ 1313.868184][T19944] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1313.887789][T19944] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1313.896206][T19944] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1313.904179][T19944] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1313.912154][T19944] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1313.920130][T19944] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1313.928107][T19944] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1313.937188][T20011] CPU: 1 PID: 20011 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1313.946312][T20011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1313.956373][T20011] Call Trace:
[ 1313.959681][T20011]  dump_stack+0x172/0x1f0
[ 1313.964032][T20011]  warn_alloc.cold+0x88/0x184
[ 1313.968724][T20011]  ? zone_watermark_ok_safe+0x260/0x260
[ 1313.974283][T20011]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1313.979932][T20011]  ? find_held_lock+0x35/0x130
[ 1313.984712][T20011]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1313.990377][T20011]  __vmalloc_node_range+0x48a/0x790
23:57:05 executing program 3:

[ 1313.995608][T20011]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1314.000646][T20011]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1314.006206][T20011]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1314.011246][T20011]  vmalloc_user+0x6b/0x90
[ 1314.015588][T20011]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1314.020622][T20011]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1314.025479][T20011]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1314.030519][T20011]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1314.036337][T20011]  __vb2_queue_alloc+0x5a6/0xf40
[ 1314.041305][T20011]  vb2_core_create_bufs+0x2bc/0x790
[ 1314.046531][T20011]  ? vim2m_buf_prepare+0x280/0x280
[ 1314.047268][T19944] warn_alloc_show_mem: 1 callbacks suppressed
[ 1314.047273][T19944] Mem-Info:
[ 1314.051652][T20011]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1314.051670][T20011]  ? lock_acquire+0x16f/0x3f0
[ 1314.051684][T20011]  ? __video_do_ioctl+0x398/0xce0
[ 1314.051711][T20011]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1314.051733][T20011]  vb2_create_bufs+0x47e/0x7a0
[ 1314.051754][T20011]  ? vb2_request_queue+0x120/0x120
[ 1314.051774][T20011]  ? mark_held_locks+0xf0/0xf0
[ 1314.051796][T20011]  ? debug_smp_processor_id+0x3c/0x280
[ 1314.059718][T19944] active_anon:168091 inactive_anon:193 isolated_anon:0
[ 1314.059718][T19944]  active_file:13350 inactive_file:35055 isolated_file:0
[ 1314.059718][T19944]  unevictable:2 dirty:175 writeback:1 unstable:0
[ 1314.059718][T19944]  slab_reclaimable:17736 slab_unreclaimable:104161
[ 1314.059718][T19944]  mapped:58661 shmem:493 pagetables:3451 bounce:0
[ 1314.059718][T19944]  free:1054280 free_pcp:685 free_cma:0
[ 1314.060980][T20011]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1314.061002][T20011]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1314.061019][T20011]  v4l_create_bufs+0xc0/0x180
[ 1314.061038][T20011]  __video_do_ioctl+0x7f1/0xce0
[ 1314.066716][T19944] Node 0 active_anon:672364kB inactive_anon:772kB active_file:53208kB inactive_file:140176kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:684kB writeback:4kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 264192kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1314.070815][T20011]  ? v4l_s_fmt+0xa40/0xa40
[ 1314.070841][T20011]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1314.070859][T20011]  ? _copy_from_user+0xdd/0x150
[ 1314.070881][T20011]  video_usercopy+0x4c5/0x10d0
[ 1314.070907][T20011]  ? v4l_s_fmt+0xa40/0xa40
[ 1314.070928][T20011]  ? v4l_enumstd+0x70/0x70
[ 1314.070944][T20011]  ? mark_held_locks+0xf0/0xf0
[ 1314.070959][T20011]  ? debug_smp_processor_id+0x3c/0x280
[ 1314.070975][T20011]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1314.070994][T20011]  ? __fget+0x35a/0x550
[ 1314.071014][T20011]  ? find_held_lock+0x35/0x130
[ 1314.080521][T19944] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:16kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1314.082285][T20011]  ? video_usercopy+0x10d0/0x10d0
[ 1314.082301][T20011]  video_ioctl2+0x2d/0x35
[ 1314.082321][T20011]  v4l2_ioctl+0x156/0x1b0
[ 1314.082346][T20011]  ? video_devdata+0xa0/0xa0
[ 1314.107601][T19944] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1314.140627][T20011]  do_vfs_ioctl+0xd6e/0x1390
[ 1314.140649][T20011]  ? kasan_check_read+0x11/0x20
[ 1314.140667][T20011]  ? ioctl_preallocate+0x210/0x210
[ 1314.140683][T20011]  ? __fget+0x381/0x550
[ 1314.140705][T20011]  ? ksys_dup3+0x3e0/0x3e0
[ 1314.140722][T20011]  ? nsecs_to_jiffies+0x30/0x30
[ 1314.140750][T20011]  ? security_file_ioctl+0x93/0xc0
[ 1314.140767][T20011]  ksys_ioctl+0xab/0xd0
[ 1314.140787][T20011]  __x64_sys_ioctl+0x73/0xb0
[ 1314.140810][T20011]  do_syscall_64+0x103/0x610
[ 1314.183870][T19944] lowmem_reserve[]: 0 2553 2555 2555
[ 1314.190006][T20011]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1314.190020][T20011] RIP: 0033:0x457e29
[ 1314.190036][T20011] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1314.190045][T20011] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1314.190059][T20011] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1314.190068][T20011] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1314.190077][T20011] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1314.190095][T20011] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1314.209813][T19944] Node 0 DMA32 free:420376kB min:107912kB low:116968kB high:126024kB active_anon:670216kB inactive_anon:772kB active_file:53208kB inactive_file:140176kB unevictable:8kB writepending:596kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10592kB pagetables:13804kB bounce:0kB free_pcp:1776kB local_pcp:1264kB free_cma:0kB
[ 1314.210795][T20011] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1314.215734][T19944] lowmem_reserve[]: 0 0 2 2
[ 1314.329838][T19944] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1314.421148][T19944] lowmem_reserve[]: 0 0 0 0
[ 1314.530011][T19944] Node 1 Normal free:3783192kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:956kB local_pcp:0kB free_cma:0kB
[ 1314.569024][T19944] lowmem_reserve[]: 0 0 0 0
[ 1314.573567][T19944] Node 0 DMA: 680*4kB (U) 340*8kB () 171*16kB () 87*32kB (U) 45*64kB (U) 23*128kB (U) 12*256kB (U) 6*512kB () 4*1024kB (U) 2*2048kB (M) 3*4096kB (UM) = 43408kB
[ 1314.598122][T19944] Node 0 DMA32: 276423*4kB (UME) 217479*8kB (UME) 77524*16kB (UME) 34389*32kB (UME) 16776*64kB (UME) 7267*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4484*2048kB (UM) 11*4096kB (UM) = 19195572kB
[ 1314.628035][T19944] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1314.650584][T19944] Node 1 Normal: 19079*4kB (UM) 10758*8kB (UM) 5576*16kB (UME) 2699*32kB (UME) 1336*64kB (UME) 671*128kB (UME) 332*256kB (U) 167*512kB (UME) 87*1024kB (UME) 42*2048kB (U) 918*4096kB (UM) = 4615084kB
[ 1314.677563][T19944] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1314.694731][T19944] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1314.704122][T19944] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1314.721979][T19944] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1314.734958][T19944] 48910 total pagecache pages
[ 1314.744829][T19944] 0 pages in swap cache
23:57:05 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x7a, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:05 executing program 0:

23:57:05 executing program 2:
ioctl$CAPI_GET_PROFILE(0xffffffffffffffff, 0xc0044308, &(0x7f00000000c0)=0x10000)
syz_genetlink_get_family_id$tipc(&(0x7f0000000000)='TIPC\x00')

23:57:05 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:57:05 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup\x00', 0x200002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$cgroup_int(r0, &(0x7f0000000280)='io.max\x00\xe3\xc6\xa1\xbc\x16\x94p`R\xfbqcm\xab\x87\xf6\xb6y1uoG\x18\xd4\xc8*R6\x84\xfb\xfbU\t\x00\x00\x00\x00\x00\x00\x00\xe83Q\xf1\xda\xedt\x93\xb4\xa5\x8d\xbd\xb5<\x1a\x90\xa3U\xb9{\xba\x99\xdf(\x9a%\xef\x0eO5\xcd\xbf\xe7\n\x13\xc3+(<\x02\x83|S0\xed\x0f9:\xc8\xb5\xa0\"\x00x\xe9\x1f\xe9\xee\x17\x88%\x19\xe3\x9d\x9d|P,\xb5+\x84\xaa\x1cZd\xb1fj\xde\xc7\xf0\xd8D\xaf\x01\x01\x8e\x95\x83X\xb9\xf5J\xb0\v\x0fC\xd3\x8e\x9d\xe1\x1e:!|\xa3%\xd2@M\x1b\xf3\xfe\xf1\x94\xffl~\x18\xedp\xa0\x10\x9fn\xcd\x9eKu\xf3\xa0\x1f\x93\xf3\xc0\x86\x04Y\xd5\xd5,\xc4\xf58y\xec\f\x16p\x9fs7\xb7\xc9\x85)\xe4\x1c\r\xdd\xe4\xe6\x91C\xec\x0e\x0e\"\xde\f\x99\xe3\xbaP\x0e\x94\xcd\x1fXl\x11\x13\xe3\xcf+>0\x8d\x01\xd4\xc3\xdf\x00\x0eDn\x05\x9dH\x9f\xa7\xceC\x18D\xe3\xf1\x1e\xb8\xa4\x9d\xae\xb9\x19\xa1\x1a\xa6\x13\x86q)/x\x85\x16\x8b2\xd5\x82dS\xd7\x16\xfc\xc6\xb3\xf6\x90\xa6\x14\x88\x1c;\xaex\x82(\xe0\xab\x91\xf0,\x9f=\xf2\x91g\xf0\xc9', 0x2, 0x0)
r3 = openat$cgroup_ro(r0, &(0x7f0000000140)='io.stat\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x100000000000004)

23:57:05 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x7400, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1314.752441][T19944] Swap cache stats: add 0, delete 0, find 0/0
[ 1314.763175][T19944] Free swap  = 0kB
[ 1314.766914][T19944] Total swap = 0kB
[ 1314.774192][T19944] 1965979 pages RAM
[ 1314.782763][T19944] 0 pages HighMem/MovableOnly
[ 1314.790816][T19944] 339409 pages reserved
[ 1314.794975][T19944] 0 pages cma reserved
[ 1314.868272][T20125] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1314.897926][T20125] CPU: 1 PID: 20125 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1314.907081][T20125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
23:57:06 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @broadcast}, 0x11)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f00000000c0), 0x35b)
sendto$inet(r0, 0x0, 0x0, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10)

[ 1314.917145][T20125] Call Trace:
[ 1314.920456][T20125]  dump_stack+0x172/0x1f0
[ 1314.924805][T20125]  warn_alloc.cold+0x88/0x184
[ 1314.929491][T20125]  ? zone_watermark_ok_safe+0x260/0x260
[ 1314.935045][T20125]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1314.940684][T20125]  ? find_held_lock+0x35/0x130
[ 1314.945470][T20125]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1314.951130][T20125]  __vmalloc_node_range+0x48a/0x790
[ 1314.956344][T20125]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1314.961375][T20125]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1314.961393][T20125]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1314.961444][T20125]  vmalloc_user+0x6b/0x90
[ 1314.961463][T20125]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1314.961481][T20125]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1314.961495][T20125]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1314.961518][T20125]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1314.997047][T20125]  __vb2_queue_alloc+0x5a6/0xf40
[ 1315.002022][T20125]  vb2_core_create_bufs+0x2bc/0x790
[ 1315.007235][T20125]  ? vim2m_buf_prepare+0x280/0x280
[ 1315.012354][T20125]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1315.017475][T20125]  ? lock_acquire+0x16f/0x3f0
[ 1315.022166][T20125]  ? __video_do_ioctl+0x398/0xce0
[ 1315.027212][T20125]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1315.033464][T20125]  vb2_create_bufs+0x47e/0x7a0
[ 1315.038240][T20125]  ? vb2_request_queue+0x120/0x120
[ 1315.043368][T20125]  ? mark_held_locks+0xf0/0xf0
[ 1315.048140][T20125]  ? debug_smp_processor_id+0x3c/0x280
[ 1315.053620][T20125]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1315.058657][T20125]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1315.064220][T20125]  v4l_create_bufs+0xc0/0x180
23:57:06 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xb, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:57:06 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = socket$netlink(0x10, 0x3, 0xf)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DEST(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10020008}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="77000000d8ba2528643cee99c00586514df68a2c12000800000000000000000000eac0ed3d3f0b67ffffffff17468fedc39fc1ff3fb971d57bd1c6accfc075194f6bebae719418d6ff00", @ANYRES16=r2, @ANYBLOB="000027bd7000ffdbdf2508000000380003000800040001000000140002006772657461703000000000000000000008000800060000000800010001000000080007004e21000008000600010000002c0002000800090000000000080002004e2000000800090007000000080005000000000008000400010000000800050000010000"], 0x88}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

[ 1315.068920][T20125]  __video_do_ioctl+0x7f1/0xce0
[ 1315.073792][T20125]  ? v4l_s_fmt+0xa40/0xa40
[ 1315.078231][T20125]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1315.084485][T20125]  ? _copy_from_user+0xdd/0x150
[ 1315.089354][T20125]  video_usercopy+0x4c5/0x10d0
[ 1315.094128][T20125]  ? v4l_s_fmt+0xa40/0xa40
[ 1315.098562][T20125]  ? v4l_enumstd+0x70/0x70
[ 1315.102990][T20125]  ? mark_held_locks+0xf0/0xf0
[ 1315.107757][T20125]  ? debug_smp_processor_id+0x3c/0x280
[ 1315.107777][T20125]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1315.107799][T20125]  ? __fget+0x35a/0x550
[ 1315.107816][T20125]  ? find_held_lock+0x35/0x130
[ 1315.107836][T20125]  ? video_usercopy+0x10d0/0x10d0
[ 1315.118824][T20125]  video_ioctl2+0x2d/0x35
[ 1315.118845][T20125]  v4l2_ioctl+0x156/0x1b0
[ 1315.118860][T20125]  ? video_devdata+0xa0/0xa0
[ 1315.118880][T20125]  do_vfs_ioctl+0xd6e/0x1390
[ 1315.118911][T20125]  ? kasan_check_read+0x11/0x20
[ 1315.118931][T20125]  ? ioctl_preallocate+0x210/0x210
[ 1315.118947][T20125]  ? __fget+0x381/0x550
[ 1315.118969][T20125]  ? ksys_dup3+0x3e0/0x3e0
[ 1315.118984][T20125]  ? nsecs_to_jiffies+0x30/0x30
[ 1315.119011][T20125]  ? security_file_ioctl+0x93/0xc0
[ 1315.119031][T20125]  ksys_ioctl+0xab/0xd0
[ 1315.119050][T20125]  __x64_sys_ioctl+0x73/0xb0
[ 1315.119069][T20125]  do_syscall_64+0x103/0x610
[ 1315.119091][T20125]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1315.119103][T20125] RIP: 0033:0x457e29
[ 1315.119118][T20125] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1315.119127][T20125] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1315.119140][T20125] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1315.119149][T20125] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1315.119159][T20125] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1315.119168][T20125] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1315.119184][T20125] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:57:06 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070")
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000600))
r2 = syz_open_pts(r1, 0x0)
write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0x35b)
ioctl$TCSETA(r2, 0x5406, &(0x7f00000001c0)={0xfffffffffffffffd, 0x0, 0x0, 0x100000009b4b62b})
ioctl$TCSETSF(r2, 0x5412, &(0x7f0000000040)={0x17})

[ 1315.325585][T20326] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
23:57:06 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1315.379737][T20326] CPU: 1 PID: 20326 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1315.388887][T20326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1315.398961][T20326] Call Trace:
[ 1315.402263][T20326]  dump_stack+0x172/0x1f0
[ 1315.406612][T20326]  warn_alloc.cold+0x88/0x184
[ 1315.411305][T20326]  ? zone_watermark_ok_safe+0x260/0x260
[ 1315.416855][T20326]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1315.422503][T20326]  ? find_held_lock+0x35/0x130
[ 1315.427281][T20326]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1315.432954][T20326]  __vmalloc_node_range+0x48a/0x790
[ 1315.438169][T20326]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1315.443205][T20326]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1315.448763][T20326]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1315.453795][T20326]  vmalloc_user+0x6b/0x90
[ 1315.458136][T20326]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1315.463168][T20326]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1315.468026][T20326]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1315.468049][T20326]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1315.468064][T20326]  __vb2_queue_alloc+0x5a6/0xf40
[ 1315.468099][T20326]  vb2_core_create_bufs+0x2bc/0x790
[ 1315.468120][T20326]  ? vim2m_buf_prepare+0x280/0x280
[ 1315.468135][T20326]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1315.468150][T20326]  ? lock_acquire+0x16f/0x3f0
[ 1315.468171][T20326]  ? __video_do_ioctl+0x398/0xce0
[ 1315.478995][T20326]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1315.479018][T20326]  vb2_create_bufs+0x47e/0x7a0
[ 1315.479041][T20326]  ? vb2_request_queue+0x120/0x120
[ 1315.479063][T20326]  ? mark_held_locks+0xf0/0xf0
[ 1315.479079][T20326]  ? debug_smp_processor_id+0x3c/0x280
[ 1315.479103][T20326]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1315.479121][T20326]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1315.479137][T20326]  v4l_create_bufs+0xc0/0x180
[ 1315.479156][T20326]  __video_do_ioctl+0x7f1/0xce0
[ 1315.479180][T20326]  ? v4l_s_fmt+0xa40/0xa40
[ 1315.479203][T20326]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1315.566165][T20326]  ? _copy_from_user+0xdd/0x150
[ 1315.571038][T20326]  video_usercopy+0x4c5/0x10d0
[ 1315.575812][T20326]  ? v4l_s_fmt+0xa40/0xa40
[ 1315.580243][T20326]  ? v4l_enumstd+0x70/0x70
[ 1315.584673][T20326]  ? mark_held_locks+0xf0/0xf0
[ 1315.589481][T20326]  ? debug_smp_processor_id+0x3c/0x280
[ 1315.594987][T20326]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1315.597678][T20125] warn_alloc_show_mem: 1 callbacks suppressed
[ 1315.597683][T20125] Mem-Info:
[ 1315.600543][T20326]  ? __fget+0x35a/0x550
[ 1315.600562][T20326]  ? find_held_lock+0x35/0x130
[ 1315.600583][T20326]  ? video_usercopy+0x10d0/0x10d0
[ 1315.600597][T20326]  video_ioctl2+0x2d/0x35
[ 1315.600619][T20326]  v4l2_ioctl+0x156/0x1b0
[ 1315.616358][T20125] active_anon:168663 inactive_anon:193 isolated_anon:0
[ 1315.616358][T20125]  active_file:13350 inactive_file:35073 isolated_file:0
[ 1315.616358][T20125]  unevictable:2 dirty:179 writeback:0 unstable:0
[ 1315.616358][T20125]  slab_reclaimable:17745 slab_unreclaimable:104764
[ 1315.616358][T20125]  mapped:58661 shmem:493 pagetables:3518 bounce:0
[ 1315.616358][T20125]  free:1052995 free_pcp:673 free_cma:0
[ 1315.618693][T20326]  ? video_devdata+0xa0/0xa0
[ 1315.618715][T20326]  do_vfs_ioctl+0xd6e/0x1390
[ 1315.618735][T20326]  ? kasan_check_read+0x11/0x20
[ 1315.618754][T20326]  ? ioctl_preallocate+0x210/0x210
[ 1315.618769][T20326]  ? __fget+0x381/0x550
[ 1315.618792][T20326]  ? ksys_dup3+0x3e0/0x3e0
[ 1315.618808][T20326]  ? nsecs_to_jiffies+0x30/0x30
[ 1315.618843][T20326]  ? security_file_ioctl+0x93/0xc0
[ 1315.630281][T20125] Node 0 active_anon:674652kB inactive_anon:772kB active_file:53208kB inactive_file:140248kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:716kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 268288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1315.632492][T20326]  ksys_ioctl+0xab/0xd0
[ 1315.632515][T20326]  __x64_sys_ioctl+0x73/0xb0
[ 1315.632536][T20326]  do_syscall_64+0x103/0x610
[ 1315.632561][T20326]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1315.756745][T20326] RIP: 0033:0x457e29
[ 1315.760647][T20326] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1315.780254][T20326] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1315.787844][T20125] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1315.788671][T20326] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1315.788681][T20326] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:57:06 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video0\x00', 0x2, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:57:06 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x1a0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1315.788691][T20326] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1315.788701][T20326] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1315.788711][T20326] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1315.901340][T20125] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
23:57:07 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xd, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1315.958560][T20589] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1315.987653][T20589] CPU: 1 PID: 20589 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1315.996818][T20589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1316.006911][T20589] Call Trace:
[ 1316.010226][T20589]  dump_stack+0x172/0x1f0
[ 1316.014580][T20589]  warn_alloc.cold+0x88/0x184
[ 1316.019280][T20589]  ? zone_watermark_ok_safe+0x260/0x260
[ 1316.024839][T20589]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1316.030487][T20589]  ? find_held_lock+0x35/0x130
[ 1316.035261][T20589]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1316.040929][T20589]  __vmalloc_node_range+0x48a/0x790
[ 1316.044278][T20125] lowmem_reserve[]: 0 2553 2555 2555
[ 1316.046139][T20589]  ? vb2_vmalloc_alloc+0x8c/0x2a0
23:57:07 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x11000)

[ 1316.046162][T20589]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1316.046179][T20589]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1316.046205][T20589]  vmalloc_user+0x6b/0x90
[ 1316.056510][T20589]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1316.076401][T20589]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1316.081284][T20589]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1316.086323][T20589]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1316.092140][T20589]  __vb2_queue_alloc+0x5a6/0xf40
[ 1316.097124][T20589]  vb2_core_create_bufs+0x2bc/0x790
[ 1316.102492][T20589]  ? vim2m_buf_prepare+0x280/0x280
[ 1316.104600][T20125] Node 0 DMA32 free:411972kB min:107912kB low:116968kB high:126024kB active_anon:674628kB inactive_anon:776kB active_file:53208kB inactive_file:140248kB unevictable:8kB writepending:720kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10720kB pagetables:14004kB bounce:0kB free_pcp:1792kB local_pcp:588kB free_cma:0kB
[ 1316.107605][T20589]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1316.107625][T20589]  ? lock_acquire+0x16f/0x3f0
[ 1316.107664][T20589]  ? __video_do_ioctl+0x398/0xce0
[ 1316.107690][T20589]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
23:57:07 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x8, 0x40)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'team_slave_1\x00', 0xc000})
ioctl$VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000100)={0x8, 0x0, 0x4, 0x400002, {0x77359400}, {0x4, 0xc, 0xfff, 0x6, 0x59db, 0xffffffffffffff01, "60a65d7b"}, 0x6, 0x0, @offset=0x5, 0x4})
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
recvfrom$inet6(r1, &(0x7f0000000180)=""/58, 0x3a, 0x2000, &(0x7f00000001c0)={0xa, 0x4e22, 0x2, @empty, 0x101}, 0x1c)

[ 1316.107711][T20589]  vb2_create_bufs+0x47e/0x7a0
[ 1316.107733][T20589]  ? vb2_request_queue+0x120/0x120
[ 1316.107753][T20589]  ? mark_held_locks+0xf0/0xf0
[ 1316.107769][T20589]  ? debug_smp_processor_id+0x3c/0x280
[ 1316.107792][T20589]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1316.184799][T20589]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1316.190359][T20589]  v4l_create_bufs+0xc0/0x180
[ 1316.195050][T20589]  __video_do_ioctl+0x7f1/0xce0
[ 1316.199928][T20589]  ? v4l_s_fmt+0xa40/0xa40
[ 1316.204368][T20589]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1316.211144][T20589]  ? _copy_from_user+0xdd/0x150
[ 1316.216024][T20589]  video_usercopy+0x4c5/0x10d0
[ 1316.220796][T20589]  ? v4l_s_fmt+0xa40/0xa40
[ 1316.225229][T20589]  ? v4l_enumstd+0x70/0x70
[ 1316.226372][T20125] lowmem_reserve[]: 0 0 2 2
[ 1316.229665][T20589]  ? mark_held_locks+0xf0/0xf0
[ 1316.229684][T20589]  ? debug_smp_processor_id+0x3c/0x280
[ 1316.229704][T20589]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1316.229725][T20589]  ? __fget+0x35a/0x550
[ 1316.229740][T20589]  ? find_held_lock+0x35/0x130
[ 1316.229757][T20589]  ? video_usercopy+0x10d0/0x10d0
[ 1316.229771][T20589]  video_ioctl2+0x2d/0x35
[ 1316.229790][T20589]  v4l2_ioctl+0x156/0x1b0
[ 1316.229806][T20589]  ? video_devdata+0xa0/0xa0
[ 1316.229827][T20589]  do_vfs_ioctl+0xd6e/0x1390
[ 1316.242628][T20125] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1316.244530][T20589]  ? kasan_check_read+0x11/0x20
[ 1316.244552][T20589]  ? ioctl_preallocate+0x210/0x210
[ 1316.244569][T20589]  ? __fget+0x381/0x550
[ 1316.244599][T20589]  ? ksys_dup3+0x3e0/0x3e0
[ 1316.295046][T20125] lowmem_reserve[]: 0 0 0 0
[ 1316.308271][T20589]  ? nsecs_to_jiffies+0x30/0x30
[ 1316.308303][T20589]  ? security_file_ioctl+0x93/0xc0
[ 1316.308325][T20589]  ksys_ioctl+0xab/0xd0
[ 1316.308347][T20589]  __x64_sys_ioctl+0x73/0xb0
[ 1316.308366][T20589]  do_syscall_64+0x103/0x610
[ 1316.308402][T20589]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1316.308422][T20589] RIP: 0033:0x457e29
[ 1316.308438][T20589] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1316.308446][T20589] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1316.308460][T20589] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1316.308481][T20589] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1316.308504][T20589] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1316.308513][T20589] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1316.308531][T20589] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1316.405316][T20125] Node 1 Normal free:3783196kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:956kB local_pcp:0kB free_cma:0kB
[ 1316.482987][T20125] lowmem_reserve[]: 0 0 0 0
[ 1316.487865][T20125] Node 0 DMA: 680*4kB (U) 340*8kB () 171*16kB () 87*32kB (U) 45*64kB (U) 23*128kB (U) 12*256kB (U) 6*512kB () 4*1024kB (U) 2*2048kB (M) 3*4096kB (UM) = 43408kB
[ 1316.553862][T20125] Node 0 DMA32: 276295*4kB (UME) 217225*8kB (UME) 77551*16kB (UME) 34403*32kB (UME) 16776*64kB (UME) 7268*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4487*2048kB (UM) 10*4096kB (UM) = 19196084kB
[ 1316.583357][T20125] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1316.606170][T20125] Node 1 Normal: 19079*4kB (UM) 10758*8kB (UM) 5576*16kB (UME) 2699*32kB (UME) 1336*64kB (UME) 671*128kB (UME) 332*256kB (U) 167*512kB (UME) 87*1024kB (UME) 42*2048kB (U) 918*4096kB (UM) = 4615084kB
[ 1316.634547][T20125] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1316.645534][T20125] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1316.663208][T20125] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1316.675258][T20125] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1316.693496][T20125] 48924 total pagecache pages
[ 1316.700617][T20125] 0 pages in swap cache
[ 1316.704872][T20125] Swap cache stats: add 0, delete 0, find 0/0
[ 1316.716877][T20125] Free swap  = 0kB
[ 1316.723177][T20125] Total swap = 0kB
[ 1316.727041][T20125] 1965979 pages RAM
[ 1316.736697][T20125] 0 pages HighMem/MovableOnly
[ 1316.743888][T20125] 339409 pages reserved
[ 1316.754152][T20125] 0 pages cma reserved
[ 1319.838065][ T9383] bond1 (unregistering): Released all slaves
[ 1319.891175][ T9383] device hsr_slave_1 left promiscuous mode
[ 1319.953458][ T9383] device hsr_slave_0 left promiscuous mode
[ 1320.015497][ T9383] team0 (unregistering): Port device team_slave_1 removed
[ 1320.028045][ T9383] team0 (unregistering): Port device team_slave_0 removed
[ 1320.040570][ T9383] bond0 (unregistering): Releasing backup interface bond_slave_1
[ 1320.113350][ T9383] bond0 (unregistering): Releasing backup interface bond_slave_0
[ 1320.209264][ T9383] bond0 (unregistering): Released all slaves
23:57:11 executing program 3:
syz_read_part_table(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

23:57:11 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
fadvise64(r0, 0x100000000, 0x9, 0x3)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:57:11 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x300, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:11 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xe, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:57:11 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x7a00, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:11 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x1a0, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1320.388777][T20777] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1320.427123][T20777] CPU: 1 PID: 20777 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1320.432774][T20798] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1320.436276][T20777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1320.436284][T20777] Call Trace:
[ 1320.436309][T20777]  dump_stack+0x172/0x1f0
[ 1320.436339][T20777]  warn_alloc.cold+0x88/0x184
[ 1320.472531][T20777]  ? zone_watermark_ok_safe+0x260/0x260
[ 1320.478082][T20777]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1320.483715][T20777]  ? find_held_lock+0x35/0x130
[ 1320.488483][T20777]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1320.494146][T20777]  __vmalloc_node_range+0x48a/0x790
[ 1320.499348][T20777]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1320.504376][T20777]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1320.509935][T20777]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1320.514961][T20777]  vmalloc_user+0x6b/0x90
[ 1320.519291][T20777]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1320.524323][T20777]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1320.529168][T20777]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1320.534200][T20777]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1320.540010][T20777]  __vb2_queue_alloc+0x5a6/0xf40
[ 1320.544975][T20777]  vb2_core_create_bufs+0x2bc/0x790
[ 1320.550178][T20777]  ? vim2m_buf_prepare+0x280/0x280
[ 1320.555465][T20777]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1320.560576][T20777]  ? lock_acquire+0x16f/0x3f0
[ 1320.565252][T20777]  ? __video_do_ioctl+0x398/0xce0
[ 1320.570289][T20777]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1320.576533][T20777]  vb2_create_bufs+0x47e/0x7a0
[ 1320.581303][T20777]  ? vb2_request_queue+0x120/0x120
[ 1320.586424][T20777]  ? mark_held_locks+0xf0/0xf0
[ 1320.591184][T20777]  ? debug_smp_processor_id+0x3c/0x280
[ 1320.596670][T20777]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1320.601699][T20777]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1320.607244][T20777]  v4l_create_bufs+0xc0/0x180
[ 1320.611930][T20777]  __video_do_ioctl+0x7f1/0xce0
[ 1320.616792][T20777]  ? v4l_s_fmt+0xa40/0xa40
[ 1320.621219][T20777]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1320.627460][T20777]  ? _copy_from_user+0xdd/0x150
[ 1320.632321][T20777]  video_usercopy+0x4c5/0x10d0
[ 1320.637085][T20777]  ? v4l_s_fmt+0xa40/0xa40
[ 1320.641506][T20777]  ? v4l_enumstd+0x70/0x70
[ 1320.645932][T20777]  ? mark_held_locks+0xf0/0xf0
[ 1320.650696][T20777]  ? debug_smp_processor_id+0x3c/0x280
[ 1320.656159][T20777]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1320.661709][T20777]  ? __fget+0x35a/0x550
[ 1320.665863][T20777]  ? find_held_lock+0x35/0x130
[ 1320.670638][T20777]  ? video_usercopy+0x10d0/0x10d0
[ 1320.675658][T20777]  video_ioctl2+0x2d/0x35
[ 1320.679989][T20777]  v4l2_ioctl+0x156/0x1b0
[ 1320.684315][T20777]  ? video_devdata+0xa0/0xa0
[ 1320.688918][T20777]  do_vfs_ioctl+0xd6e/0x1390
[ 1320.693513][T20777]  ? kasan_check_read+0x11/0x20
[ 1320.698367][T20777]  ? ioctl_preallocate+0x210/0x210
[ 1320.703477][T20777]  ? __fget+0x381/0x550
[ 1320.707636][T20777]  ? ksys_dup3+0x3e0/0x3e0
[ 1320.712051][T20777]  ? nsecs_to_jiffies+0x30/0x30
[ 1320.716916][T20777]  ? security_file_ioctl+0x93/0xc0
[ 1320.722034][T20777]  ksys_ioctl+0xab/0xd0
[ 1320.726195][T20777]  __x64_sys_ioctl+0x73/0xb0
[ 1320.730786][T20777]  do_syscall_64+0x103/0x610
[ 1320.735400][T20777]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1320.741297][T20777] RIP: 0033:0x457e29
[ 1320.745189][T20777] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1320.764794][T20777] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1320.773209][T20777] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1320.781177][T20777] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1320.789147][T20777] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1320.797115][T20777] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1320.805082][T20777] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1320.815426][T20798] CPU: 1 PID: 20798 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1320.824553][T20798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1320.834623][T20798] Call Trace:
[ 1320.834648][T20798]  dump_stack+0x172/0x1f0
[ 1320.834674][T20798]  warn_alloc.cold+0x88/0x184
[ 1320.834695][T20798]  ? zone_watermark_ok_safe+0x260/0x260
[ 1320.834711][T20798]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1320.834735][T20798]  ? find_held_lock+0x35/0x130
[ 1320.844951][T20777] warn_alloc_show_mem: 2 callbacks suppressed
[ 1320.844957][T20777] Mem-Info:
[ 1320.847009][T20798]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1320.847053][T20798]  __vmalloc_node_range+0x48a/0x790
[ 1320.854700][T20822] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[ 1320.858226][T20798]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1320.858260][T20798]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1320.858277][T20798]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1320.858305][T20798]  vmalloc_user+0x6b/0x90
[ 1320.868124][T20777] active_anon:168645 inactive_anon:192 isolated_anon:0
[ 1320.868124][T20777]  active_file:13350 inactive_file:35230 isolated_file:0
[ 1320.868124][T20777]  unevictable:2 dirty:342 writeback:0 unstable:0
[ 1320.868124][T20777]  slab_reclaimable:17646 slab_unreclaimable:103627
[ 1320.868124][T20777]  mapped:58661 shmem:493 pagetables:3495 bounce:0
[ 1320.868124][T20777]  free:1054211 free_pcp:521 free_cma:0
[ 1320.870821][T20798]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1320.870841][T20798]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1320.870861][T20798]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1320.879592][T20798]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1320.879609][T20798]  __vb2_queue_alloc+0x5a6/0xf40
[ 1320.879648][T20798]  vb2_core_create_bufs+0x2bc/0x790
[ 1320.879670][T20798]  ? vim2m_buf_prepare+0x280/0x280
[ 1320.887924][T20777] Node 0 active_anon:674580kB inactive_anon:768kB active_file:53208kB inactive_file:140876kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1368kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 266240kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1320.898725][T20798]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1320.898743][T20798]  ? lock_acquire+0x16f/0x3f0
[ 1320.898758][T20798]  ? __video_do_ioctl+0x398/0xce0
[ 1320.898784][T20798]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1320.898805][T20798]  vb2_create_bufs+0x47e/0x7a0
[ 1320.924457][T20777] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1320.956781][T20798]  ? vb2_request_queue+0x120/0x120
[ 1320.956806][T20798]  ? mark_held_locks+0xf0/0xf0
[ 1320.956821][T20798]  ? debug_smp_processor_id+0x3c/0x280
[ 1320.956845][T20798]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1320.956863][T20798]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1320.956880][T20798]  v4l_create_bufs+0xc0/0x180
[ 1320.956908][T20798]  __video_do_ioctl+0x7f1/0xce0
[ 1320.956932][T20798]  ? v4l_s_fmt+0xa40/0xa40
[ 1320.956959][T20798]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1321.004981][T20777] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1321.022342][T20798]  ? _copy_from_user+0xdd/0x150
[ 1321.022366][T20798]  video_usercopy+0x4c5/0x10d0
[ 1321.022381][T20798]  ? v4l_s_fmt+0xa40/0xa40
[ 1321.022402][T20798]  ? v4l_enumstd+0x70/0x70
[ 1321.022428][T20798]  ? mark_held_locks+0xf0/0xf0
[ 1321.022450][T20798]  ? debug_smp_processor_id+0x3c/0x280
[ 1321.054688][T20777] lowmem_reserve[]: 0 2553 2555 2555
[ 1321.074750][T20798]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1321.074773][T20798]  ? __fget+0x35a/0x550
[ 1321.074791][T20798]  ? find_held_lock+0x35/0x130
[ 1321.074811][T20798]  ? video_usercopy+0x10d0/0x10d0
[ 1321.074825][T20798]  video_ioctl2+0x2d/0x35
[ 1321.074846][T20798]  v4l2_ioctl+0x156/0x1b0
[ 1321.074862][T20798]  ? video_devdata+0xa0/0xa0
[ 1321.074885][T20798]  do_vfs_ioctl+0xd6e/0x1390
23:57:12 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x8001, 0x602040)
getsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000000080)={@rand_addr, @loopback}, &(0x7f0000000180)=0xc)
bind$nfc_llcp(r1, &(0x7f0000000100)={0x27, 0x1, 0x0, 0x7, 0x7fffffff, 0x4, "aa21429af00b534970275181f518d9740b3bab44588bd4b0c979b47a21d00749450f4605ea0a04a5d35ba9e1405a159c3858d5c02ece564218679eb361f647", 0x2b}, 0x60)

23:57:12 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xf, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:57:12 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x500, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1321.110683][T20777] Node 0 DMA32 free:417288kB min:107912kB low:116968kB high:126024kB active_anon:674580kB inactive_anon:768kB active_file:53208kB inactive_file:140876kB unevictable:8kB writepending:1368kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10816kB pagetables:13980kB bounce:0kB free_pcp:1616kB local_pcp:344kB free_cma:0kB
[ 1321.114667][T20798]  ? kasan_check_read+0x11/0x20
[ 1321.114690][T20798]  ? ioctl_preallocate+0x210/0x210
[ 1321.114706][T20798]  ? __fget+0x381/0x550
[ 1321.114729][T20798]  ? ksys_dup3+0x3e0/0x3e0
[ 1321.133485][T20777] lowmem_reserve[]: 0 0 2 2
[ 1321.147777][T20798]  ? nsecs_to_jiffies+0x30/0x30
[ 1321.147809][T20798]  ? security_file_ioctl+0x93/0xc0
[ 1321.147831][T20798]  ksys_ioctl+0xab/0xd0
[ 1321.147852][T20798]  __x64_sys_ioctl+0x73/0xb0
[ 1321.147871][T20798]  do_syscall_64+0x103/0x610
[ 1321.147911][T20798]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1321.169785][T20777] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1321.171065][T20798] RIP: 0033:0x457e29
[ 1321.171082][T20798] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1321.171092][T20798] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1321.171108][T20798] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1321.171117][T20798] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1321.171127][T20798] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1321.171142][T20798] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1321.179318][T20777] lowmem_reserve[]: 0 0 0 0
[ 1321.181862][T20798] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1321.406525][T20777] Node 1 Normal free:3783648kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:452kB local_pcp:452kB free_cma:0kB
[ 1321.408742][T20822] CPU: 0 PID: 20822 Comm: syz-executor.0 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1321.444418][T20822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1321.446679][T20777] lowmem_reserve[]: 0 0 0 0
[ 1321.454464][T20822] Call Trace:
[ 1321.454488][T20822]  dump_stack+0x172/0x1f0
[ 1321.454514][T20822]  warn_alloc.cold+0x88/0x184
[ 1321.454534][T20822]  ? zone_watermark_ok_safe+0x260/0x260
[ 1321.454549][T20822]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1321.454566][T20822]  ? find_held_lock+0x35/0x130
[ 1321.454583][T20822]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1321.454617][T20822]  __vmalloc_node_range+0x48a/0x790
[ 1321.467259][T20777] Node 0 DMA: 680*4kB (U) 340*8kB () 171*16kB () 87*32kB (U) 45*64kB (U) 23*128kB (U) 12*256kB (U) 6*512kB () 4*1024kB (U) 2*2048kB (M) 3*4096kB (UM) = 43408kB
[ 1321.471385][T20822]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1321.471405][T20822]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1321.471421][T20822]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1321.471449][T20822]  vmalloc_user+0x6b/0x90
[ 1321.471466][T20822]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1321.471482][T20822]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1321.471493][T20822]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1321.471510][T20822]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1321.471528][T20822]  __vb2_queue_alloc+0x5a6/0xf40
[ 1321.485663][T20777] Node 0 DMA32: 276420*4kB (UME) 217633*8kB (UME) 77556*16kB (UME) 34405*32kB (UME) 16776*64kB (UME) 7268*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4489*2048kB (UM) 10*4096kB (UM) = 19204088kB
[ 1321.487448][T20822]  vb2_core_create_bufs+0x2bc/0x790
[ 1321.487470][T20822]  ? vim2m_buf_prepare+0x280/0x280
[ 1321.487487][T20822]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1321.487504][T20822]  ? lock_acquire+0x16f/0x3f0
[ 1321.487518][T20822]  ? __video_do_ioctl+0x398/0xce0
[ 1321.487545][T20822]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1321.487566][T20822]  vb2_create_bufs+0x47e/0x7a0
[ 1321.487587][T20822]  ? vb2_request_queue+0x120/0x120
[ 1321.487607][T20822]  ? mark_held_locks+0xf0/0xf0
[ 1321.495463][T20777] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
23:57:12 executing program 0:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x4c00, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1321.498413][T20822]  ? debug_smp_processor_id+0x3c/0x280
[ 1321.498440][T20822]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1321.498461][T20822]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1321.498492][T20822]  v4l_create_bufs+0xc0/0x180
[ 1321.498522][T20822]  __video_do_ioctl+0x7f1/0xce0
[ 1321.498546][T20822]  ? v4l_s_fmt+0xa40/0xa40
[ 1321.498571][T20822]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1321.498589][T20822]  ? _copy_from_user+0xdd/0x150
[ 1321.498636][T20822]  video_usercopy+0x4c5/0x10d0
[ 1321.522227][T20777] Node 1 Normal: 19079*4kB (UM) 10759*8kB (UM) 5575*16kB (UME) 2699*32kB (UME) 1336*64kB (UME) 671*128kB (UME) 332*256kB (U) 166*512kB (UME) 88*1024kB (UME) 42*2048kB (U) 918*4096kB (UM) = 4615588kB
[ 1321.525181][T20822]  ? v4l_s_fmt+0xa40/0xa40
[ 1321.525204][T20822]  ? v4l_enumstd+0x70/0x70
[ 1321.525229][T20822]  ? mark_held_locks+0xf0/0xf0
[ 1321.533052][T20777] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1321.534568][T20822]  ? debug_smp_processor_id+0x3c/0x280
[ 1321.534588][T20822]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1321.534614][T20822]  ? __fget+0x35a/0x550
[ 1321.544319][T20777] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1321.544485][T20822]  ? find_held_lock+0x35/0x130
[ 1321.552263][T20777] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1321.555300][T20822]  ? video_usercopy+0x10d0/0x10d0
[ 1321.555315][T20822]  video_ioctl2+0x2d/0x35
[ 1321.555335][T20822]  v4l2_ioctl+0x156/0x1b0
[ 1321.555367][T20822]  ? video_devdata+0xa0/0xa0
[ 1321.564995][T20777] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1321.580775][T20822]  do_vfs_ioctl+0xd6e/0x1390
[ 1321.580796][T20822]  ? kasan_check_read+0x11/0x20
[ 1321.580815][T20822]  ? ioctl_preallocate+0x210/0x210
[ 1321.580831][T20822]  ? __fget+0x381/0x550
[ 1321.580854][T20822]  ? ksys_dup3+0x3e0/0x3e0
[ 1321.580871][T20822]  ? nsecs_to_jiffies+0x30/0x30
[ 1321.580919][T20822]  ? security_file_ioctl+0x93/0xc0
[ 1321.580940][T20822]  ksys_ioctl+0xab/0xd0
[ 1321.580962][T20822]  __x64_sys_ioctl+0x73/0xb0
[ 1321.580982][T20822]  do_syscall_64+0x103/0x610
23:57:12 executing program 3:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0xe00000000000000, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0xcef, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1321.581006][T20822]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1321.592980][T20777] 49078 total pagecache pages
[ 1321.596385][T20822] RIP: 0033:0x457e29
[ 1321.596401][T20822] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1321.596410][T20822] RSP: 002b:00007f6b78cc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1321.596425][T20822] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1321.596442][T20822] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1321.601640][T20777] 0 pages in swap cache
[ 1321.606144][T20822] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1321.606154][T20822] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6b78cc86d4
[ 1321.606164][T20822] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1321.678088][T20777] Swap cache stats: add 0, delete 0, find 0/0
[ 1321.752180][T21006] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1321.769035][T21010] syz-executor.0: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1
[ 1321.773542][T21006] CPU: 1 PID: 21006 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1321.779078][T21006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1321.779084][T21006] Call Trace:
[ 1321.779106][T21006]  dump_stack+0x172/0x1f0
[ 1321.779132][T21006]  warn_alloc.cold+0x88/0x184
[ 1321.779152][T21006]  ? zone_watermark_ok_safe+0x260/0x260
[ 1321.779167][T21006]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1321.779185][T21006]  ? find_held_lock+0x35/0x130
[ 1321.779202][T21006]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1321.779238][T21006]  __vmalloc_node_range+0x48a/0x790
[ 1321.779257][T21006]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1321.779278][T21006]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1321.779294][T21006]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1321.779318][T21006]  vmalloc_user+0x6b/0x90
[ 1321.797491][T21006]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1321.797510][T21006]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1321.797524][T21006]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1321.797547][T21006]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1321.806978][T21006]  __vb2_queue_alloc+0x5a6/0xf40
[ 1321.812626][T20777] Free swap  = 0kB
[ 1321.816235][T21006]  vb2_core_create_bufs+0x2bc/0x790
[ 1321.816265][T21006]  ? vim2m_buf_prepare+0x280/0x280
[ 1321.830607][T21006]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1321.830625][T21006]  ? lock_acquire+0x16f/0x3f0
[ 1321.830640][T21006]  ? __video_do_ioctl+0x398/0xce0
[ 1321.830665][T21006]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1321.839285][T20777] Total swap = 0kB
[ 1321.839389][T21006]  vb2_create_bufs+0x47e/0x7a0
[ 1321.849847][T21006]  ? vb2_request_queue+0x120/0x120
[ 1321.849869][T21006]  ? mark_held_locks+0xf0/0xf0
[ 1321.849885][T21006]  ? debug_smp_processor_id+0x3c/0x280
[ 1321.849919][T21006]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1321.858689][T20777] 1965979 pages RAM
[ 1321.878101][T21006]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
23:57:13 executing program 2:
getpid()
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
fcntl$addseals(r0, 0x409, 0x8)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

[ 1321.878119][T21006]  v4l_create_bufs+0xc0/0x180
[ 1321.878138][T21006]  __video_do_ioctl+0x7f1/0xce0
[ 1321.878162][T21006]  ? v4l_s_fmt+0xa40/0xa40
[ 1321.878186][T21006]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1321.894554][T21006]  ? _copy_from_user+0xdd/0x150
[ 1321.894567][T21006]  video_usercopy+0x4c5/0x10d0
[ 1321.894575][T21006]  ? v4l_s_fmt+0xa40/0xa40
[ 1321.894587][T21006]  ? v4l_enumstd+0x70/0x70
[ 1321.894598][T21006]  ? mark_held_locks+0xf0/0xf0
[ 1321.894607][T21006]  ? debug_smp_processor_id+0x3c/0x280
[ 1321.894617][T21006]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1321.894629][T21006]  ? __fget+0x35a/0x550
[ 1321.894638][T21006]  ? find_held_lock+0x35/0x130
[ 1321.894648][T21006]  ? video_usercopy+0x10d0/0x10d0
[ 1321.894655][T21006]  video_ioctl2+0x2d/0x35
[ 1321.894667][T21006]  v4l2_ioctl+0x156/0x1b0
[ 1321.894675][T21006]  ? video_devdata+0xa0/0xa0
[ 1321.894686][T21006]  do_vfs_ioctl+0xd6e/0x1390
[ 1321.894697][T21006]  ? kasan_check_read+0x11/0x20
[ 1321.894708][T21006]  ? ioctl_preallocate+0x210/0x210
[ 1321.894716][T21006]  ? __fget+0x381/0x550
[ 1321.894729][T21006]  ? ksys_dup3+0x3e0/0x3e0
[ 1321.894738][T21006]  ? nsecs_to_jiffies+0x30/0x30
[ 1321.894755][T21006]  ? security_file_ioctl+0x93/0xc0
[ 1321.894765][T21006]  ksys_ioctl+0xab/0xd0
[ 1321.894777][T21006]  __x64_sys_ioctl+0x73/0xb0
[ 1321.894787][T21006]  do_syscall_64+0x103/0x610
[ 1321.894801][T21006]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1321.894808][T21006] RIP: 0033:0x457e29
[ 1321.894818][T21006] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1321.894823][T21006] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1321.894832][T21006] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1321.894837][T21006] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1321.894842][T21006] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1321.894847][T21006] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
23:57:13 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x20000, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:13 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x10, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1321.894852][T21006] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1321.920190][T21010] CPU: 0 PID: 21010 Comm: syz-executor.0 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1321.931593][T21010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1321.931599][T21010] Call Trace:
[ 1321.931622][T21010]  dump_stack+0x172/0x1f0
[ 1321.931648][T21010]  warn_alloc.cold+0x88/0x184
[ 1321.931668][T21010]  ? zone_watermark_ok_safe+0x260/0x260
[ 1321.931690][T21010]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1321.938152][T20777] 0 pages HighMem/MovableOnly
[ 1321.951635][T21010]  ? find_held_lock+0x35/0x130
[ 1321.951682][T21010]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1321.951729][T21010]  __vmalloc_node_range+0x48a/0x790
[ 1321.951747][T21010]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1321.951766][T21010]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1321.951794][T21010]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1321.951812][T21010]  vmalloc_user+0x6b/0x90
[ 1321.951833][T21010]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1321.974822][T21010]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1321.974839][T21010]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1321.974860][T21010]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1321.974874][T21010]  __vb2_queue_alloc+0x5a6/0xf40
[ 1321.974926][T21010]  vb2_core_create_bufs+0x2bc/0x790
[ 1321.988251][T21010]  ? vim2m_buf_prepare+0x280/0x280
[ 1321.988269][T21010]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1321.988287][T21010]  ? lock_acquire+0x16f/0x3f0
[ 1321.988301][T21010]  ? __video_do_ioctl+0x398/0xce0
[ 1321.988327][T21010]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1321.988346][T21010]  vb2_create_bufs+0x47e/0x7a0
[ 1321.988366][T21010]  ? vb2_request_queue+0x120/0x120
[ 1321.988385][T21010]  ? mark_held_locks+0xf0/0xf0
[ 1321.988408][T21010]  ? debug_smp_processor_id+0x3c/0x280
[ 1322.051074][T20777] 339409 pages reserved
[ 1322.053931][T21010]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1322.053962][T21010]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1322.059088][T20777] 0 pages cma reserved
[ 1322.064769][T21010]  v4l_create_bufs+0xc0/0x180
[ 1322.064790][T21010]  __video_do_ioctl+0x7f1/0xce0
[ 1322.064814][T21010]  ? v4l_s_fmt+0xa40/0xa40
[ 1322.075166][T21006] warn_alloc_show_mem: 2 callbacks suppressed
[ 1322.075171][T21006] Mem-Info:
[ 1322.078631][T21010]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1322.078652][T21010]  ? _copy_from_user+0xdd/0x150
[ 1322.078674][T21010]  video_usercopy+0x4c5/0x10d0
[ 1322.078690][T21010]  ? v4l_s_fmt+0xa40/0xa40
[ 1322.078712][T21010]  ? v4l_enumstd+0x70/0x70
[ 1322.078734][T21010]  ? mark_held_locks+0xf0/0xf0
[ 1322.086800][T21006] active_anon:168699 inactive_anon:191 isolated_anon:0
[ 1322.086800][T21006]  active_file:13350 inactive_file:35230 isolated_file:0
[ 1322.086800][T21006]  unevictable:2 dirty:342 writeback:0 unstable:0
[ 1322.086800][T21006]  slab_reclaimable:17643 slab_unreclaimable:103816
[ 1322.086800][T21006]  mapped:58682 shmem:493 pagetables:3503 bounce:0
[ 1322.086800][T21006]  free:1054069 free_pcp:412 free_cma:0
[ 1322.088937][T21010]  ? debug_smp_processor_id+0x3c/0x280
[ 1322.088957][T21010]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1322.088979][T21010]  ? __fget+0x35a/0x550
[ 1322.088996][T21010]  ? find_held_lock+0x35/0x130
[ 1322.089014][T21010]  ? video_usercopy+0x10d0/0x10d0
[ 1322.089027][T21010]  video_ioctl2+0x2d/0x35
[ 1322.089046][T21010]  v4l2_ioctl+0x156/0x1b0
[ 1322.089060][T21010]  ? video_devdata+0xa0/0xa0
[ 1322.089076][T21010]  do_vfs_ioctl+0xd6e/0x1390
[ 1322.089095][T21010]  ? kasan_check_read+0x11/0x20
[ 1322.089114][T21010]  ? ioctl_preallocate+0x210/0x210
[ 1322.089133][T21010]  ? __fget+0x381/0x550
[ 1322.117631][T21006] Node 0 active_anon:674796kB inactive_anon:764kB active_file:53208kB inactive_file:140876kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234828kB dirty:1368kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 264192kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1322.119066][T21010]  ? ksys_dup3+0x3e0/0x3e0
[ 1322.119084][T21010]  ? nsecs_to_jiffies+0x30/0x30
[ 1322.119112][T21010]  ? security_file_ioctl+0x93/0xc0
[ 1322.136461][T21006] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1322.138180][T21010]  ksys_ioctl+0xab/0xd0
[ 1322.138203][T21010]  __x64_sys_ioctl+0x73/0xb0
[ 1322.138225][T21010]  do_syscall_64+0x103/0x610
[ 1322.138249][T21010]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1322.138262][T21010] RIP: 0033:0x457e29
[ 1322.138278][T21010] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
23:57:13 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x600, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:13 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x11, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:57:13 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x400, 0x0)
ioctl$VIDIOC_S_AUDIO(r1, 0x40345622, &(0x7f0000000080)={0x0, "2ae432ce4fb1964c9b8874e72ed87726b9cadaf08ace6c55f23abb138a9986a2", 0x2, 0x3a6c8ed80235e619})
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x10000, 0x0)

23:57:13 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x19)
ioctl$TCSETAF(r0, 0x540b, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCSIFBR(r1, 0x8941, &(0x7f0000000000)=@generic={0x0, 0x2, 0x81})

[ 1322.138293][T21010] RSP: 002b:00007f6b78cc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1322.147727][T21006] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1322.148502][T21010] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1322.157736][T21010] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:57:13 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x600, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1322.157746][T21010] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1322.157756][T21010] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6b78cc86d4
[ 1322.157766][T21010] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1322.158782][T21006] lowmem_reserve[]: 0 2553 2555 2555
[ 1322.227948][ T7810] __loop_clr_fd: partition scan of loop3 failed (rc=-22)
23:57:13 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x600, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1322.322155][T21006] Node 0 DMA32 free:419860kB min:107912kB low:116968kB high:126024kB active_anon:672808kB inactive_anon:764kB active_file:53208kB inactive_file:140876kB unevictable:8kB writepending:1368kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10752kB pagetables:13864kB bounce:0kB free_pcp:1368kB local_pcp:376kB free_cma:0kB
[ 1322.360839][T21006] lowmem_reserve[]: 0 0 2 2
[ 1322.385256][T21131] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1322.397338][T21006] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1322.406452][T21006] lowmem_reserve[]: 0 0 0 0
[ 1322.417003][T21131] CPU: 1 PID: 21131 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1322.507741][T21006] Node 1 Normal free:3783700kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:452kB local_pcp:0kB free_cma:0kB
[ 1322.512489][T21131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1322.512496][T21131] Call Trace:
[ 1322.512531][T21131]  dump_stack+0x172/0x1f0
[ 1322.512558][T21131]  warn_alloc.cold+0x88/0x184
[ 1322.512577][T21131]  ? zone_watermark_ok_safe+0x260/0x260
[ 1322.512598][T21131]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1322.517149][T21006] lowmem_reserve[]: 0 0 0 0
[ 1322.521760][T21131]  ? find_held_lock+0x35/0x130
[ 1322.521778][T21131]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1322.521816][T21131]  __vmalloc_node_range+0x48a/0x790
[ 1322.521836][T21131]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1322.521863][T21131]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1322.527784][T21006] Node 0 DMA: 680*4kB (U) 340*8kB () 171*16kB () 87*32kB (U) 45*64kB (U) 23*128kB (U) 12*256kB (U) 6*512kB () 4*1024kB (U) 2*2048kB (M) 3*4096kB (UM) = 43408kB
[ 1322.536137][T21131]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1322.567387][T21006] Node 0 DMA32: 276347*4kB (UME) 217556*8kB (UME) 77568*16kB (UME) 34403*32kB (UME) 16775*64kB (UME) 7268*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4494*2048kB (UM) 9*4096kB (UM) = 19209388kB
[ 1322.570357][T21131]  vmalloc_user+0x6b/0x90
[ 1322.570379][T21131]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1322.570397][T21131]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1322.570424][T21131]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1322.591281][T21006] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1322.622079][T21131]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1322.622095][T21131]  __vb2_queue_alloc+0x5a6/0xf40
[ 1322.622131][T21131]  vb2_core_create_bufs+0x2bc/0x790
[ 1322.622150][T21131]  ? vim2m_buf_prepare+0x280/0x280
[ 1322.622166][T21131]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1322.622190][T21131]  ? lock_acquire+0x16f/0x3f0
[ 1322.652852][T21006] Node 1 Normal: 19079*4kB (UM) 10759*8kB (UM) 5575*16kB (UME) 2699*32kB (UME) 1336*64kB (UME) 671*128kB (UME) 332*256kB (U) 166*512kB (UME) 88*1024kB (UME) 42*2048kB (U) 918*4096kB (UM) = 4615588kB
[ 1322.664862][T21131]  ? __video_do_ioctl+0x398/0xce0
[ 1322.664892][T21131]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1322.664925][T21131]  vb2_create_bufs+0x47e/0x7a0
[ 1322.664946][T21131]  ? vb2_request_queue+0x120/0x120
[ 1322.707155][T21006] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1322.712864][T21131]  ? mark_held_locks+0xf0/0xf0
[ 1322.712881][T21131]  ? debug_smp_processor_id+0x3c/0x280
[ 1322.712933][T21131]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1322.712953][T21131]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1322.712973][T21131]  v4l_create_bufs+0xc0/0x180
[ 1322.730786][T21006] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1322.749479][T21131]  __video_do_ioctl+0x7f1/0xce0
[ 1322.749505][T21131]  ? v4l_s_fmt+0xa40/0xa40
[ 1322.749532][T21131]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1322.749550][T21131]  ? _copy_from_user+0xdd/0x150
[ 1322.749569][T21131]  video_usercopy+0x4c5/0x10d0
[ 1322.749584][T21131]  ? v4l_s_fmt+0xa40/0xa40
[ 1322.749604][T21131]  ? v4l_enumstd+0x70/0x70
[ 1322.755170][T21006] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1322.758344][T21131]  ? mark_held_locks+0xf0/0xf0
[ 1322.758363][T21131]  ? debug_smp_processor_id+0x3c/0x280
[ 1322.758383][T21131]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1322.758406][T21131]  ? __fget+0x35a/0x550
[ 1322.758432][T21131]  ? find_held_lock+0x35/0x130
[ 1322.758451][T21131]  ? video_usercopy+0x10d0/0x10d0
[ 1322.758471][T21131]  video_ioctl2+0x2d/0x35
[ 1322.764064][T21006] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1322.768945][T21131]  v4l2_ioctl+0x156/0x1b0
23:57:14 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x600, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:14 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x40000, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:14 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:57:14 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x0, 0x0)
r2 = accept$alg(r0, 0x0, 0x0)
ioctl$KVM_PPC_GET_SMMU_INFO(r1, 0x8250aea6, &(0x7f0000000140)=""/55)
sendmsg$alg(r2, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x200}], 0x30}, 0x0)
write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa)
bind$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
ioctl$SG_SET_TIMEOUT(r1, 0x2201, &(0x7f0000000300))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x400001, 0x0)
recvmmsg(r2, &(0x7f0000004ec0)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000000)=""/84, 0x54}, {&(0x7f0000000200)=""/98, 0x62}, {&(0x7f0000000280)=""/112, 0x7fffef4a}, {&(0x7f0000000340)=""/249, 0xf9}], 0x4}}], 0x1, 0x0, 0x0)

23:57:14 executing program 3:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffff9c)
sendmsg$can_bcm(r0, &(0x7f0000000100)={&(0x7f0000000000), 0x10, &(0x7f00000000c0)={&(0x7f0000000040)={0x7, 0x4c2, 0x9, {0x0, 0x2710}, {}, {0x4, 0x8db, 0x8, 0xfff}, 0x1, @canfd={{0x0, 0x2, 0x2329559d, 0x2}, 0x35, 0x1, 0x0, 0x0, "dfde544790debf3a06dc9f76c6e4dcb1d667a0522274c307dade901b904325be14c18ac7114f2e817572c213ecf341a53b44c257e4d23c911aa930fd9e730f02"}}, 0x80}, 0x1, 0x0, 0x0, 0x20040010}, 0x24000000)
syz_emit_ethernet(0x0, &(0x7f00000002c0)=ANY=[], 0x0)

[ 1322.768962][T21131]  ? video_devdata+0xa0/0xa0
[ 1322.768983][T21131]  do_vfs_ioctl+0xd6e/0x1390
[ 1322.769002][T21131]  ? kasan_check_read+0x11/0x20
[ 1322.769021][T21131]  ? ioctl_preallocate+0x210/0x210
[ 1322.769041][T21131]  ? __fget+0x381/0x550
[ 1322.783422][T21006] 49093 total pagecache pages
[ 1322.792580][T21131]  ? ksys_dup3+0x3e0/0x3e0
[ 1322.792599][T21131]  ? nsecs_to_jiffies+0x30/0x30
[ 1322.792630][T21131]  ? security_file_ioctl+0x93/0xc0
[ 1322.792650][T21131]  ksys_ioctl+0xab/0xd0
[ 1322.792676][T21131]  __x64_sys_ioctl+0x73/0xb0
[ 1322.801779][T21006] 0 pages in swap cache
[ 1322.828026][T21131]  do_syscall_64+0x103/0x610
[ 1322.828050][T21131]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1322.828063][T21131] RIP: 0033:0x457e29
[ 1322.828080][T21131] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1322.828089][T21131] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1322.828104][T21131] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1322.828113][T21131] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1322.828122][T21131] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1322.828138][T21131] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1322.836548][T21006] Swap cache stats: add 0, delete 0, find 0/0
[ 1322.844057][T21131] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1323.096908][T21006] Free swap  = 0kB
[ 1323.125308][T21006] Total swap = 0kB
[ 1323.154516][T21006] 1965979 pages RAM
[ 1323.176586][T21006] 0 pages HighMem/MovableOnly
[ 1323.204654][T21006] 339409 pages reserved
[ 1323.226070][T21006] 0 pages cma reserved
[ 1323.445216][T21541] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1323.477907][T21540] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
23:57:14 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x500, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1323.495742][T21540] CPU: 1 PID: 21540 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1323.500726][T21540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1323.500733][T21540] Call Trace:
[ 1323.500755][T21540]  dump_stack+0x172/0x1f0
[ 1323.500782][T21540]  warn_alloc.cold+0x88/0x184
[ 1323.500802][T21540]  ? zone_watermark_ok_safe+0x260/0x260
[ 1323.500818][T21540]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1323.500842][T21540]  ? find_held_lock+0x35/0x130
[ 1323.513022][T21540]  ? fs_reclaim_acquire.part.0+0x30/0x30
23:57:14 executing program 0:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000180)="2e0000002e008183ad5de0713c444d000b00000010000340140000000000000037153e370000000000000000d1bd", 0x2e}], 0x1}, 0x0)
r1 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, &(0x7f00000000c0)=0x1c, 0x800)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0xc)

[ 1323.513059][T21540]  __vmalloc_node_range+0x48a/0x790
[ 1323.513079][T21540]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1323.513101][T21540]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1323.513118][T21540]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1323.513137][T21540]  vmalloc_user+0x6b/0x90
[ 1323.513162][T21540]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1323.521380][T21540]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1323.521396][T21540]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1323.521426][T21540]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1323.521442][T21540]  __vb2_queue_alloc+0x5a6/0xf40
23:57:14 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000001000)='net/tcp6\x00')
read$FUSE(r0, &(0x7f0000000000), 0xb77)
read$FUSE(r0, 0x0, 0x0)
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000001040)={0x3, 0x4})

[ 1323.521479][T21540]  vb2_core_create_bufs+0x2bc/0x790
[ 1323.591769][T21540]  ? vim2m_buf_prepare+0x280/0x280
[ 1323.591789][T21540]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1323.591807][T21540]  ? lock_acquire+0x16f/0x3f0
[ 1323.591822][T21540]  ? __video_do_ioctl+0x398/0xce0
[ 1323.591847][T21540]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1323.612436][T21540]  vb2_create_bufs+0x47e/0x7a0
[ 1323.612459][T21540]  ? vb2_request_queue+0x120/0x120
[ 1323.612483][T21540]  ? mark_held_locks+0xf0/0xf0
[ 1323.642195][T21540]  ? debug_smp_processor_id+0x3c/0x280
[ 1323.642224][T21540]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1323.642244][T21540]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1323.642262][T21540]  v4l_create_bufs+0xc0/0x180
[ 1323.642281][T21540]  __video_do_ioctl+0x7f1/0xce0
[ 1323.673062][T21540]  ? v4l_s_fmt+0xa40/0xa40
[ 1323.673089][T21540]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1323.673115][T21540]  ? _copy_from_user+0xdd/0x150
[ 1323.689108][T21540]  video_usercopy+0x4c5/0x10d0
[ 1323.689124][T21540]  ? v4l_s_fmt+0xa40/0xa40
[ 1323.689146][T21540]  ? v4l_enumstd+0x70/0x70
[ 1323.689165][T21540]  ? mark_held_locks+0xf0/0xf0
[ 1323.689182][T21540]  ? debug_smp_processor_id+0x3c/0x280
[ 1323.689201][T21540]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1323.689222][T21540]  ? __fget+0x35a/0x550
[ 1323.704528][T21540]  ? find_held_lock+0x35/0x130
[ 1323.704547][T21540]  ? video_usercopy+0x10d0/0x10d0
[ 1323.704561][T21540]  video_ioctl2+0x2d/0x35
[ 1323.704580][T21540]  v4l2_ioctl+0x156/0x1b0
[ 1323.704605][T21540]  ? video_devdata+0xa0/0xa0
[ 1323.704626][T21540]  do_vfs_ioctl+0xd6e/0x1390
[ 1323.735332][T21540]  ? kasan_check_read+0x11/0x20
[ 1323.735356][T21540]  ? ioctl_preallocate+0x210/0x210
[ 1323.735374][T21540]  ? __fget+0x381/0x550
[ 1323.735399][T21540]  ? ksys_dup3+0x3e0/0x3e0
[ 1323.735433][T21540]  ? nsecs_to_jiffies+0x30/0x30
[ 1323.769581][T21540]  ? security_file_ioctl+0x93/0xc0
[ 1323.769604][T21540]  ksys_ioctl+0xab/0xd0
[ 1323.769625][T21540]  __x64_sys_ioctl+0x73/0xb0
[ 1323.769656][T21540]  do_syscall_64+0x103/0x610
[ 1323.769691][T21540]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1323.778605][T21540] RIP: 0033:0x457e29
[ 1323.778623][T21540] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1323.778632][T21540] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1323.778648][T21540] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1323.778657][T21540] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1323.778666][T21540] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1323.778675][T21540] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1323.778685][T21540] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1323.788362][T21541] CPU: 0 PID: 21541 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1323.797037][T21541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1323.797049][T21541] Call Trace:
[ 1323.822735][T21540] warn_alloc_show_mem: 2 callbacks suppressed
[ 1323.822740][T21540] Mem-Info:
[ 1323.824960][T21541]  dump_stack+0x172/0x1f0
[ 1323.824986][T21541]  warn_alloc.cold+0x88/0x184
[ 1323.825009][T21541]  ? zone_watermark_ok_safe+0x260/0x260
[ 1323.830597][T21540] active_anon:169875 inactive_anon:194 isolated_anon:0
[ 1323.830597][T21540]  active_file:13350 inactive_file:35270 isolated_file:0
[ 1323.830597][T21540]  unevictable:2 dirty:380 writeback:0 unstable:0
[ 1323.830597][T21540]  slab_reclaimable:17647 slab_unreclaimable:103776
[ 1323.830597][T21540]  mapped:58661 shmem:493 pagetables:3517 bounce:0
[ 1323.830597][T21540]  free:1052850 free_pcp:473 free_cma:0
[ 1323.834255][T21541]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1323.834274][T21541]  ? find_held_lock+0x35/0x130
[ 1323.834296][T21541]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1323.839504][T21540] Node 0 active_anon:679500kB inactive_anon:776kB active_file:53208kB inactive_file:141036kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1520kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 268288kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1323.843478][T21541]  __vmalloc_node_range+0x48a/0x790
[ 1323.843501][T21541]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1323.849889][T21540] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1323.853314][T21541]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1323.853333][T21541]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1323.853353][T21541]  vmalloc_user+0x6b/0x90
[ 1323.873437][T21540] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1323.881359][T21541]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1323.881378][T21541]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1323.881393][T21541]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1323.881412][T21541]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1323.881427][T21541]  __vb2_queue_alloc+0x5a6/0xf40
[ 1323.881461][T21541]  vb2_core_create_bufs+0x2bc/0x790
[ 1323.889919][T21540] lowmem_reserve[]: 0 2553 2555 2555
[ 1323.897381][T21541]  ? vim2m_buf_prepare+0x280/0x280
[ 1323.897398][T21541]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1323.897420][T21541]  ? lock_acquire+0x16f/0x3f0
[ 1323.897434][T21541]  ? __video_do_ioctl+0x398/0xce0
[ 1323.905835][T21540] Node 0 DMA32 free:411592kB min:107912kB low:116968kB high:126024kB active_anon:679500kB inactive_anon:776kB active_file:53208kB inactive_file:141036kB unevictable:8kB writepending:1520kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10752kB pagetables:14068kB bounce:0kB free_pcp:1684kB local_pcp:1296kB free_cma:0kB
[ 1323.913379][T21541]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1323.913403][T21541]  vb2_create_bufs+0x47e/0x7a0
[ 1323.913424][T21541]  ? vb2_request_queue+0x120/0x120
[ 1323.913445][T21541]  ? mark_held_locks+0xf0/0xf0
[ 1323.913460][T21541]  ? debug_smp_processor_id+0x3c/0x280
[ 1323.913480][T21541]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1323.913498][T21541]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1323.913514][T21541]  v4l_create_bufs+0xc0/0x180
[ 1323.913541][T21541]  __video_do_ioctl+0x7f1/0xce0
[ 1323.930610][T21541]  ? v4l_s_fmt+0xa40/0xa40
[ 1323.930636][T21541]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1323.930652][T21541]  ? _copy_from_user+0xdd/0x150
[ 1323.930683][T21541]  video_usercopy+0x4c5/0x10d0
[ 1323.930696][T21541]  ? v4l_s_fmt+0xa40/0xa40
[ 1323.930726][T21541]  ? v4l_enumstd+0x70/0x70
[ 1323.930748][T21541]  ? mark_held_locks+0xf0/0xf0
[ 1323.942265][T21540] lowmem_reserve[]: 0 0 2 2
[ 1323.944082][T21541]  ? debug_smp_processor_id+0x3c/0x280
[ 1323.944104][T21541]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1323.944126][T21541]  ? __fget+0x35a/0x550
[ 1323.944145][T21541]  ? find_held_lock+0x35/0x130
[ 1323.951190][T21540] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1323.953307][T21541]  ? video_usercopy+0x10d0/0x10d0
[ 1323.953323][T21541]  video_ioctl2+0x2d/0x35
[ 1323.953343][T21541]  v4l2_ioctl+0x156/0x1b0
[ 1323.953364][T21541]  ? video_devdata+0xa0/0xa0
[ 1323.962361][T21541]  do_vfs_ioctl+0xd6e/0x1390
[ 1323.962382][T21541]  ? kasan_check_read+0x11/0x20
[ 1323.962402][T21541]  ? ioctl_preallocate+0x210/0x210
[ 1323.962430][T21541]  ? __fget+0x381/0x550
[ 1323.969115][T21540] lowmem_reserve[]: 0 0 0 0
[ 1324.006074][T21541]  ? ksys_dup3+0x3e0/0x3e0
[ 1324.006092][T21541]  ? nsecs_to_jiffies+0x30/0x30
[ 1324.006121][T21541]  ? security_file_ioctl+0x93/0xc0
[ 1324.006140][T21541]  ksys_ioctl+0xab/0xd0
[ 1324.006161][T21541]  __x64_sys_ioctl+0x73/0xb0
[ 1324.006179][T21541]  do_syscall_64+0x103/0x610
[ 1324.006200][T21541]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1324.006212][T21541] RIP: 0033:0x457e29
[ 1324.006230][T21541] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1324.006239][T21541] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1324.006254][T21541] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1324.006263][T21541] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1324.006271][T21541] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1324.006279][T21541] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1324.006287][T21541] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1324.050004][T21540] Node 1 Normal free:3783900kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:200kB local_pcp:200kB free_cma:0kB
[ 1324.157788][T21540] lowmem_reserve[]: 0 0 0 0
[ 1324.310775][T21540] Node 0 DMA: 680*4kB (U) 340*8kB () 171*16kB () 87*32kB (U) 45*64kB (U) 23*128kB (U) 12*256kB (U) 6*512kB () 4*1024kB (U) 2*2048kB (M) 3*4096kB (UM) = 43408kB
[ 1324.322302][T21540] Node 0 DMA32: 276152*4kB (UME) 217422*8kB (UME) 77598*16kB (UME) 34411*32kB (UME) 16774*64kB (UME) 7269*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4496*2048kB (UM) 10*4096kB (UM) = 19216528kB
[ 1324.370328][T21540] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1324.397702][T21540] Node 1 Normal: 19080*4kB (UM) 10758*8kB (UM) 5575*16kB (UME) 2699*32kB (UME) 1336*64kB (UME) 671*128kB (UME) 333*256kB (U) 166*512kB (UME) 88*1024kB (UME) 42*2048kB (U) 918*4096kB (UM) = 4615840kB
[ 1324.408595][T21540] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1324.408608][T21540] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1324.408625][T21540] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1324.420671][T21540] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1324.432691][T21540] 49126 total pagecache pages
[ 1324.477562][T21540] 0 pages in swap cache
[ 1324.499517][T21540] Swap cache stats: add 0, delete 0, find 0/0
23:57:15 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x444080, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r2=>0x0, <r3=>0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, &(0x7f0000000100)={{0x8, 0x0, 0x100, 0x7, 'syz1\x00', 0xff}, 0x1, [0x1000, 0x2, 0xbf6, 0x1ff, 0x8, 0x7fffffff, 0x8, 0x10001, 0x1, 0x8, 0x6, 0x8000, 0x5, 0x101, 0x9, 0x7b6, 0x3, 0x9, 0x4, 0x8, 0x1, 0x0, 0x8bce, 0x3ff, 0x401, 0x5, 0x15, 0xbf, 0x0, 0xfff, 0x2, 0xffffffffffffff4a, 0x2, 0x1, 0x9, 0x3, 0x5, 0x7, 0xfffffffffffffffc, 0x800, 0x7, 0x3, 0x9381, 0x100, 0x3, 0x7, 0xdf7f, 0xff0, 0x8, 0xffffffffffffff95, 0x7fffffff, 0xcb7, 0x6036de04, 0x1, 0x7, 0x3, 0x1, 0x40, 0x1, 0x3, 0xffffffff, 0xffffffff80000001, 0x8, 0x7, 0x1, 0x3, 0x1, 0x7fffffff, 0x7, 0x7, 0x4, 0x310d, 0xff, 0x3, 0xfffffffeffffffff, 0x2, 0x4, 0x8, 0xffff, 0x7, 0x3, 0x8, 0x8001, 0x1f, 0x1, 0x2d8cba20, 0x3, 0x486, 0x2, 0xfffffffffffffff9, 0x81, 0x2, 0x2, 0x1, 0x8000, 0xbc5, 0x2, 0x8, 0x1, 0x0, 0x2, 0x3, 0xc4, 0xea2a, 0x7, 0x7, 0x9, 0x9, 0xdf, 0x1f, 0x20000000000, 0x1, 0x7f, 0x3, 0x8, 0x0, 0x6, 0x0, 0x8, 0xfff, 0x4, 0x100, 0x2, 0x4, 0xff, 0x9, 0x7, 0x8], {r2, r3+30000000}})
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:57:15 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x13, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:57:15 executing program 0:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f000001bfc8)={0x0, 0x0, &(0x7f00006bcff0)={&(0x7f000013e000)=@ipv6_newroute={0x2c, 0x18, 0x301, 0x0, 0x0, {}, [@RTA_ENCAP_TYPE={0x8, 0x15, 0x5}, @RTA_ENCAP={0x8, 0x16, @nested={0x4, 0x4001}}]}, 0x2c}}, 0x0)

23:57:15 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x80000, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:15 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0x700, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:15 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f0000000000)='./file0\x00')
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='9p\x00', 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

[ 1324.537077][T21540] Free swap  = 0kB
[ 1324.577958][T21540] Total swap = 0kB
[ 1324.667304][T21540] 1965979 pages RAM
[ 1324.671230][T21540] 0 pages HighMem/MovableOnly
[ 1324.675925][T21540] 339409 pages reserved
[ 1324.680133][T21540] 0 pages cma reserved
[ 1324.764843][T21878] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1324.810134][T21878] CPU: 1 PID: 21878 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1324.819281][T21878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1324.829339][T21878] Call Trace:
[ 1324.832648][T21878]  dump_stack+0x172/0x1f0
[ 1324.837009][T21878]  warn_alloc.cold+0x88/0x184
[ 1324.841699][T21878]  ? zone_watermark_ok_safe+0x260/0x260
[ 1324.847265][T21878]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1324.852926][T21878]  ? find_held_lock+0x35/0x130
[ 1324.857712][T21878]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1324.863371][T21878]  __vmalloc_node_range+0x48a/0x790
[ 1324.868588][T21878]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1324.873621][T21878]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1324.879171][T21878]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1324.884213][T21878]  vmalloc_user+0x6b/0x90
[ 1324.888556][T21878]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1324.893585][T21878]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1324.898436][T21878]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1324.903475][T21878]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
23:57:15 executing program 0:
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = dup2(r0, r0)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000240)={{{@in6, @in6=@empty}}, {{@in6=@mcast2}, 0x0, @in=@remote}}, &(0x7f0000000180)=0x28a)
socket$isdn(0x22, 0x3, 0x23)
getegid()
connect$vsock_dgram(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @reserved}, 0x10)
connect$vsock_dgram(r0, &(0x7f0000000200)={0x28, 0x0, 0x0, @hyper}, 0x10)

23:57:15 executing program 3:
clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
futex(&(0x7f0000000000)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000380)={{0x0, 0x0, 0x0, 0x0, 0xee00}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100000000})
tkill(r0, 0x4)
r1 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x181000, 0x80)
ioctl$VIDIOC_QUERYCTRL(r1, 0xc0445624, &(0x7f0000000140)={0x1ff, 0xe, "85000000241eea5b609c1daf967fc900c52b02032f00", 0xffffffff, 0x7, 0xfffffffffffff5d7, 0xf63a87a})
write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="dff15562efe2310d9e390040ef7500bc487238e680845ea94e40891814b20196701ce10d403542130fa4ec6649cbe2667084762a070000cdf9"], 0x39)
r2 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x224001, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r2, 0xc0305710, &(0x7f0000000080)={0x1, 0x9f6, 0x3, 0xfffffffffffffffe})
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0))
ptrace$cont(0x1f, r0, 0x0, 0x0)
shmget$private(0x0, 0x2000, 0x1, &(0x7f0000ffe000/0x2000)=nil)

[ 1324.909289][T21878]  __vb2_queue_alloc+0x5a6/0xf40
[ 1324.914264][T21878]  vb2_core_create_bufs+0x2bc/0x790
[ 1324.919471][T21878]  ? vim2m_buf_prepare+0x280/0x280
[ 1324.924593][T21878]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1324.929718][T21878]  ? finish_task_switch+0x146/0x780
[ 1324.934940][T21878]  ? __switch_to_asm+0x34/0x70
[ 1324.939722][T21878]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1324.945201][T21878]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1324.951464][T21878]  vb2_create_bufs+0x47e/0x7a0
[ 1324.956248][T21878]  ? vb2_request_queue+0x120/0x120
[ 1324.961369][T21878]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1324.966862][T21878]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1324.971916][T21878]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1324.977476][T21878]  v4l_create_bufs+0xc0/0x180
[ 1324.982165][T21878]  __video_do_ioctl+0x7f1/0xce0
[ 1324.987035][T21878]  ? v4l_s_fmt+0xa40/0xa40
[ 1324.991468][T21878]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1324.997720][T21878]  ? _copy_from_user+0xdd/0x150
[ 1325.002583][T21878]  video_usercopy+0x4c5/0x10d0
23:57:16 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000000)=0x200, 0x4)
bind$inet(r0, &(0x7f00000003c0)={0x2, 0x200000000004e23, @rand_addr=0x2}, 0x10)
r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200220200, 0x0)
getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x0, 0x0, &(0x7f00000002c0))
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x0, 0x0, &(0x7f0000000380))
bind$netlink(r1, &(0x7f0000000440)={0x10, 0x0, 0x25dfdbfc, 0x40000147}, 0x277)
ioctl$VIDIOC_G_CTRL(r1, 0xc008561b, &(0x7f0000000140)={0x2})
readv(r0, &(0x7f0000000dc0)=[{&(0x7f0000000580)=""/177, 0xb1}, {&(0x7f0000000640)=""/154, 0x9a}, {&(0x7f0000000700)=""/245, 0xf5}, {&(0x7f0000000a00)=""/198, 0xc6}, {&(0x7f0000000800)=""/112, 0x70}, {&(0x7f0000000b00)=""/94, 0x5e}, {&(0x7f0000000c40)=""/210, 0xd2}, {&(0x7f0000000d40)=""/111, 0x6f}, {&(0x7f0000000280)=""/18, 0x12}], 0x9)
r2 = socket$inet6(0xa, 0xa, 0x7)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, 0x0, &(0x7f0000000240))
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000480)={{{@in=@loopback, @in6=@local}}, {{@in6=@remote}, 0x0, @in6=@remote}}, &(0x7f00000001c0)=0xe8)
geteuid()
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000900)={{{@in=@broadcast, @in6=@dev}}, {{@in6=@initdev}, 0x0, @in=@loopback}}, &(0x7f0000000880)=0xe8)
ioctl$TUNSETNOCSUM(r1, 0x400454c8, 0x1)
getresuid(&(0x7f0000000b80), 0x0, &(0x7f0000000c00))
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000ec0)={{{@in=@multicast2, @in=@empty}}, {{@in=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000000fc0)=0xe8)
recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000300))
write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mixer\x00', 0x20000, 0x0)
syz_init_net_socket$ax25(0x3, 0x0, 0x4)

[ 1325.007363][T21878]  ? v4l_s_fmt+0xa40/0xa40
[ 1325.011795][T21878]  ? v4l_enumstd+0x70/0x70
[ 1325.016226][T21878]  ? mark_held_locks+0xf0/0xf0
[ 1325.020998][T21878]  ? debug_smp_processor_id+0x3c/0x280
[ 1325.026468][T21878]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1325.032031][T21878]  ? __fget+0x35a/0x550
[ 1325.036196][T21878]  ? find_held_lock+0x35/0x130
[ 1325.040967][T21878]  ? video_usercopy+0x10d0/0x10d0
[ 1325.046000][T21878]  video_ioctl2+0x2d/0x35
[ 1325.050337][T21878]  v4l2_ioctl+0x156/0x1b0
[ 1325.054683][T21878]  ? video_devdata+0xa0/0xa0
[ 1325.059293][T21878]  do_vfs_ioctl+0xd6e/0x1390
[ 1325.063893][T21878]  ? kasan_check_read+0x11/0x20
[ 1325.063925][T21878]  ? ioctl_preallocate+0x210/0x210
[ 1325.063942][T21878]  ? __fget+0x381/0x550
[ 1325.063965][T21878]  ? ksys_dup3+0x3e0/0x3e0
[ 1325.073919][T21878]  ? nsecs_to_jiffies+0x30/0x30
[ 1325.073951][T21878]  ? security_file_ioctl+0x93/0xc0
[ 1325.073973][T21878]  ksys_ioctl+0xab/0xd0
[ 1325.096612][T21878]  __x64_sys_ioctl+0x73/0xb0
[ 1325.101219][T21878]  do_syscall_64+0x103/0x610
[ 1325.105825][T21878]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1325.111725][T21878] RIP: 0033:0x457e29
[ 1325.115616][T21878] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1325.135228][T21878] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1325.143626][T21878] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1325.151598][T21878] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
23:57:16 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0xa00, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:16 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = syz_open_dev$usb(&(0x7f0000000440)='/dev/bus/usb/00#/00#\x00', 0x56, 0x0)
write$FUSE_NOTIFY_DELETE(r1, &(0x7f0000000480)={0x3d, 0x6, 0x0, {0x6, 0x5, 0x14, 0x0, 'mime_type/wlan0wlan0'}}, 0x3d)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x8001, 0x0)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000400)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_STATS(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0xfffffffffffffe55, r3, 0x20, 0x70bd27, 0x25dfdbfe, {}, ["", "", ""]}, 0x1c}}, 0x8801)
getsockopt$bt_l2cap_L2CAP_LM(r2, 0x6, 0x3, &(0x7f0000000240), &(0x7f0000000280)=0x4)
mount$9p_tcp(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='9p\x00', 0x80, &(0x7f0000000340)={'trans=tcp,', {'port', 0x3d, 0x4e24}, 0x2c, {[{@cache_loose='cache=loose'}, {@cache_none='cache=none'}, {@debug={'debug', 0x3d, 0x20}}, {@msize={'msize', 0x3d, 0x1000}}, {@cache_mmap='cache=mmap'}, {@nodevmap='nodevmap'}, {@debug={'debug', 0x3d, 0x7}}], [{@dont_appraise='dont_appraise'}, {@pcr={'pcr', 0x3d, 0x20}}]}})
ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f00000004c0)={0x0, 0x0, {0x1c, 0x31, 0x10006, 0x16, 0xb, 0x100000000007, 0x6, 0x44, 0xffffffffffffffff}})
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
sendto$inet(r1, &(0x7f0000000500)="3d48a51e77a943d0f5932ffb241e348cc9d763787a0b6d1283d211b90beabb77d72a947f3ab0b09997f5d2271a32274b5a021a6c6ef4ae2ece4acc7a6e4fdd56a7ffe51fd4bfe8d9c50c6c91d05e89ff4f86bc277db6a2c7eefbbf9d67c4e529a5e4c03491bc04f9c97d1ce691ff05084f42722bf84d74c37ca06ef9fbc7b06ddd40c397f8aaae0b54160700136e0e241f3dfd13a541e7c486aded8f6c9d0b8c6327c3a67906", 0xa6, 0x4000001, &(0x7f0000000140)={0x2, 0x4e21, @multicast1}, 0x10)

[ 1325.159588][T21878] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1325.167574][T21878] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1325.175554][T21878] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:57:16 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x14, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1325.278584][T22337] QAT: Invalid ioctl
[ 1325.284946][T22373] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
23:57:16 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000014c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket$inet6(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x11, r3, 0x0)
io_setup(0xe6ac, &(0x7f0000000000)=<r4=>0x0)
io_pgetevents(r4, 0x5, 0x1, &(0x7f0000000040)=[{}], &(0x7f0000000080)={0x77359400}, &(0x7f0000000100)={&(0x7f00000000c0)={0x7}, 0x8})
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000010c0)=ANY=[@ANYBLOB="b80000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x69)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1325.342039][T22373] CPU: 1 PID: 22373 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1325.351194][T22373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1325.361252][T22373] Call Trace:
[ 1325.364563][T22373]  dump_stack+0x172/0x1f0
[ 1325.368935][T22373]  warn_alloc.cold+0x88/0x184
[ 1325.373633][T22373]  ? zone_watermark_ok_safe+0x260/0x260
[ 1325.373654][T22373]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1325.373673][T22373]  ? find_held_lock+0x35/0x130
23:57:16 executing program 3:
socket$inet6(0xa, 0x80002, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x4, 0x4)
syz_open_dev$cec(&(0x7f00000001c0)='/dev/cec#\x00', 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, 0x0, 0x0)

[ 1325.373697][T22373]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1325.395253][T22373]  __vmalloc_node_range+0x48a/0x790
[ 1325.395275][T22373]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1325.395296][T22373]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1325.395317][T22373]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1325.416062][T22373]  vmalloc_user+0x6b/0x90
[ 1325.420420][T22373]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1325.425484][T22373]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1325.430346][T22373]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1325.435391][T22373]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1325.441210][T22373]  __vb2_queue_alloc+0x5a6/0xf40
[ 1325.446180][T22373]  vb2_core_create_bufs+0x2bc/0x790
[ 1325.451392][T22373]  ? vim2m_buf_prepare+0x280/0x280
[ 1325.456522][T22373]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1325.456542][T22373]  ? lock_acquire+0x16f/0x3f0
[ 1325.456557][T22373]  ? __video_do_ioctl+0x398/0xce0
[ 1325.456584][T22373]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1325.456607][T22373]  vb2_create_bufs+0x47e/0x7a0
[ 1325.477649][T22373]  ? vb2_request_queue+0x120/0x120
[ 1325.487535][T22373]  ? mark_held_locks+0xf0/0xf0
[ 1325.492311][T22373]  ? debug_smp_processor_id+0x3c/0x280
[ 1325.497783][T22373]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1325.502818][T22373]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1325.508400][T22373]  v4l_create_bufs+0xc0/0x180
[ 1325.513106][T22373]  __video_do_ioctl+0x7f1/0xce0
[ 1325.517980][T22373]  ? v4l_s_fmt+0xa40/0xa40
[ 1325.522426][T22373]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1325.528684][T22373]  ? _copy_from_user+0xdd/0x150
[ 1325.533554][T22373]  video_usercopy+0x4c5/0x10d0
[ 1325.538333][T22373]  ? v4l_s_fmt+0xa40/0xa40
[ 1325.542765][T22373]  ? v4l_enumstd+0x70/0x70
[ 1325.547197][T22373]  ? mark_held_locks+0xf0/0xf0
[ 1325.551977][T22373]  ? debug_smp_processor_id+0x3c/0x280
[ 1325.557454][T22373]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1325.563017][T22373]  ? __fget+0x35a/0x550
[ 1325.567183][T22373]  ? find_held_lock+0x35/0x130
[ 1325.571959][T22373]  ? video_usercopy+0x10d0/0x10d0
[ 1325.576992][T22373]  video_ioctl2+0x2d/0x35
[ 1325.581330][T22373]  v4l2_ioctl+0x156/0x1b0
[ 1325.585666][T22373]  ? video_devdata+0xa0/0xa0
23:57:16 executing program 3:
r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x20, 0x0)
mmap$binder(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x40010, r0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, 0x0, 0x0)
perf_event_open(&(0x7f00000008c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_ax25_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58)
clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r3 = getpid()
sched_setscheduler(r3, 0x5, &(0x7f00000000c0))
setsockopt$ALG_SET_KEY(r2, 0x117, 0x5, &(0x7f00000002c0), 0x0)
r4 = openat$dir(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, 0x0)
r5 = syz_open_dev$sndpcmc(0x0, 0xffffffff80000002, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000300)=0xc)
sendmsg$nl_crypto(r0, &(0x7f0000000440)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000005c0)={&(0x7f0000000480)=ANY=[]}, 0x1, 0x0, 0x0, 0x7f}, 0x20000000)
bind$can_raw(r2, &(0x7f0000000140), 0xe)
setsockopt(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x29, 0x45, 0x0, 0x0)
r6 = openat$proc_capi20ncci(0xffffffffffffff9c, 0x0, 0x40500, 0x0)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f0000000400)={&(0x7f0000000340)=""/170, 0x0, 0x800, 0x7fffffff}, 0x18)
sendmmsg$nfc_llcp(0xffffffffffffffff, 0x0, 0xffffff06, 0xc800)
close(r1)
readlinkat(r4, &(0x7f0000000100)='./file1\x00', &(0x7f0000000180)=""/223, 0xdf)
ioctl$ASHMEM_GET_PROT_MASK(r0, 0x7706, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000480)={0x0, 0x7, 0x8, [], &(0x7f0000000280)=0x6})
unshare(0x0)
chmod(&(0x7f00000002c0)='./file1\x00', 0x0)

[ 1325.590267][T22373]  do_vfs_ioctl+0xd6e/0x1390
[ 1325.594864][T22373]  ? kasan_check_read+0x11/0x20
[ 1325.599737][T22373]  ? ioctl_preallocate+0x210/0x210
[ 1325.604859][T22373]  ? __fget+0x381/0x550
[ 1325.609049][T22373]  ? ksys_dup3+0x3e0/0x3e0
[ 1325.613478][T22373]  ? nsecs_to_jiffies+0x30/0x30
[ 1325.618352][T22373]  ? security_file_ioctl+0x93/0xc0
[ 1325.623487][T22373]  ksys_ioctl+0xab/0xd0
[ 1325.627649][T22373]  __x64_sys_ioctl+0x73/0xb0
[ 1325.627671][T22373]  do_syscall_64+0x103/0x610
[ 1325.627693][T22373]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1325.627706][T22373] RIP: 0033:0x457e29
[ 1325.627727][T22373] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1325.642783][T22373] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1325.642800][T22373] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1325.642810][T22373] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1325.642820][T22373] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1325.642830][T22373] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1325.642840][T22373] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1325.719701][T21878] warn_alloc_show_mem: 1 callbacks suppressed
[ 1325.719707][T21878] Mem-Info:
[ 1325.737366][T21878] active_anon:169026 inactive_anon:194 isolated_anon:0
[ 1325.737366][T21878]  active_file:13353 inactive_file:35294 isolated_file:0
[ 1325.737366][T21878]  unevictable:2 dirty:414 writeback:0 unstable:0
[ 1325.737366][T21878]  slab_reclaimable:17658 slab_unreclaimable:103758
[ 1325.737366][T21878]  mapped:58661 shmem:493 pagetables:3501 bounce:0
[ 1325.737366][T21878]  free:1053736 free_pcp:507 free_cma:0
[ 1325.776714][T21878] Node 0 active_anon:673988kB inactive_anon:776kB active_file:53220kB inactive_file:141132kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1656kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 272384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1325.815313][T21878] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1326.007614][T21878] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1326.097546][T21878] lowmem_reserve[]: 0 2553 2555 2555
[ 1326.103300][T21878] Node 0 DMA32 free:419996kB min:107912kB low:116968kB high:126024kB active_anon:671984kB inactive_anon:772kB active_file:53220kB inactive_file:141152kB unevictable:8kB writepending:1656kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10496kB pagetables:13616kB bounce:0kB free_pcp:2372kB local_pcp:1008kB free_cma:0kB
[ 1326.143229][T21878] lowmem_reserve[]: 0 0 2 2
[ 1326.150682][T21878] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1326.185424][T21878] lowmem_reserve[]: 0 0 0 0
[ 1326.190392][T21878] Node 1 Normal free:3783952kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:200kB local_pcp:0kB free_cma:0kB
[ 1326.226726][T21878] lowmem_reserve[]: 0 0 0 0
[ 1326.231784][T21878] Node 0 DMA: 680*4kB (U) 340*8kB () 171*16kB () 87*32kB (U) 45*64kB (U) 23*128kB (U) 12*256kB (U) 6*512kB () 4*1024kB (U) 2*2048kB (M) 3*4096kB (UM) = 43408kB
[ 1326.255323][T21878] Node 0 DMA32: 276131*4kB (UME) 217389*8kB (UME) 77620*16kB (UME) 34424*32kB (UME) 16774*64kB (UME) 7267*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4500*2048kB (UM) 10*4096kB (UM) = 19224884kB
[ 1326.285382][T21878] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1326.307174][T21878] Node 1 Normal: 19080*4kB (UM) 10758*8kB (UM) 5575*16kB (UME) 2699*32kB (UME) 1336*64kB (UME) 671*128kB (UME) 333*256kB (U) 166*512kB (UME) 88*1024kB (UME) 42*2048kB (U) 918*4096kB (UM) = 4615840kB
[ 1326.334162][T21878] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1326.344217][T21878] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1326.361187][T21878] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1326.380194][T21878] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1326.393471][T21878] 49146 total pagecache pages
[ 1326.402048][T21878] 0 pages in swap cache
23:57:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0xc0000, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

23:57:17 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x15, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

23:57:17 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/sco\x00')
getsockopt$netrom_NETROM_IDLE(r1, 0x103, 0x7, &(0x7f0000000240)=0x80, &(0x7f0000000280)=0x4)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00')
sendmsg$TIPC_NL_MEDIA_GET(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x80, r2, 0x800, 0x70bd2b, 0x25dfdbff, {}, [@TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x9}]}, @TIPC_NLA_MEDIA={0x60, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb90}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x901b}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x40000}, 0x81)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)

23:57:17 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = memfd_create(&(0x7f00000004c0)='/dev/snd/seq\x00', 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x800, 0x0)
r1 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0)
r2 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x1)
r3 = dup2(r2, r1)
ioctl$sock_inet6_udp_SIOCINQ(r3, 0x541b, &(0x7f0000000040))
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'})
r4 = getpgid(0x0)
sched_setscheduler(r4, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, &(0x7f00000001c0)={0xf48b, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76)
fstatfs(r0, &(0x7f0000005200)=""/4096)

23:57:17 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000100)={0xa20, 0x1ff, 0x1, {0x2, @vbi={0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffff7]}}})

[ 1326.406339][T21878] Swap cache stats: add 0, delete 0, find 0/0
[ 1326.417327][T21878] Free swap  = 0kB
[ 1326.425061][T21878] Total swap = 0kB
[ 1326.432710][T21878] 1965979 pages RAM
[ 1326.436662][T21878] 0 pages HighMem/MovableOnly
[ 1326.445359][T21878] 339409 pages reserved
[ 1326.453479][T21878] 0 pages cma reserved
[ 1326.522096][T22825] syz-executor.5: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1326.572119][T22825] CPU: 1 PID: 22825 Comm: syz-executor.5 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1326.581286][T22825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1326.591345][T22825] Call Trace:
[ 1326.594651][T22825]  dump_stack+0x172/0x1f0
[ 1326.599009][T22825]  warn_alloc.cold+0x88/0x184
[ 1326.603715][T22825]  ? zone_watermark_ok_safe+0x260/0x260
[ 1326.609277][T22825]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1326.614934][T22825]  ? find_held_lock+0x35/0x130
[ 1326.615863][T22897] syz-executor.4: vmalloc: allocation failure: 0 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[ 1326.619709][T22825]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1326.619748][T22825]  __vmalloc_node_range+0x48a/0x790
[ 1326.619769][T22825]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1326.619789][T22825]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1326.619806][T22825]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1326.619829][T22825]  vmalloc_user+0x6b/0x90
[ 1326.664435][T22825]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1326.669484][T22825]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1326.674341][T22825]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1326.679380][T22825]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1326.685204][T22825]  __vb2_queue_alloc+0x5a6/0xf40
[ 1326.690174][T22825]  vb2_core_create_bufs+0x2bc/0x790
[ 1326.695383][T22825]  ? vim2m_buf_prepare+0x280/0x280
[ 1326.700518][T22825]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1326.705643][T22825]  ? lock_acquire+0x16f/0x3f0
[ 1326.710332][T22825]  ? __video_do_ioctl+0x398/0xce0
[ 1326.715369][T22825]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1326.721631][T22825]  vb2_create_bufs+0x47e/0x7a0
[ 1326.726405][T22825]  ? vb2_request_queue+0x120/0x120
[ 1326.731540][T22825]  ? mark_held_locks+0xf0/0xf0
[ 1326.736313][T22825]  ? debug_smp_processor_id+0x3c/0x280
[ 1326.741790][T22825]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1326.746822][T22825]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1326.752378][T22825]  v4l_create_bufs+0xc0/0x180
[ 1326.757069][T22825]  __video_do_ioctl+0x7f1/0xce0
[ 1326.761952][T22825]  ? v4l_s_fmt+0xa40/0xa40
[ 1326.766386][T22825]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1326.772645][T22825]  ? _copy_from_user+0xdd/0x150
[ 1326.777511][T22825]  video_usercopy+0x4c5/0x10d0
[ 1326.782283][T22825]  ? v4l_s_fmt+0xa40/0xa40
[ 1326.786715][T22825]  ? v4l_enumstd+0x70/0x70
[ 1326.791139][T22825]  ? mark_held_locks+0xf0/0xf0
[ 1326.795925][T22825]  ? debug_smp_processor_id+0x3c/0x280
[ 1326.801428][T22825]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1326.807012][T22825]  ? __fget+0x35a/0x550
[ 1326.811176][T22825]  ? find_held_lock+0x35/0x130
[ 1326.815953][T22825]  ? video_usercopy+0x10d0/0x10d0
[ 1326.820984][T22825]  video_ioctl2+0x2d/0x35
[ 1326.825328][T22825]  v4l2_ioctl+0x156/0x1b0
[ 1326.829669][T22825]  ? video_devdata+0xa0/0xa0
[ 1326.834277][T22825]  do_vfs_ioctl+0xd6e/0x1390
[ 1326.838884][T22825]  ? kasan_check_read+0x11/0x20
[ 1326.843760][T22825]  ? ioctl_preallocate+0x210/0x210
[ 1326.848880][T22825]  ? __fget+0x381/0x550
[ 1326.853071][T22825]  ? ksys_dup3+0x3e0/0x3e0
[ 1326.857594][T22825]  ? nsecs_to_jiffies+0x30/0x30
[ 1326.862465][T22825]  ? security_file_ioctl+0x93/0xc0
[ 1326.867611][T22825]  ksys_ioctl+0xab/0xd0
[ 1326.871780][T22825]  __x64_sys_ioctl+0x73/0xb0
[ 1326.876382][T22825]  do_syscall_64+0x103/0x610
[ 1326.880997][T22825]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1326.886911][T22825] RIP: 0033:0x457e29
[ 1326.890817][T22825] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1326.910431][T22825] RSP: 002b:00007fab66e65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1326.918889][T22825] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1326.926876][T22825] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1326.934860][T22825] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1326.942853][T22825] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab66e666d4
[ 1326.950837][T22825] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
[ 1326.969539][T22897] CPU: 0 PID: 22897 Comm: syz-executor.4 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1326.978680][T22897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1326.988741][T22897] Call Trace:
[ 1326.992046][T22897]  dump_stack+0x172/0x1f0
[ 1326.996391][T22897]  warn_alloc.cold+0x88/0x184
[ 1327.001080][T22897]  ? zone_watermark_ok_safe+0x260/0x260
[ 1327.006625][T22897]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1327.012264][T22897]  ? find_held_lock+0x35/0x130
[ 1327.017036][T22897]  ? fs_reclaim_acquire.part.0+0x30/0x30
[ 1327.022695][T22897]  __vmalloc_node_range+0x48a/0x790
[ 1327.027907][T22897]  ? vb2_vmalloc_alloc+0x8c/0x2a0
[ 1327.032952][T22897]  ? kmem_cache_alloc_trace+0x354/0x760
[ 1327.038506][T22897]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1327.038525][T22897]  vmalloc_user+0x6b/0x90
[ 1327.038543][T22897]  ? vb2_vmalloc_alloc+0xca/0x2a0
[ 1327.038561][T22897]  vb2_vmalloc_alloc+0xca/0x2a0
[ 1327.038574][T22897]  ? __vb2_queue_alloc+0xf5/0xf40
[ 1327.038594][T22897]  ? vb2_vmalloc_attach_dmabuf+0x160/0x160
[ 1327.038614][T22897]  __vb2_queue_alloc+0x5a6/0xf40
23:57:18 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x40, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x4, 0x0)

[ 1327.074030][T22897]  vb2_core_create_bufs+0x2bc/0x790
[ 1327.079248][T22897]  ? vim2m_buf_prepare+0x280/0x280
[ 1327.084380][T22897]  ? __vb2_queue_alloc+0xf40/0xf40
[ 1327.089507][T22897]  ? lock_acquire+0x16f/0x3f0
[ 1327.094197][T22897]  ? __video_do_ioctl+0x398/0xce0
[ 1327.099243][T22897]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1327.105939][T22897]  vb2_create_bufs+0x47e/0x7a0
[ 1327.110721][T22897]  ? vb2_request_queue+0x120/0x120
[ 1327.115839][T22897]  ? mark_held_locks+0xf0/0xf0
[ 1327.120611][T22897]  ? debug_smp_processor_id+0x3c/0x280
[ 1327.126086][T22897]  v4l2_m2m_create_bufs+0x7c/0xe0
[ 1327.131126][T22897]  v4l2_m2m_ioctl_create_bufs+0x6b/0x80
[ 1327.136681][T22897]  v4l_create_bufs+0xc0/0x180
[ 1327.141367][T22897]  __video_do_ioctl+0x7f1/0xce0
[ 1327.146233][T22897]  ? v4l_s_fmt+0xa40/0xa40
[ 1327.150672][T22897]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1327.156937][T22897]  ? _copy_from_user+0xdd/0x150
[ 1327.161807][T22897]  video_usercopy+0x4c5/0x10d0
[ 1327.166581][T22897]  ? v4l_s_fmt+0xa40/0xa40
[ 1327.171006][T22897]  ? v4l_enumstd+0x70/0x70
[ 1327.175428][T22897]  ? mark_held_locks+0xf0/0xf0
[ 1327.180196][T22897]  ? debug_smp_processor_id+0x3c/0x280
[ 1327.185661][T22897]  ? perf_trace_lock_acquire+0xf5/0x580
[ 1327.191225][T22897]  ? __fget+0x35a/0x550
[ 1327.195386][T22897]  ? find_held_lock+0x35/0x130
[ 1327.200157][T22897]  ? video_usercopy+0x10d0/0x10d0
[ 1327.205185][T22897]  video_ioctl2+0x2d/0x35
[ 1327.209524][T22897]  v4l2_ioctl+0x156/0x1b0
[ 1327.213853][T22897]  ? video_devdata+0xa0/0xa0
[ 1327.218451][T22897]  do_vfs_ioctl+0xd6e/0x1390
23:57:18 executing program 2:
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f00000000c0)=0x10000)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x400082, 0x0)
write$input_event(r1, &(0x7f0000000080)={{0x77359400}, 0x0, 0x0, 0x81}, 0x18)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000100)={<r2=>0x0, @in6={{0xa, 0x4e20, 0x7, @dev={0xfe, 0x80, [], 0x1d}, 0x8}}, 0x9}, &(0x7f00000001c0)=0x90)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000200)={r2, 0x8, 0x7fff}, &(0x7f0000000240)=0x8)

[ 1327.223048][T22897]  ? kasan_check_read+0x11/0x20
[ 1327.227922][T22897]  ? ioctl_preallocate+0x210/0x210
[ 1327.233040][T22897]  ? __fget+0x381/0x550
[ 1327.237207][T22897]  ? ksys_dup3+0x3e0/0x3e0
[ 1327.241644][T22897]  ? nsecs_to_jiffies+0x30/0x30
[ 1327.246516][T22897]  ? security_file_ioctl+0x93/0xc0
[ 1327.251648][T22897]  ksys_ioctl+0xab/0xd0
[ 1327.255818][T22897]  __x64_sys_ioctl+0x73/0xb0
[ 1327.260418][T22897]  do_syscall_64+0x103/0x610
[ 1327.265023][T22897]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1327.270927][T22897] RIP: 0033:0x457e29
[ 1327.274825][T22897] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1327.294433][T22897] RSP: 002b:00007f7c2f181c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1327.302852][T22897] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29
[ 1327.310838][T22897] RDX: 0000000020000100 RSI: 00000000c100565c RDI: 0000000000000003
[ 1327.318811][T22897] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1327.326784][T22897] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c2f1826d4
[ 1327.334956][T22897] R13: 00000000004c27fa R14: 00000000004d51e8 R15: 00000000ffffffff
23:57:18 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x16, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1327.497689][T22897] warn_alloc_show_mem: 1 callbacks suppressed
[ 1327.497695][T22897] Mem-Info:
[ 1327.518294][T22897] active_anon:170126 inactive_anon:194 isolated_anon:0
[ 1327.518294][T22897]  active_file:13353 inactive_file:35313 isolated_file:0
[ 1327.518294][T22897]  unevictable:2 dirty:430 writeback:0 unstable:0
[ 1327.518294][T22897]  slab_reclaimable:17715 slab_unreclaimable:103703
23:57:18 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0xa3a6, 0x4000)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0)
ioctl$CAPI_GET_PROFILE(r0, 0xc0044308, &(0x7f0000000140)=0xfffd)
setsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000080)="45bc6ea3ca6550746e53711eedf4ba2dd83f0901d37aea7ba9d9c5799746f05bb38def91b8f4e3bd148ba95512d334b3d3db3d003f596caa2a0151aae8ead64337cec348047844134bb7e20aafd71ec36c22c57aba38e8577b94f4a9735d6f0df7844b89c62b4f60e7a072476e1e37626faac5ffef34cf64f2a3c84f85d875f52cfe33112869459bdc257b6f917e8544d6816473465dbac480512913afe1ceef563f8c01", 0xa4)

23:57:18 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x17, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1327.518294][T22897]  mapped:58661 shmem:493 pagetables:3528 bounce:0
[ 1327.518294][T22897]  free:1052664 free_pcp:402 free_cma:0
23:57:18 executing program 1:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000214fd4)={0x3, 0x4, 0x4, 0x18, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1327.925826][T22897] Node 0 active_anon:674352kB inactive_anon:776kB active_file:53220kB inactive_file:141208kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:234644kB dirty:1720kB writeback:0kB shmem:1972kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 272384kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
[ 1327.971664][T22897] Node 1 active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
[ 1328.026232][T22897] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1328.060625][T22897] lowmem_reserve[]: 0 2553 2555 2555
[ 1328.066033][T22897] Node 0 DMA32 free:417644kB min:107912kB low:116968kB high:126024kB active_anon:674352kB inactive_anon:776kB active_file:53220kB inactive_file:141208kB unevictable:8kB writepending:1720kB present:3129332kB managed:2617984kB mlocked:0kB kernel_stack:10528kB pagetables:13816kB bounce:0kB free_pcp:1916kB local_pcp:1348kB free_cma:0kB
[ 1328.104713][T22897] lowmem_reserve[]: 0 0 2 2
[ 1328.109962][T22897] Node 0 Normal free:0kB min:28kB low:32kB high:36kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2204kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1328.143817][T22897] lowmem_reserve[]: 0 0 0 0
[ 1328.148814][T22897] Node 1 Normal free:3784152kB min:53624kB low:67028kB high:80432kB active_anon:0kB inactive_anon:0kB active_file:192kB inactive_file:44kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1328.185245][T22897] lowmem_reserve[]: 0 0 0 0
[ 1328.190188][T22897] Node 0 DMA: 680*4kB (U) 340*8kB () 171*16kB () 87*32kB (U) 45*64kB (U) 23*128kB (U) 12*256kB (U) 6*512kB () 4*1024kB (U) 2*2048kB (M) 3*4096kB (UM) = 43408kB
[ 1328.214061][T22897] Node 0 DMA32: 276243*4kB (UE) 217313*8kB (UME) 77632*16kB (UME) 34426*32kB (UME) 16774*64kB (UME) 7267*128kB (UME) 3342*256kB (UME) 1643*512kB (UM) 1055*1024kB (U) 4503*2048kB (UM) 9*4096kB (UM) = 19227028kB
[ 1328.242468][T22897] Node 0 Normal: 128*4kB () 87*8kB () 48*16kB () 23*32kB () 11*64kB () 5*128kB () 2*256kB () 1*512kB () 0*1024kB 0*2048kB 0*4096kB = 5080kB
[ 1328.264099][T22897] Node 1 Normal: 19080*4kB (UM) 10759*8kB (UM) 5575*16kB (UME) 2699*32kB (UME) 1337*64kB (UME) 670*128kB (UME) 332*256kB (U) 167*512kB (UME) 88*1024kB (UME) 42*2048kB (U) 918*4096kB (UM) = 4616040kB
[ 1328.293502][T22897] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1328.307034][T22897] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1328.323321][T22897] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1328.333363][T22897] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1328.349720][T22897] 49160 total pagecache pages
[ 1328.354505][T22897] 0 pages in swap cache
[ 1328.363505][T22897] Swap cache stats: add 0, delete 0, find 0/0
[ 1328.375068][T22897] Free swap  = 0kB
[ 1328.383567][T22897] Total swap = 0kB
[ 1328.387373][T22897] 1965979 pages RAM
[ 1328.393950][T22897] 0 pages HighMem/MovableOnly
[ 1328.403427][T22897] 339409 pages reserved
[ 1328.410541][T22897] 0 pages cma reserved
[ 1329.346496][ T9383] WARNING: CPU: 1 PID: 9383 at net/xfrm/xfrm_policy.c:3873 xfrm_policy_fini+0x30c/0x3a0
[ 1329.356263][ T9383] Kernel panic - not syncing: panic_on_warn set ...
[ 1329.362853][ T9383] CPU: 1 PID: 9383 Comm: kworker/u4:8 Not tainted 5.0.0-rc7-next-20190220 #39
[ 1329.371690][ T9383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1329.381780][ T9383] Workqueue: netns cleanup_net
[ 1329.386549][ T9383] Call Trace:
[ 1329.389851][ T9383]  dump_stack+0x172/0x1f0
[ 1329.394198][ T9383]  ? xfrm_policy_fini+0x210/0x3a0
[ 1329.399230][ T9383]  panic+0x2cb/0x65c
[ 1329.403160][ T9383]  ? __warn_printk+0xf3/0xf3
[ 1329.407954][ T9383]  ? xfrm_policy_fini+0x30c/0x3a0
[ 1329.412995][ T9383]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1329.419243][ T9383]  ? __warn.cold+0x5/0x45
[ 1329.423582][ T9383]  ? __warn+0xe8/0x1d0
[ 1329.427662][ T9383]  ? xfrm_policy_fini+0x30c/0x3a0
[ 1329.432723][ T9383]  __warn.cold+0x20/0x45
[ 1329.436986][ T9383]  ? xfrm_policy_fini+0x30c/0x3a0
[ 1329.442028][ T9383]  report_bug+0x263/0x2b0
[ 1329.446375][ T9383]  do_error_trap+0x11b/0x200
[ 1329.450983][ T9383]  do_invalid_op+0x37/0x50
[ 1329.455421][ T9383]  ? xfrm_policy_fini+0x30c/0x3a0
[ 1329.460460][ T9383]  invalid_op+0x14/0x20
[ 1329.464637][ T9383] RIP: 0010:xfrm_policy_fini+0x30c/0x3a0
[ 1329.470273][ T9383] Code: c3 e8 e8 0b 6d fb 0f 0b e9 49 fe ff ff e8 dc 0b 6d fb 0f 0b e9 cd fd ff ff e8 d0 0b 6d fb 0f 0b e9 00 ff ff ff e8 c4 0b 6d fb <0f> 0b e9 62 fd ff ff e8 18 dc a4 fb e9 7d fe ff ff 4c 89 ff e8 2b
[ 1329.489886][ T9383] RSP: 0018:ffff88805a17fbb0 EFLAGS: 00010293
[ 1329.495975][ T9383] RAX: ffff8880595ae700 RBX: ffff88805cde1c30 RCX: 1ffff1100b2b5dfe
[ 1329.503958][ T9383] RDX: 0000000000000000 RSI: ffffffff860346fc RDI: ffff8880595aef7c
[ 1329.511939][ T9383] RBP: ffff88805a17fbf0 R08: ffff8880595ae700 R09: ffff8880595aeff0
[ 1329.519920][ T9383] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88805cde0180
[ 1329.527909][ T9383] R13: ffff88805a17fcc8 R14: ffffffff893e4458 R15: dffffc0000000000
[ 1329.535922][ T9383]  ? xfrm_policy_fini+0x30c/0x3a0
[ 1329.540978][ T9383]  ? xfrm_policy_fini+0x3a0/0x3a0
[ 1329.546032][ T9383]  xfrm_net_exit+0x1d/0x70
[ 1329.550468][ T9383]  ops_exit_list.isra.0+0xb0/0x160
[ 1329.555598][ T9383]  cleanup_net+0x3fb/0x960
[ 1329.560033][ T9383]  ? netns_install+0x1d0/0x1d0
[ 1329.564906][ T9383]  process_one_work+0x98e/0x1790
[ 1329.569866][ T9383]  ? pwq_dec_nr_in_flight+0x320/0x320
[ 1329.575253][ T9383]  ? lock_acquire+0x16f/0x3f0
[ 1329.579958][ T9383]  worker_thread+0x98/0xe40
[ 1329.584469][ T9383]  ? trace_hardirqs_on+0x67/0x230
[ 1329.589518][ T9383]  kthread+0x357/0x430
[ 1329.593607][ T9383]  ? process_one_work+0x1790/0x1790
[ 1329.598809][ T9383]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[ 1329.605060][ T9383]  ret_from_fork+0x3a/0x50
[ 1329.610845][ T9383] Kernel Offset: disabled
[ 1329.615471][ T9383] Rebooting in 86400 seconds..