0 [ 822.927352] slab_reclaimable:12693 slab_unreclaimable:105055 [ 822.927352] mapped:44255 shmem:266 pagetables:802 bounce:0 [ 822.927352] free:63577 free_pcp:790 free_cma:0 [ 822.929530] vm_area_struct 3469KB 6044KB [ 822.965427] Node 0 active_anon:284848kB inactive_anon:800kB active_file:736kB inactive_file:3060kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:107388kB dirty:0kB writeback:0kB shmem:1056kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 822.999627] mm_struct 498KB 858KB [ 823.005040] fs_cache 45KB 96KB [ 823.010563] files_cache 170KB 277KB [ 823.015951] signal_cache 543KB 797KB [ 823.019567] Node 1 active_anon:1636kB inactive_anon:8kB active_file:8kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:0kB writeback:0kB shmem:8kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 823.021396] sighand_cache 485KB 534KB [ 823.059386] task_struct 2400KB 2431KB [ 823.068177] cred_jar 305KB 616KB [ 823.069555] Node 0 DMA free:10380kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 823.078167] anon_vma_chain 1999KB 3685KB [ 823.109590] anon_vma 170KB 573KB [ 823.119582] pid 47KB 200KB [ 823.124983] Acpi-Operand 156KB 190KB [ 823.154561] Acpi-ParseExt 8KB 11KB [ 823.160124] Acpi-Parse 41KB 47KB [ 823.165569] Acpi-State 52KB 63KB [ 823.179568] lowmem_reserve[]: 0 2555 2557 2557 [ 823.184220] Node 0 DMA32 free:122560kB min:36248kB low:45308kB high:54368kB active_anon:282800kB inactive_anon:800kB active_file:736kB inactive_file:3060kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6784kB pagetables:2772kB bounce:0kB free_pcp:2224kB local_pcp:1480kB free_cma:0kB [ 823.218883] Acpi-Namespace 20KB 23KB [ 823.234601] numa_policy 0KB 3KB [ 823.254628] debug_objects_cache 1023KB 1102KB [ 823.260294] trace_event_file 263KB 266KB [ 823.276080] ftrace_event_field 382KB 385KB [ 823.282372] pool_workqueue 104KB 116KB [ 823.288523] lowmem_reserve[]: 0 0 2 2 [ 823.299591] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 823.339558] task_group 5KB 7KB [ 823.342280] lowmem_reserve[]: [ 823.344961] page->ptl 707KB 1612KB [ 823.344964] 0 0 [ 823.348119] kmalloc-2097152 2050KB 2050KB [ 823.355376] 0 [ 823.369547] kmalloc-524288 2056KB 2056KB [ 823.374172] 0 [ 823.376723] kmalloc-262144 1290KB 1290KB [ 823.376736] kmalloc-131072 780KB 1040KB [ 823.378536] Node 1 Normal free:193568kB min:53608kB low:67008kB high:80408kB active_anon:1636kB inactive_anon:8kB active_file:8kB inactive_file:4kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:436kB bounce:0kB free_pcp:1340kB local_pcp:1340kB free_cma:0kB [ 823.409572] kmalloc-65536 39996KB 40590KB [ 823.433048] lowmem_reserve[]: 0 0 0 0 [ 823.454610] Node 0 DMA: 1*4kB (E) 1*8kB (E) 0*16kB 16*32kB (UE) 22*64kB (UE) 4*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10380kB [ 823.469535] kmalloc-32768 2541KB 2607KB [ 823.479534] kmalloc-16384 841KB 858KB [ 823.484519] Node 0 DMA32: [ 823.484919] kmalloc-8192 3786KB 3869KB [ 823.484932] kmalloc-4096 31161KB 31220KB [ 823.488587] 16787*4kB (UME) 4937*8kB (UME) 1457*16kB (UME) 165*32kB (UM) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 135236kB [ 823.519544] kmalloc-2048 15610KB 16167KB [ 823.524944] kmalloc-1024 13189KB 14009KB [ 823.549527] kmalloc-512 9566KB 10211KB [ 823.554126] Node 0 Normal: [ 823.554962] kmalloc-256 4685KB 4830KB [ 823.554975] kmalloc-128 1292KB 1362KB [ 823.557908] 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 823.590313] Node 1 Normal: 33674*4kB (U) 2857*8kB (U) 181*16kB (UE) 48*32kB (UE) 77*64kB (U) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 167040kB [ 823.592419] kmalloc-96 2493KB 2644KB [ 823.610439] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 823.626107] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 823.632524] kmalloc-64 3211KB 3372KB [ 823.637906] kmalloc-32 3468KB 3724KB [ 823.643379] CPU: 1 PID: 13856 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 823.650402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 823.659787] Call Trace: [ 823.662413] dump_stack+0x172/0x1f0 [ 823.666063] warn_alloc.cold+0x7b/0x173 [ 823.670077] ? zone_watermark_ok_safe+0x260/0x260 [ 823.675028] ? try_to_compact_pages+0x44/0xae0 [ 823.679538] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 823.679651] __alloc_pages_slowpath+0x220e/0x2870 [ 823.689626] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 823.693354] ? warn_alloc+0x110/0x110 [ 823.693373] ? __lock_is_held+0xb6/0x140 [ 823.693392] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 823.693406] ? should_fail+0x14d/0x85c [ 823.693427] ? __isolate_free_page+0x4c0/0x4c0 [ 823.723975] ? __might_sleep+0x95/0x190 [ 823.727996] __alloc_pages_nodemask+0x617/0x750 [ 823.732695] ? __alloc_pages_slowpath+0x2870/0x2870 [ 823.733227] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 823.739348] ? find_held_lock+0x35/0x130 [ 823.739367] ? wait_for_completion+0x440/0x440 [ 823.739383] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 823.739402] alloc_pages_current+0x107/0x210 [ 823.739439] ion_page_pool_alloc+0x137/0x1d0 [ 823.739453] ion_system_heap_allocate+0x154/0xa90 [ 823.739472] ? ion_system_heap_free+0x250/0x250 [ 823.739516] ion_alloc+0x475/0x900 [ 823.739539] ? ion_dma_buf_release+0x50/0x50 [ 823.780321] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 823.781753] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 823.785277] 1745 total pagecache pages [ 823.789700] ? _copy_from_user+0xdd/0x150 [ 823.789722] ion_ioctl+0x17b/0x329 [ 823.789739] ? ion_alloc.cold+0x28/0x28 [ 823.789758] ? __might_sleep+0x95/0x190 [ 823.789778] ? ion_alloc.cold+0x28/0x28 [ 823.827407] do_vfs_ioctl+0xd5f/0x1380 [ 823.831337] ? selinux_file_ioctl+0x46f/0x5e0 [ 823.835854] ? selinux_file_ioctl+0x125/0x5e0 [ 823.840367] ? ioctl_preallocate+0x210/0x210 [ 823.844787] ? selinux_file_mprotect+0x620/0x620 [ 823.849282] 0 pages in swap cache [ 823.849902] ? iterate_fd+0x360/0x360 [ 823.849917] ? nsecs_to_jiffies+0x30/0x30 [ 823.849941] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 823.853393] Swap cache stats: add 0, delete 0, find 0/0 [ 823.857195] ? security_file_ioctl+0x8d/0xc0 [ 823.876628] ksys_ioctl+0xab/0xd0 [ 823.879540] Free swap = 0kB [ 823.880095] __x64_sys_ioctl+0x73/0xb0 [ 823.887011] do_syscall_64+0xfd/0x620 [ 823.890839] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 823.896037] RIP: 0033:0x459829 [ 823.899247] Code: Bad RIP value. [ 823.902613] RSP: 002b:00007fe965eb4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 823.909775] Total swap = 0kB [ 823.910326] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 823.910336] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 823.910345] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 823.910354] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe965eb56d4 [ 823.910362] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 823.913229] kmalloc-192 2563KB 2864KB [ 823.919354] 1965979 pages RAM [ 823.926511] kmem_cache 248KB 255KB [ 823.949519] 0 pages HighMem/MovableOnly [ 823.955512] Out of memory: Kill process 7947 (syz-fuzzer) score 41 or sacrifice child [ 823.955900] 338856 pages reserved [ 823.959078] Killed process 7974 (syz-executor.4) total-vm:72452kB, anon-rss:60kB, file-rss:0kB, shmem-rss:0kB [ 823.964911] 0 pages cma reserved [ 824.060944] warn_alloc_show_mem: 1 callbacks suppressed [ 824.060950] Mem-Info: [ 824.079592] active_anon:71596 inactive_anon:202 isolated_anon:0 [ 824.079592] active_file:186 inactive_file:1896 isolated_file:0 [ 824.079592] unevictable:0 dirty:0 writeback:0 unstable:0 [ 824.079592] slab_reclaimable:12693 slab_unreclaimable:105055 [ 824.079592] mapped:44986 shmem:266 pagetables:765 bounce:0 [ 824.079592] free:101476 free_pcp:762 free_cma:0 [ 824.135867] Node 0 active_anon:284848kB inactive_anon:800kB active_file:736kB inactive_file:7880kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:110512kB dirty:100kB writeback:0kB shmem:1056kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 824.189823] Node 1 active_anon:1636kB inactive_anon:8kB active_file:8kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:0kB writeback:0kB shmem:8kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 824.249539] Node 0 DMA free:10500kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 824.289561] lowmem_reserve[]: 0 2555 2557 2557 [ 824.294229] Node 0 DMA32 free:45096kB min:36248kB low:45308kB high:54368kB active_anon:282800kB inactive_anon:800kB active_file:736kB inactive_file:7880kB unevictable:0kB writepending:148kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2624kB bounce:0kB free_pcp:528kB local_pcp:308kB free_cma:0kB [ 824.374325] lowmem_reserve[]: 0 0 2 2 [ 824.378220] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 824.429571] lowmem_reserve[]: 0 0 0 0 [ 824.433452] Node 1 Normal free:66820kB min:53608kB low:67008kB high:80408kB active_anon:1636kB inactive_anon:8kB active_file:8kB inactive_file:4kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:436kB bounce:0kB free_pcp:724kB local_pcp:496kB free_cma:0kB [ 824.500616] lowmem_reserve[]: 0 0 0 0 [ 824.504561] Node 0 DMA: 1*4kB (E) 1*8kB (E) 4*16kB (U) 16*32kB (UE) 22*64kB (UE) 4*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10444kB [ 824.559582] Node 0 DMA32: 300*4kB (ME) 422*8kB (ME) 355*16kB (UME) 187*32kB (UM) 25*64kB (UM) 32*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 22192kB [ 824.642318] rsyslogd invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 824.679602] rsyslogd cpuset=/ mems_allowed=0-1 [ 824.688714] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 824.700293] CPU: 0 PID: 7801 Comm: rsyslogd Not tainted 4.19.63 #37 [ 824.706746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 824.716119] Call Trace: [ 824.718739] dump_stack+0x172/0x1f0 [ 824.722406] dump_header+0x15e/0xa55 [ 824.726153] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 824.731366] ? ___ratelimit+0x60/0x595 [ 824.735276] ? do_raw_spin_unlock+0x57/0x270 [ 824.739717] oom_kill_process.cold+0x10/0x6ef [ 824.744235] ? lock_downgrade+0x810/0x810 [ 824.748414] ? kasan_check_read+0x11/0x20 [ 824.752588] out_of_memory+0x936/0x12d0 [ 824.756584] ? oom_killer_disable+0x280/0x280 [ 824.761104] ? mutex_trylock+0x18e/0x1e0 [ 824.765184] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 824.770140] __alloc_pages_slowpath+0x20af/0x2870 [ 824.775025] ? warn_alloc+0x110/0x110 [ 824.778842] ? __lock_is_held+0xb6/0x140 [ 824.781720] Node 1 Normal: [ 824.782921] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 824.782938] ? should_fail+0x14d/0x85c [ 824.785876] 0*4kB [ 824.791445] ? __might_sleep+0x95/0x190 [ 824.791466] __alloc_pages_nodemask+0x617/0x750 [ 824.791482] ? kasan_check_read+0x11/0x20 [ 824.791499] ? __alloc_pages_slowpath+0x2870/0x2870 [ 824.791510] ? find_get_entry+0x3e8/0x820 [ 824.791528] ? filemap_map_pages+0x1130/0x1130 [ 824.791544] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 824.791564] alloc_pages_current+0x107/0x210 [ 824.791582] __page_cache_alloc+0x2bd/0x450 [ 824.838377] ? kasan_check_read+0x11/0x20 [ 824.842550] filemap_fault+0x10bb/0x2250 [ 824.846622] ? lock_downgrade+0x810/0x810 [ 824.850813] ? __lock_page_or_retry+0xdc0/0xdc0 [ 824.855503] ? lock_acquire+0x16f/0x3f0 [ 824.859486] ? ext4_filemap_fault+0x7b/0xaf [ 824.863846] ext4_filemap_fault+0x83/0xaf [ 824.868007] __do_fault+0x111/0x480 [ 824.871647] __handle_mm_fault+0x2d78/0x3f80 [ 824.876067] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 824.880948] ? count_memcg_event_mm+0x2b1/0x4d0 [ 824.885636] handle_mm_fault+0x1b5/0x690 [ 824.889730] __do_page_fault+0x62a/0xe90 [ 824.893824] ? ksys_read+0x1f1/0x2d0 [ 824.897559] ? vmalloc_fault+0x740/0x740 [ 824.901641] ? trace_hardirqs_off_caller+0x65/0x220 [ 824.906763] ? trace_hardirqs_on_caller+0x6a/0x220 [ 824.911709] ? page_fault+0x8/0x30 [ 824.915257] do_page_fault+0x71/0x57d [ 824.919082] ? page_fault+0x8/0x30 [ 824.922640] page_fault+0x1e/0x30 [ 824.926100] RIP: 0033:0x7f334b96adb4 [ 824.929831] Code: Bad RIP value. [ 824.933210] RSP: 002b:00007f334a339e40 EFLAGS: 00010207 [ 824.938579] RAX: 00000000000000ab RBX: 0000000000b924b0 RCX: 00007f334cd9a1fd [ 824.945888] RDX: 00000000000000ab RSI: 00007f334bb6e5a0 RDI: 0000000000000000 [ 824.953187] RBP: 0000000000000000 R08: 0000000000b7d260 R09: 0000000000000000 [ 824.960471] R10: 0000000000000012 R11: 0000000000000000 R12: 000000000065e420 [ 824.969163] R13: 00007f334a33a9c0 R14: 00007f334d3df040 R15: 0000000000000003 [ 825.013149] 0*8kB 1*16kB (E) 102*32kB (UE) 328*64kB (U) 16*128kB (UM) 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26576kB [ 825.060069] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 825.069413] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 825.159830] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 825.168729] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 825.182269] 358 total pagecache pages [ 825.189019] 0 pages in swap cache [ 825.195328] Swap cache stats: add 0, delete 0, find 0/0 [ 825.201688] Free swap = 0kB [ 825.205487] Total swap = 0kB [ 825.209671] 1965979 pages RAM [ 825.212801] 0 pages HighMem/MovableOnly [ 825.216784] 338856 pages reserved [ 825.221161] 0 pages cma reserved [ 825.228885] Mem-Info: [ 825.231524] active_anon:71611 inactive_anon:202 isolated_anon:0 [ 825.231524] active_file:56 inactive_file:224 isolated_file:32 [ 825.231524] unevictable:0 dirty:8 writeback:0 unstable:0 [ 825.231524] slab_reclaimable:12672 slab_unreclaimable:104682 [ 825.231524] mapped:35006 shmem:266 pagetables:755 bounce:0 [ 825.231524] free:26263 free_pcp:151 free_cma:0 [ 825.299034] Node 0 active_anon:284816kB inactive_anon:800kB active_file:48kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69792kB dirty:20kB writeback:0kB shmem:1056kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 825.339570] Node 1 active_anon:1628kB inactive_anon:8kB active_file:1056kB inactive_file:2436kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:72132kB dirty:12kB writeback:0kB shmem:8kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 825.394155] Node 0 DMA free:10332kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 825.464343] lowmem_reserve[]: 0 2555 2557 2557 [ 825.469014] Node 0 DMA32 free:26024kB min:36248kB low:45308kB high:54368kB active_anon:282744kB inactive_anon:796kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6656kB pagetables:2480kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 825.551323] lowmem_reserve[]: 0 0 2 2 [ 825.555285] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 825.624302] lowmem_reserve[]: 0 0 0 0 [ 825.629313] Node 1 Normal free:262920kB min:53608kB low:67008kB high:80408kB active_anon:1672kB inactive_anon:4kB active_file:1488kB inactive_file:4456kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:496kB bounce:0kB free_pcp:316kB local_pcp:284kB free_cma:0kB [ 825.708893] lowmem_reserve[]: 0 0 0 0 [ 825.723565] Node 0 DMA: 1*4kB (E) 1*8kB (E) 1*16kB (U) 14*32kB (UE) 22*64kB (UE) 4*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10332kB [ 825.769551] Node 0 DMA32: 510*4kB (UME) 664*8kB (UME) 69*16kB (ME) 9*32kB (M) 10*64kB (U) 182*128kB (UM) 32*256kB (U) 6*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 44968kB [ 825.802487] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 825.825232] Node 1 Normal: 2632*4kB (UM) 4*8kB (UM) 3*16kB (UE) 4*32kB (UE) 2033*64kB (UM) 1376*128kB (U) 241*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 378672kB [ 825.869856] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 825.878829] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 825.900602] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 825.925517] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 825.938402] 1927 total pagecache pages [ 825.954358] 0 pages in swap cache [ 825.957866] Swap cache stats: add 0, delete 0, find 0/0 [ 825.965607] device bridge_slave_1 left promiscuous mode [ 825.980724] bridge0: port 2(bridge_slave_1) entered disabled state [ 825.987396] Free swap = 0kB [ 826.000724] Total swap = 0kB [ 826.003804] 1965979 pages RAM [ 826.006911] 0 pages HighMem/MovableOnly [ 826.020733] device bridge_slave_0 left promiscuous mode [ 826.026290] bridge0: port 1(bridge_slave_0) entered disabled state [ 826.054008] 338856 pages reserved [ 826.057517] 0 pages cma reserved [ 826.069626] Unreclaimable slab info: [ 826.073562] Name Used Total [ 826.079137] pid_2 42KB 164KB [ 826.085520] batadv_tt_change_cache 7KB 11KB [ 826.091483] batadv_tl_cache 9KB 12KB [ 826.096880] TIPC 18KB 28KB [ 826.118971] SCTPv6 26KB 37KB [ 826.134291] sctp_chunk 0KB 7KB [ 826.145976] DCCPv6 14KB 21KB [ 826.174342] DCCP 16KB 20KB [ 826.186386] bridge_fdb_cache 17KB 27KB [ 826.220199] fib6_nodes 184KB 196KB [ 826.225714] ip6_dst_cache 652KB 675KB [ 826.255815] RAWv6 126KB 143KB [ 826.261431] UDPv6 3KB 3KB [ 826.266816] TCPv6 20KB 29KB [ 826.294249] nf_conntrack 0KB 3KB [ 826.302587] device hsr_slave_1 left promiscuous mode [ 826.307796] sd_ext_cdb 0KB 7KB [ 826.318151] scsi_sense_cache 1056KB 1060KB [ 826.323732] virtio_scsi_cmd 16KB 16KB [ 826.329121] sgpool-128 8KB 8KB [ 826.345450] device hsr_slave_0 left promiscuous mode [ 826.374405] sgpool-64 4KB 12KB [ 826.394374] sgpool-32 2KB 15KB [ 826.404661] team0 (unregistering): Port device team_slave_1 removed [ 826.421594] sgpool-16 1KB 7KB [ 826.427010] sgpool-8 0KB 7KB [ 826.445590] team0 (unregistering): Port device team_slave_0 removed [ 826.459554] mqueue_inode_cache 18KB 35KB [ 826.465056] bio_post_read_ctx 14KB 15KB [ 826.494987] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 826.502316] bio-2 14KB 15KB [ 826.507706] jfs_mp 7KB 7KB [ 826.534642] nfs_commit_data 3KB 14KB [ 826.540331] nfs_write_data 34KB 44KB [ 826.545764] ext4_system_zone 1KB 7KB [ 826.556149] bio-1 1KB 7KB [ 826.561621] fasync_cache 0KB 4KB [ 826.567269] pid_namespace 4KB 7KB [ 826.585119] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 826.614367] rpc_buffers 17KB 25KB [ 826.620441] rpc_tasks 2KB 7KB [ 826.625837] UNIX 873KB 880KB [ 826.639592] tcp_bind_bucket 3KB 12KB [ 826.645028] inet_peer_cache 0KB 4KB [ 826.681447] xfrm_state 8KB 8KB [ 826.686885] ip_fib_trie 27KB 31KB [ 826.741085] ip_fib_alias 129KB 146KB [ 826.746507] ip_dst_cache 28KB 72KB [ 826.779812] RAW 76KB 100KB [ 826.785500] UDP 26KB 39KB [ 826.814284] TCP 8KB 16KB [ 826.821446] bond0 (unregistering): Released all slaves [ 826.835576] hugetlbfs_inode_cache 2KB 15KB [ 826.842152] fscache_cookie_jar 1KB 11KB [ 826.847631] eventpoll_pwq 20KB 35KB [ 826.881116] eventpoll_epi 38KB 66KB [ 826.886537] inotify_inode_mark 30KB 63KB [ 826.914489] request_queue 163KB 163KB [ 826.924717] blkdev_requests 1KB 3KB [ 826.935007] blkdev_ioc 50KB 54KB [ 826.940484] bio-0 3835KB 3885KB [ 826.948578] biovec-max 6096KB 6105KB [ 826.979570] biovec-64 4194KB 4205KB [ 826.984992] biovec-16 436KB 468KB [ 827.019550] bio_integrity_payload 1KB 8KB [ 827.025328] khugepaged_mm_slot 5KB 19KB [ 827.055223] dmaengine-unmap-256 2KB 6KB [ 827.062060] dmaengine-unmap-128 1KB 3KB [ 827.067622] dmaengine-unmap-16 0KB 4KB [ 827.113379] dmaengine-unmap-2 0KB 3KB [ 827.118810] audit_buffer 0KB 3KB [ 827.153345] skbuff_fclone_cache 168KB 221KB [ 827.158953] skbuff_head_cache 5705KB 5943KB [ 827.193405] configfs_dir_cache 0KB 8KB [ 827.198922] file_lock_cache 0KB 3KB [ 827.222398] file_lock_ctx 0KB 3KB [ 827.227829] fsnotify_mark_connector 17KB 39KB [ 827.273394] net_namespace 104KB 112KB [ 827.278827] shmem_inode_cache 5216KB 5607KB [ 827.293277] task_delay_info 70KB 233KB [ 827.298708] taskstats 37KB 84KB [ 827.333287] proc_dir_entry 949KB 1020KB [ 827.338736] pde_opener 0KB 3KB [ 827.373269] seq_file 166KB 315KB [ 827.378879] sigqueue 49KB 86KB [ 827.399565] kernfs_node_cache 11896KB 12162KB [ 827.405000] mnt_cache 163KB 188KB [ 827.433521] filp 2742KB 4215KB [ 827.438954] names_cache 50294KB 50311KB [ 827.479559] iint_cache 44KB 63KB [ 827.485068] hashtab_node 118KB 119KB [ 827.499574] ebitmap_node 977KB 1043KB [ 827.504988] avtab_node 1012KB 1013KB [ 827.539561] avc_node 48KB 55KB [ 827.544996] selinux_file_security 177KB 329KB [ 827.573304] selinux_inode_security 3258KB 3488KB [ 827.579165] key_jar 4KB 11KB [ 827.619834] uts_namespace 5KB 11KB [ 827.625375] nsproxy 4KB 7KB [ 827.653592] vm_area_struct 3452KB 6036KB [ 827.659035] mm_struct 490KB 858KB [ 827.693281] fs_cache 45KB 96KB [ 827.698751] files_cache 168KB 277KB [ 827.719554] signal_cache 541KB 797KB [ 827.724988] sighand_cache 481KB 534KB [ 827.753996] task_struct 2400KB 2419KB [ 827.779562] cred_jar 304KB 616KB [ 827.785100] anon_vma_chain 1990KB 3673KB [ 827.813718] anon_vma 164KB 573KB [ 827.819282] pid 47KB 200KB [ 827.839561] Acpi-Operand 156KB 190KB [ 827.845179] Acpi-ParseExt 8KB 11KB [ 827.873452] Acpi-Parse 41KB 47KB [ 827.878891] Acpi-State 52KB 63KB [ 827.908783] Acpi-Namespace 20KB 23KB [ 827.939552] numa_policy 0KB 3KB [ 827.944971] debug_objects_cache 1020KB 1102KB [ 827.959552] trace_event_file 263KB 266KB [ 827.965159] ftrace_event_field 382KB 385KB [ 827.999554] pool_workqueue 104KB 116KB [ 828.004982] task_group 5KB 7KB [ 828.039558] page->ptl 704KB 1612KB [ 828.045390] kmalloc-2097152 2050KB 2050KB [ 828.073524] kmalloc-524288 2056KB 2056KB [ 828.078941] kmalloc-262144 1290KB 1290KB [ 828.100958] kmalloc-131072 780KB 910KB [ 828.106395] kmalloc-65536 39600KB 40194KB [ 828.139590] kmalloc-32768 2541KB 2574KB [ 828.145005] kmalloc-16384 841KB 841KB [ 828.160384] kmalloc-8192 3762KB 3844KB [ 828.173722] kmalloc-4096 31093KB 31144KB [ 828.193315] kmalloc-2048 15686KB 16167KB [ 828.198736] kmalloc-1024 13284KB 14009KB [ 828.233211] kmalloc-512 9623KB 10207KB [ 828.238639] kmalloc-256 4665KB 4826KB [ 828.262404] kmalloc-128 1299KB 1362KB [ 828.267828] kmalloc-96 2493KB 2644KB [ 828.299555] kmalloc-64 3196KB 3372KB [ 828.304987] kmalloc-32 3457KB 3724KB [ 828.319554] kmalloc-192 2562KB 2864KB [ 828.324960] kmem_cache 248KB 255KB [ 828.349535] Out of memory: Kill process 7947 (syz-fuzzer) score 42 or sacrifice child [ 828.357662] Killed process 7979 (syz-executor.5) total-vm:72452kB, anon-rss:64kB, file-rss:0kB, shmem-rss:0kB [ 828.389777] oom_reaper: reaped process 7979 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 829.190212] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 829.220598] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 829.225443] CPU: 0 PID: 7949 Comm: syz-fuzzer Not tainted 4.19.63 #37 [ 829.232030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 829.241399] Call Trace: [ 829.244040] dump_stack+0x172/0x1f0 [ 829.247693] dump_header+0x15e/0xa55 [ 829.251424] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 829.256537] ? ___ratelimit+0x60/0x595 [ 829.260469] ? do_raw_spin_unlock+0x57/0x270 [ 829.264984] oom_kill_process.cold+0x10/0x6ef [ 829.269490] ? lock_downgrade+0x810/0x810 [ 829.273664] out_of_memory+0x936/0x12d0 [ 829.277837] ? oom_killer_disable+0x280/0x280 [ 829.282352] ? mutex_trylock+0x18e/0x1e0 [ 829.286455] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 829.291488] __alloc_pages_slowpath+0x20af/0x2870 [ 829.296366] ? warn_alloc+0x110/0x110 [ 829.300180] ? __lock_is_held+0xb6/0x140 [ 829.302356] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 829.304254] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 829.321583] ? should_fail+0x14d/0x85c [ 829.325485] ? __might_sleep+0x95/0x190 [ 829.329466] __alloc_pages_nodemask+0x617/0x750 [ 829.334148] ? kasan_check_read+0x11/0x20 [ 829.337417] syz-executor.5 cpuset= [ 829.338311] ? __alloc_pages_slowpath+0x2870/0x2870 [ 829.338314] syz5 mems_allowed=0-1 [ 829.341857] ? find_get_entry+0x3e8/0x820 [ 829.341877] ? filemap_map_pages+0x1130/0x1130 [ 829.341892] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 829.341912] alloc_pages_current+0x107/0x210 [ 829.341930] __page_cache_alloc+0x2bd/0x450 [ 829.341943] ? kasan_check_read+0x11/0x20 [ 829.341967] filemap_fault+0x10bb/0x2250 [ 829.381609] ? lock_downgrade+0x810/0x810 [ 829.385787] ? __lock_page_or_retry+0xdc0/0xdc0 [ 829.390497] ? lock_acquire+0x16f/0x3f0 [ 829.394480] ? ext4_filemap_fault+0x7b/0xaf [ 829.398837] ext4_filemap_fault+0x83/0xaf [ 829.403012] __do_fault+0x111/0x480 [ 829.406654] __handle_mm_fault+0x2d78/0x3f80 [ 829.411079] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 829.415964] ? count_memcg_event_mm+0x2b1/0x4d0 [ 829.420653] handle_mm_fault+0x1b5/0x690 [ 829.424733] __do_page_fault+0x62a/0xe90 [ 829.428818] ? vmalloc_fault+0x740/0x740 [ 829.432899] ? trace_hardirqs_off_caller+0x65/0x220 [ 829.437924] ? trace_hardirqs_on_caller+0x6a/0x220 [ 829.442862] ? page_fault+0x8/0x30 [ 829.446419] do_page_fault+0x71/0x57d [ 829.450399] ? page_fault+0x8/0x30 [ 829.453948] page_fault+0x1e/0x30 [ 829.457406] RIP: 0033:0x45b153 [ 829.460610] Code: Bad RIP value. [ 829.463980] RSP: 002b:000000c420039ea0 EFLAGS: 00010202 [ 829.469360] RAX: ffffffffffffff92 RBX: 000000003b984c0d RCX: 000000000045b153 [ 829.476821] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000017be660 [ 829.484106] RBP: 000000c420039ee8 R08: 0000000000000000 R09: 0000000000000000 [ 829.491389] R10: 000000c420039ed8 R11: 0000000000000202 R12: 000000ca22201a58 [ 829.498669] R13: 0000000000000001 R14: 0000000000000200 R15: 0000000000000055 [ 829.507251] CPU: 0 PID: 13893 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 829.514284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 829.523647] Call Trace: [ 829.526253] dump_stack+0x172/0x1f0 [ 829.529914] warn_alloc.cold+0x7b/0x173 [ 829.541074] ? zone_watermark_ok_safe+0x260/0x260 [ 829.545951] ? unreserve_highatomic_pageblock+0x31b/0x460 [ 829.551522] __alloc_pages_slowpath+0x220e/0x2870 [ 829.556405] ? warn_alloc+0x110/0x110 [ 829.560217] ? __lock_is_held+0xb6/0x140 [ 829.564314] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 829.569860] ? should_fail+0x14d/0x85c [ 829.573807] ? __might_sleep+0x95/0x190 [ 829.577812] __alloc_pages_nodemask+0x617/0x750 [ 829.582507] ? __alloc_pages_slowpath+0x2870/0x2870 [ 829.587553] ? retint_kernel+0x2d/0x2d [ 829.591458] ? wait_for_completion+0x440/0x440 [ 829.596093] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 829.601645] alloc_pages_current+0x107/0x210 [ 829.606068] ion_page_pool_alloc+0x137/0x1d0 [ 829.610492] ion_system_heap_allocate+0x154/0xa90 [ 829.615352] ? ion_system_heap_free+0x250/0x250 [ 829.620043] ion_alloc+0x475/0x900 [ 829.623605] ? ion_dma_buf_release+0x50/0x50 [ 829.629490] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 829.635039] ? _copy_from_user+0xdd/0x150 [ 829.639201] ion_ioctl+0x17b/0x329 [ 829.642760] ? ion_alloc.cold+0x28/0x28 [ 829.646754] ? __might_sleep+0x95/0x190 [ 829.650743] ? ion_alloc.cold+0x28/0x28 [ 829.654737] do_vfs_ioctl+0xd5f/0x1380 [ 829.658642] ? selinux_file_ioctl+0x46f/0x5e0 [ 829.663149] ? selinux_file_ioctl+0x125/0x5e0 [ 829.667660] ? ioctl_preallocate+0x210/0x210 [ 829.672092] ? selinux_file_mprotect+0x620/0x620 [ 829.676888] ? iterate_fd+0x360/0x360 [ 829.680787] ? nsecs_to_jiffies+0x30/0x30 [ 829.684972] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 829.690527] ? security_file_ioctl+0x8d/0xc0 [ 829.694950] ksys_ioctl+0xab/0xd0 [ 829.698533] __x64_sys_ioctl+0x73/0xb0 [ 829.702435] do_syscall_64+0xfd/0x620 [ 829.706254] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 829.711450] RIP: 0033:0x459829 [ 829.714666] Code: Bad RIP value. [ 829.718037] RSP: 002b:00007f9b39771c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 829.725762] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 829.733070] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 829.740899] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 829.748184] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9b397726d4 [ 829.755816] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 829.773638] Mem-Info: [ 829.776120] active_anon:71595 inactive_anon:202 isolated_anon:0 [ 829.776120] active_file:15 inactive_file:14 isolated_file:0 [ 829.776120] unevictable:0 dirty:0 writeback:0 unstable:0 [ 829.776120] slab_reclaimable:12655 slab_unreclaimable:103204 [ 829.776120] mapped:34818 shmem:259 pagetables:682 bounce:0 [ 829.776120] free:13799 free_pcp:130 free_cma:0 [ 829.846621] Node 0 active_anon:284652kB inactive_anon:800kB active_file:28kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69640kB dirty:0kB writeback:0kB shmem:1028kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 829.874222] syz-executor.3: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 829.877547] Mem-Info: [ 829.886051] Node 1 active_anon:1728kB inactive_anon:8kB active_file:32kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:0kB writeback:0kB shmem:8kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 829.886060] Node 0 DMA free:10316kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 829.886095] lowmem_reserve[]: 0 2555 2557 2557 [ 829.886120] Node 0 DMA32 free:18092kB min:36248kB low:45308kB high:54368kB active_anon:282604kB inactive_anon:800kB active_file:28kB inactive_file:28kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6592kB pagetables:2292kB bounce:0kB free_pcp:272kB local_pcp:0kB free_cma:0kB [ 829.886158] lowmem_reserve[]: 0 0 2 2 [ 829.886187] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 829.886226] lowmem_reserve[]: 0 0 0 0 [ 830.010322] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 830.015733] CPU: 0 PID: 13863 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 830.022762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 830.032501] Call Trace: [ 830.035114] dump_stack+0x172/0x1f0 [ 830.038766] warn_alloc.cold+0x7b/0x173 [ 830.039736] Node 1 Normal free:26788kB min:53608kB low:67008kB high:80408kB active_anon:1728kB inactive_anon:8kB active_file:32kB inactive_file:28kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:436kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 830.042813] ? zone_watermark_ok_safe+0x260/0x260 [ 830.042841] ? unreserve_highatomic_pageblock+0x31b/0x460 [ 830.081818] __alloc_pages_slowpath+0x220e/0x2870 [ 830.086703] ? warn_alloc+0x110/0x110 [ 830.090518] ? __lock_is_held+0xb6/0x140 [ 830.094593] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 830.100143] ? should_fail+0x14d/0x85c [ 830.104051] ? __might_sleep+0x95/0x190 [ 830.108042] __alloc_pages_nodemask+0x617/0x750 [ 830.112734] ? __alloc_pages_slowpath+0x2870/0x2870 [ 830.117779] ? wait_for_completion+0x440/0x440 [ 830.122380] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 830.127944] alloc_pages_current+0x107/0x210 [ 830.132374] ion_page_pool_alloc+0x137/0x1d0 [ 830.136803] ion_system_heap_allocate+0x154/0xa90 [ 830.141676] ? ion_system_heap_free+0x250/0x250 [ 830.146369] ion_alloc+0x475/0x900 [ 830.149937] ? ion_dma_buf_release+0x50/0x50 [ 830.154401] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 830.156123] lowmem_reserve[]: [ 830.159947] ? _copy_from_user+0xdd/0x150 [ 830.159968] ion_ioctl+0x17b/0x329 [ 830.159984] ? ion_alloc.cold+0x28/0x28 [ 830.160003] ? __might_sleep+0x95/0x190 [ 830.160019] ? ion_alloc.cold+0x28/0x28 [ 830.160037] do_vfs_ioctl+0xd5f/0x1380 [ 830.160053] ? selinux_file_ioctl+0x46f/0x5e0 [ 830.160067] ? selinux_file_ioctl+0x125/0x5e0 [ 830.160086] ? ioctl_preallocate+0x210/0x210 [ 830.177869] 0 [ 830.178814] ? selinux_file_mprotect+0x620/0x620 [ 830.189186] 0 [ 830.191168] ? iterate_fd+0x360/0x360 [ 830.191184] ? nsecs_to_jiffies+0x30/0x30 [ 830.191207] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 830.191225] ? security_file_ioctl+0x8d/0xc0 [ 830.191244] ksys_ioctl+0xab/0xd0 [ 830.191262] __x64_sys_ioctl+0x73/0xb0 [ 830.191280] do_syscall_64+0xfd/0x620 [ 830.191302] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 830.198332] 0 [ 830.200294] RIP: 0033:0x459829 [ 830.200319] Code: Bad RIP value. [ 830.200327] RSP: 002b:00007fe965e93c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 830.200342] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 830.200351] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 830.200359] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 830.200368] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe965e946d4 [ 830.200377] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 830.203400] active_anon:71595 inactive_anon:202 isolated_anon:0 [ 830.203400] active_file:15 inactive_file:14 isolated_file:0 [ 830.203400] unevictable:0 dirty:0 writeback:0 unstable:0 [ 830.203400] slab_reclaimable:12655 slab_unreclaimable:103204 [ 830.203400] mapped:34818 shmem:259 pagetables:682 bounce:0 [ 830.203400] free:13799 free_pcp:130 free_cma:0 [ 830.209335] 0 [ 830.212725] Node 0 active_anon:284652kB inactive_anon:800kB active_file:28kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69640kB dirty:0kB writeback:0kB shmem:1028kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 830.216980] syz-executor.3: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 830.232126] Node 1 active_anon:1728kB inactive_anon:8kB active_file:32kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:0kB writeback:0kB shmem:8kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 830.243191] Node 0 [ 830.249369] Node 0 [ 830.261509] DMA free:10316kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 830.269356] DMA: [ 830.278240] lowmem_reserve[]: [ 830.287432] 1*4kB [ 830.289530] 0 [ 830.296478] (E) [ 830.341214] 2555 [ 830.367250] 1*8kB [ 830.385176] 2557 [ 830.398529] syz-executor.3 cpuset= [ 830.412005] 2557 [ 830.464320] Node 0 DMA32 free:18364kB min:36248kB low:45308kB high:54368kB active_anon:282604kB inactive_anon:800kB active_file:28kB inactive_file:28kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6592kB pagetables:2292kB bounce:0kB free_pcp:280kB local_pcp:0kB free_cma:0kB [ 830.500622] (E) 0*16kB 12*32kB (UE) 23*64kB (UE) 4*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10316kB [ 830.523451] lowmem_reserve[]: 0 0 2 2 [ 830.527412] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 830.573436] Node 0 DMA32: 4016*4kB (UME) 677*8kB (UME) 70*16kB (ME) 18*32kB (ME) 0*64kB 5*128kB (UM) 20*256kB (U) 6*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 33032kB [ 830.609545] syz3 mems_allowed=0-1 [ 830.613313] CPU: 1 PID: 13856 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 830.613362] Node 0 [ 830.620980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 830.620987] Call Trace: [ 830.621014] dump_stack+0x172/0x1f0 [ 830.621032] warn_alloc.cold+0x7b/0x173 [ 830.621051] ? zone_watermark_ok_safe+0x260/0x260 [ 830.621081] ? unreserve_highatomic_pageblock+0x31b/0x460 [ 830.623436] lowmem_reserve[]: [ 830.633506] __alloc_pages_slowpath+0x220e/0x2870 [ 830.633552] ? warn_alloc+0x110/0x110 [ 830.638326] Normal: [ 830.640087] ? __lock_is_held+0xb6/0x140 [ 830.640109] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 830.640122] ? should_fail+0x14d/0x85c [ 830.640144] ? __might_sleep+0x95/0x190 [ 830.644159] 0*4kB [ 830.649225] __alloc_pages_nodemask+0x617/0x750 [ 830.669535] 0 [ 830.669753] ? __alloc_pages_slowpath+0x2870/0x2870 [ 830.673902] 0 [ 830.679473] ? wait_for_completion+0x440/0x440 [ 830.688423] 0*8kB [ 830.689963] ? retint_kernel+0x2d/0x2d [ 830.689980] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 830.690007] alloc_pages_current+0x107/0x210 [ 830.690031] ion_page_pool_alloc+0x137/0x1d0 [ 830.694715] 0*16kB [ 830.696562] ion_system_heap_allocate+0x154/0xa90 [ 830.709536] 0 [ 830.711003] ? ion_system_heap_free+0x250/0x250 [ 830.714990] 0 [ 830.720560] ion_alloc+0x475/0x900 [ 830.720584] ? ion_dma_buf_release+0x50/0x50 [ 830.720612] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 830.738295] 0*32kB [ 830.738932] ? _copy_from_user+0xdd/0x150 [ 830.745355] 0*64kB [ 830.747150] ion_ioctl+0x17b/0x329 [ 830.755199] ? ion_alloc.cold+0x28/0x28 [ 830.763727] 0*128kB [ 830.767324] ? __might_sleep+0x95/0x190 [ 830.771680] 0*256kB [ 830.773117] ? ion_alloc.cold+0x28/0x28 [ 830.777601] Node 1 [ 830.779524] do_vfs_ioctl+0xd5f/0x1380 [ 830.779540] ? selinux_file_ioctl+0x46f/0x5e0 [ 830.779558] ? selinux_file_ioctl+0x125/0x5e0 [ 830.779574] ? ioctl_preallocate+0x210/0x210 [ 830.779587] ? selinux_file_mprotect+0x620/0x620 [ 830.779608] ? iterate_fd+0x360/0x360 [ 830.779623] ? nsecs_to_jiffies+0x30/0x30 [ 830.779646] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 830.779663] ? security_file_ioctl+0x8d/0xc0 [ 830.779681] ksys_ioctl+0xab/0xd0 [ 830.784374] Normal free:116796kB min:53608kB low:67008kB high:80408kB active_anon:1728kB inactive_anon:8kB active_file:32kB inactive_file:28kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:436kB bounce:0kB free_pcp:2700kB local_pcp:1276kB free_cma:0kB [ 830.786019] __x64_sys_ioctl+0x73/0xb0 [ 830.790980] 0*512kB [ 830.792321] do_syscall_64+0xfd/0x620 [ 830.792342] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 830.792354] RIP: 0033:0x459829 [ 830.792379] Code: Bad RIP value. [ 830.792388] RSP: 002b:00007fe965eb4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 830.797037] 0*1024kB [ 830.800809] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 830.800818] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 830.800825] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 830.800833] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe965eb56d4 [ 830.800840] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 830.935413] lowmem_reserve[]: [ 830.936493] 0*2048kB [ 830.937750] 0 0 0 0 [ 830.946184] Node 0 DMA: 1*4kB (E) 1*8kB (E) 0*16kB 12*32kB (UE) 23*64kB (UE) 4*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10316kB [ 830.949532] 0*4096kB [ 830.968041] Node 0 DMA32: 4818*4kB (UME) 898*8kB (UME) 419*16kB (UME) 66*32kB (UME) 0*64kB 5*128kB (UM) 20*256kB (U) 6*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 45128kB [ 830.993669] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 830.999562] = 0kB [ 831.006775] Node 1 [ 831.007586] Node 1 [ 831.008219] Normal: [ 831.009961] Normal: 9716*4kB (UME) 2892*8kB (UE) 222*16kB (UE) 248*32kB (UE) 102*64kB (U) 80*128kB (UM) 95*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 114576kB [ 831.017577] 9709*4kB (UME) 2888*8kB (UE) 222*16kB (UME) 248*32kB (UME) 103*64kB (UM) 80*128kB (UM) 94*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 114324kB [ 831.049543] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 831.056157] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 831.059331] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 831.073784] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 831.086591] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 831.101158] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 831.109523] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 831.113607] 1348 total pagecache pages [ 831.118736] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 831.124562] 0 pages in swap cache [ 831.138609] warn_alloc_show_mem: 1 callbacks suppressed [ 831.138615] Mem-Info: [ 831.149285] Swap cache stats: add 0, delete 0, find 0/0 [ 831.149557] 1459 total pagecache pages [ 831.158804] 0 pages in swap cache [ 831.159449] active_anon:71595 inactive_anon:202 isolated_anon:0 [ 831.159449] active_file:40 inactive_file:1151 isolated_file:0 [ 831.159449] unevictable:0 dirty:25 writeback:0 unstable:0 [ 831.159449] slab_reclaimable:12655 slab_unreclaimable:102862 [ 831.159449] mapped:35693 shmem:259 pagetables:682 bounce:0 [ 831.159449] free:42119 free_pcp:1409 free_cma:0 [ 831.162424] Swap cache stats: add 0, delete 0, find 0/0 [ 831.202275] Free swap = 0kB [ 831.205869] Total swap = 0kB [ 831.209009] 1965979 pages RAM [ 831.214675] 0 pages HighMem/MovableOnly [ 831.218755] 338856 pages reserved [ 831.222643] Free swap = 0kB [ 831.225696] Total swap = 0kB [ 831.225722] 0 pages cma reserved [ 831.228714] 1965979 pages RAM [ 831.228721] 0 pages HighMem/MovableOnly [ 831.228726] 338856 pages reserved [ 831.228732] 0 pages cma reserved [ 831.250872] Unreclaimable slab info: [ 831.254684] Name Used Total [ 831.263732] pid_2 41KB 164KB [ 831.269349] batadv_tt_change_cache 9KB 11KB [ 831.276798] batadv_tl_cache 9KB 12KB [ 831.285626] TIPC 18KB 28KB [ 831.292586] SCTPv6 26KB 37KB [ 831.298077] Node 0 active_anon:284652kB inactive_anon:800kB active_file:128kB inactive_file:976kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:70540kB dirty:0kB writeback:0kB shmem:1028kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 831.334642] sctp_chunk 0KB 3KB [ 831.341604] DCCPv6 12KB 21KB [ 831.347064] DCCP 13KB 20KB [ 831.349617] Node 1 active_anon:1728kB inactive_anon:8kB active_file:32kB inactive_file:7428kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:74532kB dirty:100kB writeback:0kB shmem:8kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 831.355971] bridge_fdb_cache 17KB 27KB [ 831.392960] fib6_nodes 184KB 196KB [ 831.398816] ip6_dst_cache 656KB 675KB [ 831.407659] RAWv6 126KB 143KB [ 831.414490] UDPv6 3KB 3KB [ 831.419535] Node 0 DMA free:10316kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 831.423089] TCPv6 17KB 29KB [ 831.457535] nf_conntrack 0KB 3KB [ 831.466236] lowmem_reserve[]: 0 2555 2557 2557 [ 831.475343] Node 0 DMA32 free:45152kB min:36248kB low:45308kB high:54368kB active_anon:282640kB inactive_anon:800kB active_file:92kB inactive_file:1064kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6560kB pagetables:2292kB bounce:0kB free_pcp:2844kB local_pcp:1492kB free_cma:0kB [ 831.505144] sd_ext_cdb 0KB 7KB [ 831.514831] scsi_sense_cache 1056KB 1060KB [ 831.520646] virtio_scsi_cmd 16KB 16KB [ 831.526128] sgpool-128 8KB 8KB [ 831.536061] sgpool-64 4KB 12KB [ 831.541894] sgpool-32 2KB 15KB [ 831.547277] sgpool-16 1KB 7KB [ 831.549567] lowmem_reserve[]: 0 0 2 2 [ 831.556489] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 831.556770] sgpool-8 0KB 7KB [ 831.593643] mqueue_inode_cache 18KB 35KB [ 831.599132] bio_post_read_ctx 14KB 15KB [ 831.606159] bio-2 14KB 15KB [ 831.609514] lowmem_reserve[]: 0 0 0 0 [ 831.614726] jfs_mp 7KB 7KB [ 831.615466] Node 1 [ 831.622270] nfs_commit_data 3KB 14KB [ 831.634048] nfs_write_data 34KB 44KB [ 831.639543] Normal free:107772kB min:53608kB low:67008kB high:80408kB active_anon:1772kB inactive_anon:8kB active_file:36kB inactive_file:8996kB unevictable:0kB writepending:120kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:436kB bounce:0kB free_pcp:2728kB local_pcp:1284kB free_cma:0kB [ 831.640802] ext4_system_zone 1KB 7KB [ 831.677701] bio-1 1KB 7KB [ 831.683659] fasync_cache 0KB 4KB [ 831.689042] pid_namespace 4KB 7KB [ 831.689519] lowmem_reserve[]: 0 0 0 0 [ 831.698253] Node 0 DMA: 1*4kB (E) 1*8kB (E) 0*16kB 12*32kB (UE) 23*64kB (UE) 4*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10316kB [ 831.698723] rpc_buffers 17KB 25KB [ 831.723922] rpc_tasks 2KB 7KB [ 831.729319] UNIX 873KB 877KB [ 831.735463] Node 0 DMA32: 4818*4kB (UME) 893*8kB (UME) 419*16kB (UME) 68*32kB (UME) 0*64kB 5*128kB (UM) 20*256kB (U) 6*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 45152kB [ 831.756310] tcp_bind_bucket 3KB 12KB [ 831.759734] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 831.762137] inet_peer_cache 0KB 4KB [ 831.783331] xfrm_state 8KB 8KB [ 831.786461] Node 1 Normal: [ 831.788722] ip_fib_trie 27KB 31KB [ 831.788735] ip_fib_alias 129KB 146KB [ 831.791856] 9655*4kB [ 831.798183] ip_dst_cache 9KB 56KB [ 831.802642] (UME) 2856*8kB (UE) 218*16kB (UE) 244*32kB (UE) 103*64kB (UM) 78*128kB (U) 72*256kB (UM) 0*512kB [ 831.809674] RAW 76KB 100KB [ 831.810644] 0*1024kB [ 831.824927] UDP 26KB 39KB [ 831.826149] 0*2048kB [ 831.828557] TCP 8KB 16KB [ 831.834213] 0*4096kB [ 831.837386] hugetlbfs_inode_cache 2KB 15KB [ 831.841835] = 107772kB [ 831.841850] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 831.841863] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 831.841875] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 831.841891] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 831.849133] fscache_cookie_jar 1KB 11KB [ 831.850139] 2809 total pagecache pages [ 831.850155] 0 pages in swap cache [ 831.850164] Swap cache stats: add 0, delete 0, find 0/0 [ 831.850170] Free swap = 0kB [ 831.850181] Total swap = 0kB [ 831.854691] eventpoll_pwq 20KB 35KB [ 831.861583] 1965979 pages RAM [ 831.861590] 0 pages HighMem/MovableOnly [ 831.861596] 338856 pages reserved [ 831.861602] 0 pages cma reserved [ 831.931917] eventpoll_epi 38KB 66KB [ 831.937312] inotify_inode_mark 29KB 63KB [ 831.943449] request_queue 163KB 163KB [ 831.948848] blkdev_requests 1KB 3KB [ 831.954377] blkdev_ioc 46KB 54KB [ 831.960331] bio-0 3852KB 3885KB [ 831.965703] biovec-max 6237KB 6319KB [ 831.971228] biovec-64 4219KB 4244KB [ 831.977109] biovec-16 429KB 468KB [ 831.983710] bio_integrity_payload 1KB 8KB [ 831.989449] khugepaged_mm_slot 5KB 19KB [ 831.995382] dmaengine-unmap-256 2KB 6KB [ 832.001038] dmaengine-unmap-128 1KB 3KB [ 832.006856] dmaengine-unmap-16 0KB 4KB [ 832.012439] dmaengine-unmap-2 0KB 3KB [ 832.018062] audit_buffer 0KB 3KB [ 832.023542] skbuff_fclone_cache 148KB 221KB [ 832.029399] skbuff_head_cache 5752KB 5943KB [ 832.035481] configfs_dir_cache 0KB 8KB [ 832.041095] file_lock_cache 0KB 3KB [ 832.046558] file_lock_ctx 0KB 3KB [ 832.053662] fsnotify_mark_connector 17KB 39KB [ 832.061448] net_namespace 104KB 104KB [ 832.066842] shmem_inode_cache 5202KB 5603KB [ 832.072347] task_delay_info 69KB 233KB [ 832.078715] taskstats 35KB 84KB [ 832.085017] proc_dir_entry 940KB 1005KB [ 832.098409] pde_opener 0KB 3KB [ 832.103895] seq_file 163KB 315KB [ 832.114609] sigqueue 47KB 86KB [ 832.120086] kernfs_node_cache 11854KB 12119KB [ 832.125686] mnt_cache 162KB 184KB [ 832.140165] filp 2701KB 4200KB [ 832.145920] names_cache 49950KB 49971KB [ 832.154692] iint_cache 52KB 63KB [ 832.161434] hashtab_node 118KB 119KB [ 832.167445] ebitmap_node 970KB 1043KB [ 832.177940] avtab_node 1012KB 1013KB [ 832.185729] avc_node 48KB 55KB [ 832.194184] selinux_file_security 175KB 329KB [ 832.201367] selinux_inode_security 3252KB 3488KB [ 832.207839] key_jar 4KB 11KB [ 832.217637] uts_namespace 5KB 11KB [ 832.225918] nsproxy 4KB 7KB [ 832.238945] vm_area_struct 3443KB 6036KB 04:52:23 executing program 5: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1, 0x0, 0xffffffffffffffff, 0x3f000000}) 04:52:23 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000640)=ANY=[@ANYBLOB="14bc4200000000050000002e900800007458e58ad9dbf4367b120000080008000100000007e16cef3ab34fe16d311dbc45b5bb07b405561846261b080003000800e80f01a0f1f50459110052726e94e120eb3f6885e40b259453bbae557550ddc7609511f62e0544ccfffd508b64e10b7da749c3772e47d00e95a7bddd3e7240920b24d99868deba379c8195a543ff45df7780cf5014d81d5f8fe0680531073c0c4063c19ad28495cb690833a419124ac0ab73ebbd3177ae1f5aaebfd0b76f644f553bf1c75c6ec2167cd421633f75aae49cd721966bcf9ccc41fb86d45daee763e621eb3148ebf301ca312a9876bc24635e2ecc4551533affe5127ee6e49243508ad9731658fded30028d37c9468c8d40c288e0281b22e9183c8bdafd8ddc90efc6b0e898c9f6e798d97592ab1e9193eaf799bcfe4dae989e665e18be66103630bfec1f18dc233de96194677ab560f5912dc9ab6d2b6bb754df5706ccdae537832a33436c8d9c586d56072fb9643a9dc2"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000000)={0x10000, 0x8000, 0x9, 0x6, 0x0}, &(0x7f00000000c0)=0x10) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000180)={r4, 0x3f}, &(0x7f0000000200)=0xc) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000380)={{0x106000, 0x5000, 0xc, 0x8000, 0x5, 0xfffffffffffffffd, 0x2, 0x4, 0x0, 0x9, 0xa1, 0x5}, {0x4000, 0x1000, 0xb, 0x2, 0x1ff, 0x2, 0x200, 0x8, 0xffffffffffff676d, 0x1e3f3682, 0x4, 0x7}, {0x7000, 0x0, 0x8, 0xffcf, 0xffffffffffff0000, 0x9, 0x100000001, 0x8, 0x3, 0x36, 0x4, 0x6}, {0x100000, 0x0, 0x0, 0x7, 0x2, 0xf30, 0x6, 0xfffffffffffffffc, 0x800, 0x2b, 0x3, 0x4}, {0x0, 0x1000, 0x3, 0x1000, 0x6, 0x0, 0x2cd8, 0x1f, 0xc44, 0x1, 0x7}, {0x0, 0x106000, 0x1e, 0x0, 0x2ad, 0x2, 0x2, 0x6, 0x1f, 0x8001, 0x4f5d, 0x401}, {0x1000, 0x6000, 0xf, 0x9, 0x0, 0x5, 0x2, 0x401, 0xfffffffffffffff7, 0x4, 0x1, 0x800}, {0x105000, 0x10002, 0xc, 0x7f, 0x1ff, 0x80000001, 0xf4f, 0x3, 0x9, 0x91, 0x7ff, 0x5dc6}, {0x4000, 0xf000}, {0xf004, 0x17003}, 0x26f1fb5c6805f379, 0x0, 0xf000, 0x50000, 0x3, 0x100, 0x0, [0x3, 0x800, 0x2, 0x100000000]}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) 04:52:23 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in={0x2, 0x4e23, @empty}], 0x58) [ 832.247350] mm_struct 481KB 858KB [ 832.255791] fs_cache 44KB 96KB [ 832.264104] files_cache 165KB 277KB [ 832.275660] signal_cache 540KB 797KB [ 832.282812] sighand_cache 474KB 534KB [ 832.288999] task_struct 2400KB 2406KB 04:52:23 executing program 3: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x8000, 0x0) ioctl$PIO_UNISCRNMAP(r2, 0x4b6a, &(0x7f0000000140)="1ff5bd7c676099ec957bccf27bb92d21fb07b07a124b76c249a5c14f4ff96e2dbc4077f3f8ecfbc8fb70c43047efbe9fe61f39392ff7098d0db612d43c80e3243f209dc621118665a4756687cdb53f1cd4823a1db39f30a133c45045fc02e47f4ceb9d199575937ee6ee1e22aa161ad625ce6e2897483ea9e2d4a40ecb5c638fe0bae7bb63253141c7f9ecc5da38769565f244e032ebcb6836c0cdc3") ioctl(r1, 0x1000008911, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpu.stat\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000100)={0x2, 0x10, 0x1fffffffffffff}) 04:52:23 executing program 4: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x20000, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000000c0)={{{@in6=@mcast2, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in=@local}}, &(0x7f00000001c0)=0xe8) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000380)={&(0x7f0000000080), 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="340000004200090026bd7008fedbdf2d7908000100", @ANYRES32=r1, @ANYBLOB="0800f1ff", @ANYRES32=r2, @ANYBLOB="080006000400000000000000d86de9e89d0000"], 0x34}, 0x1, 0x0, 0x0, 0x5}, 0x80) r3 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, 0x0) ioctl$DRM_IOCTL_CONTROL(r0, 0x40086414, &(0x7f0000000200)={0x3, 0x2}) ioctl$ION_IOC_ALLOC(r3, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) 04:52:23 executing program 2: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x15c, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24}]}, 0x15c}}, 0x0) [ 832.298106] cred_jar 302KB 616KB [ 832.311899] anon_vma_chain 1984KB 3661KB [ 832.324667] anon_vma 171KB 573KB [ 832.331476] pid 47KB 200KB [ 832.338158] Acpi-Operand 156KB 190KB [ 832.347288] Acpi-ParseExt 8KB 11KB [ 832.353285] Acpi-Parse 41KB 47KB [ 832.359372] Acpi-State 52KB 63KB [ 832.365570] Acpi-Namespace 20KB 23KB [ 832.376103] numa_policy 0KB 3KB [ 832.384867] debug_objects_cache 1016KB 1102KB [ 832.394759] trace_event_file 263KB 266KB [ 832.403336] ftrace_event_field 382KB 385KB [ 832.416460] pool_workqueue 104KB 116KB [ 832.422375] task_group 5KB 7KB [ 832.429014] page->ptl 700KB 1612KB [ 832.440668] kmalloc-2097152 2050KB 2050KB [ 832.447135] kmalloc-524288 2056KB 2056KB [ 832.453962] kmalloc-262144 1290KB 1290KB [ 832.480085] kmalloc-131072 780KB 780KB [ 832.505953] kmalloc-65536 36828KB 37752KB [ 832.511459] kmalloc-32768 2541KB 2574KB [ 832.516867] kmalloc-16384 841KB 841KB [ 832.538193] kmalloc-8192 3753KB 3828KB [ 832.566514] kmalloc-4096 31118KB 31139KB [ 832.572009] kmalloc-2048 15733KB 16167KB [ 832.579069] kmalloc-1024 13541KB 14009KB [ 832.585718] kmalloc-512 9677KB 10200KB [ 832.604310] kmalloc-256 4658KB 4826KB [ 832.639388] kmalloc-128 1294KB 1362KB [ 832.650312] kmalloc-96 2553KB 2644KB [ 832.657599] kmalloc-64 3181KB 3372KB [ 832.668175] kmalloc-32 3431KB 3724KB [ 832.673722] kmalloc-192 2622KB 2864KB [ 832.679093] kmem_cache 248KB 255KB 04:52:24 executing program 3: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) r2 = getpgid(0x0) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r2, 0x5, &(0x7f0000000080)=""/6) clock_gettime(0x0, &(0x7f0000003580)={0x0, 0x0}) recvmmsg(r1, &(0x7f0000003480)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000000c0)=""/218, 0xda}, {&(0x7f00000001c0)=""/224, 0xe0}, {&(0x7f0000000340)=""/67, 0x43}, {&(0x7f00000003c0)=""/180, 0xb4}, {&(0x7f0000000480)=""/189, 0xbd}, {&(0x7f00000002c0)=""/35, 0x23}], 0x6}, 0x7fffffff}, {{&(0x7f00000005c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f00000019c0)=[{&(0x7f0000000640)=""/103, 0x67}, {&(0x7f00000006c0)=""/4096, 0x1000}, {&(0x7f00000016c0)=""/121, 0x79}, {&(0x7f0000001740)=""/89, 0x59}, {&(0x7f00000017c0)=""/235, 0xeb}, {&(0x7f00000018c0)=""/235, 0xeb}], 0x6, &(0x7f0000001a40)=""/41, 0x29}, 0xfffffffffffffff7}, {{&(0x7f0000001a80)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000001d00)=[{&(0x7f0000001b00)=""/61, 0x3d}, {&(0x7f0000001b40)=""/225, 0xe1}, {&(0x7f0000001c40)=""/192, 0xc0}], 0x3, &(0x7f0000001d40)=""/100, 0x64}, 0x1}, {{&(0x7f0000001dc0)=@ipx, 0x80, &(0x7f0000003300)=[{&(0x7f0000001e40)=""/249, 0xf9}, {&(0x7f0000001f40)=""/7, 0x7}, {&(0x7f0000001f80)=""/135, 0x87}, {&(0x7f0000002040)=""/4096, 0x1000}, {&(0x7f0000003040)=""/213, 0xd5}, {&(0x7f0000003140)=""/215, 0xd7}, {&(0x7f0000003240)=""/187, 0xbb}], 0x7, &(0x7f0000003380)=""/251, 0xfb}, 0x456}], 0x4, 0x1, &(0x7f00000035c0)={r3, r4+30000000}) connect$pptp(r5, &(0x7f0000003600)={0x18, 0x2, {0x2, @multicast2}}, 0x1e) [ 832.679107] Out of memory: Kill process 7947 (syz-fuzzer) score 42 or sacrifice child [ 832.679173] Killed process 12416 (syz-executor.3) total-vm:72452kB, anon-rss:64kB, file-rss:0kB, shmem-rss:0kB [ 832.803049] device bridge_slave_1 left promiscuous mode [ 832.812961] bridge0: port 2(bridge_slave_1) entered disabled state [ 832.882963] device bridge_slave_0 left promiscuous mode [ 832.893873] bridge0: port 1(bridge_slave_0) entered disabled state [ 833.033024] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 833.066594] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 833.083048] CPU: 1 PID: 13919 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 833.090122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 833.099494] Call Trace: [ 833.099520] dump_stack+0x172/0x1f0 [ 833.099540] warn_alloc.cold+0x7b/0x173 [ 833.099574] ? zone_watermark_ok_safe+0x260/0x260 [ 833.114735] ? try_to_compact_pages+0x44/0xae0 [ 833.119364] __alloc_pages_slowpath+0x220e/0x2870 [ 833.124252] ? warn_alloc+0x110/0x110 [ 833.128080] ? __lock_is_held+0xb6/0x140 [ 833.132169] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 833.137743] ? should_fail+0x14d/0x85c [ 833.141649] ? __isolate_free_page+0x4c0/0x4c0 [ 833.141668] ? __might_sleep+0x95/0x190 [ 833.141688] __alloc_pages_nodemask+0x617/0x750 [ 833.141710] ? __alloc_pages_slowpath+0x2870/0x2870 [ 833.159967] ? wait_for_completion+0x440/0x440 [ 833.164569] ? kasan_check_write+0x14/0x20 [ 833.168859] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 833.174431] alloc_pages_current+0x107/0x210 [ 833.178871] ion_page_pool_alloc+0x137/0x1d0 [ 833.183312] ion_system_heap_allocate+0x154/0xa90 [ 833.188180] ? ion_system_heap_free+0x250/0x250 [ 833.192867] ion_alloc+0x29b/0x900 [ 833.192890] ? ion_dma_buf_release+0x50/0x50 [ 833.200860] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 833.200876] ? _copy_from_user+0xdd/0x150 [ 833.200903] ion_ioctl+0x17b/0x329 [ 833.214318] ? ion_alloc.cold+0x28/0x28 [ 833.218322] ? __might_sleep+0x95/0x190 [ 833.222330] ? ion_alloc.cold+0x28/0x28 [ 833.226333] do_vfs_ioctl+0xd5f/0x1380 [ 833.230242] ? selinux_file_ioctl+0x46f/0x5e0 [ 833.234778] ? selinux_file_ioctl+0x125/0x5e0 [ 833.239315] ? ioctl_preallocate+0x210/0x210 [ 833.239334] ? selinux_file_mprotect+0x620/0x620 [ 833.248532] ? iterate_fd+0x360/0x360 [ 833.252364] ? nsecs_to_jiffies+0x30/0x30 [ 833.256542] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 833.262095] ? security_file_ioctl+0x8d/0xc0 [ 833.266522] ksys_ioctl+0xab/0xd0 [ 833.269990] __x64_sys_ioctl+0x73/0xb0 [ 833.273899] do_syscall_64+0xfd/0x620 [ 833.277722] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 833.282928] RIP: 0033:0x459829 [ 833.286139] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 833.305060] RSP: 002b:00007fe965eb4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 833.312795] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 833.320089] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 833.327379] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 833.334837] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe965eb56d4 [ 833.342123] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 833.381678] Mem-Info: [ 833.397066] active_anon:71822 inactive_anon:201 isolated_anon:0 [ 833.397066] active_file:937 inactive_file:5248 isolated_file:0 [ 833.397066] unevictable:0 dirty:5 writeback:0 unstable:0 [ 833.397066] slab_reclaimable:12663 slab_unreclaimable:102354 [ 833.397066] mapped:30925 shmem:253 pagetables:669 bounce:0 [ 833.397066] free:49958 free_pcp:759 free_cma:0 04:52:24 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in={0x2, 0x4e23, @empty}], 0x58) [ 833.503599] Node 0 active_anon:285700kB inactive_anon:800kB active_file:3348kB inactive_file:12104kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:45948kB dirty:140kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 833.536655] device hsr_slave_1 left promiscuous mode [ 833.574331] Node 1 active_anon:1576kB inactive_anon:0kB active_file:468kB inactive_file:8848kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:77752kB dirty:20kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 833.611345] device hsr_slave_0 left promiscuous mode [ 833.651399] Node 0 DMA free:10316kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 833.694031] team0 (unregistering): Port device team_slave_1 removed 04:52:25 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900000000000080008000100000200000000ac14341b080003000800e80f01"], 0x1}}, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r2, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 833.715630] lowmem_reserve[]: 0 2555 2557 2557 [ 833.745908] Node 0 DMA32 free:65280kB min:36248kB low:45308kB high:54368kB active_anon:283652kB inactive_anon:800kB active_file:3348kB inactive_file:12104kB unevictable:0kB writepending:140kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6560kB pagetables:2200kB bounce:0kB free_pcp:2652kB local_pcp:1380kB free_cma:0kB [ 833.779636] team0 (unregistering): Port device team_slave_0 removed [ 833.810311] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 833.858047] lowmem_reserve[]: 0 0 2 2 [ 833.867428] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 833.906466] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 833.933668] lowmem_reserve[]: 0 0 0 0 [ 833.944005] Node 1 Normal free:128104kB min:53608kB low:67008kB high:80408kB active_anon:1576kB inactive_anon:0kB active_file:468kB inactive_file:8848kB unevictable:0kB writepending:20kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:436kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 833.982436] lowmem_reserve[]: 0 0 0 0 [ 833.986543] Node 0 DMA: 1*4kB (E) 1*8kB (E) 0*16kB 12*32kB [ 833.992628] (UE) 23*64kB (UE) 4*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10316kB [ 834.003479] Node 0 DMA32: 9188*4kB (UME) 975*8kB (UME) 621*16kB (UME) 215*32kB (UE) 91*64kB (UM) 7*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 68088kB [ 834.018580] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 834.036561] Node 1 Normal: 18602*4kB (UME) 4432*8kB (UME) 294*16kB (UE) 382*32kB (UE) 21*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 128136kB [ 834.068294] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 834.087674] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 834.109004] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 834.119780] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 834.135903] 6474 total pagecache pages [ 834.144820] 0 pages in swap cache [ 834.157445] Swap cache stats: add 0, delete 0, find 0/0 [ 834.172213] Free swap = 0kB [ 834.178714] Total swap = 0kB [ 834.196790] 1965979 pages RAM [ 834.207975] 0 pages HighMem/MovableOnly [ 834.224357] 338856 pages reserved [ 834.234989] 0 pages cma reserved [ 834.288782] bond0 (unregistering): Released all slaves [ 834.553237] FAT-fs (loop1): Directory bread(block 1281) failed [ 834.567213] FAT-fs (loop1): Directory bread(block 1282) failed [ 834.579754] FAT-fs (loop1): Directory bread(block 1283) failed [ 834.585801] FAT-fs (loop1): Directory bread(block 1284) failed [ 834.596245] FAT-fs (loop1): Directory bread(block 1285) failed 04:52:26 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="00e8ffffffffffffb440002e90080040004708000801010500ac1477b2766b6b5b7010c7ddd1be00000000628cbc134218eae112772dda377502e38c7ae10176e372025feb597feafc185088c66fe07732e2f94274fa5d65ac764d3df1513d65f598b336c4b29036"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$BLKROTATIONAL(r2, 0x127e, &(0x7f0000000000)) [ 834.604820] FAT-fs (loop1): Directory bread(block 1286) failed [ 834.632507] FAT-fs (loop1): Directory bread(block 1287) failed [ 834.638688] FAT-fs (loop1): Directory bread(block 1288) failed [ 834.693215] FAT-fs (loop1): Directory bread(block 1289) failed [ 834.699281] FAT-fs (loop1): Directory bread(block 1290) failed 04:52:26 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in={0x2, 0x4e23, @empty}], 0x58) 04:52:27 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x0, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x74) 04:52:27 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008000100000007e10500ac14341b080003000800e80f01"], 0x1}}, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r2, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x20000, 0x0) [ 836.034440] IPVS: ftp: loaded support on port[0] = 21 [ 836.040144] IPVS: ftp: loaded support on port[0] = 21 [ 836.043705] IPVS: ftp: loaded support on port[0] = 21 [ 836.434393] chnl_net:caif_netlink_parms(): no params data found [ 836.612730] chnl_net:caif_netlink_parms(): no params data found [ 836.644656] chnl_net:caif_netlink_parms(): no params data found [ 836.706284] bridge0: port 1(bridge_slave_0) entered blocking state [ 836.717853] bridge0: port 1(bridge_slave_0) entered disabled state [ 836.726516] device bridge_slave_0 entered promiscuous mode [ 836.766558] bridge0: port 2(bridge_slave_1) entered blocking state [ 836.773434] bridge0: port 2(bridge_slave_1) entered disabled state [ 836.781041] device bridge_slave_1 entered promiscuous mode [ 836.801390] bridge0: port 1(bridge_slave_0) entered blocking state [ 836.808142] bridge0: port 1(bridge_slave_0) entered disabled state [ 836.815780] device bridge_slave_0 entered promiscuous mode [ 836.836197] bridge0: port 1(bridge_slave_0) entered blocking state [ 836.843464] bridge0: port 1(bridge_slave_0) entered disabled state [ 836.851049] device bridge_slave_0 entered promiscuous mode [ 836.858226] bridge0: port 2(bridge_slave_1) entered blocking state [ 836.866693] bridge0: port 2(bridge_slave_1) entered disabled state [ 836.875331] device bridge_slave_1 entered promiscuous mode [ 836.896953] bridge0: port 2(bridge_slave_1) entered blocking state [ 836.904753] bridge0: port 2(bridge_slave_1) entered disabled state [ 836.912579] device bridge_slave_1 entered promiscuous mode [ 836.928431] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 836.958165] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 836.985141] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 837.008242] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 837.024768] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 837.043762] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 837.066068] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 837.082513] team0: Port device team_slave_0 added [ 837.103928] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 837.112176] team0: Port device team_slave_0 added [ 837.126215] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 837.135242] team0: Port device team_slave_1 added [ 837.141223] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 837.152621] team0: Port device team_slave_1 added [ 837.158002] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 837.180436] team0: Port device team_slave_0 added [ 837.186278] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 837.194049] team0: Port device team_slave_1 added [ 837.199396] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 837.220333] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 837.227793] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 837.254114] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 837.270277] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 837.284223] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 837.382959] device hsr_slave_0 entered promiscuous mode [ 837.419913] device hsr_slave_1 entered promiscuous mode [ 837.460274] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 837.467420] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 837.542984] device hsr_slave_0 entered promiscuous mode [ 837.585884] device hsr_slave_1 entered promiscuous mode [ 837.630218] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 837.637354] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 837.690231] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 837.734063] device hsr_slave_0 entered promiscuous mode [ 837.789956] device hsr_slave_1 entered promiscuous mode [ 837.830200] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 837.837307] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 837.886778] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 837.927577] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 838.005923] 8021q: adding VLAN 0 to HW filter on device bond0 [ 838.061081] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 838.105418] 8021q: adding VLAN 0 to HW filter on device bond0 [ 838.121622] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 838.129001] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 838.143690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 838.162277] 8021q: adding VLAN 0 to HW filter on device bond0 [ 838.171033] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 838.193569] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 838.207294] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 838.217583] 8021q: adding VLAN 0 to HW filter on device team0 [ 838.227664] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 838.238689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 838.254763] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 838.269329] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 838.278521] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 838.293831] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 838.304626] 8021q: adding VLAN 0 to HW filter on device team0 [ 838.313511] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 838.321121] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 838.328120] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 838.336259] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 838.344634] bridge0: port 1(bridge_slave_0) entered blocking state [ 838.351067] bridge0: port 1(bridge_slave_0) entered forwarding state [ 838.366171] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 838.376428] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 838.384651] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 838.392498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 838.400918] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 838.408573] bridge0: port 2(bridge_slave_1) entered blocking state [ 838.415003] bridge0: port 2(bridge_slave_1) entered forwarding state [ 838.422484] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 838.431424] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 838.438999] bridge0: port 1(bridge_slave_0) entered blocking state [ 838.445415] bridge0: port 1(bridge_slave_0) entered forwarding state [ 838.454591] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 838.464248] 8021q: adding VLAN 0 to HW filter on device team0 [ 838.474981] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 838.485157] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 838.496417] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 838.504841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 838.513715] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 838.521693] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 838.529247] bridge0: port 1(bridge_slave_0) entered blocking state [ 838.535656] bridge0: port 1(bridge_slave_0) entered forwarding state [ 838.543568] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 838.551985] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 838.559133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 838.567654] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 838.575452] bridge0: port 2(bridge_slave_1) entered blocking state [ 838.581850] bridge0: port 2(bridge_slave_1) entered forwarding state [ 838.591842] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 838.603340] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 838.611118] device bridge_slave_1 left promiscuous mode [ 838.616627] bridge0: port 2(bridge_slave_1) entered disabled state [ 838.670624] device bridge_slave_0 left promiscuous mode [ 838.676123] bridge0: port 1(bridge_slave_0) entered disabled state [ 838.781591] device hsr_slave_1 left promiscuous mode [ 838.844844] device hsr_slave_0 left promiscuous mode [ 838.892820] team0 (unregistering): Port device team_slave_1 removed [ 838.905959] team0 (unregistering): Port device team_slave_0 removed [ 838.916442] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 838.956090] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 839.037459] bond0 (unregistering): Released all slaves [ 839.084895] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 839.092781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 839.103646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 839.112893] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 839.121349] bridge0: port 2(bridge_slave_1) entered blocking state [ 839.127703] bridge0: port 2(bridge_slave_1) entered forwarding state [ 839.134740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 839.146138] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 839.160578] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 839.168685] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 839.177592] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 839.187459] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 839.196022] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 839.204060] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 839.212724] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 839.224317] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 839.233249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 839.242026] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 839.251710] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 839.259650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 839.270371] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 839.278457] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 839.290943] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 839.298296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 839.306540] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 839.315171] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 839.323065] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 839.331018] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 839.338517] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 839.346548] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 839.354093] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 839.364732] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 839.374264] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 839.384081] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 839.392134] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 839.400112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 839.407845] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 839.418090] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 839.424582] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 839.433521] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 839.442852] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 839.456001] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 839.463033] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 839.471050] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 839.478693] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 839.486392] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 839.494015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 839.501980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 839.512305] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 839.525051] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 839.579679] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 839.587446] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 839.600001] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 839.607308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 839.615811] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 839.625767] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 839.638006] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 839.644573] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 839.657109] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 839.676083] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 839.690319] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 839.718706] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 840.396281] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 840.425938] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 840.440856] CPU: 0 PID: 13974 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 840.447956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 840.457325] Call Trace: [ 840.459932] dump_stack+0x172/0x1f0 [ 840.463582] warn_alloc.cold+0x7b/0x173 [ 840.467571] ? zone_watermark_ok_safe+0x260/0x260 [ 840.472428] ? __lock_is_held+0xb6/0x140 [ 840.476539] __alloc_pages_slowpath+0x220e/0x2870 [ 840.481590] ? warn_alloc+0x110/0x110 [ 840.485403] ? __lock_is_held+0xb6/0x140 [ 840.489489] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 840.495037] ? should_fail+0x14d/0x85c [ 840.498944] ? __isolate_free_page+0x4c0/0x4c0 [ 840.503545] ? __might_sleep+0x95/0x190 [ 840.507559] __alloc_pages_nodemask+0x617/0x750 [ 840.512252] ? __alloc_pages_slowpath+0x2870/0x2870 [ 840.517293] ? wait_for_completion+0x440/0x440 [ 840.521891] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 840.527447] alloc_pages_current+0x107/0x210 [ 840.531875] ion_page_pool_alloc+0x137/0x1d0 [ 840.536303] ion_system_heap_allocate+0x154/0xa90 [ 840.541162] ? ion_system_heap_free+0x250/0x250 [ 840.545854] ion_alloc+0x29b/0x900 [ 840.549411] ? ion_dma_buf_release+0x50/0x50 [ 840.553850] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 840.559401] ? _copy_from_user+0xdd/0x150 [ 840.563567] ion_ioctl+0x17b/0x329 [ 840.567126] ? ion_alloc.cold+0x28/0x28 [ 840.571114] ? __might_sleep+0x95/0x190 [ 840.575102] ? ion_alloc.cold+0x28/0x28 [ 840.579085] do_vfs_ioctl+0xd5f/0x1380 [ 840.582989] ? selinux_file_ioctl+0x46f/0x5e0 [ 840.587502] ? selinux_file_ioctl+0x125/0x5e0 [ 840.592012] ? ioctl_preallocate+0x210/0x210 [ 840.596434] ? selinux_file_mprotect+0x620/0x620 [ 840.601204] ? iterate_fd+0x360/0x360 [ 840.605009] ? nsecs_to_jiffies+0x30/0x30 [ 840.609168] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 840.614719] ? security_file_ioctl+0x8d/0xc0 [ 840.619137] ksys_ioctl+0xab/0xd0 [ 840.622602] __x64_sys_ioctl+0x73/0xb0 [ 840.626499] do_syscall_64+0xfd/0x620 [ 840.630317] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 840.635513] RIP: 0033:0x459829 [ 840.638711] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 840.657834] RSP: 002b:00007f7abc8a7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 840.665557] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 840.672838] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000004 [ 840.680111] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 840.687387] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7abc8a86d4 [ 840.694662] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 840.718587] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 840.754892] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 840.760885] CPU: 1 PID: 13978 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 840.767928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 840.777307] Call Trace: [ 840.779923] dump_stack+0x172/0x1f0 [ 840.783578] warn_alloc.cold+0x7b/0x173 [ 840.787585] ? zone_watermark_ok_safe+0x260/0x260 [ 840.792461] ? try_to_compact_pages+0x44/0xae0 [ 840.797091] __alloc_pages_slowpath+0x220e/0x2870 [ 840.801977] ? warn_alloc+0x110/0x110 [ 840.805801] ? __lock_is_held+0xb6/0x140 [ 840.809885] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 840.815448] ? should_fail+0x14d/0x85c [ 840.819361] ? __isolate_free_page+0x4c0/0x4c0 [ 840.823962] ? __might_sleep+0x95/0x190 [ 840.827961] __alloc_pages_nodemask+0x617/0x750 [ 840.832657] ? __alloc_pages_slowpath+0x2870/0x2870 [ 840.837700] ? wait_for_completion+0x440/0x440 [ 840.842318] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 840.847883] alloc_pages_current+0x107/0x210 [ 840.852317] ion_page_pool_alloc+0x137/0x1d0 [ 840.856740] ion_system_heap_allocate+0x154/0xa90 [ 840.861675] ? ion_system_heap_free+0x250/0x250 [ 840.866367] ion_alloc+0x29b/0x900 [ 840.869934] ? ion_dma_buf_release+0x50/0x50 [ 840.874371] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 840.879922] ? _copy_from_user+0xdd/0x150 [ 840.884173] ion_ioctl+0x17b/0x329 [ 840.887726] ? ion_alloc.cold+0x28/0x28 [ 840.891713] ? __might_sleep+0x95/0x190 [ 840.895703] ? ion_alloc.cold+0x28/0x28 [ 840.899691] do_vfs_ioctl+0xd5f/0x1380 [ 840.903596] ? selinux_file_ioctl+0x46f/0x5e0 [ 840.908100] ? selinux_file_ioctl+0x125/0x5e0 [ 840.912607] ? ioctl_preallocate+0x210/0x210 [ 840.917031] ? selinux_file_mprotect+0x620/0x620 [ 840.921808] ? iterate_fd+0x360/0x360 [ 840.925624] ? nsecs_to_jiffies+0x30/0x30 [ 840.929805] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 840.935358] ? security_file_ioctl+0x8d/0xc0 [ 840.939780] ksys_ioctl+0xab/0xd0 [ 840.943251] __x64_sys_ioctl+0x73/0xb0 [ 840.947157] do_syscall_64+0xfd/0x620 [ 840.950971] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 840.956176] RIP: 0033:0x459829 [ 840.959383] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 840.978307] RSP: 002b:00007ff0ae6ecc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 840.986046] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 840.993337] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 841.000628] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 841.007920] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff0ae6ed6d4 [ 841.015208] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 841.034143] Mem-Info: [ 841.037012] active_anon:71467 inactive_anon:202 isolated_anon:2 [ 841.037012] active_file:1318 inactive_file:5239 isolated_file:14 [ 841.037012] unevictable:0 dirty:539 writeback:0 unstable:0 [ 841.037012] slab_reclaimable:12694 slab_unreclaimable:104331 [ 841.037012] mapped:48404 shmem:245 pagetables:789 bounce:0 [ 841.037012] free:377470 free_pcp:784 free_cma:0 [ 841.134822] Node 0 active_anon:284712kB inactive_anon:808kB active_file:4864kB inactive_file:12088kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:68684kB dirty:2136kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 841.214789] Node 1 active_anon:1156kB inactive_anon:0kB active_file:508kB inactive_file:8752kB unevictable:0kB isolated(anon):8kB isolated(file):56kB mapped:124932kB dirty:20kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 841.290519] Node 0 DMA free:10452kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 841.354020] lowmem_reserve[]: 0 2555 2557 2557 [ 841.368170] Node 0 DMA32 free:535824kB min:36248kB low:45308kB high:54368kB active_anon:282664kB inactive_anon:808kB active_file:4664kB inactive_file:11904kB unevictable:0kB writepending:2136kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6624kB pagetables:2384kB bounce:0kB free_pcp:1732kB local_pcp:224kB free_cma:0kB [ 841.414117] lowmem_reserve[]: 0 0 2 2 [ 841.435751] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 841.505459] lowmem_reserve[]: 0 0 0 0 [ 841.524579] Node 1 Normal free:1017496kB min:53608kB low:67008kB high:80408kB active_anon:1160kB inactive_anon:0kB active_file:508kB inactive_file:8808kB unevictable:0kB writepending:20kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:448kB pagetables:772kB bounce:0kB free_pcp:2580kB local_pcp:1320kB free_cma:0kB [ 841.577854] lowmem_reserve[]: 0 0 0 0 [ 841.586374] Node 0 DMA: 78*4kB (UE) 40*8kB (UE) 36*16kB (U) 21*32kB (UE) 14*64kB (UE) 6*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10456kB [ 841.607268] Node 0 DMA32: 46380*4kB (UME) 21912*8kB (UME) 8379*16kB (UME) 2240*32kB (UM) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 566560kB [ 841.626463] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 841.638399] Node 1 Normal: 84130*4kB (UM) 36512*8kB (UM) 15164*16kB (UME) 5130*32kB (UME) 79*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 1040456kB [ 841.659390] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 841.668466] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 841.681829] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 841.694056] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 841.724251] 6776 total pagecache pages [ 841.736469] 0 pages in swap cache [ 841.744840] Swap cache stats: add 0, delete 0, find 0/0 [ 841.758229] Free swap = 0kB [ 841.767927] Total swap = 0kB [ 841.776657] 1965979 pages RAM [ 841.794100] 0 pages HighMem/MovableOnly [ 841.804277] 338856 pages reserved [ 841.813861] 0 pages cma reserved [ 841.879559] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 841.892773] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 841.901995] CPU: 0 PID: 13979 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 841.909051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 841.918759] Call Trace: [ 841.921369] dump_stack+0x172/0x1f0 [ 841.925016] warn_alloc.cold+0x7b/0x173 [ 841.929011] ? zone_watermark_ok_safe+0x260/0x260 [ 841.933880] ? try_to_compact_pages+0x44/0xae0 [ 841.938497] __alloc_pages_slowpath+0x220e/0x2870 [ 841.943375] ? warn_alloc+0x110/0x110 [ 841.947191] ? __lock_is_held+0xb6/0x140 [ 841.951274] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 841.956835] ? should_fail+0x14d/0x85c [ 841.960749] ? __isolate_free_page+0x4c0/0x4c0 [ 841.965351] ? __might_sleep+0x95/0x190 [ 841.969342] __alloc_pages_nodemask+0x617/0x750 [ 841.974031] ? __alloc_pages_slowpath+0x2870/0x2870 [ 841.979067] ? policy_nodemask+0x65/0x1b0 [ 841.983233] ? wait_for_completion+0x440/0x440 [ 841.987837] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 841.993402] alloc_pages_current+0x107/0x210 [ 841.997844] ion_page_pool_alloc+0x137/0x1d0 [ 842.002281] ion_system_heap_allocate+0x154/0xa90 [ 842.007152] ? ion_system_heap_free+0x250/0x250 [ 842.011858] ion_alloc+0x29b/0x900 [ 842.015425] ? ion_dma_buf_release+0x50/0x50 [ 842.019858] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 842.025420] ? _copy_from_user+0xdd/0x150 [ 842.029596] ion_ioctl+0x17b/0x329 [ 842.033155] ? ion_alloc.cold+0x28/0x28 [ 842.037146] ? __might_sleep+0x95/0x190 [ 842.041137] ? ion_alloc.cold+0x28/0x28 [ 842.045126] do_vfs_ioctl+0xd5f/0x1380 [ 842.049024] ? selinux_file_ioctl+0x46f/0x5e0 [ 842.053532] ? selinux_file_ioctl+0x125/0x5e0 [ 842.058041] ? ioctl_preallocate+0x210/0x210 [ 842.062460] ? selinux_file_mprotect+0x620/0x620 [ 842.067238] ? iterate_fd+0x360/0x360 [ 842.071053] ? nsecs_to_jiffies+0x30/0x30 [ 842.075224] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 842.080775] ? security_file_ioctl+0x8d/0xc0 [ 842.085204] ksys_ioctl+0xab/0xd0 [ 842.088673] __x64_sys_ioctl+0x73/0xb0 [ 842.092578] do_syscall_64+0xfd/0x620 [ 842.096400] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 842.101597] RIP: 0033:0x459829 [ 842.104806] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 842.123730] RSP: 002b:00007f7abc886c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 842.131465] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 842.138753] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000004 [ 842.146038] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 842.153325] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7abc8876d4 [ 842.160613] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 842.171636] warn_alloc_show_mem: 1 callbacks suppressed [ 842.171640] Mem-Info: [ 842.179466] active_anon:71474 inactive_anon:202 isolated_anon:0 [ 842.179466] active_file:1393 inactive_file:5089 isolated_file:0 [ 842.179466] unevictable:0 dirty:539 writeback:0 unstable:0 [ 842.179466] slab_reclaimable:12691 slab_unreclaimable:104362 [ 842.179466] mapped:48404 shmem:245 pagetables:789 bounce:0 [ 842.179466] free:420557 free_pcp:1364 free_cma:0 [ 842.221367] Node 0 active_anon:284736kB inactive_anon:808kB active_file:5064kB inactive_file:11548kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:68684kB dirty:2136kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 842.250043] Node 1 active_anon:1160kB inactive_anon:0kB active_file:508kB inactive_file:8808kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:124932kB dirty:20kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 842.277772] Node 0 DMA free:10480kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 842.305847] lowmem_reserve[]: 0 2555 2557 2557 [ 842.310834] Node 0 DMA32 free:609936kB min:36248kB low:45308kB high:54368kB active_anon:282688kB inactive_anon:808kB active_file:4664kB inactive_file:11904kB unevictable:0kB writepending:2136kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6592kB pagetables:2384kB bounce:0kB free_pcp:2748kB local_pcp:1412kB free_cma:0kB [ 842.341430] lowmem_reserve[]: 0 0 2 2 [ 842.345286] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 842.382844] lowmem_reserve[]: 0 0 0 0 [ 842.386959] Node 1 Normal free:1062020kB min:53608kB low:67008kB high:80408kB active_anon:1160kB inactive_anon:0kB active_file:508kB inactive_file:8808kB unevictable:0kB writepending:20kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:448kB pagetables:772kB bounce:0kB free_pcp:2628kB local_pcp:1260kB free_cma:0kB [ 842.459563] lowmem_reserve[]: 0 0 0 0 [ 842.463457] Node 0 DMA: 76*4kB (UE) 41*8kB (UE) 34*16kB (U) 23*32kB (UE) 14*64kB (UE) 6*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10488kB [ 842.487122] Node 0 DMA32: 49130*4kB (UME) 23670*8kB (UME) 8887*16kB (UME) 2503*32kB (UM) 30*64kB (U) 4*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 610600kB [ 842.508186] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 842.524942] Node 1 Normal: 85739*4kB (UM) 36907*8kB (UM) 15457*16kB (UME) 5262*32kB (UME) 126*64kB (U) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 1062100kB [ 842.545999] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 842.558199] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 842.568316] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 842.582682] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 842.591514] 6736 total pagecache pages [ 842.595429] 0 pages in swap cache [ 842.598894] Swap cache stats: add 0, delete 0, find 0/0 [ 842.604494] Free swap = 0kB [ 842.607528] Total swap = 0kB [ 842.610738] 1965979 pages RAM [ 842.613856] 0 pages HighMem/MovableOnly [ 842.617832] 338856 pages reserved [ 842.621512] 0 pages cma reserved 04:52:35 executing program 5: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1, 0x0, 0xffffffffffffffff, 0x40000000}) 04:52:35 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008000100000007e1ad479134341b080003000800e80f01d4c08019f0e761785e0a76cd5e212ff7aa91c8be4f440d9943304a736325f952f51ec94f8f1097fb72107bd645abb789aa5f6db497ad269d3d7da536d4b5ef6196c66afa5f49c3e8cec1686daabf15f8ad2e52252ecc6bee37104c1474c66d937afce94fa451b7c595b3e5b6527f4c0db348e4222597c1f7c178691b4115d56f46c05b6c1ca6eaadaa94ead3fbc47adac103797e843c8949f0d2000000"], 0x1}}, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) 04:52:35 executing program 3: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x3, 0x1}) 04:52:35 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x0, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x74) [ 843.909023] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 843.948185] FAT-fs (loop1): Directory bread(block 1281) failed [ 843.969611] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 843.986022] CPU: 0 PID: 13988 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 843.993105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 843.995551] FAT-fs (loop1): Directory bread(block 1282) failed [ 844.002470] Call Trace: [ 844.002496] dump_stack+0x172/0x1f0 [ 844.002517] warn_alloc.cold+0x7b/0x173 [ 844.002535] ? zone_watermark_ok_safe+0x260/0x260 [ 844.002552] ? __lock_is_held+0xb6/0x140 [ 844.002591] __alloc_pages_slowpath+0x220e/0x2870 [ 844.002629] ? warn_alloc+0x110/0x110 [ 844.002644] ? __lock_is_held+0xb6/0x140 [ 844.002665] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 844.002679] ? should_fail+0x14d/0x85c [ 844.002700] ? __isolate_free_page+0x4c0/0x4c0 [ 844.002719] ? __might_sleep+0x95/0x190 [ 844.002740] __alloc_pages_nodemask+0x617/0x750 [ 844.002763] ? __alloc_pages_slowpath+0x2870/0x2870 [ 844.002788] ? wait_for_completion+0x440/0x440 [ 844.002813] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 844.002835] alloc_pages_current+0x107/0x210 [ 844.002855] ion_page_pool_alloc+0x137/0x1d0 [ 844.002872] ion_system_heap_allocate+0x154/0xa90 [ 844.002894] ? ion_system_heap_free+0x250/0x250 [ 844.002920] ion_alloc+0x29b/0x900 [ 844.002946] ? ion_dma_buf_release+0x50/0x50 [ 844.002969] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 844.002986] ? _copy_from_user+0xdd/0x150 [ 844.003006] ion_ioctl+0x17b/0x329 [ 844.003024] ? ion_alloc.cold+0x28/0x28 [ 844.003043] ? __might_sleep+0x95/0x190 [ 844.003062] ? ion_alloc.cold+0x28/0x28 [ 844.003079] do_vfs_ioctl+0xd5f/0x1380 [ 844.003093] ? selinux_file_ioctl+0x46f/0x5e0 [ 844.003105] ? selinux_file_ioctl+0x125/0x5e0 [ 844.003119] ? ioctl_preallocate+0x210/0x210 [ 844.003133] ? selinux_file_mprotect+0x620/0x620 [ 844.003156] ? iterate_fd+0x360/0x360 [ 844.003173] ? nsecs_to_jiffies+0x30/0x30 [ 844.003201] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 844.165209] ? security_file_ioctl+0x8d/0xc0 [ 844.169648] ksys_ioctl+0xab/0xd0 [ 844.173113] __x64_sys_ioctl+0x73/0xb0 [ 844.177015] do_syscall_64+0xfd/0x620 [ 844.180831] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 844.186111] RIP: 0033:0x459829 [ 844.189314] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 844.208317] RSP: 002b:00007ff0ae6ecc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 844.216049] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 844.223330] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 844.230607] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 844.237887] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff0ae6ed6d4 [ 844.245167] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 844.254809] FAT-fs (loop1): Directory bread(block 1283) failed [ 844.279890] FAT-fs (loop1): Directory bread(block 1284) failed [ 844.299874] FAT-fs (loop1): Directory bread(block 1285) failed [ 844.310254] FAT-fs (loop1): Directory bread(block 1286) failed [ 844.339885] FAT-fs (loop1): Directory bread(block 1287) failed [ 844.352770] FAT-fs (loop1): Directory bread(block 1288) failed [ 844.372931] FAT-fs (loop1): Directory bread(block 1289) failed [ 844.394050] FAT-fs (loop1): Directory bread(block 1290) failed [ 844.637851] Mem-Info: [ 844.642028] active_anon:71525 inactive_anon:208 isolated_anon:0 [ 844.642028] active_file:638 inactive_file:2515 isolated_file:32 [ 844.642028] unevictable:0 dirty:70 writeback:0 unstable:0 [ 844.642028] slab_reclaimable:12626 slab_unreclaimable:103958 [ 844.642028] mapped:46103 shmem:252 pagetables:789 bounce:0 [ 844.642028] free:57060 free_pcp:681 free_cma:0 [ 844.719608] Node 0 active_anon:284712kB inactive_anon:792kB active_file:1268kB inactive_file:188kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:58276kB dirty:48kB writeback:0kB shmem:964kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 844.840136] Node 1 active_anon:1488kB inactive_anon:40kB active_file:1136kB inactive_file:11528kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:127136kB dirty:32kB writeback:0kB shmem:44kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 844.935837] Node 0 DMA free:10488kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 844.999665] lowmem_reserve[]: 0 2555 2557 2557 [ 845.022362] Node 0 DMA32 free:39332kB min:36248kB low:45308kB high:54368kB active_anon:282664kB inactive_anon:792kB active_file:1380kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6528kB pagetables:2280kB bounce:0kB free_pcp:420kB local_pcp:352kB free_cma:0kB [ 845.060860] lowmem_reserve[]: 0 0 2 2 [ 845.084641] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 845.119630] lowmem_reserve[]: 0 0 0 0 [ 845.123663] Node 1 Normal free:53540kB min:53608kB low:67008kB high:80408kB active_anon:1088kB inactive_anon:40kB active_file:4760kB inactive_file:4852kB unevictable:0kB writepending:32kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:512kB pagetables:876kB bounce:0kB free_pcp:1140kB local_pcp:872kB free_cma:0kB [ 845.209641] lowmem_reserve[]: 0 0 0 0 [ 845.228047] Node 0 DMA: 62*4kB (UE) 41*8kB (UE) 34*16kB (U) 23*32kB (UE) 14*64kB (UE) 6*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10432kB [ 845.273112] Node 0 DMA32: 665*4kB (UME) 675*8kB (UME) 111*16kB (ME) 646*32kB (UM) 18*64kB (UM) 9*128kB (M) 7*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 36140kB [ 845.290790] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 845.301876] Node 1 Normal: 35*4kB (U) 54*8kB (UM) 34*16kB (UM) 1597*32kB (UM) 14*64kB (UM) 3*128kB (U) 2*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 54012kB [ 845.317285] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 845.326401] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 845.335645] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 845.344722] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 845.353528] 862 total pagecache pages [ 845.357452] 0 pages in swap cache [ 845.361083] Swap cache stats: add 0, delete 0, find 0/0 [ 845.366603] Free swap = 0kB [ 845.369763] Total swap = 0kB [ 845.372873] 1965979 pages RAM [ 845.376059] 0 pages HighMem/MovableOnly [ 845.383637] 338856 pages reserved [ 845.387198] 0 pages cma reserved [ 847.165043] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 847.222540] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 847.227375] CPU: 1 PID: 7948 Comm: syz-fuzzer Not tainted 4.19.63 #37 [ 847.233961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 847.243333] Call Trace: [ 847.245943] dump_stack+0x172/0x1f0 [ 847.249597] dump_header+0x15e/0xa55 [ 847.253330] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 847.258453] ? ___ratelimit+0x60/0x595 [ 847.262360] ? do_raw_spin_unlock+0x57/0x270 [ 847.266794] oom_kill_process.cold+0x10/0x6ef [ 847.271319] ? lock_downgrade+0x810/0x810 [ 847.275488] ? kasan_check_read+0x11/0x20 [ 847.279654] out_of_memory+0x936/0x12d0 [ 847.283650] ? oom_killer_disable+0x280/0x280 [ 847.288188] ? mutex_trylock+0x18e/0x1e0 [ 847.292259] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 847.297213] __alloc_pages_slowpath+0x20af/0x2870 [ 847.302092] ? warn_alloc+0x110/0x110 [ 847.305905] ? __lock_is_held+0xb6/0x140 [ 847.309980] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 847.315525] ? should_fail+0x14d/0x85c [ 847.319437] ? __might_sleep+0x95/0x190 [ 847.323426] __alloc_pages_nodemask+0x617/0x750 [ 847.328111] ? kasan_check_read+0x11/0x20 [ 847.332279] ? __alloc_pages_slowpath+0x2870/0x2870 [ 847.337316] ? find_get_entry+0x3e8/0x820 [ 847.341484] ? filemap_map_pages+0x1130/0x1130 [ 847.346077] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 847.351635] alloc_pages_current+0x107/0x210 [ 847.356058] __page_cache_alloc+0x2bd/0x450 [ 847.360381] ? kasan_check_read+0x11/0x20 [ 847.364532] filemap_fault+0x10bb/0x2250 [ 847.368594] ? lock_downgrade+0x810/0x810 [ 847.372780] ? __lock_page_or_retry+0xdc0/0xdc0 [ 847.377461] ? lock_acquire+0x16f/0x3f0 [ 847.381438] ? ext4_filemap_fault+0x7b/0xaf [ 847.385772] ext4_filemap_fault+0x83/0xaf [ 847.389926] __do_fault+0x111/0x480 [ 847.393564] __handle_mm_fault+0x2d78/0x3f80 [ 847.397983] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 847.402850] ? count_memcg_event_mm+0x2b1/0x4d0 [ 847.407526] handle_mm_fault+0x1b5/0x690 [ 847.411608] __do_page_fault+0x62a/0xe90 [ 847.415680] ? vmalloc_fault+0x740/0x740 [ 847.419749] ? trace_hardirqs_off_caller+0x65/0x220 [ 847.424780] ? trace_hardirqs_on_caller+0x6a/0x220 [ 847.429716] ? page_fault+0x8/0x30 [ 847.433276] do_page_fault+0x71/0x57d [ 847.437095] ? page_fault+0x8/0x30 [ 847.440641] page_fault+0x1e/0x30 [ 847.444101] RIP: 0033:0x45ac23 [ 847.447312] Code: Bad RIP value. [ 847.450676] RSP: 002b:000000c42004ff08 EFLAGS: 00010202 [ 847.456046] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 000000000045ac23 [ 847.463319] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 847.470589] RBP: 000000c42004ff18 R08: 000000c42004ff08 R09: 0000000000000000 [ 847.477860] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000042f0a0 [ 847.485134] R13: 00000000000000f1 R14: 0000000000000011 R15: 0000000000000000 [ 848.869560] Mem-Info: [ 848.872058] active_anon:71379 inactive_anon:206 isolated_anon:0 [ 848.872058] active_file:34 inactive_file:0 isolated_file:0 [ 848.872058] unevictable:0 dirty:0 writeback:0 unstable:0 [ 848.872058] slab_reclaimable:12588 slab_unreclaimable:103502 [ 848.872058] mapped:43522 shmem:252 pagetables:780 bounce:0 [ 848.872058] free:24897 free_pcp:62 free_cma:0 [ 849.035363] Node 0 active_anon:284392kB inactive_anon:788kB active_file:36kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:57276kB dirty:0kB writeback:0kB shmem:964kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 849.172114] Node 1 active_anon:1124kB inactive_anon:36kB active_file:0kB inactive_file:60kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:116812kB dirty:0kB writeback:0kB shmem:44kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 849.336136] Node 0 DMA free:10432kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 849.488905] lowmem_reserve[]: 0 2555 2557 2557 [ 849.517985] Node 0 DMA32 free:35996kB min:36248kB low:45308kB high:54368kB active_anon:282344kB inactive_anon:788kB active_file:40kB inactive_file:32kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6528kB pagetables:2284kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 849.682040] lowmem_reserve[]: 0 0 2 2 [ 849.685929] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 849.853831] lowmem_reserve[]: 0 0 0 0 [ 849.857723] Node 1 Normal free:53568kB min:53608kB low:67008kB high:80408kB active_anon:1124kB inactive_anon:36kB active_file:28kB inactive_file:32kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:480kB pagetables:836kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 850.047450] lowmem_reserve[]: 0 0 0 0 [ 850.068758] Node 0 DMA: 62*4kB (UE) 41*8kB (UE) 34*16kB (U) 23*32kB (UE) 14*64kB (UE) 6*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10432kB [ 850.163483] Node 0 DMA32: 676*4kB (ME) 790*8kB (UME) 117*16kB (UME) 593*32kB (UM) 18*64kB (UM) 9*128kB (M) 6*256kB (M) 2*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 35760kB [ 850.244652] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 850.297409] Node 1 Normal: 43*4kB (UM) 29*8kB (M) 18*16kB (M) 1588*32kB (UM) 17*64kB (UM) 4*128kB (UM) 2*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 53620kB [ 850.383954] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 850.421625] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 850.430781] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 850.439754] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 850.448360] 286 total pagecache pages [ 850.452375] 0 pages in swap cache [ 850.455854] Swap cache stats: add 0, delete 0, find 0/0 [ 850.461359] Free swap = 0kB [ 850.464399] Total swap = 0kB [ 850.467432] 1965979 pages RAM [ 850.470612] 0 pages HighMem/MovableOnly [ 850.474597] 338856 pages reserved [ 850.478143] 0 pages cma reserved [ 850.481625] Unreclaimable slab info: [ 850.485351] Name Used Total [ 850.491758] pid_2 39KB 160KB [ 850.497229] batadv_tt_change_cache 9KB 15KB [ 850.503815] batadv_tl_cache 10KB 12KB [ 850.509234] TIPC 21KB 35KB [ 850.514704] SCTPv6 30KB 43KB [ 850.520201] DCCPv6 14KB 21KB [ 850.525586] DCCP 13KB 20KB [ 850.531149] bridge_fdb_cache 21KB 31KB [ 850.536536] fib6_nodes 216KB 224KB [ 850.614592] ip6_dst_cache 806KB 806KB [ 850.662264] RAWv6 136KB 149KB [ 850.667687] UDPv6 3KB 3KB [ 850.723953] TCPv6 20KB 29KB [ 850.729387] nf_conntrack 0KB 3KB [ 850.773464] sd_ext_cdb 0KB 7KB [ 850.778888] scsi_sense_cache 1056KB 1060KB [ 850.829998] virtio_scsi_cmd 16KB 16KB [ 850.835431] sgpool-128 8KB 8KB [ 850.894666] sgpool-64 4KB 12KB [ 850.925544] sgpool-32 2KB 15KB [ 850.954482] sgpool-16 1KB 7KB [ 850.987373] sgpool-8 0KB 7KB [ 851.026794] mqueue_inode_cache 18KB 43KB [ 851.055973] bio_post_read_ctx 14KB 15KB [ 851.087242] bio-2 14KB 15KB [ 851.111929] jfs_mp 7KB 7KB [ 851.117364] nfs_commit_data 3KB 14KB [ 851.170165] nfs_write_data 34KB 44KB [ 851.175614] ext4_system_zone 1KB 7KB [ 851.228896] bio-1 1KB 7KB [ 851.252439] fasync_cache 0KB 4KB [ 851.257865] pid_namespace 4KB 7KB [ 851.317112] rpc_buffers 17KB 25KB [ 851.350387] rpc_tasks 2KB 7KB [ 851.355835] UNIX 1145KB 1149KB [ 851.418543] tcp_bind_bucket 3KB 12KB [ 851.449970] inet_peer_cache 0KB 4KB [ 851.455431] xfrm_state 8KB 8KB [ 851.499824] ip_fib_trie 32KB 39KB [ 851.505348] ip_fib_alias 152KB 166KB [ 851.562440] ip_dst_cache 7KB 24KB [ 851.567971] RAW 81KB 100KB [ 851.615834] UDP 27KB 39KB [ 851.649549] TCP 8KB 16KB [ 851.654993] hugetlbfs_inode_cache 2KB 15KB [ 851.704730] fscache_cookie_jar 1KB 11KB [ 851.736052] eventpoll_pwq 20KB 35KB [ 851.764368] eventpoll_epi 38KB 66KB [ 851.810684] inotify_inode_mark 27KB 63KB [ 851.816232] request_queue 163KB 163KB [ 851.850052] blkdev_requests 1KB 3KB [ 851.855492] blkdev_ioc 41KB 54KB [ 851.903054] bio-0 3329KB 3468KB [ 851.908490] biovec-max 5667KB 5799KB [ 851.948484] biovec-64 3596KB 3764KB [ 851.979833] biovec-16 385KB 457KB [ 851.985253] bio_integrity_payload 1KB 8KB [ 852.029047] khugepaged_mm_slot 4KB 19KB [ 852.050425] dmaengine-unmap-256 2KB 6KB [ 852.056018] dmaengine-unmap-128 1KB 3KB [ 852.113526] dmaengine-unmap-16 0KB 4KB [ 852.119023] dmaengine-unmap-2 0KB 3KB [ 852.168838] audit_buffer 0KB 3KB [ 852.189677] skbuff_fclone_cache 121KB 206KB [ 852.195279] skbuff_head_cache 6709KB 6738KB [ 852.236622] configfs_dir_cache 0KB 8KB [ 852.265134] file_lock_cache 0KB 3KB [ 852.285428] file_lock_ctx 0KB 3KB [ 852.315454] fsnotify_mark_connector 16KB 39KB [ 852.343040] net_namespace 112KB 112KB [ 852.348469] shmem_inode_cache 5157KB 5533KB [ 852.396628] task_delay_info 70KB 233KB [ 852.422705] taskstats 32KB 80KB [ 852.428154] proc_dir_entry 1031KB 1053KB [ 852.472995] pde_opener 0KB 3KB [ 852.478427] seq_file 159KB 307KB [ 852.520123] sigqueue 43KB 86KB [ 852.525545] kernfs_node_cache 12724KB 12875KB [ 852.597156] mnt_cache 165KB 184KB [ 852.639288] filp 2724KB 4200KB [ 852.663737] names_cache 46588KB 46588KB [ 852.669197] iint_cache 42KB 63KB [ 852.717269] hashtab_node 118KB 119KB [ 852.756884] ebitmap_node 1027KB 1039KB [ 852.786835] avtab_node 1012KB 1013KB [ 852.808360] avc_node 48KB 55KB [ 852.836620] selinux_file_security 171KB 329KB [ 852.882327] selinux_inode_security 3237KB 3488KB [ 852.888179] key_jar 4KB 11KB [ 852.938882] uts_namespace 5KB 11KB [ 852.977459] nsproxy 4KB 11KB [ 853.002521] vm_area_struct 3200KB 5889KB [ 853.007939] mm_struct 463KB 845KB [ 853.067227] fs_cache 42KB 96KB [ 853.103558] files_cache 162KB 270KB [ 853.108989] signal_cache 537KB 797KB [ 853.153655] sighand_cache 474KB 534KB [ 853.159074] task_struct 2332KB 2394KB [ 853.210766] cred_jar 296KB 616KB [ 853.216176] anon_vma_chain 1861KB 3618KB [ 853.264959] anon_vma 158KB 573KB [ 853.296710] pid 47KB 200KB [ 853.323379] Acpi-Operand 156KB 190KB [ 853.328792] Acpi-ParseExt 8KB 11KB [ 853.394646] Acpi-Parse 41KB 47KB [ 853.425796] Acpi-State 52KB 63KB [ 853.462097] Acpi-Namespace 20KB 23KB [ 853.467523] numa_policy 0KB 3KB [ 853.518375] debug_objects_cache 1103KB 1114KB [ 853.542609] trace_event_file 263KB 266KB [ 853.548026] ftrace_event_field 382KB 385KB [ 853.598763] pool_workqueue 108KB 120KB [ 853.630683] task_group 5KB 7KB [ 853.636106] page->ptl 680KB 1612KB [ 853.684269] kmalloc-2097152 2050KB 2050KB [ 853.706761] kmalloc-524288 2056KB 2056KB [ 853.712250] kmalloc-262144 1290KB 1290KB [ 853.717643] kmalloc-131072 780KB 780KB [ 853.723250] kmalloc-65536 34650KB 34848KB [ 853.728743] kmalloc-32768 2772KB 2904KB [ 853.734209] kmalloc-16384 874KB 907KB [ 853.741731] kmalloc-8192 4149KB 4265KB [ 853.747129] kmalloc-4096 35049KB 35100KB [ 853.752641] kmalloc-2048 18054KB 18162KB [ 853.758030] kmalloc-1024 15108KB 15293KB [ 853.764441] kmalloc-512 11330KB 11448KB [ 853.769915] kmalloc-256 5131KB 5268KB [ 853.775303] kmalloc-128 1436KB 1460KB [ 853.780928] kmalloc-96 2491KB 2636KB [ 853.786344] kmalloc-64 3314KB 3396KB [ 853.791842] kmalloc-32 3377KB 3724KB [ 853.797247] kmalloc-192 2740KB 2864KB [ 853.802695] kmem_cache 248KB 255KB [ 853.808081] Out of memory: Kill process 13987 (syz-executor.5) score 1005 or sacrifice child [ 853.816851] Killed process 13988 (syz-executor.5) total-vm:72712kB, anon-rss:156kB, file-rss:34816kB, shmem-rss:0kB [ 853.842331] oom_reaper: reaped process 13988 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 853.940553] init invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 853.959640] init cpuset=/ mems_allowed=0-1 [ 853.963958] CPU: 1 PID: 1 Comm: init Not tainted 4.19.63 #37 [ 853.969895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 853.979278] Call Trace: [ 853.981895] dump_stack+0x172/0x1f0 [ 853.985556] dump_header+0x15e/0xa55 [ 853.989293] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 853.994421] ? ___ratelimit+0x60/0x595 [ 853.998330] ? do_raw_spin_unlock+0x57/0x270 [ 854.002768] oom_kill_process.cold+0x10/0x6ef [ 854.007286] ? lock_downgrade+0x810/0x810 [ 854.011458] ? kasan_check_read+0x11/0x20 [ 854.015630] out_of_memory+0x936/0x12d0 [ 854.019627] ? oom_killer_disable+0x280/0x280 [ 854.024159] ? mutex_trylock+0x18e/0x1e0 [ 854.028237] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 854.033188] __alloc_pages_slowpath+0x20af/0x2870 [ 854.038069] ? warn_alloc+0x110/0x110 [ 854.041882] ? __lock_is_held+0xb6/0x140 [ 854.045975] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 854.051528] ? should_fail+0x14d/0x85c [ 854.055442] ? __might_sleep+0x95/0x190 [ 854.059475] __alloc_pages_nodemask+0x617/0x750 [ 854.064173] ? kasan_check_read+0x11/0x20 [ 854.068348] ? __alloc_pages_slowpath+0x2870/0x2870 [ 854.073387] ? find_get_entry+0x3e8/0x820 [ 854.077563] ? filemap_map_pages+0x1130/0x1130 [ 854.082174] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 854.087740] alloc_pages_current+0x107/0x210 [ 854.092187] __page_cache_alloc+0x2bd/0x450 [ 854.096529] ? kasan_check_read+0x11/0x20 [ 854.100703] filemap_fault+0x10bb/0x2250 [ 854.104783] ? lock_downgrade+0x810/0x810 [ 854.108968] ? __lock_page_or_retry+0xdc0/0xdc0 [ 854.113659] ? lock_acquire+0x16f/0x3f0 [ 854.117653] ? ext4_filemap_fault+0x7b/0xaf [ 854.122006] ext4_filemap_fault+0x83/0xaf [ 854.126170] __do_fault+0x111/0x480 [ 854.129840] __handle_mm_fault+0x2d78/0x3f80 [ 854.134277] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 854.139164] ? count_memcg_event_mm+0x2b1/0x4d0 [ 854.143861] handle_mm_fault+0x1b5/0x690 [ 854.147961] __do_page_fault+0x62a/0xe90 [ 854.152045] ? blkg_prfill_rwstat_field_recursive+0x100/0x100 [ 854.157990] ? vmalloc_fault+0x740/0x740 [ 854.162086] ? trace_hardirqs_off_caller+0x65/0x220 [ 854.167296] ? trace_hardirqs_on_caller+0x6a/0x220 [ 854.172253] ? page_fault+0x8/0x30 [ 854.175815] do_page_fault+0x71/0x57d [ 854.179634] ? page_fault+0x8/0x30 [ 854.183203] page_fault+0x1e/0x30 [ 854.186751] RIP: 0033:0x7f6a60a84c65 [ 854.190483] Code: Bad RIP value. [ 854.193853] RSP: 002b:00007fff3ddd0f58 EFLAGS: 00010246 [ 854.199230] RAX: 0000000000000000 RBX: 00007fff3ddd1190 RCX: 00007f6a60a84c65 [ 854.206518] RDX: 00007fff3ddd1190 RSI: 00007fff3ddd1190 RDI: 0000000000407545 [ 854.213804] RBP: 0000000000000000 R08: 0000000001586b60 R09: 0000000000000001 [ 854.221087] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 854.228374] R13: 00007fff3ddd1690 R14: 0000000000000000 R15: 0000000000000000 [ 854.240920] Mem-Info: [ 854.243420] active_anon:71379 inactive_anon:206 isolated_anon:0 [ 854.243420] active_file:40 inactive_file:0 isolated_file:1 [ 854.243420] unevictable:0 dirty:0 writeback:0 unstable:0 [ 854.243420] slab_reclaimable:12580 slab_unreclaimable:103309 [ 854.243420] mapped:43522 shmem:252 pagetables:780 bounce:0 [ 854.243420] free:14548 free_pcp:1 free_cma:0 [ 854.302750] Node 0 active_anon:284392kB inactive_anon:788kB active_file:132kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):4kB mapped:57276kB dirty:0kB writeback:0kB shmem:964kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 854.330250] Node 1 active_anon:1124kB inactive_anon:36kB active_file:28kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:116812kB dirty:0kB writeback:0kB shmem:44kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 854.380358] Node 0 DMA free:10320kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 854.459710] lowmem_reserve[]: 0 2555 2557 2557 [ 854.464382] Node 0 DMA32 free:187904kB min:36248kB low:45308kB high:54368kB active_anon:282328kB inactive_anon:788kB active_file:56kB inactive_file:4kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6528kB pagetables:2284kB bounce:0kB free_pcp:272kB local_pcp:272kB free_cma:0kB [ 854.517369] lowmem_reserve[]: 0 0 2 2 [ 854.549628] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 854.599568] lowmem_reserve[]: 0 0 0 0 [ 854.619613] Node 1 Normal free:604744kB min:53608kB low:67008kB high:80408kB active_anon:1032kB inactive_anon:36kB active_file:28kB inactive_file:32kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:480kB pagetables:836kB bounce:0kB free_pcp:2756kB local_pcp:1276kB free_cma:0kB [ 854.649561] lowmem_reserve[]: 0 0 0 0 [ 854.653426] Node 0 DMA: 40*4kB (UE) 41*8kB (UE) 34*16kB (U) 23*32kB (UE) 14*64kB (UE) 6*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10344kB [ 854.701170] Node 0 DMA32: 6457*4kB (UME) 2217*8kB (UME) 654*16kB (UME) 65*32kB (UM) 2579*64kB (UM) 65*128kB (UM) 13*256kB (UM) 2*512kB (UM) 1*1024kB (U) 0*2048kB 0*4096kB = 234860kB [ 854.724894] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 854.736657] Node 1 Normal: 8397*4kB (UM) 1614*8kB (UM) 364*16kB (UM) 924*32kB (UM) 4324*64kB (UME) 1345*128kB (UM) 299*256kB (UM) 11*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 612964kB [ 854.754675] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 854.764860] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 854.774272] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 854.784909] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 854.794386] 1185 total pagecache pages [ 854.798450] 0 pages in swap cache [ 854.802127] Swap cache stats: add 0, delete 0, find 0/0 [ 854.807590] Free swap = 0kB [ 854.813555] Total swap = 0kB [ 854.817088] 1965979 pages RAM [ 854.820464] 0 pages HighMem/MovableOnly [ 854.824446] 338856 pages reserved [ 854.827896] 0 pages cma reserved [ 854.831543] Unreclaimable slab info: [ 854.835272] Name Used Total [ 854.846338] pid_2 38KB 160KB [ 854.865312] batadv_tt_change_cache 9KB 15KB [ 854.874259] batadv_tl_cache 10KB 12KB [ 854.898288] TIPC 21KB 35KB [ 854.904547] SCTPv6 30KB 43KB [ 854.910997] DCCPv6 14KB 21KB [ 854.917007] DCCP 13KB 20KB [ 854.924161] bridge_fdb_cache 21KB 31KB [ 854.931275] fib6_nodes 216KB 224KB [ 854.936682] ip6_dst_cache 832KB 832KB [ 854.942511] RAWv6 136KB 143KB [ 854.947908] UDPv6 3KB 3KB [ 854.953649] TCPv6 20KB 29KB [ 854.959050] nf_conntrack 0KB 3KB [ 854.970482] sd_ext_cdb 0KB 7KB [ 854.976561] scsi_sense_cache 1056KB 1060KB [ 854.983105] virtio_scsi_cmd 16KB 16KB [ 854.988555] sgpool-128 8KB 8KB [ 854.994286] sgpool-64 4KB 12KB [ 855.000689] sgpool-32 2KB 15KB [ 855.006688] sgpool-16 1KB 7KB [ 855.012360] sgpool-8 0KB 7KB [ 855.017867] mqueue_inode_cache 18KB 43KB [ 855.023625] bio_post_read_ctx 14KB 15KB [ 855.029175] bio-2 14KB 15KB [ 855.035296] jfs_mp 7KB 7KB [ 855.042835] nfs_commit_data 3KB 14KB [ 855.048236] nfs_write_data 34KB 44KB [ 855.054014] ext4_system_zone 1KB 7KB [ 855.059436] bio-1 1KB 7KB [ 855.065129] fasync_cache 0KB 4KB [ 855.070738] pid_namespace 4KB 7KB [ 855.076224] rpc_buffers 17KB 25KB [ 855.081827] rpc_tasks 2KB 7KB [ 855.087298] UNIX 1145KB 1149KB [ 855.092915] tcp_bind_bucket 3KB 12KB [ 855.099027] inet_peer_cache 0KB 4KB [ 855.105148] xfrm_state 8KB 8KB [ 855.110873] ip_fib_trie 32KB 39KB [ 855.116352] ip_fib_alias 152KB 162KB [ 855.122049] ip_dst_cache 7KB 24KB [ 855.129709] RAW 81KB 100KB [ 855.136049] UDP 27KB 39KB [ 855.142594] TCP 8KB 16KB [ 855.148086] hugetlbfs_inode_cache 2KB 15KB [ 855.154158] fscache_cookie_jar 1KB 11KB [ 855.161080] eventpoll_pwq 26KB 35KB [ 855.166542] eventpoll_epi 49KB 66KB [ 855.173252] inotify_inode_mark 30KB 63KB [ 855.178868] request_queue 163KB 163KB [ 855.195641] blkdev_requests 1KB 3KB [ 855.209578] blkdev_ioc 41KB 54KB [ 855.219655] bio-0 3413KB 3468KB [ 855.225056] biovec-max 5667KB 5775KB [ 855.230776] biovec-64 3650KB 3764KB [ 855.236171] biovec-16 388KB 435KB [ 855.241860] bio_integrity_payload 1KB 8KB [ 855.247679] khugepaged_mm_slot 4KB 19KB [ 855.253473] dmaengine-unmap-256 2KB 6KB [ 855.259103] dmaengine-unmap-128 1KB 3KB [ 855.264943] dmaengine-unmap-16 0KB 4KB [ 855.270665] dmaengine-unmap-2 0KB 3KB [ 855.276053] audit_buffer 0KB 3KB [ 855.281657] skbuff_fclone_cache 121KB 206KB [ 855.287218] skbuff_head_cache 6709KB 6738KB [ 855.292864] configfs_dir_cache 0KB 8KB [ 855.298339] file_lock_cache 0KB 3KB [ 855.304926] file_lock_ctx 0KB 3KB [ 855.319546] fsnotify_mark_connector 18KB 39KB [ 855.325488] net_namespace 112KB 112KB [ 855.349594] shmem_inode_cache 5151KB 5530KB [ 855.355022] task_delay_info 70KB 233KB [ 855.376215] IPVS: ftp: loaded support on port[0] = 21 [ 855.389626] taskstats 32KB 80KB [ 855.395105] proc_dir_entry 1031KB 1035KB [ 855.400762] pde_opener 0KB 3KB [ 855.406145] seq_file 158KB 307KB [ 855.430553] sigqueue 46KB 86KB [ 855.435972] kernfs_node_cache 12702KB 12852KB [ 855.449604] mnt_cache 179KB 180KB [ 855.455014] filp 2696KB 4200KB [ 855.460587] names_cache 46903KB 46903KB [ 855.469567] iint_cache 41KB 63KB [ 855.474959] hashtab_node 118KB 119KB [ 855.489563] ebitmap_node 1032KB 1039KB [ 855.494976] avtab_node 1012KB 1013KB [ 855.517920] avc_node 48KB 55KB [ 855.523418] selinux_file_security 170KB 329KB [ 855.534327] selinux_inode_security 3238KB 3488KB [ 855.549094] key_jar 4KB 11KB [ 855.559328] uts_namespace 11KB 11KB [ 855.595141] nsproxy 6KB 11KB [ 855.614736] vm_area_struct 3188KB 5889KB [ 855.635274] mm_struct 456KB 845KB [ 855.643298] fs_cache 56KB 96KB [ 855.648689] files_cache 161KB 270KB [ 855.660002] signal_cache 536KB 797KB [ 855.665397] sighand_cache 501KB 534KB [ 855.686900] task_struct 2357KB 2382KB [ 855.697056] cred_jar 310KB 616KB [ 855.719074] anon_vma_chain 1850KB 3618KB [ 855.736284] anon_vma 155KB 573KB [ 855.749301] chnl_net:caif_netlink_parms(): no params data found [ 855.758649] pid 46KB 200KB [ 855.767322] Acpi-Operand 156KB 190KB [ 855.780341] Acpi-ParseExt 8KB 11KB [ 855.786614] Acpi-Parse 41KB 47KB [ 855.810659] Acpi-State 52KB 63KB [ 855.816082] Acpi-Namespace 20KB 23KB [ 855.830718] numa_policy 0KB 3KB [ 855.836125] debug_objects_cache 1097KB 1114KB [ 855.852343] bridge0: port 1(bridge_slave_0) entered blocking state [ 855.858796] bridge0: port 1(bridge_slave_0) entered disabled state [ 855.865695] trace_event_file 263KB 266KB [ 855.871399] ftrace_event_field 382KB 385KB [ 855.876869] pool_workqueue 119KB 120KB [ 855.883708] device bridge_slave_0 entered promiscuous mode [ 855.891774] bridge0: port 2(bridge_slave_1) entered blocking state [ 855.898205] bridge0: port 2(bridge_slave_1) entered disabled state [ 855.905125] task_group 5KB 7KB [ 855.911918] page->ptl 672KB 1612KB [ 855.917347] kmalloc-2097152 2050KB 2050KB [ 855.923325] device bridge_slave_1 entered promiscuous mode [ 855.941219] kmalloc-524288 2056KB 2056KB [ 855.946621] kmalloc-262144 1290KB 1290KB [ 855.957397] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 855.965915] kmalloc-131072 780KB 780KB [ 855.974564] kmalloc-65536 34914KB 34980KB [ 855.985504] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 855.996505] kmalloc-32768 2904KB 3003KB [ 856.005085] kmalloc-16384 907KB 940KB [ 856.022999] kmalloc-8192 4240KB 4281KB [ 856.028407] kmalloc-4096 35670KB 35729KB [ 856.052859] kmalloc-2048 18156KB 18156KB [ 856.058276] kmalloc-1024 15162KB 15293KB [ 856.070000] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 856.100701] team0: Port device team_slave_0 added [ 856.117980] kmalloc-512 11363KB 11445KB [ 856.125712] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 856.147774] kmalloc-256 5114KB 5265KB [ 856.187834] kmalloc-128 1440KB 1460KB [ 856.212345] kmalloc-96 2528KB 2636KB [ 856.217763] kmalloc-64 3314KB 3396KB [ 856.231427] kmalloc-32 3395KB 3724KB [ 856.236831] kmalloc-192 2805KB 2908KB [ 856.291414] kmem_cache 248KB 255KB [ 856.296851] Out of memory: Kill process 13973 (syz-executor.4) score 1005 or sacrifice child [ 856.332526] Killed process 13979 (syz-executor.4) total-vm:72716kB, anon-rss:148kB, file-rss:34816kB, shmem-rss:0kB [ 856.362977] oom_reaper: reaped process 13979 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 856.564527] team0: Port device team_slave_1 added [ 856.609565] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 856.617118] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 856.943368] device hsr_slave_0 entered promiscuous mode [ 857.012229] syz-executor.3 invoked oom-killer: gfp_mask=0x6142c0(GFP_KERNEL|__GFP_NOWARN|__GFP_COMP|__GFP_NOMEMALLOC), nodemask=(null), order=1, oom_score_adj=0 [ 857.030129] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 857.040055] CPU: 1 PID: 14000 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 857.047118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 857.056486] Call Trace: [ 857.059091] dump_stack+0x172/0x1f0 [ 857.062750] dump_header+0x15e/0xa55 [ 857.066476] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 857.071590] ? ___ratelimit+0x60/0x595 [ 857.075503] ? do_raw_spin_unlock+0x57/0x270 [ 857.079931] oom_kill_process.cold+0x10/0x6ef [ 857.084442] ? lock_downgrade+0x810/0x810 [ 857.088607] ? kasan_check_read+0x11/0x20 [ 857.092776] out_of_memory+0x936/0x12d0 [ 857.096775] ? oom_killer_disable+0x280/0x280 [ 857.101286] ? mutex_trylock+0x18e/0x1e0 [ 857.105372] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 857.110323] __alloc_pages_slowpath+0x20af/0x2870 [ 857.115200] ? warn_alloc+0x110/0x110 [ 857.119011] ? __lock_is_held+0xb6/0x140 [ 857.123086] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 857.128630] ? should_fail+0x14d/0x85c [ 857.132538] ? __might_sleep+0x95/0x190 [ 857.136534] __alloc_pages_nodemask+0x617/0x750 [ 857.141229] ? __alloc_pages_slowpath+0x2870/0x2870 [ 857.146256] ? mark_held_locks+0xb1/0x100 [ 857.150424] ? cache_grow_begin+0x597/0x8c0 [ 857.154768] ? lockdep_hardirqs_on+0x415/0x5d0 [ 857.159374] ? trace_hardirqs_on+0x67/0x220 [ 857.163726] cache_grow_begin+0x91/0x8c0 [ 857.167806] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 857.173360] ? __cpuset_node_allowed+0x136/0x540 [ 857.178141] fallback_alloc+0x1fd/0x2d0 [ 857.182229] ____cache_alloc_node+0x1be/0x1e0 [ 857.186752] kmem_cache_alloc_node_trace+0xec/0x720 [ 857.191796] __kmalloc_node_track_caller+0x3d/0x80 [ 857.196748] __kmalloc_reserve.isra.0+0x40/0xf0 [ 857.201442] __alloc_skb+0x10b/0x5f0 [ 857.205183] ? skb_scrub_packet+0x490/0x490 [ 857.209525] ? if_nlmsg_size+0x4ad/0x9f0 [ 857.213610] rtmsg_ifinfo_build_skb+0x74/0x190 [ 857.218214] rtmsg_ifinfo_event.part.0+0x43/0xe0 [ 857.222987] rtnetlink_event+0x12c/0x150 [ 857.227066] notifier_call_chain+0xc2/0x230 [ 857.231410] raw_notifier_call_chain+0x2e/0x40 [ 857.236009] call_netdevice_notifiers_info+0x3f/0x90 [ 857.241131] dev_set_mtu_ext+0x396/0x590 [ 857.245213] ? dev_change_flags+0x150/0x150 [ 857.249558] ? find_held_lock+0x35/0x130 [ 857.253633] ? hsr_get_max_mtu+0x190/0x2b0 [ 857.257890] dev_set_mtu+0xa5/0x130 [ 857.261533] ? dev_set_mtu_ext+0x590/0x590 [ 857.265792] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 857.271349] ? hsr_get_max_mtu+0x1db/0x2b0 [ 857.275596] hsr_add_port+0x4c2/0x6b0 [ 857.279417] hsr_dev_finalize+0x5a8/0x780 [ 857.283586] hsr_newlink+0x26b/0x380 [ 857.287318] ? hsr_dev_finalize+0x780/0x780 [ 857.291682] ? rtnl_create_link+0x148/0xa00 [ 857.296027] ? netlink_ns_capable+0x26/0x30 [ 857.300459] ? hsr_dev_finalize+0x780/0x780 [ 857.304795] rtnl_newlink+0x105a/0x1610 [ 857.308809] ? rtnl_link_unregister+0x250/0x250 [ 857.313490] ? blk_mq_get_driver_tag+0x670/0x670 [ 857.318269] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 857.323818] ? blk_mq_do_dispatch_sched+0x341/0x440 [ 857.328857] ? __lock_acquire+0x6ee/0x49c0 [ 857.333103] ? __lock_acquire+0x6ee/0x49c0 [ 857.337363] ? mark_held_locks+0x100/0x100 [ 857.341620] ? __lock_acquire+0x6ee/0x49c0 [ 857.345875] ? avc_has_perm_noaudit+0x38f/0x570 [ 857.350557] ? __lock_acquire+0x6ee/0x49c0 [ 857.354803] ? mark_held_locks+0x100/0x100 [ 857.359064] ? mark_held_locks+0x100/0x100 [ 857.363320] ? avc_has_perm_noaudit+0x3b6/0x570 [ 857.368008] ? avc_has_extended_perms+0x10f0/0x10f0 [ 857.373088] ? find_held_lock+0x35/0x130 [ 857.377164] ? rtnetlink_rcv_msg+0x3d0/0xb00 [ 857.381597] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 857.387152] ? rtnl_link_unregister+0x250/0x250 [ 857.391835] rtnetlink_rcv_msg+0x463/0xb00 [ 857.396098] ? rtnetlink_put_metrics+0x560/0x560 [ 857.400869] ? netlink_deliver_tap+0x22d/0xc20 [ 857.405457] ? find_held_lock+0x35/0x130 [ 857.409535] netlink_rcv_skb+0x17d/0x460 [ 857.413609] ? rtnetlink_put_metrics+0x560/0x560 [ 857.418378] ? netlink_ack+0xb30/0xb30 [ 857.422277] ? kasan_check_read+0x11/0x20 [ 857.426446] ? netlink_deliver_tap+0x254/0xc20 [ 857.431045] rtnetlink_rcv+0x1d/0x30 [ 857.434795] netlink_unicast+0x537/0x720 [ 857.438877] ? netlink_attachskb+0x770/0x770 [ 857.443299] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 857.448859] netlink_sendmsg+0x8ae/0xd70 [ 857.452936] ? netlink_unicast+0x720/0x720 [ 857.457184] ? selinux_socket_sendmsg+0x36/0x40 [ 857.461862] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 857.467404] ? security_socket_sendmsg+0x8d/0xc0 [ 857.472169] ? netlink_unicast+0x720/0x720 [ 857.476413] sock_sendmsg+0xd7/0x130 [ 857.480136] __sys_sendto+0x262/0x380 [ 857.483948] ? __ia32_sys_getpeername+0xb0/0xb0 [ 857.488623] ? __do_page_fault+0x676/0xe90 [ 857.492879] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 857.498427] ? up_read+0x1a/0x110 [ 857.501886] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 857.507429] ? __do_page_fault+0x484/0xe90 [ 857.511673] ? blkg_prfill_rwstat_field_recursive+0x100/0x100 [ 857.517584] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 857.522349] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 857.527114] ? do_syscall_64+0x26/0x620 [ 857.538307] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 857.543716] __x64_sys_sendto+0xe1/0x1a0 [ 857.547791] do_syscall_64+0xfd/0x620 [ 857.551602] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 857.556793] RIP: 0033:0x413673 [ 857.560007] Code: Bad RIP value. [ 857.563376] RSP: 002b:00007ffc3cb0bbe8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 857.571115] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000413673 [ 857.578390] RDX: 0000000000000048 RSI: 0000000000a70070 RDI: 0000000000000003 [ 857.585686] RBP: 000000000000000a R08: 00007ffc3cb0bbf0 R09: 000000000000000c [ 857.593006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 857.600611] R13: 00000000004be90a R14: 00007ffc3cb0bd20 R15: 0000000000000006 [ 857.619543] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 857.620458] Mem-Info: [ 857.632885] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 857.649537] active_anon:71384 inactive_anon:208 isolated_anon:0 [ 857.649537] active_file:16 inactive_file:15 isolated_file:0 [ 857.649537] unevictable:0 dirty:0 writeback:0 unstable:0 [ 857.649537] slab_reclaimable:12554 slab_unreclaimable:103842 [ 857.649537] mapped:52226 shmem:252 pagetables:820 bounce:0 [ 857.649537] free:25368 free_pcp:764 free_cma:0 [ 857.669515] syz-executor.4 cpuset= [ 857.682691] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 857.701999] Node 0 active_anon:284268kB inactive_anon:792kB active_file:44kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:57276kB dirty:0kB writeback:0kB shmem:964kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 857.709560] CPU: 0 PID: 13988 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 857.729633] syz4 [ 857.737033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 857.737047] Call Trace: [ 857.739029] mems_allowed=0-1 [ 857.748397] dump_stack+0x172/0x1f0 [ 857.748417] warn_alloc.cold+0x7b/0x173 [ 857.748435] ? zone_watermark_ok_safe+0x260/0x260 [ 857.748463] ? unreserve_highatomic_pageblock+0x31b/0x460 [ 857.748488] __alloc_pages_slowpath+0x220e/0x2870 [ 857.752000] Node 1 active_anon:1268kB inactive_anon:40kB active_file:20kB inactive_file:620kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:152028kB dirty:0kB writeback:0kB shmem:44kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 857.754209] ? warn_alloc+0x110/0x110 [ 857.757799] Node 0 [ 857.761774] ? __lock_is_held+0xb6/0x140 [ 857.761794] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 857.761806] ? should_fail+0x14d/0x85c [ 857.761839] ? __might_sleep+0x95/0x190 [ 857.766702] DMA free:10316kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 857.772226] __alloc_pages_nodemask+0x617/0x750 [ 857.772249] ? __alloc_pages_slowpath+0x2870/0x2870 [ 857.772273] ? wait_for_completion+0x440/0x440 [ 857.772289] ? kasan_check_write+0x14/0x20 [ 857.772310] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 857.789551] lowmem_reserve[]: [ 857.803911] alloc_pages_current+0x107/0x210 [ 857.803931] ion_page_pool_alloc+0x137/0x1d0 [ 857.803946] ion_system_heap_allocate+0x154/0xa90 [ 857.803963] ? ion_system_heap_free+0x250/0x250 [ 857.803991] ion_alloc+0x29b/0x900 [ 857.829543] 0 [ 857.853610] ? ion_dma_buf_release+0x50/0x50 [ 857.853636] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 857.853653] ? _copy_from_user+0xdd/0x150 [ 857.853674] ion_ioctl+0x17b/0x329 [ 857.889528] 2555 [ 857.889617] ? ion_alloc.cold+0x28/0x28 [ 857.894444] 2557 [ 857.899116] ? __might_sleep+0x95/0x190 [ 857.909533] 2557 [ 857.914386] ? ion_alloc.cold+0x28/0x28 [ 857.922072] do_vfs_ioctl+0xd5f/0x1380 [ 857.922096] ? selinux_file_ioctl+0x46f/0x5e0 [ 857.922108] ? selinux_file_ioctl+0x125/0x5e0 [ 857.922122] ? ioctl_preallocate+0x210/0x210 [ 857.922136] ? selinux_file_mprotect+0x620/0x620 [ 857.922157] ? iterate_fd+0x360/0x360 [ 857.949589] Node 0 [ 857.953092] ? nsecs_to_jiffies+0x30/0x30 [ 857.957516] DMA32 free:27524kB min:36248kB low:45308kB high:54368kB active_anon:282220kB inactive_anon:792kB active_file:44kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6528kB pagetables:2280kB bounce:0kB free_pcp:2660kB local_pcp:1364kB free_cma:0kB [ 857.962257] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 857.962274] ? security_file_ioctl+0x8d/0xc0 [ 857.962291] ksys_ioctl+0xab/0xd0 [ 857.962313] __x64_sys_ioctl+0x73/0xb0 [ 858.010334] lowmem_reserve[]: [ 858.010821] do_syscall_64+0xfd/0x620 [ 858.014262] 0 [ 858.018158] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 858.032094] RIP: 0033:0x459829 [ 858.035302] Code: Bad RIP value. [ 858.038668] RSP: 002b:00007ff0ae6ecc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 858.039528] 0 [ 858.046385] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 858.046399] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 858.048205] 2 [ 858.055471] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 858.055479] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff0ae6ed6d4 [ 858.055487] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 858.067059] Mem-Info: [ 858.072048] CPU: 1 PID: 13979 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 858.072058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 858.072064] Call Trace: [ 858.072087] dump_stack+0x172/0x1f0 [ 858.072109] warn_alloc.cold+0x7b/0x173 [ 858.072130] ? zone_watermark_ok_safe+0x260/0x260 [ 858.072158] ? unreserve_highatomic_pageblock+0x31b/0x460 [ 858.082681] active_anon:71384 inactive_anon:208 isolated_anon:0 [ 858.082681] active_file:16 inactive_file:315 isolated_file:0 [ 858.082681] unevictable:0 dirty:0 writeback:0 unstable:0 [ 858.082681] slab_reclaimable:12554 slab_unreclaimable:103842 [ 858.082681] mapped:52426 shmem:252 pagetables:820 bounce:0 [ 858.082681] free:44938 free_pcp:1323 free_cma:0 [ 858.086810] __alloc_pages_slowpath+0x220e/0x2870 [ 858.086848] ? warn_alloc+0x110/0x110 [ 858.086864] ? __lock_is_held+0xb6/0x140 [ 858.086888] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 858.089972] Node 0 active_anon:284268kB inactive_anon:792kB active_file:44kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:57276kB dirty:0kB writeback:0kB shmem:964kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 858.096316] ? should_fail+0x14d/0x85c [ 858.096343] ? __might_sleep+0x95/0x190 [ 858.096365] __alloc_pages_nodemask+0x617/0x750 [ 858.096389] ? __alloc_pages_slowpath+0x2870/0x2870 [ 858.096415] ? wait_for_completion+0x440/0x440 [ 858.096434] ? retint_kernel+0x2d/0x2d [ 858.106693] Node 1 active_anon:1268kB inactive_anon:40kB active_file:20kB inactive_file:1420kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:152528kB dirty:0kB writeback:0kB shmem:44kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 858.108415] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 858.108437] alloc_pages_current+0x107/0x210 [ 858.108456] ion_page_pool_alloc+0x137/0x1d0 [ 858.108472] ion_system_heap_allocate+0x154/0xa90 [ 858.108493] ? ion_system_heap_free+0x250/0x250 [ 858.108519] ion_alloc+0x29b/0x900 [ 858.108541] ? ion_dma_buf_release+0x50/0x50 [ 858.112946] Node 0 [ 858.116150] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 858.116167] ? _copy_from_user+0xdd/0x150 [ 858.116188] ion_ioctl+0x17b/0x329 [ 858.116206] ? ion_alloc.cold+0x28/0x28 [ 858.116224] ? __might_sleep+0x95/0x190 [ 858.116241] ? ion_alloc.cold+0x28/0x28 [ 858.116260] do_vfs_ioctl+0xd5f/0x1380 [ 858.121932] DMA free:10356kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 858.126651] ? selinux_file_ioctl+0x46f/0x5e0 [ 858.126664] ? selinux_file_ioctl+0x125/0x5e0 [ 858.126681] ? ioctl_preallocate+0x210/0x210 [ 858.126693] ? selinux_file_mprotect+0x620/0x620 [ 858.126715] ? iterate_fd+0x360/0x360 [ 858.126731] ? nsecs_to_jiffies+0x30/0x30 [ 858.126754] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 858.126801] ? security_file_ioctl+0x8d/0xc0 [ 858.160959] lowmem_reserve[]: [ 858.164830] ksys_ioctl+0xab/0xd0 [ 858.164849] __x64_sys_ioctl+0x73/0xb0 [ 858.164867] do_syscall_64+0xfd/0x620 [ 858.164887] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 858.164899] RIP: 0033:0x459829 [ 858.164927] Code: Bad RIP value. [ 858.164935] RSP: 002b:00007f7abc886c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 858.169542] 0 [ 858.172807] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 858.172816] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000004 [ 858.172825] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 858.172833] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7abc8876d4 [ 858.172841] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 858.209562] 2 [ 858.219240] 2555 [ 858.237706] 2557 [ 858.289546] Node 0 [ 858.298590] 2557 [ 858.298890] Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 858.298899] lowmem_reserve[]: [ 858.319512] 0 [ 858.329697] Node 0 [ 858.379559] 0 [ 858.444306] DMA32 free:92572kB min:36248kB low:45308kB high:54368kB active_anon:282220kB inactive_anon:792kB active_file:44kB inactive_file:1240kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6528kB pagetables:2280kB bounce:0kB free_pcp:2616kB local_pcp:1528kB free_cma:0kB [ 858.451732] 0 [ 858.480145] lowmem_reserve[]: [ 858.529555] 0 [ 858.537372] Node 1 Normal free:297824kB min:53608kB low:67008kB high:80408kB active_anon:1268kB inactive_anon:40kB active_file:164kB inactive_file:1872kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:544kB pagetables:1000kB bounce:0kB free_pcp:2888kB local_pcp:1432kB free_cma:0kB [ 858.604770] 0 0 2 2 [ 858.607275] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 858.609522] lowmem_reserve[]: 0 0 0 0 [ 858.653465] Node 0 DMA: 39*4kB (U) 38*8kB (UE) 36*16kB (U) 22*32kB (UE) 16*64kB (UE) 7*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10572kB [ 858.669646] Node 0 DMA32: 14175*4kB (UME) 2493*8kB (UME) 256*16kB (UME) 83*32kB (UM) 251*64kB (UM) 124*128kB (UM) 10*256kB (UM) 2*512kB (UM) 1*1024kB (U) 0*2048kB 0*4096kB = 119940kB [ 858.684020] lowmem_reserve[]: 0 0 0 0 [ 858.698959] Node 1 Normal free:455412kB min:53608kB low:67008kB high:80408kB active_anon:1268kB inactive_anon:40kB active_file:164kB inactive_file:1872kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:544kB pagetables:1000kB bounce:0kB free_pcp:2784kB local_pcp:1456kB free_cma:0kB [ 858.719531] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 858.740135] Node 1 Normal: 15557*4kB (UME) 1423*8kB (UME) 1007*16kB (UE) 722*32kB (UE) 3035*64kB (UME) 723*128kB (U) 213*256kB (UM) 6*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 457212kB [ 858.755801] lowmem_reserve[]: 0 0 0 0 [ 858.762107] Node 0 DMA: 41*4kB (U) 38*8kB (UE) 36*16kB (U) 22*32kB (UE) 16*64kB (UE) 7*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10580kB [ 858.783744] Node 0 DMA32: 18808*4kB (UE) 2735*8kB (UME) 281*16kB (UME) 84*32kB (UM) 251*64kB (UM) 124*128kB (UM) 10*256kB (UM) 2*512kB (UM) 1*1024kB (U) 0*2048kB 0*4096kB = 140840kB [ 858.806304] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 858.817160] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 858.831909] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 858.843598] Node 1 Normal: 15557*4kB (UME) 1423*8kB (UME) 1007*16kB (UE) 722*32kB (UE) 3035*64kB (UME) 723*128kB (U) 213*256kB (UM) 6*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 457212kB [ 858.866080] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 858.875036] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 858.890001] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 858.898599] 2016 total pagecache pages [ 858.907519] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 858.917207] 0 pages in swap cache [ 858.925614] Swap cache stats: add 0, delete 0, find 0/0 [ 858.932021] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 858.945840] Free swap = 0kB [ 858.948870] Total swap = 0kB [ 858.952987] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 858.966967] 1965979 pages RAM [ 858.971115] 0 pages HighMem/MovableOnly [ 858.975098] 338856 pages reserved [ 858.978545] 0 pages cma reserved [ 858.987064] 2016 total pagecache pages [ 858.992007] 0 pages in swap cache [ 858.995477] Swap cache stats: add 0, delete 0, find 0/0 [ 859.005834] Unreclaimable slab info: [ 859.010592] Name Used Total [ 859.016162] pid_2 37KB 160KB [ 859.026531] Free swap = 0kB [ 859.030593] Total swap = 0kB [ 859.033619] 1965979 pages RAM [ 859.036719] 0 pages HighMem/MovableOnly [ 859.045955] batadv_tt_change_cache 9KB 15KB [ 859.052791] 338856 pages reserved [ 859.056264] 0 pages cma reserved [ 859.067749] batadv_tl_cache 12KB 12KB [ 859.079652] TIPC 21KB 35KB [ 859.100459] SCTPv6 39KB 43KB [ 859.109534] DCCPv6 17KB 21KB [ 859.114921] DCCP 16KB 20KB [ 859.149701] bridge_fdb_cache 31KB 31KB [ 859.157195] fib6_nodes 216KB 224KB [ 859.165052] ip6_dst_cache 830KB 832KB [ 859.179598] RAWv6 146KB 149KB [ 859.185003] UDPv6 3KB 3KB [ 859.199620] TCPv6 29KB 29KB [ 859.205030] nf_conntrack 0KB 3KB [ 859.229955] sd_ext_cdb 0KB 7KB [ 859.259537] scsi_sense_cache 1056KB 1060KB [ 859.264953] virtio_scsi_cmd 16KB 16KB [ 859.279550] sgpool-128 8KB 8KB [ 859.284970] sgpool-64 4KB 12KB [ 859.298594] sgpool-32 2KB 15KB [ 859.304057] sgpool-16 1KB 7KB [ 859.309446] sgpool-8 0KB 7KB [ 859.329546] mqueue_inode_cache 28KB 43KB [ 859.335049] bio_post_read_ctx 14KB 15KB [ 859.340587] bio-2 14KB 15KB [ 859.345977] jfs_mp 7KB 7KB [ 859.360403] nfs_commit_data 3KB 14KB [ 859.365803] nfs_write_data 34KB 44KB [ 859.371346] ext4_system_zone 1KB 7KB [ 859.376765] bio-1 1KB 7KB [ 859.399555] fasync_cache 0KB 4KB [ 859.405000] pid_namespace 4KB 7KB [ 859.419539] rpc_buffers 17KB 25KB [ 859.424956] rpc_tasks 2KB 7KB [ 859.439544] UNIX 1163KB 1163KB [ 859.444980] tcp_bind_bucket 3KB 12KB [ 859.459624] inet_peer_cache 0KB 4KB [ 859.465050] xfrm_state 8KB 8KB [ 859.479536] ip_fib_trie 32KB 39KB [ 859.484936] ip_fib_alias 151KB 162KB [ 859.491095] ip_dst_cache 11KB 24KB [ 859.496505] RAW 89KB 100KB [ 859.509606] UDP 30KB 39KB [ 859.515015] TCP 8KB 16KB [ 859.520466] hugetlbfs_inode_cache 2KB 15KB [ 859.526205] fscache_cookie_jar 1KB 11KB [ 859.539620] eventpoll_pwq 26KB 35KB [ 859.545043] eventpoll_epi 49KB 66KB [ 859.550502] inotify_inode_mark 28KB 63KB [ 859.555991] request_queue 163KB 163KB [ 859.575456] blkdev_requests 1KB 3KB [ 859.580928] blkdev_ioc 42KB 54KB [ 859.586307] bio-0 3465KB 3487KB [ 859.601326] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 859.638434] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 859.649529] biovec-max 5832KB 5832KB [ 859.649582] CPU: 0 PID: 13979 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 859.655243] biovec-64 3755KB 3780KB [ 859.661940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 859.661946] Call Trace: [ 859.661971] dump_stack+0x172/0x1f0 [ 859.661991] warn_alloc.cold+0x7b/0x173 [ 859.662010] ? zone_watermark_ok_safe+0x260/0x260 [ 859.662033] ? try_to_compact_pages+0x44/0xae0 [ 859.662066] __alloc_pages_slowpath+0x220e/0x2870 [ 859.672660] biovec-16 388KB 435KB [ 859.676808] ? warn_alloc+0x110/0x110 [ 859.679358] bio_integrity_payload 1KB 8KB [ 859.682977] ? __lock_is_held+0xb6/0x140 [ 859.682997] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 859.683010] ? should_fail+0x14d/0x85c [ 859.683030] ? __isolate_free_page+0x4c0/0x4c0 [ 859.683048] ? __might_sleep+0x95/0x190 [ 859.683073] __alloc_pages_nodemask+0x617/0x750 [ 859.688885] khugepaged_mm_slot 4KB 19KB [ 859.691893] ? __alloc_pages_slowpath+0x2870/0x2870 [ 859.691914] ? find_held_lock+0x35/0x130 [ 859.691933] ? wait_for_completion+0x440/0x440 [ 859.691948] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 859.691971] alloc_pages_current+0x107/0x210 [ 859.691990] ion_page_pool_alloc+0x137/0x1d0 [ 859.692011] ion_system_heap_allocate+0x154/0xa90 [ 859.699638] dmaengine-unmap-256 2KB 6KB [ 859.701436] ? ion_system_heap_free+0x250/0x250 [ 859.706784] dmaengine-unmap-128 1KB 3KB [ 859.710586] ion_alloc+0x475/0x900 [ 859.710609] ? ion_dma_buf_release+0x50/0x50 [ 859.710635] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 859.710652] ? _copy_from_user+0xdd/0x150 [ 859.710672] ion_ioctl+0x17b/0x329 [ 859.721868] dmaengine-unmap-16 0KB 4KB [ 859.725969] ? ion_alloc.cold+0x28/0x28 [ 859.732685] dmaengine-unmap-2 0KB 3KB [ 859.734428] ? __might_sleep+0x95/0x190 [ 859.742722] audit_buffer 0KB 3KB [ 859.744536] ? ion_alloc.cold+0x28/0x28 [ 859.753673] skbuff_fclone_cache 121KB 206KB [ 859.754987] do_vfs_ioctl+0xd5f/0x1380 [ 859.759069] skbuff_head_cache 6761KB 6765KB [ 859.763655] ? selinux_file_ioctl+0x46f/0x5e0 [ 859.763668] ? selinux_file_ioctl+0x125/0x5e0 [ 859.763685] ? ioctl_preallocate+0x210/0x210 [ 859.763698] ? selinux_file_mprotect+0x620/0x620 [ 859.763719] ? iterate_fd+0x360/0x360 [ 859.763735] ? nsecs_to_jiffies+0x30/0x30 [ 859.763760] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 859.763781] ? security_file_ioctl+0x8d/0xc0 [ 859.774937] configfs_dir_cache 0KB 8KB [ 859.778123] ksys_ioctl+0xab/0xd0 [ 859.815466] file_lock_cache 0KB 3KB [ 859.816263] __x64_sys_ioctl+0x73/0xb0 [ 859.835034] file_lock_ctx 0KB 3KB [ 859.838524] do_syscall_64+0xfd/0x620 [ 859.875095] fsnotify_mark_connector 17KB 39KB [ 859.875994] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 859.895087] net_namespace 121KB 121KB [ 859.898584] RIP: 0033:0x459829 [ 859.924961] shmem_inode_cache 5153KB 5526KB [ 859.925846] Code: Bad RIP value. [ 859.949528] task_delay_info 69KB 233KB [ 859.950795] RSP: 002b:00007f7abc886c78 EFLAGS: 00000246 [ 859.954163] taskstats 32KB 80KB [ 859.959508] ORIG_RAX: 0000000000000010 [ 859.959518] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 859.959526] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000004 [ 859.959534] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 859.959542] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7abc8876d4 [ 859.959550] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 859.960082] warn_alloc_show_mem: 1 callbacks suppressed [ 859.960087] Mem-Info: [ 859.987331] proc_dir_entry 1058KB 1061KB [ 860.009548] active_anon:71384 inactive_anon:208 isolated_anon:0 [ 860.009548] active_file:243 inactive_file:1475 isolated_file:0 [ 860.009548] unevictable:0 dirty:0 writeback:0 unstable:0 [ 860.009548] slab_reclaimable:12538 slab_unreclaimable:103854 [ 860.009548] mapped:53461 shmem:252 pagetables:820 bounce:0 [ 860.009548] free:185296 free_pcp:818 free_cma:0 [ 860.017652] pde_opener 0KB 3KB [ 860.019035] Node 0 active_anon:284268kB inactive_anon:792kB active_file:596kB inactive_file:4260kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:60420kB dirty:0kB writeback:0kB shmem:964kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 860.069529] seq_file 160KB 307KB [ 860.111615] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 860.139525] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 860.144976] CPU: 0 PID: 13988 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 860.152013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 860.161381] Call Trace: [ 860.163994] dump_stack+0x172/0x1f0 [ 860.167645] warn_alloc.cold+0x7b/0x173 [ 860.171636] ? zone_watermark_ok_safe+0x260/0x260 [ 860.175308] Node 1 active_anon:1268kB inactive_anon:40kB active_file:376kB inactive_file:1640kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:153424kB dirty:0kB writeback:0kB shmem:44kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 860.176491] ? try_to_compact_pages+0x44/0xae0 [ 860.208032] __alloc_pages_slowpath+0x220e/0x2870 [ 860.212922] ? warn_alloc+0x110/0x110 [ 860.216739] ? __lock_is_held+0xb6/0x140 [ 860.220828] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 860.226373] ? should_fail+0x14d/0x85c [ 860.230279] ? __isolate_free_page+0x4c0/0x4c0 [ 860.234881] ? __might_sleep+0x95/0x190 [ 860.238877] __alloc_pages_nodemask+0x617/0x750 [ 860.243574] ? __alloc_pages_slowpath+0x2870/0x2870 [ 860.245342] Node 0 DMA free:10388kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 860.248640] ? find_held_lock+0x35/0x130 [ 860.248661] ? wait_for_completion+0x440/0x440 [ 860.279530] sigqueue 42KB 86KB [ 860.283707] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 860.289068] kernfs_node_cache 13570KB 13572KB [ 860.294628] alloc_pages_current+0x107/0x210 [ 860.294648] ion_page_pool_alloc+0x137/0x1d0 [ 860.294662] ion_system_heap_allocate+0x154/0xa90 [ 860.294680] ? ion_system_heap_free+0x250/0x250 [ 860.294703] ion_alloc+0x475/0x900 [ 860.294727] ? ion_dma_buf_release+0x50/0x50 [ 860.294752] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 860.294773] ? _copy_from_user+0xdd/0x150 [ 860.335188] mnt_cache 177KB 180KB [ 860.336045] ion_ioctl+0x17b/0x329 [ 860.344961] ? ion_alloc.cold+0x28/0x28 [ 860.348955] ? __might_sleep+0x95/0x190 [ 860.352943] ? ion_alloc.cold+0x28/0x28 [ 860.355026] filp 2696KB 4200KB [ 860.356927] do_vfs_ioctl+0xd5f/0x1380 [ 860.362367] lowmem_reserve[]: 0 [ 860.366180] ? selinux_file_ioctl+0x46f/0x5e0 [ 860.366197] ? selinux_file_ioctl+0x125/0x5e0 [ 860.375084] names_cache 45764KB 45802KB [ 860.378453] ? ioctl_preallocate+0x210/0x210 [ 860.388233] ? selinux_file_mprotect+0x620/0x620 [ 860.393016] ? iterate_fd+0x360/0x360 [ 860.395148] 2555 2557 [ 860.396851] ? nsecs_to_jiffies+0x30/0x30 [ 860.396875] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 860.399363] 2557 [ 860.403509] ? security_file_ioctl+0x8d/0xc0 [ 860.403526] ksys_ioctl+0xab/0xd0 [ 860.403544] __x64_sys_ioctl+0x73/0xb0 [ 860.403561] do_syscall_64+0xfd/0x620 [ 860.403580] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 860.403591] RIP: 0033:0x459829 [ 860.403616] Code: Bad RIP value. [ 860.419613] iint_cache 41KB 63KB [ 860.422916] RSP: 002b:00007ff0ae6ecc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 860.426736] hashtab_node 118KB 119KB [ 860.431910] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 860.431918] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 860.431925] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 860.431933] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff0ae6ed6d4 [ 860.431940] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 860.464998] ebitmap_node 1038KB 1039KB [ 860.519523] Node 0 DMA32 free:547632kB min:36248kB low:45308kB high:54368kB active_anon:282220kB inactive_anon:792kB active_file:604kB inactive_file:4216kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6528kB pagetables:2280kB bounce:0kB free_pcp:2728kB local_pcp:1328kB free_cma:0kB [ 860.545808] avtab_node 1012KB 1013KB [ 860.554408] avc_node 48KB 55KB [ 860.579513] lowmem_reserve[]: 0 0 2 2 [ 860.583397] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 860.585062] selinux_file_security 170KB 329KB [ 860.629585] lowmem_reserve[]: 0 0 0 0 [ 860.633481] Node 1 Normal free:523920kB min:53608kB low:67008kB high:80408kB active_anon:1268kB inactive_anon:40kB active_file:440kB inactive_file:1552kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:544kB pagetables:1000kB bounce:0kB free_pcp:2784kB local_pcp:1404kB free_cma:0kB [ 860.655053] selinux_inode_security 3238KB 3488KB [ 860.695389] key_jar 4KB 11KB [ 860.700863] uts_namespace 6KB 11KB [ 860.706256] nsproxy 5KB 11KB [ 860.729545] lowmem_reserve[]: 0 0 0 0 [ 860.733414] Node 0 DMA: 41*4kB (U) 36*8kB (UE) 36*16kB (U) 23*32kB (UE) 13*64kB (UE) 7*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10404kB [ 860.735353] vm_area_struct 3153KB 5881KB [ 860.779648] Node 0 DMA32: 44255*4kB (UME) 24410*8kB (UME) 8068*16kB (UME) 1407*32kB (UME) 32*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 548460kB [ 860.801524] mm_struct 451KB 838KB [ 860.806932] fs_cache 56KB 96KB [ 860.819947] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 860.830874] Node 1 Normal: 79078*4kB (UME) 24975*8kB (UM) 6558*16kB (UM) 930*32kB (U) 63*64kB (U) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 654960kB [ 860.833316] files_cache 161KB 270KB [ 860.845846] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 860.845859] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 860.845872] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 860.845889] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 860.856932] signal_cache 536KB 797KB [ 860.889507] 1955 total pagecache pages [ 860.895683] 0 pages in swap cache [ 860.897517] sighand_cache 499KB 534KB [ 860.899142] Swap cache stats: add 0, delete 0, find 0/0 [ 860.904556] task_struct 2357KB 2382KB [ 860.904566] cred_jar 304KB 616KB [ 860.904583] anon_vma_chain 1821KB 3614KB [ 860.910073] Free swap = 0kB [ 860.929597] Total swap = 0kB [ 860.930369] anon_vma 152KB 573KB [ 860.932631] 1965979 pages RAM [ 860.938001] pid 46KB 200KB [ 860.941185] 0 pages HighMem/MovableOnly [ 860.950539] 338856 pages reserved [ 860.969541] 0 pages cma reserved [ 860.972278] Acpi-Operand 156KB 190KB [ 860.978335] Acpi-ParseExt 8KB 11KB [ 860.986830] Acpi-Parse 41KB 47KB [ 860.999639] Acpi-State 52KB 63KB [ 861.005052] Acpi-Namespace 20KB 23KB [ 861.029580] numa_policy 0KB 3KB [ 861.035009] debug_objects_cache 1106KB 1114KB [ 861.059711] trace_event_file 263KB 266KB [ 861.065130] ftrace_event_field 382KB 385KB [ 861.099534] pool_workqueue 119KB 120KB [ 861.104955] task_group 5KB 7KB [ 861.119677] page->ptl 670KB 1612KB [ 861.129608] kmalloc-2097152 2050KB 2050KB [ 861.135007] kmalloc-524288 2056KB 2056KB [ 861.158573] kmalloc-262144 1290KB 1290KB [ 861.164063] kmalloc-131072 780KB 780KB [ 861.169448] kmalloc-65536 34914KB 34980KB [ 861.225518] kmalloc-32768 2904KB 3003KB [ 861.239584] kmalloc-16384 907KB 940KB [ 861.244991] kmalloc-8192 4240KB 4281KB [ 861.269675] kmalloc-4096 36018KB 36018KB [ 861.275104] kmalloc-2048 18251KB 18251KB [ 861.309685] kmalloc-1024 15189KB 15293KB [ 861.329701] kmalloc-512 11453KB 11497KB [ 861.359551] kmalloc-256 5114KB 5265KB [ 861.364959] kmalloc-128 1451KB 1460KB [ 861.370361] kmalloc-96 2536KB 2636KB [ 861.375735] kmalloc-64 3314KB 3396KB [ 861.381149] kmalloc-32 3407KB 3724KB [ 861.386522] kmalloc-192 2810KB 2912KB [ 861.399558] kmem_cache 248KB 255KB [ 861.405144] Out of memory: Kill process 7947 (syz-fuzzer) score 41 or sacrifice child [ 861.429602] Killed process 13948 (syz-executor.4) total-vm:72452kB, anon-rss:64kB, file-rss:0kB, shmem-rss:0kB [ 861.470139] device hsr_slave_1 entered promiscuous mode [ 861.526437] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 861.540026] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 861.592106] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 861.664246] 8021q: adding VLAN 0 to HW filter on device bond0 [ 861.685028] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 861.705733] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 861.719556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 861.729010] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 861.768908] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 861.776682] 8021q: adding VLAN 0 to HW filter on device team0 [ 861.795005] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 861.807485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 861.817576] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 861.869193] bridge0: port 1(bridge_slave_0) entered blocking state [ 861.875680] bridge0: port 1(bridge_slave_0) entered forwarding state [ 861.908059] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 861.915624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 861.929862] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 861.937872] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 861.951711] bridge0: port 2(bridge_slave_1) entered blocking state [ 861.958095] bridge0: port 2(bridge_slave_1) entered forwarding state [ 861.975646] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 861.986876] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 862.005797] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 862.015227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 862.034749] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 862.046550] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 862.057553] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 862.074386] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 862.086059] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 862.096217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 862.113234] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 862.126964] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 862.137657] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 862.157415] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 862.186253] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 862.195866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 862.208572] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 862.221288] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 862.227380] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 862.256633] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 862.278137] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 863.166318] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 863.196473] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 863.227635] CPU: 0 PID: 7962 Comm: syz-fuzzer Not tainted 4.19.63 #37 [ 863.234269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 863.243634] Call Trace: [ 863.246240] dump_stack+0x172/0x1f0 [ 863.249890] dump_header+0x15e/0xa55 [ 863.253620] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 863.258733] ? ___ratelimit+0x60/0x595 [ 863.262631] ? do_raw_spin_unlock+0x57/0x270 [ 863.267056] oom_kill_process.cold+0x10/0x6ef [ 863.271568] ? lock_downgrade+0x810/0x810 [ 863.275731] ? kasan_check_read+0x11/0x20 [ 863.279897] out_of_memory+0x936/0x12d0 [ 863.283916] ? oom_killer_disable+0x280/0x280 [ 863.288403] ? mutex_trylock+0x18e/0x1e0 [ 863.292453] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 863.297378] __alloc_pages_slowpath+0x20af/0x2870 [ 863.302232] ? warn_alloc+0x110/0x110 [ 863.306023] ? __lock_is_held+0xb6/0x140 [ 863.310097] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 863.315626] ? should_fail+0x14d/0x85c [ 863.319522] ? __might_sleep+0x95/0x190 [ 863.323503] __alloc_pages_nodemask+0x617/0x750 [ 863.328161] ? kasan_check_read+0x11/0x20 [ 863.332308] ? __alloc_pages_slowpath+0x2870/0x2870 [ 863.337321] ? find_get_entry+0x3e8/0x820 [ 863.341482] ? filemap_map_pages+0x1130/0x1130 [ 863.346086] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 863.351647] alloc_pages_current+0x107/0x210 [ 863.356064] __page_cache_alloc+0x2bd/0x450 [ 863.360375] ? kasan_check_read+0x11/0x20 [ 863.364514] filemap_fault+0x10bb/0x2250 [ 863.368566] ? lock_downgrade+0x810/0x810 [ 863.372725] ? __lock_page_or_retry+0xdc0/0xdc0 [ 863.377381] ? lock_acquire+0x16f/0x3f0 [ 863.381344] ? ext4_filemap_fault+0x7b/0xaf [ 863.385655] ext4_filemap_fault+0x83/0xaf [ 863.389794] __do_fault+0x111/0x480 [ 863.393414] __handle_mm_fault+0x2d78/0x3f80 [ 863.397857] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 863.402702] ? count_memcg_event_mm+0x2b1/0x4d0 [ 863.407360] handle_mm_fault+0x1b5/0x690 [ 863.411423] __do_page_fault+0x62a/0xe90 [ 863.415476] ? vmalloc_fault+0x740/0x740 [ 863.419534] ? trace_hardirqs_off_caller+0x65/0x220 [ 863.424542] ? trace_hardirqs_on_caller+0x6a/0x220 [ 863.429463] ? page_fault+0x8/0x30 [ 863.433007] do_page_fault+0x71/0x57d [ 863.436833] ? page_fault+0x8/0x30 [ 863.440381] page_fault+0x1e/0x30 [ 863.443828] RIP: 0033:0x45b153 [ 863.447032] Code: Bad RIP value. [ 863.450381] RSP: 002b:000000c420039ea0 EFLAGS: 00010206 [ 863.455750] RAX: ffffffffffffff92 RBX: 000000003b9834d4 RCX: 000000000045b153 [ 863.463015] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000017be660 [ 863.470293] RBP: 000000c420039ee8 R08: 0000000000000000 R09: 0000000000000000 [ 863.477568] R10: 000000c420039ed8 R11: 0000000000000206 R12: 000000d26a4ee521 [ 863.484866] R13: 0000000000000001 R14: 000000c42d25bce0 R15: 0000000000000001 [ 863.499049] Mem-Info: [ 863.501585] active_anon:71364 inactive_anon:208 isolated_anon:0 [ 863.501585] active_file:52 inactive_file:128 isolated_file:0 [ 863.501585] unevictable:0 dirty:52 writeback:0 unstable:0 [ 863.501585] slab_reclaimable:12567 slab_unreclaimable:103953 [ 863.501585] mapped:52245 shmem:252 pagetables:774 bounce:0 [ 863.501585] free:13784 free_pcp:60 free_cma:0 [ 863.542212] Node 0 active_anon:284156kB inactive_anon:788kB active_file:156kB inactive_file:156kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:57276kB dirty:196kB writeback:0kB shmem:960kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 863.577023] Node 1 active_anon:1300kB inactive_anon:44kB active_file:52kB inactive_file:96kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:151704kB dirty:12kB writeback:0kB shmem:48kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 863.616909] Node 0 DMA free:10320kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 863.646599] lowmem_reserve[]: 0 2555 2557 2557 [ 863.651409] Node 0 DMA32 free:17588kB min:36248kB low:45308kB high:54368kB active_anon:282108kB inactive_anon:788kB active_file:156kB inactive_file:204kB unevictable:0kB writepending:196kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6496kB pagetables:2188kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 863.681556] lowmem_reserve[]: 0 0 2 2 [ 863.685396] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 863.715432] lowmem_reserve[]: 0 0 0 0 [ 863.719295] Node 1 Normal free:26620kB min:53608kB low:67008kB high:80408kB active_anon:1300kB inactive_anon:44kB active_file:52kB inactive_file:200kB unevictable:0kB writepending:12kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:544kB pagetables:908kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 863.749017] lowmem_reserve[]: 0 0 0 0 [ 863.752931] Node 0 DMA: 21*4kB (UE) 36*8kB (UE) 36*16kB (U) 23*32kB (UE) 13*64kB (UE) 7*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10324kB [ 863.768455] Node 0 DMA32: 691*4kB (ME) 754*8kB (UME) 100*16kB (UMEH) 24*32kB (UME) 79*64kB (UH) 15*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18140kB [ 863.784118] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 863.795678] Node 1 Normal: 64*4kB (UME) 45*8kB (UME) 34*16kB (UM) 17*32kB (UM) 5*64kB (UM) 180*128kB (UM) 7*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26856kB [ 863.811077] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 863.820041] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 863.828628] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 863.837608] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 863.846301] 357 total pagecache pages [ 863.850287] 0 pages in swap cache [ 863.853762] Swap cache stats: add 0, delete 0, find 0/0 [ 863.859126] Free swap = 0kB [ 863.862869] Total swap = 0kB [ 863.865910] 1965979 pages RAM [ 863.869027] 0 pages HighMem/MovableOnly [ 863.873061] 338856 pages reserved [ 863.876517] 0 pages cma reserved [ 863.879931] Unreclaimable slab info: [ 863.883649] Name Used Total [ 863.889216] pid_2 37KB 160KB [ 863.894749] batadv_tt_change_cache 9KB 15KB [ 863.905304] batadv_tl_cache 11KB 12KB [ 863.914124] TIPC 21KB 35KB [ 863.919718] SCTPv6 33KB 43KB [ 863.925101] DCCPv6 17KB 21KB [ 863.930631] DCCP 16KB 20KB [ 863.936014] bridge_fdb_cache 26KB 31KB [ 863.942284] fib6_nodes 217KB 224KB [ 863.947678] ip6_dst_cache 836KB 836KB [ 863.953079] RAWv6 146KB 149KB [ 863.958446] UDPv6 3KB 3KB [ 863.963831] TCPv6 23KB 29KB [ 863.969190] nf_conntrack 0KB 3KB [ 863.974670] sd_ext_cdb 0KB 7KB [ 863.980784] scsi_sense_cache 1056KB 1060KB [ 863.986166] virtio_scsi_cmd 16KB 16KB [ 863.991616] sgpool-128 8KB 8KB [ 863.996994] sgpool-64 4KB 12KB [ 864.002427] sgpool-32 2KB 15KB [ 864.007793] sgpool-16 1KB 7KB [ 864.013216] sgpool-8 0KB 7KB [ 864.018600] mqueue_inode_cache 21KB 43KB [ 864.024723] bio_post_read_ctx 14KB 15KB [ 864.031338] bio-2 14KB 15KB [ 864.036717] jfs_mp 7KB 7KB [ 864.042297] nfs_commit_data 3KB 14KB [ 864.047677] nfs_write_data 34KB 44KB [ 864.053113] ext4_system_zone 1KB 7KB [ 864.058487] bio-1 1KB 7KB [ 864.063896] fasync_cache 0KB 4KB [ 864.069260] pid_namespace 4KB 7KB [ 864.075093] rpc_buffers 17KB 25KB [ 864.080605] rpc_tasks 2KB 7KB [ 864.085981] UNIX 1276KB 1276KB [ 864.091434] tcp_bind_bucket 3KB 12KB [ 864.096809] inet_peer_cache 0KB 4KB [ 864.105806] xfrm_state 8KB 8KB [ 864.111271] ip_fib_trie 35KB 39KB [ 864.116652] ip_fib_alias 154KB 162KB [ 864.122200] ip_dst_cache 8KB 24KB [ 864.127581] RAW 87KB 100KB [ 864.133103] UDP 29KB 39KB [ 864.138497] TCP 8KB 16KB [ 864.144612] hugetlbfs_inode_cache 2KB 15KB [ 864.150890] fscache_cookie_jar 1KB 11KB [ 864.156372] eventpoll_pwq 23KB 35KB [ 864.161929] eventpoll_epi 43KB 66KB [ 864.167309] inotify_inode_mark 27KB 63KB [ 864.172878] request_queue 163KB 163KB [ 864.178256] blkdev_requests 1KB 3KB [ 864.183807] blkdev_ioc 41KB 54KB [ 864.189173] bio-0 3499KB 3517KB [ 864.194597] biovec-max 5783KB 5832KB [ 864.200874] biovec-64 3794KB 3819KB [ 864.206245] biovec-16 397KB 435KB [ 864.211679] bio_integrity_payload 1KB 8KB [ 864.217383] khugepaged_mm_slot 5KB 19KB [ 864.223348] dmaengine-unmap-256 2KB 6KB [ 864.228905] dmaengine-unmap-128 1KB 3KB [ 864.234527] dmaengine-unmap-16 0KB 4KB [ 864.240036] dmaengine-unmap-2 0KB 3KB [ 864.245409] audit_buffer 0KB 3KB [ 864.250847] skbuff_fclone_cache 131KB 206KB [ 864.256405] skbuff_head_cache 6960KB 6963KB [ 864.261848] configfs_dir_cache 0KB 8KB [ 864.267330] file_lock_cache 0KB 3KB [ 864.273544] file_lock_ctx 0KB 3KB [ 864.278933] fsnotify_mark_connector 16KB 39KB [ 864.284965] net_namespace 121KB 121KB [ 864.293290] shmem_inode_cache 5156KB 5518KB [ 864.298677] task_delay_info 70KB 233KB [ 864.304138] taskstats 32KB 80KB [ 864.309572] proc_dir_entry 1054KB 1061KB [ 864.314941] pde_opener 0KB 3KB [ 864.320374] seq_file 167KB 307KB [ 864.325760] sigqueue 40KB 86KB [ 864.331604] kernfs_node_cache 13574KB 13576KB [ 864.336966] mnt_cache 176KB 180KB [ 864.344645] filp 2690KB 4196KB [ 864.350103] names_cache 45887KB 45887KB [ 864.355476] iint_cache 48KB 63KB [ 864.361040] hashtab_node 118KB 119KB [ 864.366422] ebitmap_node 1072KB 1074KB [ 864.371870] avtab_node 1012KB 1013KB [ 864.377266] avc_node 48KB 55KB [ 864.382711] selinux_file_security 169KB 329KB [ 864.388438] selinux_inode_security 3243KB 3488KB [ 864.394323] key_jar 4KB 11KB [ 864.399751] uts_namespace 6KB 11KB [ 864.405124] nsproxy 5KB 11KB [ 864.417414] vm_area_struct 3150KB 5881KB [ 864.423022] mm_struct 443KB 838KB [ 864.428401] fs_cache 48KB 96KB [ 864.440256] files_cache 168KB 262KB [ 864.445641] signal_cache 539KB 797KB [ 864.451081] sighand_cache 511KB 534KB [ 864.456448] task_struct 2357KB 2382KB [ 864.462770] cred_jar 298KB 612KB [ 864.468155] anon_vma_chain 1819KB 3614KB [ 864.473591] anon_vma 164KB 573KB [ 864.478962] pid 47KB 200KB [ 864.484430] Acpi-Operand 156KB 190KB [ 864.489874] Acpi-ParseExt 8KB 11KB [ 864.495247] Acpi-Parse 41KB 47KB [ 864.500720] Acpi-State 52KB 63KB [ 864.506096] Acpi-Namespace 20KB 23KB [ 864.533836] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 864.545268] numa_policy 0KB 3KB [ 864.551039] debug_objects_cache 1118KB 1122KB [ 864.556597] trace_event_file 263KB 266KB [ 864.565494] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 864.585932] ftrace_event_field 382KB 385KB [ 864.596558] pool_workqueue 111KB 120KB [ 864.608546] task_group 5KB 7KB [ 864.608976] CPU: 0 PID: 13979 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 864.614065] page->ptl 659KB 1612KB [ 864.621010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 864.621016] Call Trace: [ 864.621044] dump_stack+0x172/0x1f0 [ 864.621064] warn_alloc.cold+0x7b/0x173 [ 864.621083] ? zone_watermark_ok_safe+0x260/0x260 [ 864.621127] __alloc_pages_slowpath+0x220e/0x2870 [ 864.621162] ? warn_alloc+0x110/0x110 [ 864.629578] kmalloc-2097152 2050KB 2050KB [ 864.636405] ? __lock_is_held+0xb6/0x140 [ 864.638980] kmalloc-524288 2056KB 2056KB [ 864.642611] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 864.642624] ? should_fail+0x14d/0x85c [ 864.642646] ? __might_sleep+0x95/0x190 [ 864.642666] __alloc_pages_nodemask+0x617/0x750 [ 864.642686] ? __alloc_pages_slowpath+0x2870/0x2870 [ 864.642711] ? wait_for_completion+0x440/0x440 [ 864.642727] ? alloc_pages_current+0xd7/0x210 [ 864.642745] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 864.651821] kmalloc-262144 1290KB 1290KB [ 864.656402] alloc_pages_current+0x107/0x210 [ 864.663027] kmalloc-131072 780KB 780KB [ 864.665555] ion_page_pool_alloc+0x137/0x1d0 [ 864.672438] kmalloc-65536 34914KB 34980KB [ 864.674969] ion_system_heap_allocate+0x154/0xa90 [ 864.683323] kmalloc-32768 2871KB 2970KB [ 864.684387] ? ion_system_heap_free+0x250/0x250 [ 864.688341] kmalloc-16384 907KB 940KB [ 864.693019] ion_alloc+0x475/0x900 [ 864.693042] ? ion_dma_buf_release+0x50/0x50 [ 864.693066] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 864.693081] ? _copy_from_user+0xdd/0x150 [ 864.693100] ion_ioctl+0x17b/0x329 [ 864.693117] ? ion_alloc.cold+0x28/0x28 [ 864.693139] ? __might_sleep+0x95/0x190 [ 864.699660] kmalloc-8192 4314KB 4356KB [ 864.702743] ? ion_alloc.cold+0x28/0x28 [ 864.707222] kmalloc-4096 35742KB 35742KB [ 864.712760] do_vfs_ioctl+0xd5f/0x1380 [ 864.712775] ? selinux_file_ioctl+0x46f/0x5e0 [ 864.712787] ? selinux_file_ioctl+0x125/0x5e0 [ 864.712801] ? ioctl_preallocate+0x210/0x210 [ 864.712846] ? selinux_file_mprotect+0x620/0x620 [ 864.712875] ? iterate_fd+0x360/0x360 [ 864.725430] kmalloc-2048 18296KB 18296KB [ 864.728005] ? nsecs_to_jiffies+0x30/0x30 [ 864.733435] kmalloc-1024 15397KB 15419KB [ 864.737778] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 864.755787] kmalloc-512 11590KB 11602KB [ 864.757980] ? security_file_ioctl+0x8d/0xc0 [ 864.768493] kmalloc-256 5158KB 5265KB [ 864.771445] ksys_ioctl+0xab/0xd0 [ 864.771464] __x64_sys_ioctl+0x73/0xb0 [ 864.771484] do_syscall_64+0xfd/0x620 [ 864.771503] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 864.771514] RIP: 0033:0x459829 [ 864.771539] Code: Bad RIP value. [ 864.771546] RSP: 002b:00007f7abc886c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 864.771562] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 864.771576] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000004 [ 864.776879] kmalloc-128 1453KB 1460KB [ 864.779261] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 864.779275] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7abc8876d4 [ 864.800595] kmalloc-96 2566KB 2636KB [ 864.801882] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 864.824092] warn_alloc_show_mem: 1 callbacks suppressed [ 864.824098] Mem-Info: [ 864.824135] active_anon:71364 inactive_anon:208 isolated_anon:0 [ 864.824135] active_file:70 inactive_file:15 isolated_file:0 [ 864.824135] unevictable:0 dirty:52 writeback:0 unstable:0 [ 864.824135] slab_reclaimable:12563 slab_unreclaimable:103976 [ 864.824135] mapped:52226 shmem:252 pagetables:774 bounce:0 [ 864.824135] free:13702 free_pcp:62 free_cma:0 [ 864.824205] Node 0 active_anon:284156kB inactive_anon:788kB active_file:228kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:57276kB dirty:196kB writeback:0kB shmem:960kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 864.859021] kmalloc-64 3313KB 3396KB [ 864.870389] Node 1 active_anon:1300kB inactive_anon:44kB active_file:52kB inactive_file:36kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:151628kB dirty:12kB writeback:0kB shmem:48kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 864.887788] kmalloc-32 3410KB 3724KB [ 864.897079] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 864.908420] kmalloc-192 2808KB 2916KB [ 864.925461] syz-executor.5 cpuset= [ 864.944017] Node 0 [ 864.966618] kmem_cache 248KB 255KB [ 864.983219] syz5 mems_allowed=0-1 [ 864.983252] CPU: 1 PID: 13988 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 864.983261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 864.983266] Call Trace: [ 864.983287] dump_stack+0x172/0x1f0 [ 864.983306] warn_alloc.cold+0x7b/0x173 [ 864.983336] ? zone_watermark_ok_safe+0x260/0x260 [ 864.983379] __alloc_pages_slowpath+0x220e/0x2870 [ 864.983417] ? warn_alloc+0x110/0x110 [ 864.983433] ? __lock_is_held+0xb6/0x140 [ 864.983454] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 864.983468] ? should_fail+0x14d/0x85c [ 864.983490] ? __might_sleep+0x95/0x190 [ 865.029417] Out of memory: Kill process 7947 (syz-fuzzer) score 41 or sacrifice child [ 865.043304] __alloc_pages_nodemask+0x617/0x750 [ 865.043337] ? __alloc_pages_slowpath+0x2870/0x2870 [ 865.043359] ? get_task_policy.part.0+0x1f/0xb0 [ 865.048887] Killed process 13999 (syz-executor.3) total-vm:72452kB, anon-rss:68kB, file-rss:0kB, shmem-rss:0kB [ 865.060513] ? wait_for_completion+0x440/0x440 [ 865.060530] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 865.060551] alloc_pages_current+0x107/0x210 [ 865.060570] ion_page_pool_alloc+0x137/0x1d0 [ 865.096406] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 865.096856] ion_system_heap_allocate+0x154/0xa90 [ 865.096877] ? ion_system_heap_free+0x250/0x250 [ 865.099495] syz-fuzzer cpuset= [ 865.103099] ion_alloc+0x475/0x900 [ 865.107042] / [ 865.111897] ? ion_dma_buf_release+0x50/0x50 [ 865.136086] mems_allowed=0-1 [ 865.137945] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 865.231852] ? _copy_from_user+0xdd/0x150 [ 865.236021] ion_ioctl+0x17b/0x329 [ 865.239575] ? ion_alloc.cold+0x28/0x28 [ 865.243739] ? __might_sleep+0x95/0x190 [ 865.247724] ? ion_alloc.cold+0x28/0x28 [ 865.251710] do_vfs_ioctl+0xd5f/0x1380 [ 865.255607] ? selinux_file_ioctl+0x46f/0x5e0 [ 865.260107] ? selinux_file_ioctl+0x125/0x5e0 [ 865.264615] ? ioctl_preallocate+0x210/0x210 [ 865.269033] ? selinux_file_mprotect+0x620/0x620 [ 865.273808] ? iterate_fd+0x360/0x360 [ 865.277618] ? nsecs_to_jiffies+0x30/0x30 [ 865.281783] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 865.287332] ? security_file_ioctl+0x8d/0xc0 [ 865.291753] ksys_ioctl+0xab/0xd0 [ 865.295222] __x64_sys_ioctl+0x73/0xb0 [ 865.299119] do_syscall_64+0xfd/0x620 [ 865.302931] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 865.308123] RIP: 0033:0x459829 [ 865.311333] Code: Bad RIP value. [ 865.314701] RSP: 002b:00007ff0ae6ecc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 865.322418] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 865.329689] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 865.337055] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 865.344339] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff0ae6ed6d4 [ 865.351615] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 865.358937] CPU: 0 PID: 7962 Comm: syz-fuzzer Not tainted 4.19.63 #37 [ 865.365560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 865.374923] Call Trace: [ 865.377532] dump_stack+0x172/0x1f0 [ 865.381174] dump_header+0x15e/0xa55 [ 865.384901] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 865.390017] ? ___ratelimit+0x60/0x595 [ 865.393916] ? do_raw_spin_unlock+0x57/0x270 [ 865.398340] oom_kill_process.cold+0x10/0x6ef [ 865.402854] ? lock_downgrade+0x810/0x810 [ 865.407015] ? kasan_check_read+0x11/0x20 [ 865.411183] out_of_memory+0x936/0x12d0 [ 865.415178] ? oom_killer_disable+0x280/0x280 [ 865.419688] ? mutex_trylock+0x18e/0x1e0 [ 865.423755] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 865.428700] __alloc_pages_slowpath+0x20af/0x2870 [ 865.433080] DMA free:10324kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 865.433566] ? warn_alloc+0x110/0x110 [ 865.463144] ? __lock_is_held+0xb6/0x140 [ 865.467226] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 865.472774] ? should_fail+0x14d/0x85c [ 865.476682] ? __might_sleep+0x95/0x190 [ 865.480673] __alloc_pages_nodemask+0x617/0x750 [ 865.481781] lowmem_reserve[]: [ 865.485379] ? kasan_check_read+0x11/0x20 [ 865.485383] 0 2555 [ 865.488502] ? __alloc_pages_slowpath+0x2870/0x2870 [ 865.499889] ? find_get_entry+0x3e8/0x820 [ 865.504059] ? filemap_map_pages+0x1130/0x1130 [ 865.508654] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 865.509445] 2557 [ 865.514211] alloc_pages_current+0x107/0x210 [ 865.516288] __page_cache_alloc+0x2bd/0x450 [ 865.525020] ? kasan_check_read+0x11/0x20 [ 865.529185] filemap_fault+0x10bb/0x2250 [ 865.533255] ? lock_downgrade+0x810/0x810 [ 865.536768] 2557 [ 865.537423] ? __lock_page_or_retry+0xdc0/0xdc0 [ 865.544152] ? lock_acquire+0x16f/0x3f0 [ 865.547027] Node 0 [ 865.548134] ? ext4_filemap_fault+0x7b/0xaf [ 865.548168] DMA32 free:17856kB min:36248kB low:45308kB high:54368kB active_anon:282068kB inactive_anon:788kB active_file:224kB inactive_file:8kB unevictable:0kB writepending:196kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6464kB pagetables:2188kB bounce:0kB free_pcp:288kB local_pcp:40kB free_cma:0kB [ 865.548177] lowmem_reserve[]: [ 865.550414] ext4_filemap_fault+0x83/0xaf [ 865.550429] __do_fault+0x111/0x480 [ 865.550446] __handle_mm_fault+0x2d78/0x3f80 [ 865.550464] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 865.550496] ? count_memcg_event_mm+0x2b1/0x4d0 [ 865.550517] handle_mm_fault+0x1b5/0x690 [ 865.550537] __do_page_fault+0x62a/0xe90 [ 865.550557] ? vmalloc_fault+0x740/0x740 [ 865.566656] 0 [ 865.583180] ? trace_hardirqs_off_caller+0x65/0x220 [ 865.583194] ? trace_hardirqs_on_caller+0x6a/0x220 [ 865.583206] ? page_fault+0x8/0x30 [ 865.583224] do_page_fault+0x71/0x57d [ 865.583236] ? page_fault+0x8/0x30 [ 865.583248] page_fault+0x1e/0x30 [ 865.583260] RIP: 0033:0x45b153 [ 865.583287] Code: Bad RIP value. [ 865.583295] RSP: 002b:000000c420039ea0 EFLAGS: 00010206 [ 865.583308] RAX: ffffffffffffff92 RBX: 000000003b9834d4 RCX: 000000000045b153 [ 865.583315] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000017be660 [ 865.583323] RBP: 000000c420039ee8 R08: 0000000000000000 R09: 0000000000000000 [ 865.583331] R10: 000000c420039ed8 R11: 0000000000000206 R12: 000000d26a4ee521 [ 865.583338] R13: 0000000000000001 R14: 000000c42d25bce0 R15: 0000000000000001 [ 865.809546] 0 2 2 [ 865.811772] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 865.869682] Mem-Info: [ 865.872175] active_anon:71326 inactive_anon:208 isolated_anon:0 [ 865.872175] active_file:158 inactive_file:182 isolated_file:0 [ 865.872175] unevictable:0 dirty:52 writeback:0 unstable:0 [ 865.872175] slab_reclaimable:12563 slab_unreclaimable:103979 [ 865.872175] mapped:43772 shmem:252 pagetables:727 bounce:0 [ 865.872175] free:63748 free_pcp:1346 free_cma:0 [ 865.895284] lowmem_reserve[]: 0 0 0 0 [ 865.939347] Node 1 Normal free:264716kB min:53608kB low:67008kB high:80408kB active_anon:1188kB inactive_anon:44kB active_file:516kB inactive_file:584kB unevictable:0kB writepending:12kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:544kB pagetables:720kB bounce:0kB free_pcp:2636kB local_pcp:1260kB free_cma:0kB [ 865.989641] lowmem_reserve[]: 0 0 0 0 [ 865.993512] Node 0 DMA: 21*4kB (UE) 36*8kB (UE) 36*16kB (U) 23*32kB (UE) 13*64kB (UE) 7*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10324kB [ 866.009180] Node 0 active_anon:284116kB inactive_anon:788kB active_file:116kB inactive_file:144kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:57276kB dirty:96kB writeback:0kB shmem:960kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 866.009212] Node 1 active_anon:1188kB inactive_anon:44kB active_file:516kB inactive_file:628kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117812kB dirty:12kB writeback:0kB shmem:48kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 866.009218] Node 0 DMA free:10324kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 866.009257] lowmem_reserve[]: 0 2555 2557 2557 [ 866.100008] Node 0 DMA32: 7573*4kB (UMEH) 1559*8kB (UMEH) 135*16kB (UME) 63*32kB (UME) 83*64kB (UH) 15*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 54172kB [ 866.105077] Node 0 DMA32 free:59480kB min:36248kB low:45308kB high:54368kB active_anon:282068kB inactive_anon:788kB active_file:16kB inactive_file:244kB unevictable:0kB writepending:48kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6464kB pagetables:2188kB bounce:0kB free_pcp:3072kB local_pcp:1320kB free_cma:0kB [ 866.139569] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 866.200574] lowmem_reserve[]: 0 0 2 2 [ 866.204432] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 866.219522] Node 1 Normal: 21842*4kB (UME) 15181*8kB (UME) 1850*16kB (UM) 762*32kB (UE) 20*64kB (UM) 179*128kB (U) 7*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 288784kB [ 866.279544] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 866.288467] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 866.288719] lowmem_reserve[]: [ 866.297519] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 866.320045] 0 0 0 0 [ 866.322428] Node 1 Normal free:333072kB min:53608kB low:67008kB high:80408kB active_anon:1188kB inactive_anon:44kB active_file:516kB inactive_file:712kB unevictable:0kB writepending:160kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:544kB pagetables:720kB bounce:0kB free_pcp:2576kB local_pcp:1372kB free_cma:0kB [ 866.339531] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 866.351872] lowmem_reserve[]: [ 866.366958] 694 total pagecache pages [ 866.373969] 0 pages in swap cache [ 866.377429] Swap cache stats: add 0, delete 0, find 0/0 [ 866.380530] 0 0 0 0 [ 866.385154] Node 0 DMA: 21*4kB (UE) 36*8kB (UE) 36*16kB (U) 23*32kB (UE) 13*64kB (UE) 7*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10324kB [ 866.388801] Free swap = 0kB [ 866.418497] Total swap = 0kB [ 866.427494] 1965979 pages RAM [ 866.438237] 0 pages HighMem/MovableOnly [ 866.440775] syz-executor.3 (14000) used greatest stack depth: 20880 bytes left [ 866.451749] 338856 pages reserved [ 866.455224] 0 pages cma reserved [ 866.471531] Node 0 DMA32: 10253*4kB (UEH) 1846*8kB (UMEH) 148*16kB (UME) 68*32kB (UME) 174*64kB (UH) 15*128kB (UM) 0*256kB 0*512kB 1*1024kB (U) 0*2048kB 0*4096kB = 74404kB [ 866.514344] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 866.534221] Node 1 Normal: 28954*4kB (UME) 19256*8kB (UME) 2332*16kB (UM) 1204*32kB (UE) 1294*64kB (UM) 179*128kB (U) 7*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 453224kB [ 866.579608] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 866.588583] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 866.620015] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 866.629070] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 866.659979] 1115 total pagecache pages [ 866.663949] 0 pages in swap cache [ 866.667412] Swap cache stats: add 0, delete 0, find 0/0 [ 866.695453] Free swap = 0kB [ 866.698509] Total swap = 0kB [ 866.709541] 1965979 pages RAM [ 866.713029] 0 pages HighMem/MovableOnly [ 866.717005] 338856 pages reserved [ 866.735150] 0 pages cma reserved [ 866.738554] Unreclaimable slab info: [ 866.749528] Name Used Total [ 866.755141] pid_2 37KB 160KB [ 866.776437] batadv_tt_change_cache 8KB 15KB [ 866.782812] batadv_tl_cache 11KB 12KB [ 866.799603] TIPC 21KB 35KB [ 866.805010] SCTPv6 30KB 43KB [ 866.820220] DCCPv6 17KB 21KB [ 866.825644] DCCP 16KB 20KB [ 866.831309] bridge_fdb_cache 22KB 31KB [ 866.839728] fib6_nodes 217KB 224KB [ 866.845128] ip6_dst_cache 847KB 847KB [ 866.860039] RAWv6 146KB 149KB [ 866.865451] UDPv6 3KB 3KB [ 866.871072] TCPv6 23KB 29KB [ 866.879719] nf_conntrack 0KB 3KB [ 866.885162] sd_ext_cdb 0KB 7KB [ 866.894352] scsi_sense_cache 1056KB 1060KB [ 866.910775] virtio_scsi_cmd 16KB 16KB [ 866.916207] sgpool-128 8KB 8KB [ 866.923861] sgpool-64 4KB 12KB [ 866.934615] sgpool-32 2KB 15KB [ 866.940766] sgpool-16 1KB 7KB [ 866.947888] sgpool-8 0KB 7KB [ 866.970211] mqueue_inode_cache 20KB 43KB [ 866.976562] bio_post_read_ctx 14KB 15KB [ 866.983113] bio-2 14KB 15KB [ 866.989352] jfs_mp 7KB 7KB [ 866.996207] device bridge_slave_1 left promiscuous mode [ 867.009684] bridge0: port 2(bridge_slave_1) entered disabled state [ 867.017519] nfs_commit_data 3KB 14KB [ 867.025077] nfs_write_data 34KB 44KB [ 867.034417] ext4_system_zone 1KB 7KB [ 867.047320] device bridge_slave_0 left promiscuous mode [ 867.056730] bio-1 1KB 7KB [ 867.065157] bridge0: port 1(bridge_slave_0) entered disabled state [ 867.080920] fasync_cache 0KB 4KB [ 867.098423] pid_namespace 4KB 7KB [ 867.105476] rpc_buffers 17KB 25KB [ 867.135649] rpc_tasks 2KB 7KB [ 867.165407] UNIX 1274KB 1276KB [ 867.171367] tcp_bind_bucket 3KB 12KB [ 867.176840] inet_peer_cache 0KB 4KB [ 867.209570] xfrm_state 8KB 8KB [ 867.215163] ip_fib_trie 33KB 39KB [ 867.225649] ip_fib_alias 152KB 162KB [ 867.240364] ip_dst_cache 7KB 24KB [ 867.246944] RAW 87KB 100KB [ 867.246956] UDP 29KB 39KB [ 867.272540] TCP 8KB 16KB [ 867.278071] hugetlbfs_inode_cache 2KB 15KB [ 867.301449] fscache_cookie_jar 1KB 11KB [ 867.307346] eventpoll_pwq 21KB 35KB [ 867.323890] eventpoll_epi 40KB 66KB [ 867.329298] inotify_inode_mark 27KB 63KB [ 867.335842] request_queue 163KB 163KB [ 867.344723] device hsr_slave_1 left promiscuous mode [ 867.346032] blkdev_requests 1KB 3KB [ 867.356320] blkdev_ioc 40KB 54KB [ 867.367628] bio-0 3389KB 3416KB [ 867.374107] biovec-max 5700KB 5832KB [ 867.384543] biovec-64 3796KB 3827KB [ 867.391039] biovec-16 393KB 435KB [ 867.396475] bio_integrity_payload 1KB 8KB [ 867.407179] khugepaged_mm_slot 4KB 19KB [ 867.418842] device hsr_slave_0 left promiscuous mode [ 867.430907] dmaengine-unmap-256 2KB 6KB [ 867.436482] dmaengine-unmap-128 1KB 3KB [ 867.447404] dmaengine-unmap-16 0KB 4KB [ 867.454867] dmaengine-unmap-2 0KB 3KB [ 867.465280] audit_buffer 0KB 3KB [ 867.476738] team0 (unregistering): Port device team_slave_1 removed [ 867.488111] skbuff_fclone_cache 125KB 206KB [ 867.497290] skbuff_head_cache 6950KB 6971KB [ 867.511654] configfs_dir_cache 0KB 8KB [ 867.517160] file_lock_cache 0KB 3KB [ 867.523060] team0 (unregistering): Port device team_slave_0 removed [ 867.535443] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 867.539545] file_lock_ctx 0KB 3KB [ 867.554871] fsnotify_mark_connector 16KB 39KB [ 867.561183] net_namespace 121KB 121KB [ 867.566577] shmem_inode_cache 5149KB 5514KB [ 867.572402] task_delay_info 68KB 233KB [ 867.577790] taskstats 32KB 80KB [ 867.583736] proc_dir_entry 1047KB 1061KB [ 867.589123] pde_opener 0KB 3KB [ 867.595359] seq_file 161KB 307KB [ 867.601238] sigqueue 66KB 86KB [ 867.606629] kernfs_node_cache 13307KB 13419KB [ 867.616565] mnt_cache 175KB 180KB [ 867.623585] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 867.632196] filp 2688KB 4196KB [ 867.637580] names_cache 45908KB 45908KB [ 867.643492] iint_cache 52KB 63KB [ 867.648883] hashtab_node 118KB 119KB [ 867.654717] ebitmap_node 1071KB 1074KB [ 867.672273] avtab_node 1012KB 1013KB [ 867.677697] avc_node 48KB 55KB [ 867.683703] selinux_file_security 169KB 329KB [ 867.689440] selinux_inode_security 3249KB 3488KB [ 867.696374] key_jar 4KB 11KB [ 867.703092] uts_namespace 5KB 11KB [ 867.708494] nsproxy 5KB 11KB [ 867.714339] vm_area_struct 3148KB 5881KB [ 867.720123] mm_struct 440KB 832KB [ 867.725535] fs_cache 44KB 96KB [ 867.731347] files_cache 157KB 262KB [ 867.737430] signal_cache 529KB 797KB [ 867.743338] sighand_cache 497KB 534KB [ 867.748727] task_struct 2332KB 2382KB [ 867.754670] cred_jar 292KB 612KB [ 867.760826] anon_vma_chain 1816KB 3614KB [ 867.766305] anon_vma 173KB 573KB [ 867.772112] pid 46KB 200KB [ 867.777491] Acpi-Operand 156KB 190KB [ 867.784852] Acpi-ParseExt 8KB 11KB [ 867.790687] Acpi-Parse 41KB 47KB [ 867.796088] Acpi-State 52KB 63KB [ 867.812376] Acpi-Namespace 20KB 23KB [ 867.817777] numa_policy 0KB 3KB [ 867.831319] debug_objects_cache 1118KB 1122KB [ 867.836888] trace_event_file 263KB 266KB [ 867.867534] ftrace_event_field 382KB 385KB [ 867.873436] pool_workqueue 109KB 120KB [ 867.878831] task_group 5KB 7KB [ 867.885982] page->ptl 655KB 1612KB [ 867.891940] kmalloc-2097152 2050KB 2050KB [ 867.897325] kmalloc-524288 2056KB 2056KB [ 867.897338] kmalloc-262144 1290KB 1290KB [ 867.909087] kmalloc-131072 780KB 780KB [ 867.914834] kmalloc-65536 34914KB 34980KB [ 867.920549] kmalloc-32768 2805KB 2970KB [ 867.925932] kmalloc-16384 907KB 940KB [ 867.931977] kmalloc-8192 4298KB 4356KB [ 867.937373] kmalloc-4096 35071KB 35130KB [ 867.943168] kmalloc-2048 18296KB 18296KB [ 867.948551] kmalloc-1024 15508KB 15529KB [ 867.954327] kmalloc-512 11565KB 11606KB [ 867.960119] kmalloc-256 5157KB 5265KB [ 867.965499] kmalloc-128 1460KB 1460KB [ 867.971251] kmalloc-96 2581KB 2636KB [ 867.976626] kmalloc-64 3313KB 3396KB [ 867.982456] kmalloc-32 3410KB 3724KB [ 867.987843] kmalloc-192 2802KB 2916KB [ 867.993791] kmem_cache 248KB 255KB [ 867.999188] Out of memory: Kill process 7947 (syz-fuzzer) score 41 or sacrifice child [ 868.007709] Killed process 13944 (syz-executor.5) total-vm:72452kB, anon-rss:64kB, file-rss:0kB, shmem-rss:0kB [ 868.024352] bond0 (unregistering): Released all slaves 04:52:59 executing program 5: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1, 0x0, 0xffffffffffffffff, 0x100000000000000}) 04:52:59 executing program 3: r0 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x20, 0x20800) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x4}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000140)={r1, 0x30e}, &(0x7f0000000180)=0x8) r2 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) 04:52:59 executing program 2: sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x15c, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24}]}, 0x15c}}, 0x0) 04:53:00 executing program 4: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, 0x0) r1 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x4, 0x80000) getsockopt$inet_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) 04:53:00 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x0, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x74) 04:53:00 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="7cbc4200002e900800000000080008000100000007e10500ac14341b080013cb0800c90ff92400920ace699c1ba5a982999a7eef67c92125a72a70295b64bbdf46d44aac66416303e72f4bebbfd82532c98a1867140cfe0e2b965b400c7ba22bdf198fc0a690457010e268e9ecfabd22bd734906b2b3109e4c10a33019b45bf891c493c69027c3e0959c9c"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0xfffffffffffffc69, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) write$selinux_validatetrans(r2, &(0x7f0000000440)={'system_u:object_r:public_content_rw_t:s0', 0x20, 'system_u:object_r:policy_src_t:s0', 0x20, 0x9, 0x20, '/usr/lib/telepathy/mission-control-5\x00'}, 0x85) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000000140)={0x7f, 0x8}) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000000)={0x3, r2}) write$cgroup_subtree(r2, &(0x7f0000000180)={[{0x2f, 'memory'}, {0x2d, 'pids'}, {0x2f, 'memory'}]}, 0x16) 04:53:00 executing program 2: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x15c, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24}]}, 0x15c}}, 0x0) 04:53:00 executing program 2: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x15c, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24}]}, 0x15c}}, 0x0) 04:53:00 executing program 2: socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x15c, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24}]}, 0x15c}}, 0x0) 04:53:00 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008000100000000e80f0100"/43], 0x1}}, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r2, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) 04:53:00 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) 04:53:00 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) [ 870.818935] IPVS: ftp: loaded support on port[0] = 21 [ 870.906600] chnl_net:caif_netlink_parms(): no params data found [ 870.935624] bridge0: port 1(bridge_slave_0) entered blocking state [ 870.943081] bridge0: port 1(bridge_slave_0) entered disabled state [ 870.953203] device bridge_slave_0 entered promiscuous mode [ 870.967153] bridge0: port 2(bridge_slave_1) entered blocking state [ 870.973713] bridge0: port 2(bridge_slave_1) entered disabled state [ 870.981307] device bridge_slave_1 entered promiscuous mode [ 870.999558] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 871.008535] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 871.034531] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 871.041877] team0: Port device team_slave_0 added [ 871.047338] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 871.055053] team0: Port device team_slave_1 added [ 871.060393] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 871.069727] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 871.162719] device hsr_slave_0 entered promiscuous mode [ 871.199877] device hsr_slave_1 entered promiscuous mode [ 871.280164] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 871.287232] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 871.304093] IPVS: ftp: loaded support on port[0] = 21 [ 871.304203] IPVS: ftp: loaded support on port[0] = 21 [ 871.314555] device bridge_slave_1 left promiscuous mode [ 871.324574] bridge0: port 2(bridge_slave_1) entered disabled state [ 871.370574] device bridge_slave_0 left promiscuous mode [ 871.376095] bridge0: port 1(bridge_slave_0) entered disabled state [ 871.431542] device bridge_slave_1 left promiscuous mode [ 871.437038] bridge0: port 2(bridge_slave_1) entered disabled state [ 871.490626] device bridge_slave_0 left promiscuous mode [ 871.496130] bridge0: port 1(bridge_slave_0) entered disabled state [ 871.673783] device hsr_slave_1 left promiscuous mode [ 871.742677] device hsr_slave_0 left promiscuous mode [ 871.794704] team0 (unregistering): Port device team_slave_1 removed [ 871.805635] team0 (unregistering): Port device team_slave_0 removed [ 871.816005] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 871.854665] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 871.947162] bond0 (unregistering): Released all slaves [ 872.042799] device hsr_slave_1 left promiscuous mode [ 872.084765] device hsr_slave_0 left promiscuous mode [ 872.134929] team0 (unregistering): Port device team_slave_1 removed [ 872.145797] team0 (unregistering): Port device team_slave_0 removed [ 872.156221] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 872.194315] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 872.266993] bond0 (unregistering): Released all slaves [ 872.382562] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 872.537333] chnl_net:caif_netlink_parms(): no params data found [ 872.570011] chnl_net:caif_netlink_parms(): no params data found [ 872.615097] 8021q: adding VLAN 0 to HW filter on device bond0 [ 872.621952] bridge0: port 1(bridge_slave_0) entered blocking state [ 872.628364] bridge0: port 1(bridge_slave_0) entered disabled state [ 872.635648] device bridge_slave_0 entered promiscuous mode [ 872.647544] bridge0: port 2(bridge_slave_1) entered blocking state [ 872.654287] bridge0: port 2(bridge_slave_1) entered disabled state [ 872.662276] device bridge_slave_1 entered promiscuous mode [ 872.671262] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 872.716834] bridge0: port 1(bridge_slave_0) entered blocking state [ 872.723886] bridge0: port 1(bridge_slave_0) entered disabled state [ 872.731593] device bridge_slave_0 entered promiscuous mode [ 872.740393] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 872.749333] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 872.755940] bridge0: port 2(bridge_slave_1) entered blocking state [ 872.762648] bridge0: port 2(bridge_slave_1) entered disabled state [ 872.770076] device bridge_slave_1 entered promiscuous mode [ 872.783098] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 872.793361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 872.802392] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 872.872174] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 872.878299] 8021q: adding VLAN 0 to HW filter on device team0 [ 872.893817] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 872.952931] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 872.960753] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 872.968982] team0: Port device team_slave_0 added [ 872.986909] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 872.995794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 873.010937] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 873.018715] bridge0: port 1(bridge_slave_0) entered blocking state [ 873.025177] bridge0: port 1(bridge_slave_0) entered forwarding state [ 873.041747] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 873.057044] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 873.066256] team0: Port device team_slave_1 added [ 873.086289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 873.100771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 873.108781] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 873.123342] bridge0: port 2(bridge_slave_1) entered blocking state [ 873.129799] bridge0: port 2(bridge_slave_1) entered forwarding state [ 873.145777] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 873.155258] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 873.167941] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 873.192855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 873.208095] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 873.224952] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 873.241647] team0: Port device team_slave_0 added [ 873.247262] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 873.264832] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 873.285666] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 873.299029] team0: Port device team_slave_1 added [ 873.307037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 873.322536] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 873.336938] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 873.392673] device hsr_slave_0 entered promiscuous mode [ 873.429919] device hsr_slave_1 entered promiscuous mode [ 873.480341] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 873.487494] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 873.501453] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 873.509425] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 873.530766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 873.538760] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 873.550579] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 873.559146] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 873.568721] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 873.580667] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 873.612923] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 873.621913] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 873.634434] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 873.640960] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 873.658170] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 873.672708] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 873.690208] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 873.774026] device hsr_slave_0 entered promiscuous mode [ 873.820036] device hsr_slave_1 entered promiscuous mode [ 873.860655] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 873.867981] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 873.883370] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 873.897466] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 873.925881] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 873.975879] 8021q: adding VLAN 0 to HW filter on device bond0 [ 873.993784] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 874.016910] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 874.029448] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 874.036645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 874.062813] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 874.068931] 8021q: adding VLAN 0 to HW filter on device team0 [ 874.093552] 8021q: adding VLAN 0 to HW filter on device bond0 [ 874.110451] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 874.126440] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 874.135715] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 874.144106] bridge0: port 1(bridge_slave_0) entered blocking state [ 874.150529] bridge0: port 1(bridge_slave_0) entered forwarding state [ 874.162063] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 874.171748] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 874.179325] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 874.187184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 874.203550] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 874.215133] bridge0: port 2(bridge_slave_1) entered blocking state [ 874.221571] bridge0: port 2(bridge_slave_1) entered forwarding state [ 874.237867] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 874.247944] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 874.263053] 8021q: adding VLAN 0 to HW filter on device team0 [ 874.269723] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 874.276804] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 874.286259] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 874.295810] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 874.304409] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 874.312894] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 874.321282] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 874.328831] bridge0: port 1(bridge_slave_0) entered blocking state [ 874.335235] bridge0: port 1(bridge_slave_0) entered forwarding state [ 874.342224] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 874.361584] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 874.389962] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 874.397484] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 874.426550] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 874.435834] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 874.449102] bridge0: port 2(bridge_slave_1) entered blocking state [ 874.455567] bridge0: port 2(bridge_slave_1) entered forwarding state [ 874.472152] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 874.486553] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 874.497194] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 874.524408] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 874.544632] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 874.557437] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 874.573233] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 874.586830] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 874.595457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 874.608938] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 874.618726] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 874.635142] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 874.646026] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 874.655796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 874.670414] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 874.678304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 874.687070] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 874.698427] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 874.707280] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 874.715477] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 874.723925] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 874.734763] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 874.744581] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 874.754232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 874.762801] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 874.772562] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 874.783948] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 874.797752] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 874.807551] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 874.814736] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 874.823904] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 874.832495] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 874.852920] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 874.858989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 874.898110] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 874.958313] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 874.971506] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 874.984877] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 875.224229] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 875.242520] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 875.279748] CPU: 1 PID: 14054 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 875.286818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 875.296183] Call Trace: [ 875.298790] dump_stack+0x172/0x1f0 [ 875.301239] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 875.302431] warn_alloc.cold+0x7b/0x173 [ 875.302457] ? zone_watermark_ok_safe+0x260/0x260 [ 875.314250] syz-executor.4 cpuset= [ 875.318149] ? try_to_compact_pages+0x44/0xae0 [ 875.318187] __alloc_pages_slowpath+0x220e/0x2870 [ 875.323734] syz4 [ 875.326563] ? warn_alloc+0x110/0x110 [ 875.331513] mems_allowed=0-1 [ 875.335968] ? __lock_is_held+0xb6/0x140 [ 875.335990] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 875.336008] ? should_fail+0x14d/0x85c [ 875.358345] ? __isolate_free_page+0x4c0/0x4c0 [ 875.362949] ? __might_sleep+0x95/0x190 [ 875.366942] __alloc_pages_nodemask+0x617/0x750 [ 875.371631] ? __alloc_pages_slowpath+0x2870/0x2870 [ 875.376667] ? wait_for_completion+0x440/0x440 [ 875.381260] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 875.386815] alloc_pages_current+0x107/0x210 [ 875.391238] ion_page_pool_alloc+0x137/0x1d0 [ 875.395661] ion_system_heap_allocate+0x154/0xa90 [ 875.400527] ? ion_system_heap_free+0x250/0x250 [ 875.405222] ion_alloc+0x29b/0x900 [ 875.408781] ? ion_dma_buf_release+0x50/0x50 [ 875.413212] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 875.418773] ? _copy_from_user+0xdd/0x150 [ 875.422940] ion_ioctl+0x17b/0x329 [ 875.426498] ? ion_alloc.cold+0x28/0x28 [ 875.430495] ? __might_sleep+0x95/0x190 [ 875.434482] ? ion_alloc.cold+0x28/0x28 [ 875.438468] do_vfs_ioctl+0xd5f/0x1380 [ 875.442363] ? selinux_file_ioctl+0x46f/0x5e0 [ 875.446863] ? selinux_file_ioctl+0x125/0x5e0 [ 875.451373] ? ioctl_preallocate+0x210/0x210 [ 875.455792] ? selinux_file_mprotect+0x620/0x620 [ 875.460568] ? iterate_fd+0x360/0x360 [ 875.464468] ? nsecs_to_jiffies+0x30/0x30 [ 875.468640] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 875.474189] ? security_file_ioctl+0x8d/0xc0 [ 875.478614] ksys_ioctl+0xab/0xd0 [ 875.482087] __x64_sys_ioctl+0x73/0xb0 [ 875.485997] do_syscall_64+0xfd/0x620 [ 875.489809] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 875.495008] RIP: 0033:0x459829 [ 875.498211] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 875.517126] RSP: 002b:00007fd20548ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 875.524849] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 875.532130] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 875.540107] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 875.547416] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd20548f6d4 [ 875.554701] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 875.562021] CPU: 0 PID: 14060 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 875.569064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 875.578433] Call Trace: [ 875.581057] dump_stack+0x172/0x1f0 [ 875.584706] warn_alloc.cold+0x7b/0x173 [ 875.588735] ? zone_watermark_ok_safe+0x260/0x260 [ 875.593599] ? __lock_is_held+0xb6/0x140 [ 875.597707] __alloc_pages_slowpath+0x220e/0x2870 [ 875.602597] ? warn_alloc+0x110/0x110 [ 875.606412] ? __lock_is_held+0xb6/0x140 [ 875.610495] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 875.616052] ? should_fail+0x14d/0x85c [ 875.619980] ? __isolate_free_page+0x4c0/0x4c0 [ 875.624590] ? __might_sleep+0x95/0x190 [ 875.630074] __alloc_pages_nodemask+0x617/0x750 [ 875.634780] ? __alloc_pages_slowpath+0x2870/0x2870 [ 875.637300] warn_alloc_show_mem: 1 callbacks suppressed [ 875.637306] Mem-Info: [ 875.639842] ? wait_for_completion+0x440/0x440 [ 875.639862] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 875.639882] alloc_pages_current+0x107/0x210 [ 875.639902] ion_page_pool_alloc+0x137/0x1d0 [ 875.639918] ion_system_heap_allocate+0x154/0xa90 [ 875.639938] ? ion_system_heap_free+0x250/0x250 [ 875.639966] ion_alloc+0x29b/0x900 [ 875.645535] active_anon:71501 inactive_anon:202 isolated_anon:0 [ 875.645535] active_file:1275 inactive_file:5605 isolated_file:24 [ 875.645535] unevictable:0 dirty:43 writeback:0 unstable:0 [ 875.645535] slab_reclaimable:12599 slab_unreclaimable:106247 [ 875.645535] mapped:57107 shmem:252 pagetables:841 bounce:0 [ 875.645535] free:313513 free_pcp:741 free_cma:0 [ 875.647767] ? ion_dma_buf_release+0x50/0x50 [ 875.647796] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 875.647813] ? _copy_from_user+0xdd/0x150 [ 875.647838] ion_ioctl+0x17b/0x329 [ 875.652659] Node 0 active_anon:285116kB inactive_anon:804kB active_file:4212kB inactive_file:21944kB unevictable:0kB isolated(anon):0kB isolated(file):48kB mapped:136008kB dirty:68kB writeback:0kB shmem:976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 875.657972] ? ion_alloc.cold+0x28/0x28 [ 875.657995] ? __might_sleep+0x95/0x190 [ 875.658014] ? ion_alloc.cold+0x28/0x28 [ 875.658031] do_vfs_ioctl+0xd5f/0x1380 [ 875.658051] ? selinux_file_ioctl+0x46f/0x5e0 [ 875.662753] Node 1 active_anon:888kB inactive_anon:4kB active_file:888kB inactive_file:476kB unevictable:0kB isolated(anon):0kB isolated(file):48kB mapped:92420kB dirty:104kB writeback:0kB shmem:32kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 875.666891] ? selinux_file_ioctl+0x125/0x5e0 [ 875.666910] ? ioctl_preallocate+0x210/0x210 [ 875.666924] ? selinux_file_mprotect+0x620/0x620 [ 875.666947] ? iterate_fd+0x360/0x360 [ 875.666967] ? nsecs_to_jiffies+0x30/0x30 [ 875.672060] Node 0 [ 875.676525] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 875.676545] ? security_file_ioctl+0x8d/0xc0 [ 875.676564] ksys_ioctl+0xab/0xd0 [ 875.676589] __x64_sys_ioctl+0x73/0xb0 [ 875.680423] DMA free:10512kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 875.713675] do_syscall_64+0xfd/0x620 [ 875.713696] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 875.713708] RIP: 0033:0x459829 [ 875.713725] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 875.713734] RSP: 002b:00007fbb701bcc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 875.713747] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 875.713755] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 875.713763] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 875.713771] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbb701bd6d4 [ 875.713779] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 875.960447] lowmem_reserve[]: 0 2555 2557 2557 [ 875.965128] Node 0 DMA32 free:450644kB min:36248kB low:45308kB high:54368kB active_anon:283072kB inactive_anon:808kB active_file:4156kB inactive_file:22100kB unevictable:0kB writepending:68kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6944kB pagetables:2940kB bounce:0kB free_pcp:1564kB local_pcp:1448kB free_cma:0kB [ 875.995543] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 876.007380] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 876.013244] lowmem_reserve[]: 0 0 2 2 [ 876.017109] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 876.044113] CPU: 1 PID: 14063 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 876.052068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 876.061444] Call Trace: [ 876.064072] dump_stack+0x172/0x1f0 [ 876.067738] warn_alloc.cold+0x7b/0x173 [ 876.071759] ? zone_watermark_ok_safe+0x260/0x260 [ 876.076643] ? try_to_compact_pages+0x44/0xae0 [ 876.081278] __alloc_pages_slowpath+0x220e/0x2870 [ 876.086168] ? warn_alloc+0x110/0x110 [ 876.089994] ? __lock_is_held+0xb6/0x140 [ 876.094088] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 876.099644] ? should_fail+0x14d/0x85c [ 876.103563] ? __isolate_free_page+0x4c0/0x4c0 [ 876.106367] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 876.108164] ? __might_sleep+0x95/0x190 [ 876.108188] __alloc_pages_nodemask+0x617/0x750 [ 876.108211] ? __alloc_pages_slowpath+0x2870/0x2870 [ 876.133610] ? wait_for_completion+0x440/0x440 [ 876.138222] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 876.143788] alloc_pages_current+0x107/0x210 [ 876.148225] ion_page_pool_alloc+0x137/0x1d0 [ 876.151914] syz-executor.3 cpuset= [ 876.152654] ion_system_heap_allocate+0x154/0xa90 [ 876.152697] ? ion_system_heap_free+0x250/0x250 [ 876.165775] ion_alloc+0x29b/0x900 [ 876.169357] ? ion_dma_buf_release+0x50/0x50 [ 876.173796] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 876.176013] syz3 [ 876.179353] ? _copy_from_user+0xdd/0x150 [ 876.179428] mems_allowed=0-1 [ 876.181349] ion_ioctl+0x17b/0x329 [ 876.181368] ? ion_alloc.cold+0x28/0x28 [ 876.181390] ? __might_sleep+0x95/0x190 [ 876.181408] ? ion_alloc.cold+0x28/0x28 [ 876.181427] do_vfs_ioctl+0xd5f/0x1380 [ 876.208047] ? selinux_file_ioctl+0x46f/0x5e0 [ 876.212564] ? selinux_file_ioctl+0x125/0x5e0 [ 876.217097] ? ioctl_preallocate+0x210/0x210 [ 876.221533] ? selinux_file_mprotect+0x620/0x620 [ 876.226315] ? iterate_fd+0x360/0x360 [ 876.230148] ? nsecs_to_jiffies+0x30/0x30 [ 876.234338] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 876.239897] ? security_file_ioctl+0x8d/0xc0 [ 876.244334] ksys_ioctl+0xab/0xd0 [ 876.247805] __x64_sys_ioctl+0x73/0xb0 [ 876.251713] do_syscall_64+0xfd/0x620 [ 876.255531] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 876.260737] RIP: 0033:0x459829 [ 876.263946] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 876.282867] RSP: 002b:00007fbb7017ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 876.290606] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 876.297897] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 876.305182] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 876.312474] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbb7017b6d4 [ 876.319848] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 876.333889] CPU: 1 PID: 14057 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 876.340949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 876.350317] Call Trace: [ 876.352939] dump_stack+0x172/0x1f0 [ 876.356590] warn_alloc.cold+0x7b/0x173 [ 876.360588] ? zone_watermark_ok_safe+0x260/0x260 [ 876.360935] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 876.365449] ? try_to_compact_pages+0x44/0xae0 [ 876.365487] __alloc_pages_slowpath+0x220e/0x2870 [ 876.386671] ? warn_alloc+0x110/0x110 [ 876.390496] ? __lock_is_held+0xb6/0x140 [ 876.394584] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 876.400150] ? should_fail+0x14d/0x85c [ 876.404069] ? __isolate_free_page+0x4c0/0x4c0 [ 876.408676] ? __might_sleep+0x95/0x190 [ 876.412674] __alloc_pages_nodemask+0x617/0x750 [ 876.417368] ? __alloc_pages_slowpath+0x2870/0x2870 [ 876.422427] ? wait_for_completion+0x440/0x440 [ 876.427027] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 876.428668] syz-executor.3 cpuset= [ 876.432588] alloc_pages_current+0x107/0x210 [ 876.432618] ion_page_pool_alloc+0x137/0x1d0 [ 876.432641] ion_system_heap_allocate+0x154/0xa90 [ 876.432663] ? ion_system_heap_free+0x250/0x250 [ 876.452284] syz3 [ 876.454535] ion_alloc+0x29b/0x900 [ 876.460073] ? ion_dma_buf_release+0x50/0x50 [ 876.463554] mems_allowed=0-1 [ 876.464503] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 876.473145] ? _copy_from_user+0xdd/0x150 [ 876.477313] ion_ioctl+0x17b/0x329 [ 876.480877] ? ion_alloc.cold+0x28/0x28 [ 876.484870] ? __might_sleep+0x95/0x190 [ 876.488874] ? ion_alloc.cold+0x28/0x28 [ 876.492868] do_vfs_ioctl+0xd5f/0x1380 [ 876.496775] ? selinux_file_ioctl+0x46f/0x5e0 [ 876.501284] ? selinux_file_ioctl+0x125/0x5e0 [ 876.505799] ? ioctl_preallocate+0x210/0x210 [ 876.510228] ? selinux_file_mprotect+0x620/0x620 [ 876.515010] ? iterate_fd+0x360/0x360 [ 876.518825] ? nsecs_to_jiffies+0x30/0x30 [ 876.522993] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 876.528554] ? security_file_ioctl+0x8d/0xc0 [ 876.532980] ksys_ioctl+0xab/0xd0 [ 876.536447] __x64_sys_ioctl+0x73/0xb0 [ 876.540363] do_syscall_64+0xfd/0x620 [ 876.544182] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 876.549382] RIP: 0033:0x459829 [ 876.552593] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 876.571511] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 876.579259] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 876.586551] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000004 [ 876.593835] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 876.601125] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 876.608413] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 876.616904] CPU: 0 PID: 14065 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 876.623955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 876.630820] lowmem_reserve[]: [ 876.633317] Call Trace: [ 876.633334] 0 [ 876.636446] dump_stack+0x172/0x1f0 [ 876.639021] 0 [ 876.640831] warn_alloc.cold+0x7b/0x173 [ 876.640850] ? zone_watermark_ok_safe+0x260/0x260 [ 876.640869] ? try_to_compact_pages+0x44/0xae0 [ 876.640900] __alloc_pages_slowpath+0x220e/0x2870 [ 876.640935] ? warn_alloc+0x110/0x110 [ 876.640951] ? __lock_is_held+0xb6/0x140 [ 876.640971] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 876.675135] 0 0 [ 876.678839] ? should_fail+0x14d/0x85c [ 876.678861] ? __isolate_free_page+0x4c0/0x4c0 [ 876.689302] ? __might_sleep+0x95/0x190 [ 876.689306] Node 1 Normal free:907180kB min:53608kB low:67008kB high:80408kB active_anon:888kB inactive_anon:0kB active_file:888kB inactive_file:476kB unevictable:0kB writepending:48kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:508kB bounce:0kB free_pcp:2664kB local_pcp:1356kB free_cma:0kB [ 876.693304] __alloc_pages_nodemask+0x617/0x750 [ 876.693326] ? __alloc_pages_slowpath+0x2870/0x2870 [ 876.693348] ? wait_for_completion+0x440/0x440 [ 876.693364] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 876.693383] alloc_pages_current+0x107/0x210 [ 876.693400] ion_page_pool_alloc+0x137/0x1d0 [ 876.693414] ion_system_heap_allocate+0x154/0xa90 [ 876.693436] ? ion_system_heap_free+0x250/0x250 [ 876.693461] ion_alloc+0x29b/0x900 [ 876.693490] ? ion_dma_buf_release+0x50/0x50 [ 876.727859] lowmem_reserve[]: [ 876.732026] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 876.732042] ? _copy_from_user+0xdd/0x150 [ 876.732062] ion_ioctl+0x17b/0x329 [ 876.732086] ? ion_alloc.cold+0x28/0x28 [ 876.736671] 0 [ 876.742222] ? __might_sleep+0x95/0x190 [ 876.742240] ? ion_alloc.cold+0x28/0x28 [ 876.742255] do_vfs_ioctl+0xd5f/0x1380 [ 876.742270] ? selinux_file_ioctl+0x46f/0x5e0 [ 876.742281] ? selinux_file_ioctl+0x125/0x5e0 [ 876.742295] ? ioctl_preallocate+0x210/0x210 [ 876.742307] ? selinux_file_mprotect+0x620/0x620 [ 876.742329] ? iterate_fd+0x360/0x360 [ 876.742345] ? nsecs_to_jiffies+0x30/0x30 [ 876.742367] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 876.742381] ? security_file_ioctl+0x8d/0xc0 [ 876.742397] ksys_ioctl+0xab/0xd0 [ 876.742415] __x64_sys_ioctl+0x73/0xb0 [ 876.742431] do_syscall_64+0xfd/0x620 [ 876.742450] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 876.742462] RIP: 0033:0x459829 [ 876.742477] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 876.742484] RSP: 002b:00007f8d57f4cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 876.742498] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 876.742505] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000004 [ 876.742513] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 876.742520] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f4d6d4 [ 876.742528] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 876.892506] warn_alloc_show_mem: 2 callbacks suppressed [ 876.892512] Mem-Info: [ 876.893934] 0 [ 876.920525] active_anon:71502 inactive_anon:202 isolated_anon:0 [ 876.920525] active_file:1329 inactive_file:5601 isolated_file:12 [ 876.920525] unevictable:0 dirty:29 writeback:0 unstable:0 [ 876.920525] slab_reclaimable:12578 slab_unreclaimable:106215 [ 876.920525] mapped:57107 shmem:252 pagetables:862 bounce:0 [ 876.920525] free:366578 free_pcp:1217 free_cma:0 [ 876.922808] 0 [ 876.937771] Node 0 active_anon:285120kB inactive_anon:808kB active_file:4428kB inactive_file:21928kB unevictable:0kB isolated(anon):0kB isolated(file):48kB mapped:136008kB dirty:68kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 876.966508] 0 [ 876.999422] Node 0 DMA: 69*4kB (UE) 32*8kB (UE) 37*16kB (U) 23*32kB (UE) 11*64kB (UE) 8*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10500kB [ 877.015053] Node 0 DMA32: 28529*4kB (UMEH) 23242*8kB (UMEH) 9972*16kB (UEH) 2535*32kB (UEH) 40*64kB (UH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 543284kB [ 877.015366] Node 1 active_anon:888kB inactive_anon:0kB active_file:888kB inactive_file:476kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:92420kB dirty:48kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 877.031148] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 877.063723] Node 0 [ 877.068342] Node 1 [ 877.068386] DMA free:10500kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 877.070653] Normal: 57413*4kB (UM) 27347*8kB (U) 15223*16kB (U) 5618*32kB (U) 284*64kB (U) 120*128kB (U) 30*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 912988kB [ 877.070775] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 877.070786] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 877.070798] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 877.070810] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 877.070832] 7195 total pagecache pages [ 877.079319] lowmem_reserve[]: [ 877.098958] 0 pages in swap cache [ 877.098969] Swap cache stats: add 0, delete 0, find 0/0 [ 877.098975] Free swap = 0kB [ 877.098980] Total swap = 0kB [ 877.098988] 1965979 pages RAM [ 877.098994] 0 pages HighMem/MovableOnly [ 877.098999] 338856 pages reserved [ 877.099004] 0 pages cma reserved [ 877.192950] 0 2555 2557 2557 [ 877.196107] Node 0 DMA32 free:543196kB min:36248kB low:45308kB high:54368kB active_anon:283072kB inactive_anon:808kB active_file:4328kB inactive_file:21928kB unevictable:0kB writepending:216kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6816kB pagetables:2940kB bounce:0kB free_pcp:2200kB local_pcp:1684kB free_cma:0kB [ 877.230633] lowmem_reserve[]: 0 0 2 2 [ 877.234499] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 877.261229] lowmem_reserve[]: 0 0 0 0 [ 877.265090] Node 1 Normal free:924316kB min:53608kB low:67008kB high:80408kB active_anon:888kB inactive_anon:0kB active_file:888kB inactive_file:476kB unevictable:0kB writepending:48kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:508kB bounce:0kB free_pcp:2696kB local_pcp:1300kB free_cma:0kB [ 877.295666] lowmem_reserve[]: 0 0 0 0 [ 877.300312] Node 0 DMA: 69*4kB (UE) 33*8kB (UE) 37*16kB (U) 23*32kB (UE) 11*64kB (UE) 8*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10508kB [ 877.316273] Node 0 DMA32: 28678*4kB (UMEH) 23279*8kB (UMEH) 9979*16kB (UEH) 2664*32kB (UEH) 48*64kB (UH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 548928kB [ 877.331860] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 877.343127] Node 1 Normal: 57896*4kB (U) 27993*8kB (UM) 15428*16kB (U) 5833*32kB (U) 349*64kB (U) 120*128kB (U) 30*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 934408kB [ 877.359155] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 877.373006] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 877.382493] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 877.397097] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 877.409597] 7195 total pagecache pages [ 877.417089] 0 pages in swap cache [ 877.422644] Swap cache stats: add 0, delete 0, find 0/0 [ 877.428147] Free swap = 0kB [ 877.443563] Total swap = 0kB [ 877.446627] 1965979 pages RAM [ 877.454673] 0 pages HighMem/MovableOnly [ 877.459157] 338856 pages reserved [ 877.463551] 0 pages cma reserved [ 879.701290] oom_reaper: reaped process 14057 (syz-executor.3), now anon-rss:0kB, file-rss:34832kB, shmem-rss:0kB [ 879.720914] oom_reaper: reaped process 14060 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 879.800429] syz-executor.3 invoked oom-killer: gfp_mask=0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=1000 [ 879.813958] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 879.819361] CPU: 0 PID: 14065 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 879.826357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 879.835695] Call Trace: [ 879.838275] dump_stack+0x172/0x1f0 [ 879.841892] dump_header+0x15e/0xa55 [ 879.845595] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 879.850685] ? ___ratelimit+0x60/0x595 [ 879.854559] ? do_raw_spin_unlock+0x57/0x270 [ 879.858958] oom_kill_process.cold+0x10/0x6ef [ 879.863489] ? lock_downgrade+0x810/0x810 [ 879.867627] ? kasan_check_read+0x11/0x20 [ 879.871767] out_of_memory+0x936/0x12d0 [ 879.875734] ? oom_killer_disable+0x280/0x280 [ 879.880218] ? mutex_trylock+0x18e/0x1e0 [ 879.884396] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 879.889326] __alloc_pages_slowpath+0x20af/0x2870 [ 879.894198] ? warn_alloc+0x110/0x110 [ 879.897989] ? __lock_is_held+0xb6/0x140 [ 879.902143] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 879.907706] ? should_fail+0x14d/0x85c [ 879.911595] ? __might_sleep+0x95/0x190 [ 879.915570] __alloc_pages_nodemask+0x617/0x750 [ 879.920234] ? __alloc_pages_slowpath+0x2870/0x2870 [ 879.925249] ? wait_for_completion+0x440/0x440 [ 879.929829] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 879.935363] alloc_pages_current+0x107/0x210 [ 879.939764] ion_page_pool_alloc+0x137/0x1d0 [ 879.944169] ion_system_heap_allocate+0x154/0xa90 [ 879.949006] ? ion_system_heap_free+0x250/0x250 [ 879.953677] ion_alloc+0x29b/0x900 [ 879.957302] ? ion_dma_buf_release+0x50/0x50 [ 879.961708] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 879.967410] ? _copy_from_user+0xdd/0x150 [ 879.971554] ion_ioctl+0x17b/0x329 [ 879.975090] ? ion_alloc.cold+0x28/0x28 [ 879.979054] ? __might_sleep+0x95/0x190 [ 879.983020] ? ion_alloc.cold+0x28/0x28 [ 879.986982] do_vfs_ioctl+0xd5f/0x1380 [ 879.990865] ? selinux_file_ioctl+0x46f/0x5e0 [ 879.995364] ? selinux_file_ioctl+0x125/0x5e0 [ 879.999858] ? ioctl_preallocate+0x210/0x210 [ 880.004255] ? selinux_file_mprotect+0x620/0x620 [ 880.009007] ? iterate_fd+0x360/0x360 [ 880.012802] ? nsecs_to_jiffies+0x30/0x30 [ 880.016955] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 880.022484] ? security_file_ioctl+0x8d/0xc0 [ 880.026887] ksys_ioctl+0xab/0xd0 [ 880.030339] __x64_sys_ioctl+0x73/0xb0 [ 880.034223] do_syscall_64+0xfd/0x620 [ 880.038011] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 880.043189] RIP: 0033:0x459829 [ 880.046379] Code: Bad RIP value. [ 880.049726] RSP: 002b:00007f8d57f4cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 880.057422] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 880.064675] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000004 [ 880.071947] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 880.079200] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f4d6d4 [ 880.086460] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 880.102858] Mem-Info: [ 880.105329] active_anon:71379 inactive_anon:202 isolated_anon:0 [ 880.105329] active_file:252 inactive_file:50 isolated_file:21 [ 880.105329] unevictable:0 dirty:27 writeback:6 unstable:0 [ 880.105329] slab_reclaimable:12551 slab_unreclaimable:105886 [ 880.105329] mapped:52471 shmem:252 pagetables:821 bounce:0 [ 880.105329] free:13794 free_pcp:0 free_cma:0 [ 880.138471] Node 0 active_anon:284636kB inactive_anon:808kB active_file:976kB inactive_file:172kB unevictable:0kB isolated(anon):0kB isolated(file):84kB mapped:118424kB dirty:92kB writeback:8kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 880.166391] Node 1 active_anon:880kB inactive_anon:0kB active_file:32kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91460kB dirty:16kB writeback:16kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 880.193251] Node 0 DMA free:10332kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 880.227070] lowmem_reserve[]: 0 2555 2557 2557 [ 880.231797] Node 0 DMA32 free:17724kB min:36248kB low:45308kB high:54368kB active_anon:282788kB inactive_anon:808kB active_file:952kB inactive_file:0kB unevictable:0kB writepending:200kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2776kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 880.261643] lowmem_reserve[]: 0 0 2 2 [ 880.265505] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 880.291375] lowmem_reserve[]: 0 0 0 0 [ 880.295186] Node 1 Normal free:26796kB min:53608kB low:67008kB high:80408kB active_anon:880kB inactive_anon:0kB active_file:32kB inactive_file:28kB unevictable:0kB writepending:32kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:508kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 880.323295] lowmem_reserve[]: 0 0 0 0 [ 880.327135] Node 0 DMA: 20*4kB (UE) 33*8kB (UE) 37*16kB (U) 23*32kB (UE) 11*64kB (UE) 8*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10312kB [ 880.343195] Node 0 DMA32: 763*4kB (UMEH) 739*8kB (MEH) 153*16kB (MEH) 43*32kB (UMEH) 17*64kB (MH) 12*128kB (M) 6*256kB (M) 0*512kB 1*1024kB (U) 0*2048kB 0*4096kB = 17972kB [ 880.359089] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 880.370017] Node 1 Normal: 29*4kB (UM) 25*8kB (UM) 16*16kB (UM) 11*32kB (M) 37*64kB (UM) 124*128kB (UM) 30*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26844kB [ 880.388555] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 880.397565] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 880.406275] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 880.415228] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 880.424295] 563 total pagecache pages [ 880.428138] 0 pages in swap cache [ 880.431655] Swap cache stats: add 0, delete 0, find 0/0 [ 880.437015] Free swap = 0kB [ 880.440100] Total swap = 0kB [ 880.443123] 1965979 pages RAM [ 880.446221] 0 pages HighMem/MovableOnly [ 880.450255] 338856 pages reserved [ 880.453690] 0 pages cma reserved [ 880.457036] Unreclaimable slab info: [ 880.460829] Name Used Total [ 880.466392] pid_2 40KB 160KB [ 880.471905] batadv_tt_change_cache 12KB 15KB [ 880.477710] batadv_tl_cache 12KB 16KB [ 880.483183] TIPC 25KB 43KB [ 880.488582] SCTPv6 35KB 49KB [ 880.494035] DCCPv6 17KB 36KB [ 880.499414] DCCP 16KB 34KB [ 880.514453] bridge_fdb_cache 28KB 35KB [ 880.519923] fib6_nodes 237KB 240KB [ 880.525299] ip6_dst_cache 836KB 836KB [ 880.547328] RAWv6 157KB 175KB [ 880.552855] UDPv6 3KB 3KB [ 880.558242] TCPv6 23KB 29KB [ 880.563816] nf_conntrack 0KB 3KB [ 880.569261] sd_ext_cdb 0KB 7KB [ 880.574766] scsi_sense_cache 1056KB 1060KB [ 880.580539] virtio_scsi_cmd 16KB 16KB [ 880.585933] sgpool-128 8KB 8KB [ 880.591368] sgpool-64 4KB 12KB [ 880.596746] sgpool-32 2KB 15KB [ 880.602208] sgpool-16 1KB 7KB [ 880.607592] sgpool-8 0KB 7KB [ 880.639550] mqueue_inode_cache 23KB 35KB [ 880.645067] bio_post_read_ctx 14KB 15KB [ 880.669595] bio-2 14KB 15KB [ 880.675013] jfs_mp 7KB 7KB [ 880.708398] nfs_commit_data 3KB 14KB [ 880.732220] nfs_write_data 34KB 44KB [ 880.784281] ext4_system_zone 1KB 7KB [ 880.809701] bio-1 1KB 7KB [ 880.815125] fasync_cache 0KB 4KB [ 880.897244] pid_namespace 4KB 7KB [ 880.935733] rpc_buffers 17KB 25KB [ 880.981110] rpc_tasks 2KB 7KB [ 880.986534] UNIX 1305KB 1308KB [ 881.076485] tcp_bind_bucket 4KB 12KB [ 881.106228] inet_peer_cache 0KB 4KB [ 881.139585] xfrm_state 8KB 8KB [ 881.145000] ip_fib_trie 35KB 39KB [ 881.182252] ip_fib_alias 171KB 173KB [ 881.187675] ip_dst_cache 4KB 20KB [ 881.208882] RAW 94KB 107KB [ 881.256749] UDP 30KB 45KB [ 881.291335] TCP 8KB 16KB [ 881.296757] hugetlbfs_inode_cache 2KB 15KB [ 881.321143] fscache_cookie_jar 1KB 11KB [ 881.326654] eventpoll_pwq 19KB 35KB [ 881.366437] eventpoll_epi 36KB 66KB [ 881.418390] inotify_inode_mark 25KB 63KB [ 881.471068] request_queue 163KB 163KB [ 881.476494] blkdev_requests 1KB 3KB [ 881.489609] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 881.504485] blkdev_ioc 35KB 54KB [ 881.535018] syz-executor.3: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 881.542670] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 881.555218] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 881.584894] bio-0 2347KB 2561KB [ 881.594587] CPU: 1 PID: 14060 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 881.601650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 881.609029] biovec-max 4240KB 4323KB [ 881.611022] Call Trace: [ 881.611050] dump_stack+0x172/0x1f0 [ 881.611069] warn_alloc.cold+0x7b/0x173 [ 881.611088] ? zone_watermark_ok_safe+0x260/0x260 [ 881.611116] ? unreserve_highatomic_pageblock+0x31b/0x460 [ 881.611140] __alloc_pages_slowpath+0x220e/0x2870 [ 881.625002] syz-executor.4 cpuset= [ 881.626720] ? warn_alloc+0x110/0x110 [ 881.635875] syz-executor.3 cpuset= [ 881.638645] ? __lock_is_held+0xb6/0x140 [ 881.658425] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 881.663991] ? should_fail+0x14d/0x85c [ 881.667909] ? __might_sleep+0x95/0x190 [ 881.668286] biovec-64 2580KB 2842KB [ 881.671902] __alloc_pages_nodemask+0x617/0x750 [ 881.671925] ? __alloc_pages_slowpath+0x2870/0x2870 [ 881.671949] ? wait_for_completion+0x440/0x440 [ 881.671964] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 881.671983] alloc_pages_current+0x107/0x210 [ 881.672002] ion_page_pool_alloc+0x137/0x1d0 [ 881.672019] ion_system_heap_allocate+0x154/0xa90 [ 881.677454] biovec-16 343KB 423KB [ 881.682089] ? ion_system_heap_free+0x250/0x250 [ 881.682114] ion_alloc+0x29b/0x900 [ 881.682134] ? ion_dma_buf_release+0x50/0x50 [ 881.682158] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 881.682175] ? _copy_from_user+0xdd/0x150 [ 881.682195] ion_ioctl+0x17b/0x329 [ 881.682212] ? ion_alloc.cold+0x28/0x28 [ 881.682232] ? __might_sleep+0x95/0x190 [ 881.682246] ? ion_alloc.cold+0x28/0x28 [ 881.682263] do_vfs_ioctl+0xd5f/0x1380 [ 881.682281] ? selinux_file_ioctl+0x46f/0x5e0 [ 881.703235] syz4 [ 881.706243] ? selinux_file_ioctl+0x125/0x5e0 [ 881.711702] syz3 [ 881.716467] ? ioctl_preallocate+0x210/0x210 [ 881.743361] bio_integrity_payload 1KB 8KB [ 881.743436] ? selinux_file_mprotect+0x620/0x620 [ 881.747409] khugepaged_mm_slot 4KB 19KB [ 881.751393] ? iterate_fd+0x360/0x360 [ 881.751410] ? nsecs_to_jiffies+0x30/0x30 [ 881.751431] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 881.751447] ? security_file_ioctl+0x8d/0xc0 [ 881.751464] ksys_ioctl+0xab/0xd0 [ 881.751481] __x64_sys_ioctl+0x73/0xb0 [ 881.751499] do_syscall_64+0xfd/0x620 [ 881.751518] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 881.751530] RIP: 0033:0x459829 [ 881.751558] Code: Bad RIP value. [ 881.779629] mems_allowed=0-1 [ 881.782450] RSP: 002b:00007fbb701bcc78 EFLAGS: 00000246 [ 881.799549] mems_allowed=0-1 [ 881.800618] ORIG_RAX: 0000000000000010 [ 881.827518] dmaengine-unmap-256 2KB 6KB [ 881.830071] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 881.830081] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 881.830088] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 881.830096] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbb701bd6d4 [ 881.830104] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 881.860467] CPU: 1 PID: 14057 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 881.898345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 881.907749] Call Trace: [ 881.908649] dmaengine-unmap-128 1KB 3KB [ 881.910364] dump_stack+0x172/0x1f0 [ 881.910384] warn_alloc.cold+0x7b/0x173 [ 881.910402] ? zone_watermark_ok_safe+0x260/0x260 [ 881.910440] __alloc_pages_slowpath+0x220e/0x2870 [ 881.910477] ? warn_alloc+0x110/0x110 [ 881.910499] ? __lock_is_held+0xb6/0x140 [ 881.938884] dmaengine-unmap-16 0KB 4KB [ 881.941225] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 881.941239] ? should_fail+0x14d/0x85c [ 881.941261] ? __might_sleep+0x95/0x190 [ 881.941282] __alloc_pages_nodemask+0x617/0x750 [ 881.941311] ? __alloc_pages_slowpath+0x2870/0x2870 [ 881.941341] ? wait_for_completion+0x440/0x440 [ 881.959268] dmaengine-unmap-2 0KB 3KB [ 881.960207] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 881.960229] alloc_pages_current+0x107/0x210 [ 881.960247] ion_page_pool_alloc+0x137/0x1d0 [ 881.960262] ion_system_heap_allocate+0x154/0xa90 [ 881.960282] ? ion_system_heap_free+0x250/0x250 [ 881.964967] skbuff_fclone_cache 121KB 206KB [ 881.970013] ion_alloc+0x29b/0x900 [ 881.970035] ? ion_dma_buf_release+0x50/0x50 [ 881.970060] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 881.970074] ? _copy_from_user+0xdd/0x150 [ 881.970092] ion_ioctl+0x17b/0x329 [ 881.970110] ? ion_alloc.cold+0x28/0x28 [ 881.970129] ? __might_sleep+0x95/0x190 [ 881.970147] ? ion_alloc.cold+0x28/0x28 [ 881.970165] do_vfs_ioctl+0xd5f/0x1380 [ 881.970180] ? selinux_file_ioctl+0x46f/0x5e0 [ 881.970198] ? selinux_file_ioctl+0x125/0x5e0 [ 881.999766] skbuff_head_cache 7132KB 7136KB [ 882.004065] ? ioctl_preallocate+0x210/0x210 [ 882.022039] configfs_dir_cache 0KB 8KB [ 882.023129] ? selinux_file_mprotect+0x620/0x620 [ 882.027284] file_lock_cache 0KB 3KB [ 882.030842] ? iterate_fd+0x360/0x360 [ 882.030859] ? nsecs_to_jiffies+0x30/0x30 [ 882.030892] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 882.030908] ? security_file_ioctl+0x8d/0xc0 [ 882.030924] ksys_ioctl+0xab/0xd0 [ 882.030941] __x64_sys_ioctl+0x73/0xb0 [ 882.030959] do_syscall_64+0xfd/0x620 [ 882.030979] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 882.030992] RIP: 0033:0x459829 [ 882.031027] Code: Bad RIP value. [ 882.059553] file_lock_ctx 0KB 3KB [ 882.061213] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 [ 882.065632] fsnotify_mark_connector 16KB 39KB [ 882.071071] ORIG_RAX: 0000000000000010 [ 882.071081] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 882.071088] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000004 [ 882.071095] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 882.071103] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 882.071110] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 882.112816] CPU: 1 PID: 14063 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 882.129696] net_namespace 130KB 130KB [ 882.133282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 882.139169] shmem_inode_cache 5129KB 5479KB [ 882.143125] Call Trace: [ 882.143153] dump_stack+0x172/0x1f0 [ 882.143171] warn_alloc.cold+0x7b/0x173 [ 882.143189] ? zone_watermark_ok_safe+0x260/0x260 [ 882.143226] __alloc_pages_slowpath+0x220e/0x2870 [ 882.143264] ? warn_alloc+0x110/0x110 [ 882.143280] ? __lock_is_held+0xb6/0x140 [ 882.143300] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 882.143314] ? should_fail+0x14d/0x85c [ 882.143345] ? __might_sleep+0x95/0x190 [ 882.188474] task_delay_info 67KB 233KB [ 882.192046] __alloc_pages_nodemask+0x617/0x750 [ 882.192069] ? __alloc_pages_slowpath+0x2870/0x2870 [ 882.192094] ? wait_for_completion+0x440/0x440 [ 882.192111] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 882.192133] alloc_pages_current+0x107/0x210 [ 882.192151] ion_page_pool_alloc+0x137/0x1d0 [ 882.238142] taskstats 36KB 80KB [ 882.240081] ion_system_heap_allocate+0x154/0xa90 [ 882.240102] ? ion_system_heap_free+0x250/0x250 [ 882.240127] ion_alloc+0x29b/0x900 [ 882.240151] ? ion_dma_buf_release+0x50/0x50 [ 882.240182] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 882.245946] proc_dir_entry 1120KB 1128KB [ 882.248050] ? _copy_from_user+0xdd/0x150 [ 882.283636] pde_opener 1KB 3KB [ 882.287362] ion_ioctl+0x17b/0x329 [ 882.328749] ? ion_alloc.cold+0x28/0x28 [ 882.332754] ? __might_sleep+0x95/0x190 [ 882.336747] ? ion_alloc.cold+0x28/0x28 [ 882.336944] seq_file 165KB 307KB [ 882.340734] do_vfs_ioctl+0xd5f/0x1380 [ 882.340750] ? selinux_file_ioctl+0x46f/0x5e0 [ 882.340763] ? selinux_file_ioctl+0x125/0x5e0 [ 882.340778] ? ioctl_preallocate+0x210/0x210 [ 882.340791] ? selinux_file_mprotect+0x620/0x620 [ 882.340812] ? iterate_fd+0x360/0x360 [ 882.340840] ? nsecs_to_jiffies+0x30/0x30 [ 882.348808] sigqueue 50KB 86KB [ 882.350114] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 882.350132] ? security_file_ioctl+0x8d/0xc0 [ 882.350149] ksys_ioctl+0xab/0xd0 [ 882.350167] __x64_sys_ioctl+0x73/0xb0 [ 882.350187] do_syscall_64+0xfd/0x620 [ 882.350207] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 882.350220] RIP: 0033:0x459829 [ 882.350246] Code: Bad RIP value. [ 882.350260] RSP: 002b:00007fbb7017ac78 EFLAGS: 00000246 [ 882.371402] kernfs_node_cache 13550KB 13568KB [ 882.372193] ORIG_RAX: 0000000000000010 [ 882.376351] mnt_cache 184KB 196KB [ 882.381738] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 882.381755] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 882.381763] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 882.381770] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbb7017b6d4 [ 882.381778] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 882.471214] warn_alloc_show_mem: 1 callbacks suppressed [ 882.471221] Mem-Info: [ 882.479457] active_anon:71369 inactive_anon:202 isolated_anon:0 [ 882.479457] active_file:20 inactive_file:2 isolated_file:0 [ 882.479457] unevictable:0 dirty:0 writeback:0 unstable:0 [ 882.479457] slab_reclaimable:12549 slab_unreclaimable:105879 [ 882.479457] mapped:52226 shmem:252 pagetables:821 bounce:0 [ 882.479457] free:13746 free_pcp:185 free_cma:0 [ 882.480130] filp 2678KB 4188KB [ 882.542055] names_cache 44008KB 44047KB [ 882.547470] iint_cache 36KB 63KB [ 882.553694] Node 0 active_anon:284596kB inactive_anon:808kB active_file:36kB inactive_file:16kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117456kB dirty:0kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 882.588109] hashtab_node 118KB 119KB [ 882.595607] ebitmap_node 1059KB 1071KB [ 882.629637] avtab_node 1012KB 1013KB [ 882.635066] avc_node 48KB 55KB [ 882.691490] selinux_file_security 171KB 329KB [ 882.697261] selinux_inode_security 3245KB 3488KB [ 882.709647] Node 1 active_anon:880kB inactive_anon:0kB active_file:124kB inactive_file:372kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91548kB dirty:0kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 882.723210] key_jar 4KB 11KB [ 882.779611] Node 0 DMA free:10312kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 882.806332] uts_namespace 7KB 11KB [ 882.807656] lowmem_reserve[]: 0 2555 2557 2557 [ 882.812707] nsproxy 5KB 11KB [ 882.828173] vm_area_struct 2995KB 5738KB [ 882.829709] Node 0 DMA32 free:103448kB min:36248kB low:45308kB high:54368kB active_anon:282548kB inactive_anon:808kB active_file:36kB inactive_file:1216kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2776kB bounce:0kB free_pcp:2704kB local_pcp:1404kB free_cma:0kB [ 882.834755] mm_struct 427KB 819KB [ 882.919618] lowmem_reserve[]: 0 0 2 2 [ 882.923482] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 882.964368] fs_cache 41KB 96KB [ 882.989593] lowmem_reserve[]: 0 0 0 0 [ 882.990433] files_cache 151KB 262KB [ 882.994264] Node 1 [ 882.998872] signal_cache 514KB 797KB [ 882.998883] sighand_cache 506KB 534KB [ 882.998893] task_struct 2289KB 2351KB [ 882.998903] cred_jar 283KB 612KB [ 882.998914] anon_vma_chain 1693KB 3563KB [ 882.998925] anon_vma 170KB 573KB [ 882.998935] pid 45KB 200KB [ 882.998945] Acpi-Operand 156KB 190KB [ 882.998955] Acpi-ParseExt 8KB 11KB [ 882.998970] Acpi-Parse 41KB 47KB [ 883.008216] Normal free:155168kB min:53608kB low:67008kB high:80408kB active_anon:880kB inactive_anon:0kB active_file:212kB inactive_file:60kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:508kB bounce:0kB free_pcp:2864kB local_pcp:1444kB free_cma:0kB [ 883.069540] Acpi-State 52KB 63KB [ 883.115978] Acpi-Namespace 20KB 23KB [ 883.122186] numa_policy 0KB 3KB [ 883.124177] lowmem_reserve[]: 0 0 0 0 [ 883.137265] Node 0 DMA: 20*4kB (UE) 33*8kB (UE) 37*16kB (U) 23*32kB (UE) 11*64kB (UE) 8*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10312kB [ 883.151817] debug_objects_cache 1215KB 1219KB [ 883.159058] trace_event_file 263KB 266KB [ 883.189590] ftrace_event_field 382KB 385KB [ 883.199552] pool_workqueue 115KB 124KB [ 883.224437] task_group 5KB 7KB [ 883.229958] page->ptl 642KB 1612KB [ 883.236433] kmalloc-2097152 2050KB 2050KB [ 883.237155] Node 0 [ 883.242927] kmalloc-524288 2056KB 2056KB [ 883.248190] DMA32: 6185*4kB (UME) 6279*8kB (UME) [ 883.259624] kmalloc-262144 1290KB 1290KB [ 883.269906] 1882*16kB (UME) 334*32kB (UME) 286*64kB [ 883.271272] kmalloc-131072 780KB 780KB [ 883.281746] (UM) 14*128kB (UM) 7*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 137660kB [ 883.306369] kmalloc-65536 38874KB 39666KB [ 883.320413] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 883.325665] kmalloc-32768 3036KB 3201KB [ 883.332649] Node 1 Normal: 26161*4kB (UM) 7695*8kB (UM) 325*16kB (UM) 350*32kB (UM) 331*64kB (UM) 234*128kB (UM) 37*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 243212kB 04:53:14 executing program 5: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1, 0x0, 0xffffffffffffffff, 0x3f00000000000000}) 04:53:14 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x0) [ 883.354187] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 883.359378] kmalloc-16384 957KB 1006KB [ 883.366065] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 883.375914] kmalloc-8192 4496KB 4611KB [ 883.381481] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 883.390198] kmalloc-4096 37272KB 37298KB [ 883.393710] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 883.403396] kmalloc-2048 19161KB 19188KB [ 883.409023] 2974 total pagecache pages [ 883.415439] 0 pages in swap cache [ 883.417119] kmalloc-1024 15964KB 15994KB [ 883.419449] Swap cache stats: add 0, delete 0, find 0/0 [ 883.424541] kmalloc-512 12216KB 12262KB [ 883.430597] Free swap = 0kB [ 883.439183] Total swap = 0kB [ 883.441176] kmalloc-256 5403KB 5460KB [ 883.448426] kmalloc-128 1514KB 1515KB [ 883.455973] 1965979 pages RAM [ 883.460524] kmalloc-96 2360KB 2576KB [ 883.462703] 0 pages HighMem/MovableOnly [ 883.465999] kmalloc-64 3368KB 3428KB [ 883.466011] kmalloc-32 3422KB 3724KB [ 883.466023] kmalloc-192 2958KB 3064KB [ 883.466035] kmem_cache 248KB 255KB [ 883.466048] Out of memory: Kill process 7947 (syz-fuzzer) score 41 or sacrifice child 04:53:14 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x8000000000000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056eb95002e900800000000080008000100000000e10500ac14341b080003000800e80f01"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) ioctl$EVIOCREVOKE(r2, 0x40044591, &(0x7f0000000000)=0x1) ioctl$KVM_GET_TSC_KHZ(r2, 0xaea3) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000000180)="d3049f81f18d692f4d060a2d2e10db3f", 0x10) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) 04:53:15 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x58) [ 883.466176] Killed process 14039 (syz-executor.5) total-vm:72452kB, anon-rss:68kB, file-rss:0kB, shmem-rss:0kB [ 883.516819] oom_reaper: reaped process 14039 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 883.535515] 338856 pages reserved [ 883.539021] 0 pages cma reserved [ 883.816528] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 883.839553] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 883.845130] CPU: 0 PID: 14069 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 883.852159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 883.861524] Call Trace: [ 883.864131] dump_stack+0x172/0x1f0 [ 883.867779] warn_alloc.cold+0x7b/0x173 [ 883.871772] ? zone_watermark_ok_safe+0x260/0x260 [ 883.876636] ? try_to_compact_pages+0x44/0xae0 [ 883.881251] __alloc_pages_slowpath+0x220e/0x2870 [ 883.886133] ? warn_alloc+0x110/0x110 [ 883.889946] ? __lock_is_held+0xb6/0x140 [ 883.894027] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 883.899580] ? should_fail+0x14d/0x85c [ 883.903487] ? __isolate_free_page+0x4c0/0x4c0 [ 883.908098] ? __might_sleep+0x95/0x190 [ 883.912092] __alloc_pages_nodemask+0x617/0x750 [ 883.916784] ? __alloc_pages_slowpath+0x2870/0x2870 [ 883.921843] ? wait_for_completion+0x440/0x440 [ 883.926437] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 883.931994] alloc_pages_current+0x107/0x210 [ 883.936513] ion_page_pool_alloc+0x137/0x1d0 [ 883.940937] ion_system_heap_allocate+0x154/0xa90 [ 883.945801] ? ion_system_heap_free+0x250/0x250 [ 883.950504] ion_alloc+0x29b/0x900 [ 883.954065] ? ion_dma_buf_release+0x50/0x50 [ 883.958507] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 883.964062] ? _copy_from_user+0xdd/0x150 [ 883.968231] ion_ioctl+0x17b/0x329 [ 883.971790] ? ion_alloc.cold+0x28/0x28 [ 883.975789] ? __might_sleep+0x95/0x190 [ 883.979789] ? ion_alloc.cold+0x28/0x28 [ 883.983781] do_vfs_ioctl+0xd5f/0x1380 [ 883.987690] ? selinux_file_ioctl+0x46f/0x5e0 [ 883.992192] ? selinux_file_ioctl+0x125/0x5e0 [ 883.996701] ? ioctl_preallocate+0x210/0x210 [ 884.001125] ? selinux_file_mprotect+0x620/0x620 [ 884.005909] ? iterate_fd+0x360/0x360 [ 884.009721] ? nsecs_to_jiffies+0x30/0x30 [ 884.013890] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 884.019441] ? security_file_ioctl+0x8d/0xc0 [ 884.023870] ksys_ioctl+0xab/0xd0 [ 884.027337] __x64_sys_ioctl+0x73/0xb0 [ 884.031243] do_syscall_64+0xfd/0x620 [ 884.035058] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 884.040257] RIP: 0033:0x459829 [ 884.043458] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 884.062375] RSP: 002b:00007fd20548ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 884.070103] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 884.077383] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 884.084659] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 884.091936] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd20548f6d4 [ 884.099211] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 884.129560] warn_alloc_show_mem: 2 callbacks suppressed [ 884.129566] Mem-Info: [ 884.137409] active_anon:71458 inactive_anon:202 isolated_anon:0 [ 884.137409] active_file:1092 inactive_file:2957 isolated_file:12 [ 884.137409] unevictable:0 dirty:10 writeback:0 unstable:0 [ 884.137409] slab_reclaimable:12551 slab_unreclaimable:106289 [ 884.137409] mapped:55088 shmem:252 pagetables:866 bounce:0 [ 884.137409] free:99774 free_pcp:584 free_cma:0 [ 884.161717] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 884.189852] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 884.201193] CPU: 1 PID: 14057 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 884.208233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 884.217595] Call Trace: [ 884.220200] dump_stack+0x172/0x1f0 [ 884.223841] warn_alloc.cold+0x7b/0x173 [ 884.227833] ? zone_watermark_ok_safe+0x260/0x260 [ 884.232695] ? try_to_compact_pages+0x44/0xae0 [ 884.237308] __alloc_pages_slowpath+0x220e/0x2870 [ 884.242190] ? warn_alloc+0x110/0x110 [ 884.246001] ? __lock_is_held+0xb6/0x140 [ 884.250078] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 884.255622] ? should_fail+0x14d/0x85c [ 884.259521] ? __isolate_free_page+0x4c0/0x4c0 [ 884.264134] ? __might_sleep+0x95/0x190 [ 884.268123] __alloc_pages_nodemask+0x617/0x750 [ 884.272813] ? __alloc_pages_slowpath+0x2870/0x2870 [ 884.277847] ? find_held_lock+0x35/0x130 [ 884.281924] ? wait_for_completion+0x440/0x440 [ 884.286516] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 884.292068] alloc_pages_current+0x107/0x210 [ 884.296494] ion_page_pool_alloc+0x137/0x1d0 [ 884.300917] ion_system_heap_allocate+0x154/0xa90 [ 884.305775] ? ion_system_heap_free+0x250/0x250 [ 884.310466] ion_alloc+0x475/0x900 [ 884.314024] ? ion_dma_buf_release+0x50/0x50 [ 884.318454] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 884.324006] ? _copy_from_user+0xdd/0x150 [ 884.328170] ion_ioctl+0x17b/0x329 [ 884.331722] ? ion_alloc.cold+0x28/0x28 [ 884.335711] ? __might_sleep+0x95/0x190 [ 884.339724] ? ion_alloc.cold+0x28/0x28 [ 884.343711] do_vfs_ioctl+0xd5f/0x1380 [ 884.347606] ? selinux_file_ioctl+0x46f/0x5e0 [ 884.352109] ? selinux_file_ioctl+0x125/0x5e0 [ 884.356614] ? ioctl_preallocate+0x210/0x210 [ 884.361028] ? selinux_file_mprotect+0x620/0x620 [ 884.365799] ? iterate_fd+0x360/0x360 [ 884.369607] ? nsecs_to_jiffies+0x30/0x30 [ 884.373792] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 884.379347] ? security_file_ioctl+0x8d/0xc0 [ 884.383771] ksys_ioctl+0xab/0xd0 [ 884.387237] __x64_sys_ioctl+0x73/0xb0 [ 884.391137] do_syscall_64+0xfd/0x620 [ 884.394945] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 884.400145] RIP: 0033:0x459829 [ 884.403357] Code: Bad RIP value. [ 884.406722] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 884.414437] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 884.421713] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000004 [ 884.429007] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 884.436304] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 884.443588] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 884.458049] Node 0 active_anon:284816kB inactive_anon:816kB active_file:5568kB inactive_file:10260kB unevictable:0kB isolated(anon):0kB isolated(file):48kB mapped:128724kB dirty:0kB writeback:8kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 884.507308] Node 1 active_anon:880kB inactive_anon:0kB active_file:12kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91472kB dirty:4kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 884.534280] Node 0 DMA free:10384kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 884.566075] lowmem_reserve[]: 0 2555 2557 2557 [ 884.570866] Node 0 DMA32 free:124536kB min:36248kB low:45308kB high:54368kB active_anon:282732kB inactive_anon:808kB active_file:5608kB inactive_file:10664kB unevictable:0kB writepending:8kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6784kB pagetables:2796kB bounce:0kB free_pcp:1848kB local_pcp:464kB free_cma:0kB [ 884.601716] lowmem_reserve[]: 0 0 2 2 [ 884.605680] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 884.632010] lowmem_reserve[]: 0 0 0 0 [ 884.635971] Node 1 Normal free:331108kB min:53608kB low:67008kB high:80408kB active_anon:880kB inactive_anon:0kB active_file:12kB inactive_file:28kB unevictable:0kB writepending:4kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:508kB bounce:0kB free_pcp:1344kB local_pcp:4kB free_cma:0kB [ 884.664530] lowmem_reserve[]: 0 0 0 0 [ 884.669624] Node 0 DMA: 20*4kB (UE) 34*8kB (UE) 37*16kB (U) 23*32kB (UE) 12*64kB (UE) 8*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10384kB [ 884.685304] Node 0 DMA32: 8433*4kB (UME) 6960*8kB (UME) 1892*16kB (UE) 354*32kB (UE) 13*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 131844kB [ 884.700711] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 884.705072] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 884.711703] Node 1 Normal: 35033*4kB (U) 10526*8kB (U) 4433*16kB (UE) 712*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 318052kB [ 884.738469] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 884.745023] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 884.747512] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 884.752835] CPU: 0 PID: 14063 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 884.761536] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 884.768427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 884.768434] Call Trace: [ 884.768459] dump_stack+0x172/0x1f0 [ 884.768479] warn_alloc.cold+0x7b/0x173 [ 884.777465] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 884.786712] ? zone_watermark_ok_safe+0x260/0x260 [ 884.786733] ? try_to_compact_pages+0x44/0xae0 [ 884.786764] __alloc_pages_slowpath+0x220e/0x2870 [ 884.786796] ? warn_alloc+0x110/0x110 [ 884.789444] 4266 total pagecache pages [ 884.793007] ? __lock_is_held+0xb6/0x140 [ 884.793028] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 884.793046] ? should_fail+0x14d/0x85c [ 884.797107] 0 pages in swap cache [ 884.805616] ? __isolate_free_page+0x4c0/0x4c0 [ 884.805634] ? __might_sleep+0x95/0x190 [ 884.805652] __alloc_pages_nodemask+0x617/0x750 [ 884.805674] ? __alloc_pages_slowpath+0x2870/0x2870 [ 884.805695] ? find_held_lock+0x35/0x130 [ 884.810675] Swap cache stats: add 0, delete 0, find 0/0 [ 884.815168] ? wait_for_completion+0x440/0x440 [ 884.815186] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 884.815216] alloc_pages_current+0x107/0x210 [ 884.820177] Free swap = 0kB [ 884.823873] ion_page_pool_alloc+0x137/0x1d0 [ 884.823890] ion_system_heap_allocate+0x154/0xa90 [ 884.823909] ? ion_system_heap_free+0x250/0x250 [ 884.827872] Total swap = 0kB [ 884.831879] ion_alloc+0x475/0x900 [ 884.831902] ? ion_dma_buf_release+0x50/0x50 [ 884.831926] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 884.831946] ? _copy_from_user+0xdd/0x150 [ 884.837556] 1965979 pages RAM [ 884.841375] ion_ioctl+0x17b/0x329 [ 884.841393] ? ion_alloc.cold+0x28/0x28 [ 884.841411] ? __might_sleep+0x95/0x190 [ 884.841428] ? ion_alloc.cold+0x28/0x28 [ 884.841446] do_vfs_ioctl+0xd5f/0x1380 [ 884.844964] 0 pages HighMem/MovableOnly [ 884.849493] ? selinux_file_ioctl+0x46f/0x5e0 [ 884.849506] ? selinux_file_ioctl+0x125/0x5e0 [ 884.849523] ? ioctl_preallocate+0x210/0x210 [ 884.849535] ? selinux_file_mprotect+0x620/0x620 [ 884.849560] ? iterate_fd+0x360/0x360 [ 884.853611] 338856 pages reserved [ 884.858209] ? nsecs_to_jiffies+0x30/0x30 [ 884.858233] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 884.858254] ? security_file_ioctl+0x8d/0xc0 [ 884.863393] 0 pages cma reserved [ 884.867339] ksys_ioctl+0xab/0xd0 [ 884.867358] __x64_sys_ioctl+0x73/0xb0 [ 884.867378] do_syscall_64+0xfd/0x620 [ 885.005236] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 885.010440] RIP: 0033:0x459829 [ 885.013656] Code: Bad RIP value. [ 885.017027] RSP: 002b:00007fbb7017ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 885.024759] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 885.032047] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 885.039346] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 885.046635] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbb7017b6d4 [ 885.053924] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 886.246072] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 886.299544] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 886.304993] CPU: 1 PID: 14060 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 886.312013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 886.321379] Call Trace: [ 886.323988] dump_stack+0x172/0x1f0 [ 886.327648] warn_alloc.cold+0x7b/0x173 [ 886.331644] ? zone_watermark_ok_safe+0x260/0x260 [ 886.336517] ? try_to_compact_pages+0x44/0xae0 [ 886.341136] __alloc_pages_slowpath+0x220e/0x2870 [ 886.346018] ? warn_alloc+0x110/0x110 [ 886.349832] ? __lock_is_held+0xb6/0x140 [ 886.353915] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 886.359465] ? should_fail+0x14d/0x85c [ 886.363374] ? __isolate_free_page+0x4c0/0x4c0 [ 886.367973] ? __might_sleep+0x95/0x190 [ 886.371966] __alloc_pages_nodemask+0x617/0x750 [ 886.376653] ? __alloc_pages_slowpath+0x2870/0x2870 [ 886.381691] ? find_held_lock+0x35/0x130 [ 886.385781] ? wait_for_completion+0x440/0x440 [ 886.390380] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 886.395940] alloc_pages_current+0x107/0x210 [ 886.400376] ion_page_pool_alloc+0x137/0x1d0 [ 886.404805] ion_system_heap_allocate+0x154/0xa90 [ 886.409667] ? ion_system_heap_free+0x250/0x250 [ 886.414370] ion_alloc+0x475/0x900 [ 886.417936] ? ion_dma_buf_release+0x50/0x50 [ 886.422375] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 886.427927] ? _copy_from_user+0xdd/0x150 [ 886.432097] ion_ioctl+0x17b/0x329 [ 886.435656] ? ion_alloc.cold+0x28/0x28 [ 886.439645] ? __might_sleep+0x95/0x190 [ 886.443634] ? ion_alloc.cold+0x28/0x28 [ 886.447627] do_vfs_ioctl+0xd5f/0x1380 [ 886.451529] ? selinux_file_ioctl+0x46f/0x5e0 [ 886.456036] ? selinux_file_ioctl+0x125/0x5e0 [ 886.460546] ? ioctl_preallocate+0x210/0x210 [ 886.464965] ? selinux_file_mprotect+0x620/0x620 [ 886.469760] ? iterate_fd+0x360/0x360 [ 886.473580] ? nsecs_to_jiffies+0x30/0x30 [ 886.477755] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 886.483310] ? security_file_ioctl+0x8d/0xc0 [ 886.487738] ksys_ioctl+0xab/0xd0 [ 886.491214] __x64_sys_ioctl+0x73/0xb0 [ 886.495118] do_syscall_64+0xfd/0x620 [ 886.498967] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 886.504165] RIP: 0033:0x459829 [ 886.507376] Code: Bad RIP value. [ 886.510751] RSP: 002b:00007fbb701bcc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 886.518476] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 886.525753] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 886.533030] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 886.540314] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbb701bd6d4 [ 886.547604] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 886.683114] oom_reaper: reaped process 14069 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 886.765527] warn_alloc_show_mem: 2 callbacks suppressed [ 886.765533] Mem-Info: [ 886.786078] rsyslogd invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 886.815515] active_anon:71357 inactive_anon:202 isolated_anon:0 [ 886.815515] active_file:54 inactive_file:4 isolated_file:0 [ 886.815515] unevictable:0 dirty:0 writeback:0 unstable:0 [ 886.815515] slab_reclaimable:12536 slab_unreclaimable:106135 [ 886.815515] mapped:52296 shmem:245 pagetables:800 bounce:0 [ 886.815515] free:13658 free_pcp:62 free_cma:0 [ 886.854454] rsyslogd cpuset=/ mems_allowed=0-1 [ 886.859094] CPU: 0 PID: 7801 Comm: rsyslogd Not tainted 4.19.63 #37 [ 886.865504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 886.874874] Call Trace: [ 886.877482] dump_stack+0x172/0x1f0 [ 886.881135] dump_header+0x15e/0xa55 [ 886.884878] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 886.889994] ? ___ratelimit+0x60/0x595 [ 886.893895] ? do_raw_spin_unlock+0x57/0x270 [ 886.898318] oom_kill_process.cold+0x10/0x6ef [ 886.902834] ? lock_downgrade+0x810/0x810 [ 886.907001] ? kasan_check_read+0x11/0x20 [ 886.911171] out_of_memory+0x936/0x12d0 [ 886.915178] ? oom_killer_disable+0x280/0x280 [ 886.919692] ? mutex_trylock+0x18e/0x1e0 [ 886.923764] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 886.928711] __alloc_pages_slowpath+0x20af/0x2870 [ 886.934394] ? warn_alloc+0x110/0x110 [ 886.938220] ? __lock_is_held+0xb6/0x140 [ 886.942300] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 886.947853] ? should_fail+0x14d/0x85c [ 886.951764] ? __might_sleep+0x95/0x190 [ 886.955755] __alloc_pages_nodemask+0x617/0x750 [ 886.960438] ? kasan_check_read+0x11/0x20 [ 886.964611] ? __alloc_pages_slowpath+0x2870/0x2870 [ 886.969645] ? find_get_entry+0x3e8/0x820 [ 886.973820] ? filemap_map_pages+0x1130/0x1130 [ 886.978422] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 886.983978] alloc_pages_current+0x107/0x210 [ 886.988769] __page_cache_alloc+0x2bd/0x450 [ 886.993108] ? kasan_check_read+0x11/0x20 [ 886.997279] filemap_fault+0x10bb/0x2250 [ 887.001353] ? lock_downgrade+0x810/0x810 [ 887.005532] ? __lock_page_or_retry+0xdc0/0xdc0 [ 887.010217] ? lock_acquire+0x16f/0x3f0 [ 887.014207] ? ext4_filemap_fault+0x7b/0xaf [ 887.018552] ext4_filemap_fault+0x83/0xaf [ 887.022738] __do_fault+0x111/0x480 [ 887.026407] __handle_mm_fault+0x2d78/0x3f80 [ 887.030843] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 887.035718] ? count_memcg_event_mm+0x2b1/0x4d0 [ 887.040405] handle_mm_fault+0x1b5/0x690 [ 887.044482] __do_page_fault+0x62a/0xe90 [ 887.048556] ? ksys_read+0x1f1/0x2d0 [ 887.052287] ? vmalloc_fault+0x740/0x740 [ 887.056365] ? trace_hardirqs_off_caller+0x65/0x220 [ 887.061393] ? trace_hardirqs_on_caller+0x6a/0x220 [ 887.066331] ? page_fault+0x8/0x30 [ 887.069632] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 887.069888] do_page_fault+0x71/0x57d [ 887.085396] ? page_fault+0x8/0x30 [ 887.088950] page_fault+0x1e/0x30 [ 887.089612] syz-executor.5 cpuset= [ 887.092412] RIP: 0033:0x7f334b96a583 [ 887.092423] syz5 [ 887.095960] Code: Bad RIP value. [ 887.104998] RSP: 002b:00007f334a339da0 EFLAGS: 00010203 [ 887.109627] mems_allowed=0-1 [ 887.110369] RAX: 0000000000000034 RBX: 0000000000000006 RCX: 00007f334bb6f626 [ 887.110383] RDX: 0000000000000034 RSI: 00007f334bb6f5a0 RDI: 0000000000000006 [ 887.128025] RBP: 00007f334bb6f5a0 R08: 00007f334b96c620 R09: 00007f334c72e100 [ 887.135303] R10: 6b205d3438363334 R11: 0000000000000000 R12: 0000000000000000 [ 887.142580] R13: 0000000000000000 R14: 0000000000000b7d R15: 00007f334bb6e627 [ 887.151261] CPU: 1 PID: 14069 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 887.158312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 887.167684] Call Trace: [ 887.170297] dump_stack+0x172/0x1f0 [ 887.173949] warn_alloc.cold+0x7b/0x173 [ 887.177942] ? zone_watermark_ok_safe+0x260/0x260 [ 887.182821] ? unreserve_highatomic_pageblock+0x31b/0x460 [ 887.187408] Node 0 active_anon:284576kB inactive_anon:808kB active_file:96kB inactive_file:36kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117624kB dirty:0kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 887.188380] __alloc_pages_slowpath+0x220e/0x2870 [ 887.215899] Node 1 active_anon:852kB inactive_anon:0kB active_file:120kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91560kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 887.220682] ? warn_alloc+0x110/0x110 [ 887.220703] ? __lock_is_held+0xb6/0x140 [ 887.247151] Node 0 [ 887.250904] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 887.250918] ? should_fail+0x14d/0x85c [ 887.250945] ? __might_sleep+0x95/0x190 [ 887.255037] DMA free:10332kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 887.257248] __alloc_pages_nodemask+0x617/0x750 [ 887.262814] lowmem_reserve[]: [ 887.266655] ? __alloc_pages_slowpath+0x2870/0x2870 [ 887.270659] 0 [ 887.296395] ? wait_for_completion+0x440/0x440 [ 887.296412] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 887.296432] alloc_pages_current+0x107/0x210 [ 887.296452] ion_page_pool_alloc+0x137/0x1d0 [ 887.301175] 2555 [ 887.304241] ion_system_heap_allocate+0x154/0xa90 [ 887.309234] 2557 [ 887.311041] ? ion_system_heap_free+0x250/0x250 [ 887.311064] ion_alloc+0x29b/0x900 [ 887.311088] ? ion_dma_buf_release+0x50/0x50 [ 887.315678] Mem-Info: [ 887.321205] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 887.321221] ? _copy_from_user+0xdd/0x150 [ 887.321242] ion_ioctl+0x17b/0x329 [ 887.325680] active_anon:71357 inactive_anon:202 isolated_anon:0 [ 887.325680] active_file:54 inactive_file:4 isolated_file:0 [ 887.325680] unevictable:0 dirty:0 writeback:0 unstable:0 [ 887.325680] slab_reclaimable:12536 slab_unreclaimable:106135 [ 887.325680] mapped:52296 shmem:245 pagetables:800 bounce:0 [ 887.325680] free:13658 free_pcp:62 free_cma:0 [ 887.330077] ? ion_alloc.cold+0x28/0x28 [ 887.330096] ? __might_sleep+0x95/0x190 [ 887.330112] ? ion_alloc.cold+0x28/0x28 [ 887.330131] do_vfs_ioctl+0xd5f/0x1380 [ 887.332219] Node 0 active_anon:284576kB inactive_anon:808kB active_file:96kB inactive_file:36kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117624kB dirty:0kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 887.337037] ? selinux_file_ioctl+0x46f/0x5e0 [ 887.339100] Node 1 active_anon:852kB inactive_anon:0kB active_file:120kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91560kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 887.343747] ? selinux_file_ioctl+0x125/0x5e0 [ 887.343764] ? ioctl_preallocate+0x210/0x210 [ 887.343775] ? selinux_file_mprotect+0x620/0x620 [ 887.343796] ? iterate_fd+0x360/0x360 [ 887.343814] ? nsecs_to_jiffies+0x30/0x30 [ 887.347373] 2557 [ 887.351773] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 887.351789] ? security_file_ioctl+0x8d/0xc0 [ 887.351807] ksys_ioctl+0xab/0xd0 [ 887.351825] __x64_sys_ioctl+0x73/0xb0 [ 887.354249] Node 0 [ 887.359770] do_syscall_64+0xfd/0x620 [ 887.359788] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 887.359807] RIP: 0033:0x459829 [ 887.363980] DMA free:10332kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 887.367508] Code: Bad RIP value. [ 887.404335] RSP: 002b:00007fd20548ec78 EFLAGS: 00000246 [ 887.408300] Node 0 [ 887.412283] ORIG_RAX: 0000000000000010 [ 887.412292] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 887.412300] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 887.412307] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 887.412314] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd20548f6d4 [ 887.412321] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 887.519578] syz-executor.3: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 887.535518] lowmem_reserve[]: [ 887.557618] DMA32 free:34168kB min:36248kB low:45308kB high:54368kB active_anon:282480kB inactive_anon:808kB active_file:24kB inactive_file:32kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2692kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 887.589524] 0 [ 887.655237] syz-executor.3: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 887.689555] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 887.695010] CPU: 1 PID: 14057 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 887.695642] 2555 [ 887.702037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 887.702044] Call Trace: [ 887.702068] dump_stack+0x172/0x1f0 [ 887.702087] warn_alloc.cold+0x7b/0x173 [ 887.702110] ? zone_watermark_ok_safe+0x260/0x260 [ 887.704186] 2557 [ 887.713569] ? unreserve_highatomic_pageblock+0x31b/0x460 [ 887.713596] __alloc_pages_slowpath+0x220e/0x2870 [ 887.713629] ? warn_alloc+0x110/0x110 [ 887.716210] 2557 [ 887.719842] ? __lock_is_held+0xb6/0x140 [ 887.719862] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 887.719874] ? should_fail+0x14d/0x85c [ 887.719899] ? __might_sleep+0x95/0x190 [ 887.728739] __alloc_pages_nodemask+0x617/0x750 [ 887.730904] Node 0 [ 887.737823] ? __alloc_pages_slowpath+0x2870/0x2870 [ 887.742743] DMA32 free:68460kB min:36248kB low:45308kB high:54368kB active_anon:282480kB inactive_anon:808kB active_file:24kB inactive_file:32kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2692kB bounce:0kB free_pcp:1712kB local_pcp:1464kB free_cma:0kB [ 887.746479] ? wait_for_completion+0x440/0x440 [ 887.748519] lowmem_reserve[]: [ 887.752588] ? kasan_check_write+0x14/0x20 [ 887.752604] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 887.752623] alloc_pages_current+0x107/0x210 [ 887.752647] ion_page_pool_alloc+0x137/0x1d0 [ 887.758191] 0 [ 887.762099] ion_system_heap_allocate+0x154/0xa90 [ 887.762118] ? ion_system_heap_free+0x250/0x250 [ 887.762142] ion_alloc+0x475/0x900 [ 887.762164] ? ion_dma_buf_release+0x50/0x50 [ 887.766136] 0 [ 887.770829] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 887.770845] ? _copy_from_user+0xdd/0x150 [ 887.770864] ion_ioctl+0x17b/0x329 [ 887.770883] ? ion_alloc.cold+0x28/0x28 [ 887.773116] 2 [ 887.778147] ? __might_sleep+0x95/0x190 [ 887.806564] 2 [ 887.811120] ? ion_alloc.cold+0x28/0x28 [ 887.811138] do_vfs_ioctl+0xd5f/0x1380 [ 887.811158] ? selinux_file_ioctl+0x46f/0x5e0 [ 887.818524] ? selinux_file_ioctl+0x125/0x5e0 [ 887.824102] Node 0 [ 887.828470] ? ioctl_preallocate+0x210/0x210 [ 887.832941] Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 887.834678] ? selinux_file_mprotect+0x620/0x620 [ 887.839549] lowmem_reserve[]: [ 887.844190] ? iterate_fd+0x360/0x360 [ 887.847707] 0 [ 887.852126] ? nsecs_to_jiffies+0x30/0x30 [ 887.852149] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 887.852165] ? security_file_ioctl+0x8d/0xc0 [ 887.852184] ksys_ioctl+0xab/0xd0 [ 887.853995] 0 [ 887.859560] __x64_sys_ioctl+0x73/0xb0 [ 887.859578] do_syscall_64+0xfd/0x620 [ 887.859597] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 887.859614] RIP: 0033:0x459829 [ 887.863764] 0 [ 887.867319] Code: Bad RIP value. [ 887.871328] 0 [ 887.873079] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 [ 887.878861] ORIG_RAX: 0000000000000010 [ 887.882889] Node 1 [ 887.886724] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 887.891294] Normal free:133696kB min:53608kB low:67008kB high:80408kB active_anon:852kB inactive_anon:0kB active_file:8kB inactive_file:8kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:508kB bounce:0kB free_pcp:1468kB local_pcp:1468kB free_cma:0kB [ 887.895720] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000004 [ 887.897955] lowmem_reserve[]: [ 887.902360] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 887.902370] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 887.902377] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 887.928519] lowmem_reserve[]: [ 887.949538] syz-executor.3 cpuset= [ 887.979018] 0 [ 888.029543] 0 [ 888.034079] 0 [ 888.049555] 0 [ 888.077421] syz3 [ 888.077898] 2 2 [ 888.084587] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 888.097652] mems_allowed=0-1 [ 888.119547] 0 0 [ 888.121564] Node 0 DMA: 26*4kB (UE) 34*8kB (UE) 37*16kB (U) 23*32kB (UE) 11*64kB (UE) 8*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10344kB [ 888.125824] warn_alloc_show_mem: 1 callbacks suppressed [ 888.125829] Mem-Info: [ 888.156726] lowmem_reserve[]: 0 0 0 0 [ 888.162261] Node 0 DMA32: 3557*4kB (UE) 1377*8kB (UME) 166*16kB (UME) 174*32kB (UME) 723*64kB (UM) 57*128kB (UM) 6*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 88572kB [ 888.178549] Node 1 Normal free:162996kB min:53608kB low:67008kB high:80408kB active_anon:852kB inactive_anon:0kB active_file:8kB inactive_file:8kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:508kB bounce:0kB free_pcp:1264kB local_pcp:0kB free_cma:0kB [ 888.198397] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 888.213481] active_anon:71345 inactive_anon:202 isolated_anon:0 [ 888.213481] active_file:8 inactive_file:660 isolated_file:0 [ 888.213481] unevictable:0 dirty:0 writeback:0 unstable:0 [ 888.213481] slab_reclaimable:12532 slab_unreclaimable:105832 [ 888.213481] mapped:52701 shmem:245 pagetables:800 bounce:0 [ 888.213481] free:67973 free_pcp:764 free_cma:0 [ 888.238392] Node 1 [ 888.250937] CPU: 0 PID: 14065 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 888.260239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 888.269603] Call Trace: [ 888.272217] dump_stack+0x172/0x1f0 [ 888.275872] warn_alloc.cold+0x7b/0x173 [ 888.279870] ? zone_watermark_ok_safe+0x260/0x260 [ 888.284737] ? unreserve_highatomic_pageblock+0x31b/0x460 [ 888.290304] __alloc_pages_slowpath+0x220e/0x2870 [ 888.295188] ? warn_alloc+0x110/0x110 [ 888.298998] ? __lock_is_held+0xb6/0x140 [ 888.303073] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 888.308622] ? should_fail+0x14d/0x85c [ 888.309629] Node 0 active_anon:284528kB inactive_anon:808kB active_file:24kB inactive_file:2732kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:119456kB dirty:0kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 888.312528] ? __might_sleep+0x95/0x190 [ 888.344150] __alloc_pages_nodemask+0x617/0x750 [ 888.348859] ? __alloc_pages_slowpath+0x2870/0x2870 [ 888.353905] ? wait_for_completion+0x440/0x440 [ 888.358500] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 888.364057] alloc_pages_current+0x107/0x210 [ 888.365489] lowmem_reserve[]: 0 [ 888.368482] ion_page_pool_alloc+0x137/0x1d0 [ 888.368499] ion_system_heap_allocate+0x154/0xa90 [ 888.381054] ? ion_system_heap_free+0x250/0x250 [ 888.385379] 0 0 0 [ 888.385744] ion_alloc+0x29b/0x900 [ 888.385768] ? ion_dma_buf_release+0x50/0x50 [ 888.391463] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 888.391479] ? _copy_from_user+0xdd/0x150 [ 888.391497] ion_ioctl+0x17b/0x329 [ 888.391514] ? ion_alloc.cold+0x28/0x28 [ 888.391533] ? __might_sleep+0x95/0x190 [ 888.417110] ? ion_alloc.cold+0x28/0x28 [ 888.421105] do_vfs_ioctl+0xd5f/0x1380 [ 888.425012] ? selinux_file_ioctl+0x46f/0x5e0 [ 888.427137] Node 1 active_anon:852kB inactive_anon:0kB active_file:8kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91448kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 888.429517] ? selinux_file_ioctl+0x125/0x5e0 [ 888.429534] ? ioctl_preallocate+0x210/0x210 [ 888.429546] ? selinux_file_mprotect+0x620/0x620 [ 888.429567] ? iterate_fd+0x360/0x360 [ 888.429584] ? nsecs_to_jiffies+0x30/0x30 [ 888.429607] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 888.482980] ? security_file_ioctl+0x8d/0xc0 [ 888.485241] Node 0 DMA: [ 888.487409] ksys_ioctl+0xab/0xd0 [ 888.487428] __x64_sys_ioctl+0x73/0xb0 [ 888.497441] do_syscall_64+0xfd/0x620 [ 888.501275] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 888.506474] RIP: 0033:0x459829 [ 888.509684] Code: Bad RIP value. [ 888.513056] RSP: 002b:00007f8d57f4cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 888.520778] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 888.528081] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000004 [ 888.535250] 26*4kB [ 888.535356] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 888.535370] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f4d6d4 [ 888.537620] (UE) [ 888.544885] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 888.551944] Normal: 9097*4kB (U) 432*8kB (U) 37*16kB (UME) 854*32kB (U) 574*64kB (U) 382*128kB (U) 72*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 171828kB [ 888.579274] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 888.599944] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 888.605007] 34*8kB [ 888.608733] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 888.608746] (UE) [ 888.619508] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 888.630654] 1294 total pagecache pages [ 888.634676] 0 pages in swap cache [ 888.638223] Swap cache stats: add 0, delete 0, find 0/0 [ 888.645174] Free swap = 0kB [ 888.659679] Total swap = 0kB [ 888.662737] 1965979 pages RAM [ 888.665844] 0 pages HighMem/MovableOnly [ 888.667090] 37*16kB [ 888.669883] 338856 pages reserved [ 888.669890] 0 pages cma reserved [ 888.669897] Unreclaimable slab info: [ 888.669902] Name Used Total [ 888.669932] pid_2 35KB 160KB [ 888.675847] (U) [ 888.679117] batadv_tt_change_cache 9KB 15KB [ 888.685413] 23*32kB [ 888.699522] batadv_tl_cache 11KB 16KB [ 888.709287] TIPC 24KB 43KB [ 888.719522] SCTPv6 33KB 49KB [ 888.719806] (UE) 11*64kB (UE) [ 888.724911] DCCPv6 17KB 36KB [ 888.724927] DCCP 16KB 34KB [ 888.728114] 8*128kB [ 888.749564] bridge_fdb_cache 22KB 35KB [ 888.757312] fib6_nodes 232KB 240KB [ 888.759529] (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) [ 888.762728] ip6_dst_cache 847KB 847KB [ 888.762744] RAWv6 146KB 162KB [ 888.769318] 0*4096kB = 10344kB [ 888.779517] UDPv6 3KB 3KB [ 888.788666] TCPv6 23KB 29KB [ 888.799527] nf_conntrack 0KB 3KB [ 888.804968] sd_ext_cdb 0KB 7KB [ 888.805016] Node 0 [ 888.819534] scsi_sense_cache 1056KB 1060KB [ 888.825889] DMA32: [ 888.827190] virtio_scsi_cmd 16KB 16KB [ 888.827195] 15610*4kB (UME) [ 888.829445] sgpool-128 8KB 8KB [ 888.843285] sgpool-64 4KB 12KB [ 888.849523] sgpool-32 2KB 15KB [ 888.854926] sgpool-16 1KB 7KB [ 888.869540] sgpool-8 0KB 7KB [ 888.874956] mqueue_inode_cache 21KB 35KB [ 888.889561] bio_post_read_ctx 14KB 15KB [ 888.894999] 3294*8kB (UME) 425*16kB (UME) [ 888.895031] bio-2 14KB 15KB [ 888.895044] jfs_mp 7KB 7KB [ 888.899316] 189*32kB [ 888.907116] nfs_commit_data 3KB 14KB [ 888.929575] nfs_write_data 34KB 44KB [ 888.935036] ext4_system_zone 1KB 7KB [ 888.940554] bio-1 1KB 7KB [ 888.945939] fasync_cache 0KB 4KB [ 888.959597] pid_namespace 4KB 7KB [ 888.965058] rpc_buffers 17KB 25KB [ 888.970481] rpc_tasks 2KB 7KB [ 888.975860] UNIX 1288KB 1294KB [ 888.989551] tcp_bind_bucket 3KB 12KB [ 888.993125] (UME) 698*64kB (UM) 59*128kB (UM) 6*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 155400kB [ 888.995424] inet_peer_cache 0KB 4KB [ 889.010971] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 889.019532] xfrm_state 8KB 8KB [ 889.028077] ip_fib_trie 34KB 39KB [ 889.039538] ip_fib_alias 164KB 173KB [ 889.044964] ip_dst_cache 4KB 20KB [ 889.045851] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 889.055828] CPU: 1 PID: 14069 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 889.059538] RAW 87KB 107KB [ 889.062847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 889.062858] Call Trace: [ 889.068235] UDP 29KB 45KB [ 889.077613] dump_stack+0x172/0x1f0 [ 889.077633] warn_alloc.cold+0x7b/0x173 [ 889.077651] ? zone_watermark_ok_safe+0x260/0x260 [ 889.077673] ? try_to_compact_pages+0x44/0xae0 [ 889.089541] TCP 8KB 16KB [ 889.093225] __alloc_pages_slowpath+0x220e/0x2870 [ 889.098057] hugetlbfs_inode_cache 2KB 15KB [ 889.102668] ? warn_alloc+0x110/0x110 [ 889.102685] ? __lock_is_held+0xb6/0x140 [ 889.102705] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 889.119539] fscache_cookie_jar 1KB 11KB [ 889.122404] ? should_fail+0x14d/0x85c [ 889.126458] eventpoll_pwq 22KB 35KB [ 889.131999] ? __isolate_free_page+0x4c0/0x4c0 [ 889.132018] ? __might_sleep+0x95/0x190 [ 889.132039] __alloc_pages_nodemask+0x617/0x750 [ 889.132062] ? __alloc_pages_slowpath+0x2870/0x2870 [ 889.149534] eventpoll_epi 41KB 66KB [ 889.151338] ? find_held_lock+0x35/0x130 [ 889.155295] inotify_inode_mark 33KB 63KB [ 889.159966] ? wait_for_completion+0x440/0x440 [ 889.159983] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 889.160004] alloc_pages_current+0x107/0x210 [ 889.160025] ion_page_pool_alloc+0x137/0x1d0 [ 889.165047] request_queue 163KB 163KB [ 889.170407] ion_system_heap_allocate+0x154/0xa90 [ 889.170426] ? ion_system_heap_free+0x250/0x250 [ 889.170454] ion_alloc+0x475/0x900 [ 889.179531] blkdev_requests 1KB 3KB [ 889.179972] ? ion_dma_buf_release+0x50/0x50 [ 889.184536] blkdev_ioc 42KB 54KB [ 889.190085] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 889.190101] ? _copy_from_user+0xdd/0x150 [ 889.190123] ion_ioctl+0x17b/0x329 [ 889.199527] bio-0 2356KB 2538KB [ 889.204291] ? ion_alloc.cold+0x28/0x28 [ 889.209130] biovec-max 4281KB 4364KB [ 889.213802] ? __might_sleep+0x95/0x190 [ 889.213820] ? ion_alloc.cold+0x28/0x28 [ 889.213837] do_vfs_ioctl+0xd5f/0x1380 [ 889.213854] ? selinux_file_ioctl+0x46f/0x5e0 [ 889.213872] ? selinux_file_ioctl+0x125/0x5e0 [ 889.229542] biovec-64 2469KB 2748KB [ 889.232539] ? ioctl_preallocate+0x210/0x210 [ 889.238076] biovec-16 325KB 420KB [ 889.242230] ? selinux_file_mprotect+0x620/0x620 [ 889.242251] ? iterate_fd+0x360/0x360 [ 889.242266] ? nsecs_to_jiffies+0x30/0x30 [ 889.242297] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 889.259547] bio_integrity_payload 1KB 8KB [ 889.260521] ? security_file_ioctl+0x8d/0xc0 [ 889.264491] khugepaged_mm_slot 4KB 19KB [ 889.268473] ksys_ioctl+0xab/0xd0 [ 889.272421] dmaengine-unmap-256 2KB 6KB [ 889.276842] __x64_sys_ioctl+0x73/0xb0 [ 889.289554] dmaengine-unmap-128 1KB 3KB [ 889.291096] do_syscall_64+0xfd/0x620 [ 889.296444] dmaengine-unmap-16 0KB 4KB [ 889.301198] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 889.301211] RIP: 0033:0x459829 [ 889.301236] Code: Bad RIP value. [ 889.309519] dmaengine-unmap-2 0KB 3KB [ 889.314687] RSP: 002b:00007fd20548ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 889.329536] skbuff_fclone_cache 105KB 198KB [ 889.330244] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 889.330258] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 889.333712] skbuff_head_cache 7089KB 7143KB [ 889.339232] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 889.339246] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd20548f6d4 [ 889.343184] configfs_dir_cache 0KB 8KB [ 889.348665] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 889.359526] file_lock_cache 0KB 3KB [ 889.373186] Node 0 [ 889.379515] file_lock_ctx 0KB 3KB [ 889.387403] Normal: [ 889.388299] fsnotify_mark_connector 19KB 39KB [ 889.396564] 0*4kB [ 889.419536] net_namespace 121KB 121KB [ 889.428613] 0*8kB [ 889.435815] Node 0 [ 889.446806] 0*16kB [ 889.459525] shmem_inode_cache 5125KB 5472KB [ 889.465746] 0*32kB [ 889.469391] task_delay_info 66KB 233KB [ 889.471581] 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 889.471629] Node 1 Normal: 20251*4kB (U) 1235*8kB [ 889.474043] Mem-Info: [ 889.476252] (U) [ 889.481687] active_anon:71345 inactive_anon:202 isolated_anon:0 [ 889.481687] active_file:186 inactive_file:880 isolated_file:0 [ 889.481687] unevictable:0 dirty:0 writeback:0 unstable:0 [ 889.481687] slab_reclaimable:12493 slab_unreclaimable:105619 [ 889.481687] mapped:53017 shmem:245 pagetables:800 bounce:0 [ 889.481687] free:45362 free_pcp:723 free_cma:0 [ 889.481720] Node 0 active_anon:284528kB inactive_anon:808kB active_file:736kB inactive_file:3512kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:120620kB dirty:0kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 889.481752] Node 1 active_anon:852kB inactive_anon:0kB active_file:8kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91448kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 889.489379] 69*16kB [ 889.496478] taskstats 32KB 80KB [ 889.496488] proc_dir_entry 1072KB 1106KB [ 889.496497] pde_opener 0KB 3KB [ 889.496507] seq_file 163KB 307KB [ 889.496517] sigqueue 43KB 86KB [ 889.496532] kernfs_node_cache 13548KB 13568KB [ 889.507761] (UME) [ 889.549526] Node 0 [ 889.580558] 865*32kB [ 889.609529] mnt_cache 181KB 196KB [ 889.649707] DMA free:10348kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 889.695542] DMA free:10348kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 889.699527] filp 2681KB 4188KB [ 889.739538] lowmem_reserve[]: [ 889.739548] (U) [ 889.739565] 0 [ 889.742703] 0*64kB [ 889.744677] 2555 [ 889.746473] 0*128kB [ 889.748699] 2557 2557 [ 889.779539] names_cache 44115KB 44136KB [ 889.779552] iint_cache 36KB 63KB [ 889.782083] Node 0 [ 889.787452] hashtab_node 118KB 119KB [ 889.819613] 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 119668kB [ 889.825941] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 889.829543] DMA32 free:17664kB min:36248kB low:45308kB high:54368kB active_anon:282480kB inactive_anon:808kB active_file:224kB inactive_file:236kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2692kB bounce:0kB free_pcp:1844kB local_pcp:1656kB free_cma:0kB [ 889.854127] ebitmap_node 1058KB 1071KB [ 889.884876] avtab_node 1012KB 1013KB [ 889.893920] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 889.899979] lowmem_reserve[]: 0 2555 2557 2557 [ 889.907143] Node 0 DMA32 free:17664kB min:36248kB low:45308kB high:54368kB active_anon:282480kB inactive_anon:808kB active_file:224kB inactive_file:236kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2692kB bounce:0kB free_pcp:1868kB local_pcp:1656kB free_cma:0kB [ 889.908132] avc_node 48KB 55KB [ 889.936571] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 889.947357] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 889.959633] lowmem_reserve[]: 0 0 2 2 [ 889.966536] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 889.968254] selinux_file_security 168KB 329KB [ 889.992545] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 889.999546] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 890.010129] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 890.024097] lowmem_reserve[]: 0 0 0 0 [ 890.025083] selinux_inode_security 3224KB 3488KB [ 890.027946] Node 1 [ 890.033838] syz-executor.5 cpuset= [ 890.034792] key_jar 4KB 11KB [ 890.036091] syz5 [ 890.044258] uts_namespace 6KB 11KB [ 890.045044] lowmem_reserve[]: [ 890.046958] nsproxy 5KB 11KB [ 890.052389] Normal free:26680kB min:53608kB low:67008kB high:80408kB active_anon:852kB inactive_anon:0kB active_file:8kB inactive_file:8kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:508kB bounce:0kB free_pcp:308kB local_pcp:248kB free_cma:0kB [ 890.052394] lowmem_reserve[]: 0 [ 890.056468] 270 total pagecache pages [ 890.060921] mems_allowed=0-1 [ 890.060943] CPU: 0 PID: 14069 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 890.060953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 890.060964] Call Trace: [ 890.094260] vm_area_struct 3027KB 5738KB [ 890.095568] dump_stack+0x172/0x1f0 [ 890.098660] mm_struct 430KB 819KB [ 890.105675] warn_alloc.cold+0x7b/0x173 [ 890.105695] ? zone_watermark_ok_safe+0x260/0x260 [ 890.105737] __alloc_pages_slowpath+0x220e/0x2870 [ 890.105773] ? warn_alloc+0x110/0x110 [ 890.120708] fs_cache 39KB 96KB [ 890.123041] ? __lock_is_held+0xb6/0x140 [ 890.126650] files_cache 154KB 262KB [ 890.132014] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 890.132027] ? should_fail+0x14d/0x85c [ 890.132049] ? __might_sleep+0x95/0x190 [ 890.132070] __alloc_pages_nodemask+0x617/0x750 [ 890.132094] ? __alloc_pages_slowpath+0x2870/0x2870 [ 890.132122] ? wait_for_completion+0x440/0x440 [ 890.139570] signal_cache 518KB 797KB [ 890.140934] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 890.145760] sighand_cache 497KB 534KB [ 890.149563] alloc_pages_current+0x107/0x210 [ 890.149583] ion_page_pool_alloc+0x137/0x1d0 [ 890.149598] ion_system_heap_allocate+0x154/0xa90 [ 890.149619] ? ion_system_heap_free+0x250/0x250 [ 890.149644] ion_alloc+0x475/0x900 [ 890.149667] ? ion_dma_buf_release+0x50/0x50 [ 890.176037] task_struct 2270KB 2326KB [ 890.178078] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 890.185840] cred_jar 286KB 608KB [ 890.187762] ? _copy_from_user+0xdd/0x150 [ 890.197910] 0 pages in swap cache [ 890.203232] ion_ioctl+0x17b/0x329 [ 890.203250] ? ion_alloc.cold+0x28/0x28 [ 890.203268] ? __might_sleep+0x95/0x190 [ 890.203284] ? ion_alloc.cold+0x28/0x28 [ 890.203300] do_vfs_ioctl+0xd5f/0x1380 [ 890.203315] ? selinux_file_ioctl+0x46f/0x5e0 [ 890.203328] ? selinux_file_ioctl+0x125/0x5e0 [ 890.203345] ? ioctl_preallocate+0x210/0x210 [ 890.203358] ? selinux_file_mprotect+0x620/0x620 [ 890.203380] ? iterate_fd+0x360/0x360 [ 890.203400] ? nsecs_to_jiffies+0x30/0x30 [ 890.215100] anon_vma_chain 1701KB 3563KB [ 890.217613] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 890.236480] anon_vma 166KB 573KB [ 890.240384] ? security_file_ioctl+0x8d/0xc0 [ 890.240403] ksys_ioctl+0xab/0xd0 [ 890.240421] __x64_sys_ioctl+0x73/0xb0 [ 890.240440] do_syscall_64+0xfd/0x620 [ 890.240461] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 890.240472] RIP: 0033:0x459829 [ 890.240498] Code: Bad RIP value. [ 890.240513] RSP: 002b:00007fd20548ec78 EFLAGS: 00000246 [ 890.246140] Swap cache stats: add 0, delete 0, find 0/0 [ 890.251408] ORIG_RAX: 0000000000000010 [ 890.251417] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 890.251425] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 890.251433] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 890.251441] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd20548f6d4 [ 890.251449] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 890.257895] 0 [ 890.259582] pid 44KB 200KB [ 890.262730] 0 [ 890.266656] Acpi-Operand 156KB 190KB [ 890.270722] 0 [ 890.280414] CPU: 1 PID: 14063 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 890.283047] 2 [ 890.287489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 890.291936] 0 [ 890.296637] Call Trace: [ 890.300466] 2 [ 890.304576] dump_stack+0x172/0x1f0 [ 890.309952] 0 [ 890.315455] warn_alloc.cold+0x7b/0x173 [ 890.325212] ? zone_watermark_ok_safe+0x260/0x260 [ 890.328639] Node 0 [ 890.332551] __alloc_pages_slowpath+0x220e/0x2870 [ 890.332590] ? warn_alloc+0x110/0x110 [ 890.341601] ? __lock_is_held+0xb6/0x140 [ 890.341623] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 890.341641] ? should_fail+0x14d/0x85c [ 890.344870] Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 890.348295] ? __might_sleep+0x95/0x190 [ 890.353680] Node 0 [ 890.359002] __alloc_pages_nodemask+0x617/0x750 [ 890.362996] lowmem_reserve[]: [ 890.370240] ? __alloc_pages_slowpath+0x2870/0x2870 [ 890.370265] ? retint_kernel+0x2d/0x2d [ 890.377531] DMA: [ 890.384800] ? wait_for_completion+0x440/0x440 [ 890.384817] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 890.384847] alloc_pages_current+0x107/0x210 [ 890.392146] 0 [ 890.399385] ion_page_pool_alloc+0x137/0x1d0 [ 890.401240] 14*4kB [ 890.406539] ion_system_heap_allocate+0x154/0xa90 [ 890.408321] (UE) [ 890.413691] ? ion_system_heap_free+0x250/0x250 [ 890.413715] ion_alloc+0x475/0x900 [ 890.413738] ? ion_dma_buf_release+0x50/0x50 [ 890.415534] 0 [ 890.422542] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 890.422559] ? _copy_from_user+0xdd/0x150 [ 890.422578] ion_ioctl+0x17b/0x329 [ 890.424377] 34*8kB [ 890.433749] ? ion_alloc.cold+0x28/0x28 [ 890.433769] ? __might_sleep+0x95/0x190 [ 890.433788] ? ion_alloc.cold+0x28/0x28 [ 890.435592] 0 [ 890.438170] do_vfs_ioctl+0xd5f/0x1380 [ 890.439985] 0 [ 890.443580] ? selinux_file_ioctl+0x46f/0x5e0 [ 890.449340] ? selinux_file_ioctl+0x125/0x5e0 [ 890.469512] (UE) [ 890.474572] ? ioctl_preallocate+0x210/0x210 [ 890.478445] 37*16kB [ 890.503613] ? selinux_file_mprotect+0x620/0x620 [ 890.503634] ? iterate_fd+0x360/0x360 [ 890.503648] ? nsecs_to_jiffies+0x30/0x30 [ 890.503671] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 890.503692] ? security_file_ioctl+0x8d/0xc0 [ 890.534470] Node 1 [ 890.538715] ksys_ioctl+0xab/0xd0 [ 890.543208] Normal free:26680kB min:53608kB low:67008kB high:80408kB active_anon:852kB inactive_anon:0kB active_file:8kB inactive_file:8kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:508kB bounce:0kB free_pcp:308kB local_pcp:248kB free_cma:0kB [ 890.544934] __x64_sys_ioctl+0x73/0xb0 [ 890.549322] lowmem_reserve[]: [ 890.551836] do_syscall_64+0xfd/0x620 [ 890.551854] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 890.551865] RIP: 0033:0x459829 [ 890.551891] Code: Bad RIP value. [ 890.556736] 0 [ 890.558793] RSP: 002b:00007fbb7017ac78 EFLAGS: 00000246 [ 890.563528] (U) [ 890.566996] ORIG_RAX: 0000000000000010 [ 890.571471] 0 [ 890.573203] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 890.578730] 0 [ 890.582873] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 890.582881] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 890.582889] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbb7017b6d4 [ 890.582896] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 890.716149] 23*32kB [ 890.718303] Free swap = 0kB [ 890.735288] Acpi-ParseExt 8KB 11KB [ 890.736769] Total swap = 0kB [ 890.749630] (UE) [ 890.751548] warn_alloc_show_mem: 2 callbacks suppressed [ 890.751553] Mem-Info: [ 890.758653] 11*64kB [ 890.761323] active_anon:71345 inactive_anon:202 isolated_anon:0 [ 890.761323] active_file:8 inactive_file:10 isolated_file:0 [ 890.761323] unevictable:0 dirty:0 writeback:0 unstable:0 [ 890.761323] slab_reclaimable:12493 slab_unreclaimable:105620 [ 890.761323] mapped:43522 shmem:245 pagetables:774 bounce:0 [ 890.761323] free:64862 free_pcp:1083 free_cma:0 [ 890.778961] Acpi-Parse 41KB 47KB [ 890.780059] 1965979 pages RAM [ 890.780065] 0 pages HighMem/MovableOnly [ 890.780070] 338856 pages reserved [ 890.780074] 0 pages cma reserved [ 890.799567] Node 0 active_anon:284528kB inactive_anon:808kB active_file:24kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:82640kB dirty:0kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 890.823218] Acpi-State 52KB 63KB [ 890.861871] 0 [ 890.871073] Acpi-Namespace 20KB 23KB [ 890.878491] numa_policy 0KB 3KB [ 890.879855] (UE) [ 890.888830] debug_objects_cache 1209KB 1219KB [ 890.897549] trace_event_file 263KB 266KB [ 890.898001] Node 1 active_anon:852kB inactive_anon:0kB active_file:8kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91448kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 890.907609] ftrace_event_field 382KB 385KB [ 890.932853] 8*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10296kB [ 890.945352] Node 0 DMA: 14*4kB (UE) 34*8kB (UE) 37*16kB (U) 23*32kB (UE) 11*64kB (UE) 8*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10296kB [ 890.946200] Node 0 [ 890.964102] Node 0 DMA free:10296kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 890.990670] pool_workqueue 113KB 124KB [ 890.991733] DMA32: [ 890.996071] task_group 5KB 7KB [ 890.996082] page->ptl 638KB 1612KB [ 890.996132] kmalloc-2097152 2050KB 2050KB [ 890.996144] kmalloc-524288 2056KB 2056KB [ 890.996153] kmalloc-262144 1290KB 1290KB [ 890.996162] kmalloc-131072 780KB 780KB [ 890.996172] kmalloc-65536 40392KB 40392KB [ 890.996182] kmalloc-32768 2937KB 3069KB [ 890.996197] kmalloc-16384 940KB 990KB [ 890.999233] 1413*4kB [ 891.009781] kmalloc-8192 4405KB 4504KB [ 891.015642] lowmem_reserve[]: [ 891.025164] kmalloc-4096 36312KB 36371KB [ 891.036394] 0 [ 891.037635] Node 0 [ 891.046538] (UME) [ 891.049902] 815*8kB [ 891.055469] kmalloc-2048 18982KB 19131KB [ 891.069430] 2555 [ 891.070278] DMA32: [ 891.072543] 2557 [ 891.077898] 289*4kB (E) 661*8kB (UME) 116*16kB (UME) 23*32kB (ME) 529*64kB (U) 59*128kB (UM) 6*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 51980kB [ 891.077995] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB [ 891.085317] (UME) [ 891.098274] kmalloc-1024 15627KB 15986KB [ 891.114033] 2557 [ 891.114622] kmalloc-512 12002KB 12247KB [ 891.123002] kmalloc-256 5371KB 5448KB [ 891.127992] Node 0 DMA32 free:45176kB min:36248kB low:45308kB high:54368kB active_anon:282480kB inactive_anon:808kB active_file:24kB inactive_file:3832kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2588kB bounce:0kB free_pcp:1940kB local_pcp:312kB free_cma:0kB [ 891.128421] kmalloc-128 1500KB 1515KB [ 891.128435] kmalloc-96 2353KB 2576KB [ 891.174181] 0*2048kB 0*4096kB = 0kB [ 891.177860] Node 1 Normal: 8424*4kB (U) 4*8kB (U) 8*16kB (UME) 831*32kB (U) 574*64kB (U) 382*128kB (U) 72*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 164512kB [ 891.179576] 115*16kB (ME) 90*32kB (UME) 737*64kB (U) 59*128kB (UM) 6*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 73148kB [ 891.218039] kmalloc-64 3365KB 3428KB [ 891.223626] kmalloc-32 3422KB 3724KB [ 891.229010] kmalloc-192 2916KB 3064KB [ 891.234578] kmem_cache 248KB 255KB [ 891.240190] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 891.240607] lowmem_reserve[]: [ 891.252166] Out of memory: Kill process 7947 (syz-fuzzer) score 41 or sacrifice child [ 891.256426] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 891.264152] Killed process 14043 (syz-executor.4) total-vm:72452kB, anon-rss:64kB, file-rss:0kB, shmem-rss:0kB [ 891.295715] 0 0 2 2 [ 891.298207] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 891.328957] Node 1 Normal: 4812*4kB (UM) 5*8kB (UM) 2*16kB (UE) 827*32kB (UM) 573*64kB (U) 383*128kB (UM) 68*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 148888kB [ 891.331412] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 891.344720] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 891.375723] lowmem_reserve[]: 0 0 0 0 [ 891.379769] Node 1 Normal free:145108kB min:53608kB low:67008kB high:80408kB active_anon:852kB inactive_anon:0kB active_file:8kB inactive_file:1308kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:508kB bounce:0kB free_pcp:392kB local_pcp:188kB free_cma:0kB [ 891.379816] lowmem_reserve[]: [ 891.415111] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 891.418654] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 891.427400] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 891.459678] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 891.473753] 0 0 0 0 [ 891.476228] Node 0 DMA: 14*4kB (UE) 34*8kB (UE) 37*16kB (U) 23*32kB (UE) 11*64kB (UE) 8*128kB (UE) 1*256kB (E) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10296kB [ 891.479565] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 891.507281] 2067 total pagecache pages [ 891.509558] 2067 total pagecache pages [ 891.518034] Node 0 DMA32: 291*4kB (UME) 388*8kB (UME) 133*16kB (UME) 29*32kB (UME) 447*64kB (U) 59*128kB (UM) 6*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 45020kB [ 891.519702] 0 pages in swap cache [ 891.537107] 0 pages in swap cache [ 891.543399] Swap cache stats: add 0, delete 0, find 0/0 [ 891.548800] Free swap = 0kB [ 891.549642] Swap cache stats: add 0, delete 0, find 0/0 [ 891.554787] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 891.557521] Free swap = 0kB [ 891.577619] Total swap = 0kB [ 891.585785] 1965979 pages RAM [ 891.588916] 0 pages HighMem/MovableOnly [ 891.589556] Total swap = 0kB [ 891.596379] 1965979 pages RAM [ 891.599433] 338856 pages reserved [ 891.599717] 0 pages HighMem/MovableOnly [ 891.603257] 0 pages cma reserved [ 891.607022] 338856 pages reserved [ 891.616791] Node 1 Normal: 1*4kB (M) 1*8kB (U) 2*16kB (UE) 1*32kB (U) 307*64kB (UM) 383*128kB (UM) 64*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 85132kB [ 891.629616] 0 pages cma reserved [ 891.671935] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 891.684327] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 891.696304] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 891.717405] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 891.733214] 2104 total pagecache pages [ 891.737580] 0 pages in swap cache [ 891.744460] Swap cache stats: add 0, delete 0, find 0/0 [ 891.753195] Free swap = 0kB [ 891.756225] Total swap = 0kB [ 891.759244] 1965979 pages RAM [ 891.789558] 0 pages HighMem/MovableOnly [ 891.793575] 338856 pages reserved [ 891.797029] 0 pages cma reserved [ 892.020420] device bridge_slave_1 left promiscuous mode [ 892.026022] bridge0: port 2(bridge_slave_1) entered disabled state [ 892.090593] device bridge_slave_0 left promiscuous mode [ 892.112683] bridge0: port 1(bridge_slave_0) entered disabled state [ 892.323302] device hsr_slave_1 left promiscuous mode [ 892.366236] device hsr_slave_0 left promiscuous mode [ 892.422102] team0 (unregistering): Port device team_slave_1 removed [ 892.440671] team0 (unregistering): Port device team_slave_0 removed [ 892.470657] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 892.505929] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 892.653568] bond0 (unregistering): Released all slaves [ 893.644479] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 893.661822] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 893.667285] CPU: 1 PID: 14065 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 893.674312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 893.683693] Call Trace: [ 893.686321] dump_stack+0x172/0x1f0 [ 893.689990] warn_alloc.cold+0x7b/0x173 [ 893.693997] ? zone_watermark_ok_safe+0x260/0x260 [ 893.698877] ? try_to_compact_pages+0x44/0xae0 [ 893.703519] __alloc_pages_slowpath+0x220e/0x2870 [ 893.708427] ? warn_alloc+0x110/0x110 [ 893.712260] ? __lock_is_held+0xb6/0x140 [ 893.716363] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 893.721934] ? should_fail+0x14d/0x85c [ 893.725859] ? __isolate_free_page+0x4c0/0x4c0 [ 893.730475] ? __might_sleep+0x95/0x190 [ 893.734488] __alloc_pages_nodemask+0x617/0x750 [ 893.740695] ? __alloc_pages_slowpath+0x2870/0x2870 [ 893.745764] ? wait_for_completion+0x440/0x440 [ 893.750384] ? kasan_check_write+0x14/0x20 [ 893.754649] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 893.760223] alloc_pages_current+0x107/0x210 [ 893.764667] ion_page_pool_alloc+0x137/0x1d0 [ 893.769106] ion_system_heap_allocate+0x154/0xa90 [ 893.773987] ? ion_system_heap_free+0x250/0x250 [ 893.778692] ion_alloc+0x475/0x900 [ 893.782276] ? ion_dma_buf_release+0x50/0x50 [ 893.786726] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 893.792295] ? _copy_from_user+0xdd/0x150 [ 893.796479] ion_ioctl+0x17b/0x329 [ 893.800050] ? ion_alloc.cold+0x28/0x28 [ 893.804046] ? __might_sleep+0x95/0x190 [ 893.808040] ? ion_alloc.cold+0x28/0x28 [ 893.812048] do_vfs_ioctl+0xd5f/0x1380 [ 893.816128] ? selinux_file_ioctl+0x46f/0x5e0 [ 893.820637] ? selinux_file_ioctl+0x125/0x5e0 [ 893.825151] ? ioctl_preallocate+0x210/0x210 [ 893.829570] ? selinux_file_mprotect+0x620/0x620 [ 893.834348] ? iterate_fd+0x360/0x360 [ 893.838159] ? nsecs_to_jiffies+0x30/0x30 [ 893.842355] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 893.847928] ? security_file_ioctl+0x8d/0xc0 [ 893.852373] ksys_ioctl+0xab/0xd0 [ 893.855845] __x64_sys_ioctl+0x73/0xb0 [ 893.859752] do_syscall_64+0xfd/0x620 [ 893.863573] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 893.868778] RIP: 0033:0x459829 [ 893.871995] Code: Bad RIP value. [ 893.875365] RSP: 002b:00007f8d57f4cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 893.883092] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 893.890380] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000004 [ 893.897665] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 893.905018] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f4d6d4 [ 893.912306] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 893.931809] Mem-Info: [ 893.934320] active_anon:71190 inactive_anon:202 isolated_anon:0 [ 893.934320] active_file:26 inactive_file:2055 isolated_file:0 [ 893.934320] unevictable:0 dirty:194 writeback:0 unstable:0 [ 893.934320] slab_reclaimable:12468 slab_unreclaimable:104251 [ 893.934320] mapped:44894 shmem:245 pagetables:727 bounce:0 [ 893.934320] free:39339 free_pcp:60 free_cma:0 [ 893.974942] Node 0 active_anon:283892kB inactive_anon:808kB active_file:84kB inactive_file:5636kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:86588kB dirty:416kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 894.007386] Node 1 active_anon:868kB inactive_anon:0kB active_file:20kB inactive_file:2584kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:92988kB dirty:360kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 894.073708] Node 0 DMA free:10360kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 894.109552] lowmem_reserve[]: 0 2555 2557 2557 [ 894.114213] Node 0 DMA32 free:45140kB min:36248kB low:45308kB high:54368kB active_anon:281844kB inactive_anon:808kB active_file:84kB inactive_file:5636kB unevictable:0kB writepending:416kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6560kB pagetables:2252kB bounce:0kB free_pcp:616kB local_pcp:376kB free_cma:0kB [ 894.149543] lowmem_reserve[]: 0 0 2 2 [ 894.153428] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 894.179560] lowmem_reserve[]: 0 0 0 0 [ 894.183414] Node 1 Normal free:84660kB min:53608kB low:67008kB high:80408kB active_anon:868kB inactive_anon:0kB active_file:20kB inactive_file:2584kB unevictable:0kB writepending:360kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:508kB bounce:0kB free_pcp:632kB local_pcp:388kB free_cma:0kB [ 894.212409] lowmem_reserve[]: 0 0 0 0 [ 894.216263] Node 0 DMA: 15*4kB (UE) 34*8kB (UE) 37*16kB (U) 23*32kB (UE) 2*64kB (UE) 5*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10364kB [ 894.231724] Node 0 DMA32: 6711*4kB (UE) 1785*8kB (UME) 167*16kB (UME) 43*32kB (UME) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 45172kB [ 894.245666] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 894.256538] Node 1 Normal: 9861*4kB (U) 1176*8kB (U) 1636*16kB (UE) 301*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 84660kB [ 894.279563] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 894.288461] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 894.306665] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 894.316111] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 894.324853] 2328 total pagecache pages [ 894.328770] 0 pages in swap cache [ 894.332350] Swap cache stats: add 0, delete 0, find 0/0 [ 894.337735] Free swap = 0kB [ 894.349587] Total swap = 0kB [ 894.352646] 1965979 pages RAM [ 894.355755] 0 pages HighMem/MovableOnly [ 894.359813] 338856 pages reserved [ 894.363279] 0 pages cma reserved 04:53:26 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) 04:53:26 executing program 4: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) r1 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x2, 0x280000) getsockopt$EBT_SO_GET_INFO(r1, 0x0, 0x80, &(0x7f0000000340)={'filter\x00'}, &(0x7f00000003c0)=0x78) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f00000002c0)=0x1f, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000280)={r1, 0xc0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=0x8, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x3}, 0x0, 0x0, &(0x7f0000000100)={0x1, 0x0, 0x4, 0x5}, &(0x7f0000000140)=0x1, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=0xd078}}, 0x10) 04:53:26 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x58) 04:53:26 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)=ANY=[@ANYBLOB="14bc0200000000000000002e90088f2a0a00000000080008000100000007e105e801be341b45b3030008000bf72629bd1d22c9cde992539dfbe5a5a9157d8417c380b13e4835514477c0187a5de93cf9dbe8352e0d888f0dc2d7cb3f5c24997c5af326cee61c28c057e3a1eacce9fc00edcc7b2a09abd4fc464f5ff8b0e9273d4112707ec64a140b1df7575f0e470522920faafed654502b110a15e226196a1857fb46aa82a9b37363546039387091a8230d78d2ed866f5416d14a7d047a352a9f1b47b2"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc0a85352, &(0x7f0000000500)={{0xdb65, 0x800}, 'port1\x00', 0x1, 0x100000, 0x9, 0x1, 0x7, 0x245, 0x6, 0x0, 0x2, 0x100}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f0000000380)={0x2, 0x2, 0x8, 0x0, 0xc}) 04:53:26 executing program 5: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1, 0x0, 0xffffffffffffffff, 0x4000000000000000}) 04:53:26 executing program 3: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x101000, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0x1c, &(0x7f0000000080), &(0x7f00000000c0)) r1 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000100)={0x0, @in6={{0xa, 0x4e23, 0xf4c3, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x40}}, 0x400, 0x80000001}, &(0x7f0000000080)=0x90) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000001c0)={r2, @in6={{0xa, 0x4e20, 0x101, @mcast1, 0x7fffffff}}, 0x9, 0xce}, 0x90) ioctl$FS_IOC_GETVERSION(r1, 0x80087601, &(0x7f0000000280)) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) 04:53:26 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) 04:53:26 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) 04:53:26 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={0x0}}, 0x0) [ 895.360473] device bridge_slave_1 left promiscuous mode [ 895.366128] bridge0: port 2(bridge_slave_1) entered disabled state 04:53:26 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={0x0}}, 0x0) [ 895.432801] device bridge_slave_0 left promiscuous mode [ 895.438407] bridge0: port 1(bridge_slave_0) entered disabled state 04:53:27 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={0x0}}, 0x0) 04:53:27 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x15c, 0x10, 0x0, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24}]}, 0x15c}}, 0x0) [ 895.738118] device hsr_slave_1 left promiscuous mode [ 895.796486] device hsr_slave_0 left promiscuous mode [ 895.868056] team0 (unregistering): Port device team_slave_1 removed [ 895.928220] team0 (unregistering): Port device team_slave_0 removed [ 895.958879] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 896.012813] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 896.229167] bond0 (unregistering): Released all slaves 04:53:27 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008000100000007e10500ac14341b080003000800e80f0126653dc481158d034e42ce53ecf4ceeae5fdb51d26c4680166509a866a4f75c7e1a5e6b952834393e20249b38161d3d7c3e35a35b4edb67eae65d8a1cca868f0ddc739076a841ccc29b5649dfe438cd256f6a8b2b9f5d45be5b7bd16c753a4cdd166692ceee124ee0aad8afd7b9ff4a69b38803949cb12ab2e38ff8632b3a79666af16e8f8697d6267943eb627999c3bad63de97b9b6a742466fb73b27678d05403acb87c3cc2caa40179789571519188363e2253d592b805d3cf1e13ae65f23849392283b958ac6"], 0x1}}, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r2, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) 04:53:27 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x15c, 0x10, 0x0, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24}]}, 0x15c}}, 0x0) [ 898.323006] FAT-fs (loop1): Directory bread(block 1281) failed [ 898.329076] FAT-fs (loop1): Directory bread(block 1282) failed [ 898.358222] IPVS: ftp: loaded support on port[0] = 21 [ 898.359555] FAT-fs (loop1): Directory bread(block 1283) failed [ 898.400678] FAT-fs (loop1): Directory bread(block 1284) failed [ 898.406741] FAT-fs (loop1): Directory bread(block 1285) failed [ 898.418997] IPVS: ftp: loaded support on port[0] = 21 [ 898.429695] FAT-fs (loop1): Directory bread(block 1286) failed [ 898.435842] FAT-fs (loop1): Directory bread(block 1287) failed [ 898.459758] FAT-fs (loop1): Directory bread(block 1288) failed [ 898.465811] FAT-fs (loop1): Directory bread(block 1289) failed [ 898.483635] FAT-fs (loop1): Directory bread(block 1290) failed [ 898.566629] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 898.599821] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 898.605346] CPU: 0 PID: 14089 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 898.612944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 898.622303] Call Trace: [ 898.624930] dump_stack+0x172/0x1f0 [ 898.629289] warn_alloc.cold+0x7b/0x173 [ 898.633272] ? zone_watermark_ok_safe+0x260/0x260 [ 898.638123] ? try_to_compact_pages+0x44/0xae0 [ 898.642734] __alloc_pages_slowpath+0x220e/0x2870 [ 898.647609] ? warn_alloc+0x110/0x110 [ 898.651419] ? __lock_is_held+0xb6/0x140 [ 898.655494] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 898.661038] ? should_fail+0x14d/0x85c [ 898.664957] ? __isolate_free_page+0x4c0/0x4c0 [ 898.669552] ? __might_sleep+0x95/0x190 [ 898.673538] __alloc_pages_nodemask+0x617/0x750 [ 898.678218] ? __alloc_pages_slowpath+0x2870/0x2870 [ 898.683249] ? wait_for_completion+0x440/0x440 [ 898.687843] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 898.693392] alloc_pages_current+0x107/0x210 [ 898.697809] ion_page_pool_alloc+0x137/0x1d0 [ 898.702229] ion_system_heap_allocate+0x154/0xa90 [ 898.707081] ? ion_system_heap_free+0x250/0x250 [ 898.711767] ion_alloc+0x29b/0x900 [ 898.715321] ? ion_dma_buf_release+0x50/0x50 [ 898.719746] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 898.725295] ? _copy_from_user+0xdd/0x150 [ 898.729465] ion_ioctl+0x17b/0x329 [ 898.733016] ? ion_alloc.cold+0x28/0x28 [ 898.736999] ? __might_sleep+0x95/0x190 [ 898.740983] ? ion_alloc.cold+0x28/0x28 [ 898.744969] do_vfs_ioctl+0xd5f/0x1380 [ 898.748886] ? selinux_file_ioctl+0x46f/0x5e0 [ 898.753386] ? selinux_file_ioctl+0x125/0x5e0 [ 898.757885] ? ioctl_preallocate+0x210/0x210 [ 898.762297] ? selinux_file_mprotect+0x620/0x620 [ 898.767064] ? iterate_fd+0x360/0x360 [ 898.770869] ? nsecs_to_jiffies+0x30/0x30 [ 898.775031] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 898.780576] ? security_file_ioctl+0x8d/0xc0 [ 898.784995] ksys_ioctl+0xab/0xd0 [ 898.788457] __x64_sys_ioctl+0x73/0xb0 [ 898.792354] do_syscall_64+0xfd/0x620 [ 898.796161] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 898.801355] RIP: 0033:0x459829 [ 898.804552] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 898.823464] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 898.831188] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 898.838484] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000004 [ 898.845766] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 898.853047] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 898.860329] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 898.955309] chnl_net:caif_netlink_parms(): no params data found [ 899.079282] chnl_net:caif_netlink_parms(): no params data found [ 899.107222] bridge0: port 1(bridge_slave_0) entered blocking state [ 899.116575] bridge0: port 1(bridge_slave_0) entered disabled state [ 899.127344] device bridge_slave_0 entered promiscuous mode [ 899.132315] Mem-Info: [ 899.135500] active_anon:71423 inactive_anon:208 isolated_anon:0 [ 899.135500] active_file:1328 inactive_file:5192 isolated_file:0 [ 899.135500] unevictable:0 dirty:484 writeback:0 unstable:0 [ 899.135500] slab_reclaimable:12513 slab_unreclaimable:104347 [ 899.135500] mapped:57148 shmem:252 pagetables:849 bounce:0 [ 899.135500] free:549554 free_pcp:779 free_cma:0 [ 899.169737] Node 0 active_anon:284832kB inactive_anon:832kB active_file:4664kB inactive_file:18800kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:135152kB dirty:1556kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 899.198119] Node 1 active_anon:860kB inactive_anon:0kB active_file:648kB inactive_file:1968kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:93440kB dirty:380kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 899.225290] Node 0 DMA free:10600kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 899.251949] lowmem_reserve[]: 0 2555 2557 2557 [ 899.256581] Node 0 DMA32 free:813392kB min:36248kB low:45308kB high:54368kB active_anon:282884kB inactive_anon:832kB active_file:4672kB inactive_file:18888kB unevictable:0kB writepending:1256kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2888kB bounce:0kB free_pcp:1676kB local_pcp:1272kB free_cma:0kB [ 899.286587] lowmem_reserve[]: 0 0 2 2 [ 899.286621] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 899.286666] lowmem_reserve[]: [ 899.316437] 0 0 0 [ 899.324460] bridge0: port 2(bridge_slave_1) entered blocking state [ 899.325139] 0 [ 899.331851] bridge0: port 2(bridge_slave_1) entered disabled state [ 899.332736] Node 1 Normal free:1374224kB min:53608kB low:67008kB high:80408kB active_anon:860kB inactive_anon:0kB active_file:648kB inactive_file:1968kB unevictable:0kB writepending:380kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:508kB bounce:0kB free_pcp:1420kB local_pcp:1420kB free_cma:0kB [ 899.369901] device bridge_slave_1 entered promiscuous mode [ 899.373747] lowmem_reserve[]: 0 0 0 0 [ 899.380479] Node 0 DMA: 55*4kB (UE) 50*8kB (UE) 37*16kB (U) 32*32kB (UE) 1*64kB (E) 3*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10620kB [ 899.402542] Node 0 DMA32: 54040*4kB (UM) 30194*8kB (UME) 13161*16kB (UME) 4045*32kB (UME) 193*64kB (U) 24*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 813152kB [ 899.418206] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 899.429210] Node 1 Normal: 83398*4kB (UE) 46524*8kB (UME) 21948*16kB (UE) 7952*32kB (UE) 802*64kB (U) 90*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 1374264kB [ 899.444802] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 899.444815] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 899.444826] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 899.463539] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 899.479878] 6841 total pagecache pages [ 899.479893] 0 pages in swap cache [ 899.479907] Swap cache stats: add 0, delete 0, find 0/0 [ 899.487243] Free swap = 0kB [ 899.495680] Total swap = 0kB [ 899.498695] 1965979 pages RAM [ 899.501860] 0 pages HighMem/MovableOnly [ 899.505839] 338856 pages reserved [ 899.509282] 0 pages cma reserved [ 899.588332] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 899.609701] bridge0: port 1(bridge_slave_0) entered blocking state [ 899.616111] bridge0: port 1(bridge_slave_0) entered disabled state [ 899.630687] device bridge_slave_0 entered promiscuous mode [ 899.639258] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 899.659767] bridge0: port 2(bridge_slave_1) entered blocking state [ 899.666191] bridge0: port 2(bridge_slave_1) entered disabled state [ 899.680776] device bridge_slave_1 entered promiscuous mode [ 899.732706] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 899.749296] team0: Port device team_slave_0 added [ 899.756784] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 899.771930] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 899.787348] team0: Port device team_slave_1 added [ 899.796202] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 899.808731] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 899.845843] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 899.867968] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 899.878630] team0: Port device team_slave_0 added [ 899.946730] device hsr_slave_0 entered promiscuous mode [ 899.983675] device hsr_slave_1 entered promiscuous mode [ 900.026345] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 900.035509] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 900.047944] team0: Port device team_slave_1 added [ 900.059792] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 900.077195] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 900.096699] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 900.106383] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 900.198516] device hsr_slave_0 entered promiscuous mode [ 900.255581] device hsr_slave_1 entered promiscuous mode [ 900.301830] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 900.320129] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 900.359379] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 900.383686] 8021q: adding VLAN 0 to HW filter on device bond0 [ 900.407005] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 900.438481] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 900.450750] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 900.470146] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 900.498286] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 900.509714] 8021q: adding VLAN 0 to HW filter on device team0 [ 900.518721] 8021q: adding VLAN 0 to HW filter on device bond0 [ 900.529177] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 900.539740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 900.547781] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 900.557324] bridge0: port 1(bridge_slave_0) entered blocking state [ 900.563765] bridge0: port 1(bridge_slave_0) entered forwarding state [ 900.574422] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 900.583710] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 900.592130] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 900.602506] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 900.613610] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 900.622642] bridge0: port 2(bridge_slave_1) entered blocking state [ 900.629018] bridge0: port 2(bridge_slave_1) entered forwarding state [ 900.639595] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 900.649126] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 900.657371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 900.665432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 900.678623] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 900.689882] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 900.695983] 8021q: adding VLAN 0 to HW filter on device team0 [ 900.711151] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 900.726967] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 900.738109] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 900.747433] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 900.755524] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 900.764383] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 900.778737] bridge0: port 1(bridge_slave_0) entered blocking state [ 900.785199] bridge0: port 1(bridge_slave_0) entered forwarding state [ 900.798614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 900.806908] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 900.823645] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 900.839095] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 900.848141] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 900.862972] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 900.871291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 900.879312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 900.887691] bridge0: port 2(bridge_slave_1) entered blocking state [ 900.894125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 900.902194] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 900.910422] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 900.920964] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 900.932902] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 900.940958] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 900.955754] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 900.963684] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 900.980531] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 900.988875] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 901.005376] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 901.011907] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 901.020627] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 901.028031] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 901.036335] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 901.044954] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 901.067147] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 901.083538] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 901.094290] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 901.104864] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 901.116895] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 901.128106] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 901.145123] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 901.152511] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 901.170372] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 901.178256] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 901.186578] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 901.198279] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 901.213273] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 901.229320] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 901.247209] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 901.268923] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 901.286927] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 901.296069] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 901.324937] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 901.347907] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 901.535798] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 901.557785] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 901.563996] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 901.575976] CPU: 1 PID: 14145 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 901.583015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 901.592468] Call Trace: [ 901.595075] dump_stack+0x172/0x1f0 [ 901.598722] warn_alloc.cold+0x7b/0x173 [ 901.602716] ? zone_watermark_ok_safe+0x260/0x260 [ 901.607575] ? __lock_is_held+0xb6/0x140 [ 901.609719] syz-executor.5 cpuset= [ 901.611677] __alloc_pages_slowpath+0x220e/0x2870 [ 901.611713] ? warn_alloc+0x110/0x110 [ 901.615325] syz5 [ 901.620088] ? __lock_is_held+0xb6/0x140 [ 901.630780] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 901.636327] ? should_fail+0x14d/0x85c [ 901.640245] ? __isolate_free_page+0x4c0/0x4c0 [ 901.644843] ? __might_sleep+0x95/0x190 [ 901.647151] mems_allowed=0-1 [ 901.648839] __alloc_pages_nodemask+0x617/0x750 [ 901.648876] ? __alloc_pages_slowpath+0x2870/0x2870 [ 901.648901] ? wait_for_completion+0x440/0x440 [ 901.667379] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 901.672937] alloc_pages_current+0x107/0x210 [ 901.677377] ion_page_pool_alloc+0x137/0x1d0 [ 901.681800] ion_system_heap_allocate+0x154/0xa90 [ 901.686659] ? ion_system_heap_free+0x250/0x250 [ 901.691360] ion_alloc+0x29b/0x900 [ 901.694921] ? ion_dma_buf_release+0x50/0x50 [ 901.699361] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 901.704912] ? _copy_from_user+0xdd/0x150 [ 901.709080] ion_ioctl+0x17b/0x329 [ 901.712633] ? ion_alloc.cold+0x28/0x28 [ 901.716630] ? __might_sleep+0x95/0x190 [ 901.720622] ? ion_alloc.cold+0x28/0x28 [ 901.724611] do_vfs_ioctl+0xd5f/0x1380 [ 901.728513] ? selinux_file_ioctl+0x46f/0x5e0 [ 901.733016] ? selinux_file_ioctl+0x125/0x5e0 [ 901.739030] ? ioctl_preallocate+0x210/0x210 [ 901.743455] ? selinux_file_mprotect+0x620/0x620 [ 901.748226] ? iterate_fd+0x360/0x360 [ 901.752040] ? nsecs_to_jiffies+0x30/0x30 [ 901.756208] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 901.761757] ? security_file_ioctl+0x8d/0xc0 [ 901.766182] ksys_ioctl+0xab/0xd0 [ 901.769654] __x64_sys_ioctl+0x73/0xb0 [ 901.773556] do_syscall_64+0xfd/0x620 [ 901.777374] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 901.782577] RIP: 0033:0x459829 [ 901.785778] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 901.804868] RSP: 002b:00007f9e06aa7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 901.812596] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 901.819879] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 901.827157] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 901.834439] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e06aa86d4 [ 901.841720] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 901.849023] CPU: 0 PID: 14149 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 901.853641] Mem-Info: [ 901.856056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 901.856062] Call Trace: [ 901.856096] dump_stack+0x172/0x1f0 [ 901.856116] warn_alloc.cold+0x7b/0x173 [ 901.858614] active_anon:71451 inactive_anon:202 isolated_anon:0 [ 901.858614] active_file:1362 inactive_file:5258 isolated_file:36 [ 901.858614] unevictable:0 dirty:551 writeback:0 unstable:0 [ 901.858614] slab_reclaimable:12537 slab_unreclaimable:104812 [ 901.858614] mapped:57150 shmem:252 pagetables:851 bounce:0 [ 901.858614] free:395734 free_pcp:850 free_cma:0 [ 901.867891] ? zone_watermark_ok_safe+0x260/0x260 [ 901.867909] ? __lock_is_held+0xb6/0x140 [ 901.867949] __alloc_pages_slowpath+0x220e/0x2870 [ 901.867983] ? warn_alloc+0x110/0x110 [ 901.871406] Node 0 active_anon:284944kB inactive_anon:808kB active_file:4800kB inactive_file:19064kB unevictable:0kB isolated(anon):0kB isolated(file):96kB mapped:135160kB dirty:1824kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 901.874179] ? __lock_is_held+0xb6/0x140 [ 901.874202] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 901.874217] ? should_fail+0x14d/0x85c [ 901.874238] ? __isolate_free_page+0x4c0/0x4c0 [ 901.878302] Node 1 active_anon:860kB inactive_anon:0kB active_file:648kB inactive_file:1968kB unevictable:0kB isolated(anon):0kB isolated(file):48kB mapped:93440kB dirty:380kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 901.911922] ? __might_sleep+0x95/0x190 [ 901.911945] __alloc_pages_nodemask+0x617/0x750 [ 901.911967] ? __alloc_pages_slowpath+0x2870/0x2870 [ 901.911992] ? wait_for_completion+0x440/0x440 [ 901.912008] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 901.912030] alloc_pages_current+0x107/0x210 [ 901.917563] Node 0 [ 901.920938] ion_page_pool_alloc+0x137/0x1d0 [ 901.920956] ion_system_heap_allocate+0x154/0xa90 [ 901.920976] ? ion_system_heap_free+0x250/0x250 [ 901.921000] ion_alloc+0x29b/0x900 [ 901.921023] ? ion_dma_buf_release+0x50/0x50 [ 901.927211] DMA free:10604kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 901.929679] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 901.929696] ? _copy_from_user+0xdd/0x150 [ 901.929716] ion_ioctl+0x17b/0x329 [ 901.929736] ? ion_alloc.cold+0x28/0x28 [ 901.959121] lowmem_reserve[]: [ 901.962024] ? __might_sleep+0x95/0x190 [ 901.962045] ? ion_alloc.cold+0x28/0x28 [ 901.962064] do_vfs_ioctl+0xd5f/0x1380 [ 901.962080] ? selinux_file_ioctl+0x46f/0x5e0 [ 901.962100] ? selinux_file_ioctl+0x125/0x5e0 [ 901.969234] 0 [ 901.971573] ? ioctl_preallocate+0x210/0x210 [ 901.971588] ? selinux_file_mprotect+0x620/0x620 [ 901.971611] ? iterate_fd+0x360/0x360 [ 901.971627] ? nsecs_to_jiffies+0x30/0x30 [ 901.971652] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 901.976434] 2555 [ 902.003161] ? security_file_ioctl+0x8d/0xc0 [ 902.003179] ksys_ioctl+0xab/0xd0 [ 902.003197] __x64_sys_ioctl+0x73/0xb0 [ 902.003214] do_syscall_64+0xfd/0x620 [ 902.003231] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 902.003243] RIP: 0033:0x459829 [ 902.003262] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 902.010316] 2557 [ 902.011905] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 902.011922] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 902.011931] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 902.011940] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 902.011954] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 902.017044] 2557 [ 902.021543] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 902.259584] Node 0 DMA32 free:167588kB min:36248kB low:45308kB high:54368kB active_anon:282896kB inactive_anon:808kB active_file:4800kB inactive_file:19164kB unevictable:0kB writepending:1824kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6912kB pagetables:2896kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 902.296555] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 902.309212] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 902.314732] CPU: 1 PID: 14151 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 902.321760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 902.331130] Call Trace: [ 902.333783] dump_stack+0x172/0x1f0 [ 902.337437] warn_alloc.cold+0x7b/0x173 [ 902.341434] ? zone_watermark_ok_safe+0x260/0x260 [ 902.346342] ? __lock_is_held+0xb6/0x140 [ 902.350457] __alloc_pages_slowpath+0x220e/0x2870 [ 902.355357] ? warn_alloc+0x110/0x110 [ 902.359171] ? __lock_is_held+0xb6/0x140 [ 902.363251] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 902.368805] ? should_fail+0x14d/0x85c [ 902.372801] ? __isolate_free_page+0x4c0/0x4c0 [ 902.377404] ? __might_sleep+0x95/0x190 [ 902.381404] __alloc_pages_nodemask+0x617/0x750 [ 902.386098] ? __alloc_pages_slowpath+0x2870/0x2870 [ 902.391145] ? wait_for_completion+0x440/0x440 [ 902.395742] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 902.401306] alloc_pages_current+0x107/0x210 [ 902.405742] ion_page_pool_alloc+0x137/0x1d0 [ 902.410170] ion_system_heap_allocate+0x154/0xa90 [ 902.415815] ? ion_system_heap_free+0x250/0x250 [ 902.420510] ion_alloc+0x29b/0x900 [ 902.424083] ? ion_dma_buf_release+0x50/0x50 [ 902.428514] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 902.434064] ? _copy_from_user+0xdd/0x150 [ 902.438230] ion_ioctl+0x17b/0x329 [ 902.441786] ? ion_alloc.cold+0x28/0x28 [ 902.445774] ? __might_sleep+0x95/0x190 [ 902.449765] ? ion_alloc.cold+0x28/0x28 [ 902.453756] do_vfs_ioctl+0xd5f/0x1380 [ 902.457675] ? selinux_file_ioctl+0x46f/0x5e0 [ 902.462185] ? selinux_file_ioctl+0x125/0x5e0 [ 902.466694] ? ioctl_preallocate+0x210/0x210 [ 902.471115] ? selinux_file_mprotect+0x620/0x620 [ 902.475915] ? iterate_fd+0x360/0x360 [ 902.479741] ? nsecs_to_jiffies+0x30/0x30 [ 902.483921] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 902.489480] ? security_file_ioctl+0x8d/0xc0 [ 902.493916] ksys_ioctl+0xab/0xd0 [ 902.497387] __x64_sys_ioctl+0x73/0xb0 [ 902.501299] do_syscall_64+0xfd/0x620 [ 902.505133] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 902.510329] RIP: 0033:0x459829 [ 902.513542] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 902.532461] RSP: 002b:00007f9e06a65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 902.540194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 902.547484] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 902.554771] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 902.562058] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e06a666d4 [ 902.569354] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 902.589740] lowmem_reserve[]: 0 0 2 2 [ 902.593617] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 902.639562] lowmem_reserve[]: 0 0 0 0 [ 902.643458] Node 1 Normal free:1423324kB min:53608kB low:67008kB high:80408kB active_anon:860kB inactive_anon:0kB active_file:648kB inactive_file:1968kB unevictable:0kB writepending:380kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:508kB bounce:0kB free_pcp:1312kB local_pcp:0kB free_cma:0kB [ 902.700421] lowmem_reserve[]: 0 0 0 0 [ 902.704318] Node 0 DMA: 34*4kB (UE) 35*8kB (UE) 28*16kB (U) 29*32kB (UE) 8*64kB (UE) 2*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10496kB [ 902.739553] Node 0 DMA32: 219*4kB (UME) 5267*8kB (UME) 3495*16kB (UME) 2640*32kB (UME) 6*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 183796kB [ 902.769546] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 902.789543] Node 1 Normal: 67134*4kB (UE) 45076*8kB (UME) 26786*16kB (UE) 11644*32kB (UE) 1322*64kB (U) 119*128kB (U) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 1530424kB [ 902.819542] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 902.828445] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 902.849536] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 902.858438] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 902.889532] 6904 total pagecache pages [ 902.893493] 0 pages in swap cache [ 902.896997] Swap cache stats: add 0, delete 0, find 0/0 [ 902.909555] Free swap = 0kB [ 902.912629] Total swap = 0kB [ 902.915658] 1965979 pages RAM [ 902.918781] 0 pages HighMem/MovableOnly [ 902.939549] 338856 pages reserved [ 902.943055] 0 pages cma reserved [ 902.946469] warn_alloc_show_mem: 1 callbacks suppressed [ 902.946473] Mem-Info: [ 902.989580] active_anon:71468 inactive_anon:202 isolated_anon:0 [ 902.989580] active_file:1367 inactive_file:5285 isolated_file:0 [ 902.989580] unevictable:0 dirty:562 writeback:0 unstable:0 [ 902.989580] slab_reclaimable:12530 slab_unreclaimable:104624 [ 902.989580] mapped:57150 shmem:252 pagetables:851 bounce:0 [ 902.989580] free:444089 free_pcp:739 free_cma:0 [ 903.082495] Node 0 active_anon:285012kB inactive_anon:808kB active_file:4820kB inactive_file:19172kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:135160kB dirty:1868kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 903.199596] Node 1 active_anon:860kB inactive_anon:0kB active_file:648kB inactive_file:1968kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:93440kB dirty:380kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 903.300170] Node 0 DMA free:10480kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 903.355465] lowmem_reserve[]: 0 2555 2557 2557 [ 903.363952] Node 0 DMA32 free:83808kB min:36248kB low:45308kB high:54368kB active_anon:282964kB inactive_anon:808kB active_file:4820kB inactive_file:19172kB unevictable:0kB writepending:1868kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6848kB pagetables:2896kB bounce:0kB free_pcp:1264kB local_pcp:1260kB free_cma:0kB [ 903.402776] lowmem_reserve[]: 0 0 2 2 [ 903.406821] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 903.439619] lowmem_reserve[]: 0 0 0 0 [ 903.443632] Node 1 Normal free:1709052kB min:53608kB low:67008kB high:80408kB active_anon:860kB inactive_anon:0kB active_file:648kB inactive_file:1968kB unevictable:0kB writepending:380kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:508kB bounce:0kB free_pcp:1652kB local_pcp:1440kB free_cma:0kB [ 903.526185] lowmem_reserve[]: 0 0 0 0 [ 903.541174] Node 0 DMA: 34*4kB (UE) 35*8kB (UE) 28*16kB (U) 29*32kB (UE) 8*64kB (UE) 2*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10496kB [ 903.608945] Node 0 DMA32: 30*4kB (UE) 3054*8kB (UME) 24*16kB (UME) 1359*32kB (UME) 8*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 68936kB [ 903.659396] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 903.696016] Node 1 Normal: 56174*4kB (UE) 42415*8kB (UME) 26947*16kB (UE) 14490*32kB (UE) 4304*64kB (U) 415*128kB (U) 10*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 1789984kB [ 903.759547] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 903.768452] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 903.799538] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 903.808435] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 903.839524] 6912 total pagecache pages [ 903.843486] 0 pages in swap cache [ 903.846954] Swap cache stats: add 0, delete 0, find 0/0 [ 903.889554] Free swap = 0kB [ 903.892631] Total swap = 0kB [ 903.895653] 1965979 pages RAM [ 903.898761] 0 pages HighMem/MovableOnly [ 903.919564] 338856 pages reserved [ 903.924682] 0 pages cma reserved 04:53:39 executing program 0: socket$alg(0x26, 0x5, 0x0) syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x800, 0x40080) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0xfffffffffffffffb, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008000100000007e10500ac14341b080003000800e80f01"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000180)='y\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$rxrpc(r2, &(0x7f0000000200)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e21, 0x4f25, @loopback, 0xff}}, 0x24) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) 04:53:39 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x15c, 0x10, 0x0, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24}]}, 0x15c}}, 0x0) 04:53:41 executing program 5: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1, 0x0, 0xffffffffffffffff, 0xffffffff00000000}) 04:53:41 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x58) 04:53:41 executing program 3: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) r1 = accept4$x25(0xffffffffffffffff, &(0x7f0000000240)={0x9, @remote}, &(0x7f0000000200)=0xb, 0x80800) ioctl$SIOCX25GDTEFACILITIES(r1, 0x89ea, &(0x7f0000000140)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r3 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x200102) ioctl$KVM_SET_TSC_KHZ(r3, 0xaea2, 0xff) ioctl$UI_END_FF_UPLOAD(r3, 0x406855c9, &(0x7f0000000180)={0xe, 0x400, {0x54, 0x1800000000000000, 0x5, {0xe00, 0x6f8}, {0x0, 0x8}, @const={0x7b9b, {0x5a, 0x0, 0xfffffffffffff019, 0x7}}}, {0x51, 0x2, 0x8001, {0x7782, 0x1}, {0xffff, 0x8}, @cond=[{0x9, 0x1f, 0x400, 0x9, 0x5, 0x3}, {0x7, 0x6, 0x1, 0xfa, 0x0, 0x5}]}}) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) ioctl$CAPI_INSTALLED(r3, 0x80024322) 04:53:41 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc42000000ff55b500002e900800000000080008000100000007e10500ac33e8419de633534fb3aa7ce1"], 0x1}}, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r2, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) 04:53:41 executing program 4: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl(r0, 0x1b37189c, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) r1 = socket$inet(0x2, 0xf, 0x6) getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000040)={'ah\x00'}, &(0x7f0000000080)=0x1e) 04:53:41 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x15c, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24}]}, 0x15c}}, 0x0) 04:53:41 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x15c, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24}]}, 0x15c}}, 0x0) 04:53:41 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x15c, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24}]}, 0x15c}}, 0x0) 04:53:41 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e90080000000008000800010000fdffe10500ac14341b080003000800e80f01"], 0x1}}, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r2, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) 04:53:41 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x15c, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24}]}, 0x15c}}, 0x0) 04:53:41 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x15c, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24}]}, 0x15c}}, 0x0) 04:53:41 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x15c, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24}]}, 0x15c}}, 0x0) [ 910.639873] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 910.652051] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 910.666855] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 910.671896] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 910.673133] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 910.692513] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 910.696510] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 910.725448] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 910.731974] CPU: 1 PID: 14203 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 910.739010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 910.739601] syz-executor.5 cpuset= [ 910.748372] Call Trace: [ 910.748398] dump_stack+0x172/0x1f0 [ 910.748418] warn_alloc.cold+0x7b/0x173 [ 910.748440] ? zone_watermark_ok_safe+0x260/0x260 [ 910.752057] syz-executor.3 cpuset= [ 910.754573] ? try_to_compact_pages+0x44/0xae0 [ 910.758179] syz3 [ 910.762176] __alloc_pages_slowpath+0x220e/0x2870 [ 910.781928] ? warn_alloc+0x110/0x110 [ 910.785744] ? __lock_is_held+0xb6/0x140 [ 910.789638] syz5 mems_allowed=0-1 [ 910.789845] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 910.789862] ? should_fail+0x14d/0x85c [ 910.802777] ? __isolate_free_page+0x4c0/0x4c0 [ 910.807385] ? __might_sleep+0x95/0x190 [ 910.811385] __alloc_pages_nodemask+0x617/0x750 [ 910.815078] mems_allowed=0-1 [ 910.816087] ? __alloc_pages_slowpath+0x2870/0x2870 [ 910.824219] ? wait_for_completion+0x440/0x440 [ 910.828816] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 910.834388] alloc_pages_current+0x107/0x210 [ 910.838821] ion_page_pool_alloc+0x137/0x1d0 [ 910.843247] ion_system_heap_allocate+0x154/0xa90 [ 910.848110] ? ion_system_heap_free+0x250/0x250 [ 910.852802] ion_alloc+0x29b/0x900 [ 910.856372] ? ion_dma_buf_release+0x50/0x50 [ 910.860807] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 910.866365] ? _copy_from_user+0xdd/0x150 [ 910.870532] ion_ioctl+0x17b/0x329 [ 910.874088] ? ion_alloc.cold+0x28/0x28 [ 910.878074] ? __might_sleep+0x95/0x190 [ 910.882086] ? ion_alloc.cold+0x28/0x28 [ 910.886073] do_vfs_ioctl+0xd5f/0x1380 [ 910.889973] ? selinux_file_ioctl+0x46f/0x5e0 [ 910.894478] ? selinux_file_ioctl+0x125/0x5e0 [ 910.898982] ? ioctl_preallocate+0x210/0x210 [ 910.903403] ? selinux_file_mprotect+0x620/0x620 [ 910.908178] ? iterate_fd+0x360/0x360 [ 910.911989] ? nsecs_to_jiffies+0x30/0x30 [ 910.916159] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 910.921707] ? security_file_ioctl+0x8d/0xc0 [ 910.926136] ksys_ioctl+0xab/0xd0 [ 910.929613] __x64_sys_ioctl+0x73/0xb0 [ 910.933517] do_syscall_64+0xfd/0x620 [ 910.937344] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 910.942539] RIP: 0033:0x459829 [ 910.945739] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 910.964652] RSP: 002b:00007f9e06a65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 910.972377] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 910.979658] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 910.986940] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 910.994222] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e06a666d4 [ 911.001510] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 911.008821] CPU: 0 PID: 14174 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 911.015898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 911.019998] syz-executor.3 cpuset= [ 911.025259] Call Trace: [ 911.025286] dump_stack+0x172/0x1f0 [ 911.025312] warn_alloc.cold+0x7b/0x173 [ 911.039027] ? zone_watermark_ok_safe+0x260/0x260 [ 911.039587] syz3 [ 911.043885] ? try_to_compact_pages+0x44/0xae0 [ 911.043952] mems_allowed=0-1 [ 911.045897] __alloc_pages_slowpath+0x220e/0x2870 [ 911.045932] ? warn_alloc+0x110/0x110 [ 911.062221] ? __lock_is_held+0xb6/0x140 [ 911.066300] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 911.071853] ? should_fail+0x14d/0x85c [ 911.075763] ? __isolate_free_page+0x4c0/0x4c0 [ 911.080359] ? __might_sleep+0x95/0x190 [ 911.084353] __alloc_pages_nodemask+0x617/0x750 [ 911.089045] ? __alloc_pages_slowpath+0x2870/0x2870 [ 911.094089] ? wait_for_completion+0x440/0x440 [ 911.098685] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 911.104243] alloc_pages_current+0x107/0x210 [ 911.108669] ion_page_pool_alloc+0x137/0x1d0 [ 911.113091] ion_system_heap_allocate+0x154/0xa90 [ 911.117953] ? ion_system_heap_free+0x250/0x250 [ 911.122645] ion_alloc+0x29b/0x900 [ 911.126211] ? ion_dma_buf_release+0x50/0x50 [ 911.130652] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 911.136207] ? _copy_from_user+0xdd/0x150 [ 911.140376] ion_ioctl+0x17b/0x329 [ 911.143936] ? ion_alloc.cold+0x28/0x28 [ 911.147928] ? __might_sleep+0x95/0x190 [ 911.151919] ? ion_alloc.cold+0x28/0x28 [ 911.155907] do_vfs_ioctl+0xd5f/0x1380 [ 911.159809] ? selinux_file_ioctl+0x46f/0x5e0 [ 911.164316] ? selinux_file_ioctl+0x125/0x5e0 [ 911.168823] ? ioctl_preallocate+0x210/0x210 [ 911.173252] ? selinux_file_mprotect+0x620/0x620 [ 911.178027] ? iterate_fd+0x360/0x360 [ 911.181860] ? nsecs_to_jiffies+0x30/0x30 [ 911.186028] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 911.191578] ? security_file_ioctl+0x8d/0xc0 [ 911.196003] ksys_ioctl+0xab/0xd0 [ 911.199467] __x64_sys_ioctl+0x73/0xb0 [ 911.203377] do_syscall_64+0xfd/0x620 [ 911.207193] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 911.212388] RIP: 0033:0x459829 [ 911.215593] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 911.234507] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 911.242236] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 911.249537] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 911.256822] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 911.264107] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 911.271390] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 911.278702] CPU: 1 PID: 14202 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 911.285749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 911.295114] Call Trace: [ 911.297717] dump_stack+0x172/0x1f0 [ 911.301365] warn_alloc.cold+0x7b/0x173 [ 911.305362] ? zone_watermark_ok_safe+0x260/0x260 [ 911.310224] ? try_to_compact_pages+0x44/0xae0 [ 911.314839] __alloc_pages_slowpath+0x220e/0x2870 [ 911.319720] ? warn_alloc+0x110/0x110 [ 911.323541] ? __lock_is_held+0xb6/0x140 [ 911.327626] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 911.333173] ? should_fail+0x14d/0x85c [ 911.337078] ? __isolate_free_page+0x4c0/0x4c0 [ 911.341672] ? __might_sleep+0x95/0x190 [ 911.345666] __alloc_pages_nodemask+0x617/0x750 [ 911.350369] ? __alloc_pages_slowpath+0x2870/0x2870 [ 911.355411] ? wait_for_completion+0x440/0x440 [ 911.360002] ? retint_kernel+0x2d/0x2d [ 911.363900] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 911.369452] alloc_pages_current+0x107/0x210 [ 911.373878] ion_page_pool_alloc+0x137/0x1d0 [ 911.378298] ion_system_heap_allocate+0x154/0xa90 [ 911.383160] ? ion_system_heap_free+0x250/0x250 [ 911.387850] ion_alloc+0x29b/0x900 [ 911.391414] ? ion_dma_buf_release+0x50/0x50 [ 911.395845] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 911.401400] ? _copy_from_user+0xdd/0x150 [ 911.405568] ion_ioctl+0x17b/0x329 [ 911.409125] ? ion_alloc.cold+0x28/0x28 [ 911.413111] ? __might_sleep+0x95/0x190 [ 911.417105] ? ion_alloc.cold+0x28/0x28 [ 911.421091] do_vfs_ioctl+0xd5f/0x1380 [ 911.424992] ? selinux_file_ioctl+0x46f/0x5e0 [ 911.429494] ? selinux_file_ioctl+0x125/0x5e0 [ 911.434004] ? ioctl_preallocate+0x210/0x210 [ 911.438424] ? selinux_file_mprotect+0x620/0x620 [ 911.443196] ? iterate_fd+0x360/0x360 [ 911.447009] ? nsecs_to_jiffies+0x30/0x30 [ 911.451218] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 911.456777] ? security_file_ioctl+0x8d/0xc0 [ 911.461199] ksys_ioctl+0xab/0xd0 [ 911.464665] __x64_sys_ioctl+0x73/0xb0 [ 911.468566] do_syscall_64+0xfd/0x620 [ 911.472385] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 911.477578] RIP: 0033:0x459829 [ 911.480777] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 911.499697] RSP: 002b:00007f71a5b36c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 911.507423] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 911.514707] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 911.521986] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 911.529267] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b376d4 [ 911.536555] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 911.543868] CPU: 0 PID: 14167 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 911.550922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 911.560289] Call Trace: [ 911.562906] dump_stack+0x172/0x1f0 [ 911.566560] warn_alloc.cold+0x7b/0x173 [ 911.570564] ? zone_watermark_ok_safe+0x260/0x260 [ 911.575436] ? try_to_compact_pages+0x44/0xae0 [ 911.580055] __alloc_pages_slowpath+0x220e/0x2870 [ 911.584943] ? warn_alloc+0x110/0x110 [ 911.588758] ? __lock_is_held+0xb6/0x140 [ 911.592844] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 911.598395] ? should_fail+0x14d/0x85c [ 911.602304] ? __isolate_free_page+0x4c0/0x4c0 [ 911.606902] ? __might_sleep+0x95/0x190 [ 911.610900] __alloc_pages_nodemask+0x617/0x750 [ 911.615598] ? __alloc_pages_slowpath+0x2870/0x2870 [ 911.620822] ? wait_for_completion+0x440/0x440 [ 911.625444] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 911.632501] alloc_pages_current+0x107/0x210 [ 911.636937] ion_page_pool_alloc+0x137/0x1d0 [ 911.641372] ion_system_heap_allocate+0x154/0xa90 [ 911.646252] ? ion_system_heap_free+0x250/0x250 [ 911.650963] ion_alloc+0x29b/0x900 [ 911.654540] ? ion_dma_buf_release+0x50/0x50 [ 911.658989] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 911.664559] ? _copy_from_user+0xdd/0x150 [ 911.668737] ion_ioctl+0x17b/0x329 [ 911.672305] ? ion_alloc.cold+0x28/0x28 [ 911.676314] ? __might_sleep+0x95/0x190 [ 911.680318] ? ion_alloc.cold+0x28/0x28 [ 911.684317] do_vfs_ioctl+0xd5f/0x1380 [ 911.688231] ? selinux_file_ioctl+0x46f/0x5e0 [ 911.692754] ? selinux_file_ioctl+0x125/0x5e0 [ 911.697284] ? ioctl_preallocate+0x210/0x210 [ 911.701719] ? selinux_file_mprotect+0x620/0x620 [ 911.706531] ? iterate_fd+0x360/0x360 [ 911.710357] ? nsecs_to_jiffies+0x30/0x30 [ 911.714546] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 911.720108] ? security_file_ioctl+0x8d/0xc0 [ 911.724549] ksys_ioctl+0xab/0xd0 [ 911.728036] __x64_sys_ioctl+0x73/0xb0 [ 911.731958] do_syscall_64+0xfd/0x620 [ 911.736571] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 911.741778] RIP: 0033:0x459829 [ 911.744990] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 911.763910] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 911.771639] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 911.778928] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 911.786218] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 911.793505] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 911.800790] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 911.812444] Mem-Info: [ 911.814945] active_anon:71465 inactive_anon:202 isolated_anon:0 [ 911.814945] active_file:1319 inactive_file:2918 isolated_file:0 [ 911.814945] unevictable:0 dirty:82 writeback:0 unstable:0 [ 911.814945] slab_reclaimable:12538 slab_unreclaimable:105532 [ 911.814945] mapped:55248 shmem:252 pagetables:873 bounce:0 [ 911.814945] free:491468 free_pcp:593 free_cma:0 [ 911.820328] syz-executor.4 cpuset= [ 911.848979] Node 0 active_anon:284704kB inactive_anon:808kB active_file:3460kB inactive_file:9908kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:126544kB dirty:312kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 911.856263] syz4 [ 911.881397] Node 1 active_anon:1168kB inactive_anon:0kB active_file:1884kB inactive_file:1764kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:94300kB dirty:16kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 911.887090] mems_allowed=0-1 [ 911.910911] Node 0 DMA free:10484kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 911.923015] CPU: 0 PID: 14166 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 911.941883] lowmem_reserve[]: [ 911.947074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 911.947080] Call Trace: [ 911.947105] dump_stack+0x172/0x1f0 [ 911.947125] warn_alloc.cold+0x7b/0x173 [ 911.950847] 0 [ 911.959610] ? zone_watermark_ok_safe+0x260/0x260 [ 911.959631] ? try_to_compact_pages+0x44/0xae0 [ 911.959663] __alloc_pages_slowpath+0x220e/0x2870 [ 911.959695] ? warn_alloc+0x110/0x110 [ 911.959710] ? __lock_is_held+0xb6/0x140 [ 911.959732] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 911.989021] 2555 [ 911.989772] ? should_fail+0x14d/0x85c [ 911.989793] ? __isolate_free_page+0x4c0/0x4c0 [ 911.989813] ? __might_sleep+0x95/0x190 [ 911.989833] __alloc_pages_nodemask+0x617/0x750 [ 911.989867] ? __alloc_pages_slowpath+0x2870/0x2870 [ 911.995321] 2557 [ 911.999506] ? wait_for_completion+0x440/0x440 [ 911.999519] ? retint_kernel+0x2d/0x2d [ 911.999534] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 911.999555] alloc_pages_current+0x107/0x210 [ 911.999573] ion_page_pool_alloc+0x137/0x1d0 [ 911.999587] ion_system_heap_allocate+0x154/0xa90 [ 911.999609] ? ion_system_heap_free+0x250/0x250 [ 912.019602] 2557 [ 912.023795] ion_alloc+0x29b/0x900 [ 912.023825] ? ion_dma_buf_release+0x50/0x50 [ 912.039917] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 912.039939] ? _copy_from_user+0xdd/0x150 [ 912.039959] ion_ioctl+0x17b/0x329 [ 912.039976] ? ion_alloc.cold+0x28/0x28 [ 912.039994] ? __might_sleep+0x95/0x190 [ 912.040011] ? ion_alloc.cold+0x28/0x28 [ 912.040029] do_vfs_ioctl+0xd5f/0x1380 [ 912.064868] Node 0 [ 912.068476] ? selinux_file_ioctl+0x46f/0x5e0 [ 912.068495] ? selinux_file_ioctl+0x125/0x5e0 [ 912.103162] DMA32 free:1053168kB min:36248kB low:45308kB high:54368kB active_anon:282656kB inactive_anon:808kB active_file:3460kB inactive_file:9908kB unevictable:0kB writepending:312kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6880kB pagetables:2880kB bounce:0kB free_pcp:1760kB local_pcp:176kB free_cma:0kB [ 912.104224] ? ioctl_preallocate+0x210/0x210 [ 912.126706] lowmem_reserve[]: [ 912.137704] ? selinux_file_mprotect+0x620/0x620 [ 912.137727] ? iterate_fd+0x360/0x360 [ 912.137742] ? nsecs_to_jiffies+0x30/0x30 [ 912.137772] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 912.137788] ? security_file_ioctl+0x8d/0xc0 [ 912.137809] ksys_ioctl+0xab/0xd0 [ 912.171422] __x64_sys_ioctl+0x73/0xb0 [ 912.175336] do_syscall_64+0xfd/0x620 [ 912.179202] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 912.184411] RIP: 0033:0x459829 [ 912.187619] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 912.190823] 0 [ 912.206538] RSP: 002b:00007f9e06aa7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 912.206553] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 912.206562] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 912.206570] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 912.206577] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e06aa86d4 [ 912.206585] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 912.214786] CPU: 0 PID: 14181 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 912.259559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 912.268930] Call Trace: [ 912.271543] dump_stack+0x172/0x1f0 [ 912.275197] warn_alloc.cold+0x7b/0x173 [ 912.279193] ? zone_watermark_ok_safe+0x260/0x260 [ 912.284066] ? try_to_compact_pages+0x44/0xae0 [ 912.288687] __alloc_pages_slowpath+0x220e/0x2870 [ 912.293575] ? warn_alloc+0x110/0x110 [ 912.296495] 0 [ 912.297387] ? __lock_is_held+0xb6/0x140 [ 912.297412] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 912.299257] 2 [ 912.303266] ? should_fail+0x14d/0x85c [ 912.303287] ? __isolate_free_page+0x4c0/0x4c0 [ 912.303305] ? __might_sleep+0x95/0x190 [ 912.303325] __alloc_pages_nodemask+0x617/0x750 [ 912.303346] ? __alloc_pages_slowpath+0x2870/0x2870 [ 912.303370] ? wait_for_completion+0x440/0x440 [ 912.328449] 2 [ 912.333065] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 912.333088] alloc_pages_current+0x107/0x210 [ 912.333107] ion_page_pool_alloc+0x137/0x1d0 [ 912.333123] ion_system_heap_allocate+0x154/0xa90 [ 912.333146] ? ion_system_heap_free+0x250/0x250 [ 912.363409] ion_alloc+0x29b/0x900 [ 912.366988] ? ion_dma_buf_release+0x50/0x50 [ 912.371426] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 912.371443] ? _copy_from_user+0xdd/0x150 [ 912.371463] ion_ioctl+0x17b/0x329 [ 912.371480] ? ion_alloc.cold+0x28/0x28 [ 912.371499] ? __might_sleep+0x95/0x190 [ 912.388691] Node 0 [ 912.388738] ? ion_alloc.cold+0x28/0x28 [ 912.398933] do_vfs_ioctl+0xd5f/0x1380 [ 912.402853] ? selinux_file_ioctl+0x46f/0x5e0 [ 912.407372] ? selinux_file_ioctl+0x125/0x5e0 [ 912.408832] Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 912.411884] ? ioctl_preallocate+0x210/0x210 [ 912.411899] ? selinux_file_mprotect+0x620/0x620 [ 912.411920] ? iterate_fd+0x360/0x360 [ 912.411935] ? nsecs_to_jiffies+0x30/0x30 [ 912.411956] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 912.411973] ? security_file_ioctl+0x8d/0xc0 [ 912.411991] ksys_ioctl+0xab/0xd0 [ 912.467952] __x64_sys_ioctl+0x73/0xb0 [ 912.471895] do_syscall_64+0xfd/0x620 [ 912.475718] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 912.480919] RIP: 0033:0x459829 [ 912.484127] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 912.503050] RSP: 002b:00007f8d57f6dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 912.510787] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 912.518095] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 912.525393] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 912.532689] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f6e6d4 [ 912.539982] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 912.566770] lowmem_reserve[]: 0 0 0 0 [ 912.586862] Node 1 Normal free:902332kB min:53608kB low:67008kB high:80408kB active_anon:1168kB inactive_anon:0kB active_file:1884kB inactive_file:1764kB unevictable:0kB writepending:16kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:568kB bounce:0kB free_pcp:840kB local_pcp:0kB free_cma:0kB [ 912.623824] lowmem_reserve[]: 0 0 0 0 [ 912.665307] Node 0 DMA: 19*4kB (UE) 29*8kB (UE) 24*16kB (U) 24*32kB (UE) 9*64kB (UE) 4*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10484kB [ 912.691509] Node 0 DMA32: 125*4kB (ME) 2327*8kB (UE) 19512*16kB (UME) 8663*32kB (UM) 942*64kB (UM) 32*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 672908kB [ 912.756073] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 912.778531] Node 1 Normal: 18891*4kB (UME) 20244*8kB (UME) 16993*16kB (UME) 12279*32kB (UE) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 902332kB [ 912.818420] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 912.833160] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 912.866213] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 912.903048] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 912.911809] 4530 total pagecache pages [ 912.915801] 0 pages in swap cache [ 912.919344] Swap cache stats: add 0, delete 0, find 0/0 [ 912.924899] Free swap = 0kB [ 912.928003] Total swap = 0kB [ 912.931183] 1965979 pages RAM [ 912.934377] 0 pages HighMem/MovableOnly [ 912.938428] 338856 pages reserved [ 912.942040] 0 pages cma reserved [ 914.554565] oom_reaper: reaped process 14202 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 914.610893] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 914.651656] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 914.656513] CPU: 1 PID: 7948 Comm: syz-fuzzer Not tainted 4.19.63 #37 [ 914.663107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 914.672485] Call Trace: [ 914.675103] dump_stack+0x172/0x1f0 [ 914.678767] dump_header+0x15e/0xa55 [ 914.682504] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 914.687660] ? ___ratelimit+0x60/0x595 [ 914.691578] ? do_raw_spin_unlock+0x57/0x270 [ 914.696020] oom_kill_process.cold+0x10/0x6ef [ 914.700550] ? lock_downgrade+0x810/0x810 [ 914.704771] out_of_memory+0x936/0x12d0 [ 914.708782] ? oom_killer_disable+0x280/0x280 [ 914.713311] ? mutex_trylock+0x18e/0x1e0 [ 914.717424] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 914.722397] __alloc_pages_slowpath+0x20af/0x2870 [ 914.727289] ? warn_alloc+0x110/0x110 [ 914.731112] ? __lock_is_held+0xb6/0x140 [ 914.735200] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 914.740765] ? should_fail+0x14d/0x85c [ 914.744690] ? __might_sleep+0x95/0x190 [ 914.748704] __alloc_pages_nodemask+0x617/0x750 [ 914.753404] ? kasan_check_read+0x11/0x20 [ 914.757586] ? __alloc_pages_slowpath+0x2870/0x2870 [ 914.762632] ? find_get_entry+0x3e8/0x820 [ 914.766815] ? filemap_map_pages+0x1130/0x1130 [ 914.771425] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 914.777001] alloc_pages_current+0x107/0x210 [ 914.781446] __page_cache_alloc+0x2bd/0x450 [ 914.785808] ? kasan_check_read+0x11/0x20 [ 914.789995] filemap_fault+0x10bb/0x2250 [ 914.794083] ? lock_downgrade+0x810/0x810 [ 914.798272] ? __lock_page_or_retry+0xdc0/0xdc0 [ 914.802990] ? lock_acquire+0x16f/0x3f0 [ 914.806989] ? ext4_filemap_fault+0x7b/0xaf [ 914.811359] ext4_filemap_fault+0x83/0xaf [ 914.815532] __do_fault+0x111/0x480 [ 914.819191] __handle_mm_fault+0x2d78/0x3f80 [ 914.823637] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 914.828524] ? count_memcg_event_mm+0x2b1/0x4d0 [ 914.833224] handle_mm_fault+0x1b5/0x690 [ 914.837319] __do_page_fault+0x62a/0xe90 [ 914.841418] ? vmalloc_fault+0x740/0x740 [ 914.845506] ? trace_hardirqs_off_caller+0x65/0x220 [ 914.850547] ? trace_hardirqs_on_caller+0x6a/0x220 [ 914.855502] ? page_fault+0x8/0x30 [ 914.859076] do_page_fault+0x71/0x57d [ 914.862902] ? page_fault+0x8/0x30 [ 914.866467] page_fault+0x1e/0x30 [ 914.869936] RIP: 0033:0x436713 [ 914.873156] Code: Bad RIP value. [ 914.876537] RSP: 002b:000000c42004ff28 EFLAGS: 00010212 [ 914.881918] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 000000000045ac23 [ 914.889207] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 914.896497] RBP: 000000c42004ff20 R08: 000000c42004ff08 R09: 0000000000000000 [ 914.903780] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000042f0a0 [ 914.911065] R13: 00000000000000f1 R14: 0000000000000011 R15: 0000000000000000 [ 914.937318] Mem-Info: [ 914.952628] active_anon:71385 inactive_anon:202 isolated_anon:0 [ 914.952628] active_file:23 inactive_file:27 isolated_file:1 [ 914.952628] unevictable:0 dirty:0 writeback:0 unstable:0 [ 914.952628] slab_reclaimable:12513 slab_unreclaimable:105573 [ 914.952628] mapped:52244 shmem:252 pagetables:847 bounce:0 [ 914.952628] free:13716 free_pcp:124 free_cma:0 [ 915.012699] Node 0 active_anon:284380kB inactive_anon:808kB active_file:80kB inactive_file:100kB unevictable:0kB isolated(anon):0kB isolated(file):4kB mapped:117528kB dirty:0kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 915.058717] Node 1 active_anon:1160kB inactive_anon:0kB active_file:12kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91448kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 915.099316] Node 0 DMA free:10316kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 915.134964] lowmem_reserve[]: 0 2555 2557 2557 [ 915.140102] Node 0 DMA32 free:17896kB min:36248kB low:45308kB high:54368kB active_anon:282432kB inactive_anon:808kB active_file:80kB inactive_file:64kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6848kB pagetables:2820kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 915.190745] lowmem_reserve[]: 0 0 2 2 [ 915.194641] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 915.231887] lowmem_reserve[]: 0 0 0 0 [ 915.235777] Node 1 Normal free:26652kB min:53608kB low:67008kB high:80408kB active_anon:1160kB inactive_anon:0kB active_file:12kB inactive_file:8kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:568kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 915.293788] lowmem_reserve[]: 0 0 0 0 [ 915.297675] Node 0 DMA: 2*4kB (E) 17*8kB (UE) 24*16kB (U) 24*32kB (UE) 9*64kB (UE) 4*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10320kB [ 915.340122] Node 0 DMA32: 786*4kB (UME) 763*8kB (ME) 130*16kB (ME) 36*32kB (M) 24*64kB (UM) 32*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18112kB [ 915.354754] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 915.354763] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 915.354802] CPU: 0 PID: 14202 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 915.366654] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 915.371881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 915.371888] Call Trace: [ 915.371915] dump_stack+0x172/0x1f0 [ 915.371935] warn_alloc.cold+0x7b/0x173 [ 915.371953] ? zone_watermark_ok_safe+0x260/0x260 [ 915.371983] ? unreserve_highatomic_pageblock+0x31b/0x460 [ 915.420599] __alloc_pages_slowpath+0x220e/0x2870 [ 915.421646] Node 0 Normal: 0*4kB 0*8kB [ 915.425490] ? warn_alloc+0x110/0x110 [ 915.425511] ? __lock_is_held+0xb6/0x140 [ 915.437354] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 915.437855] syz-executor.5 cpuset= [ 915.442910] ? should_fail+0x14d/0x85c [ 915.442932] ? __might_sleep+0x95/0x190 [ 915.442953] __alloc_pages_nodemask+0x617/0x750 [ 915.442974] ? __alloc_pages_slowpath+0x2870/0x2870 [ 915.442992] ? retint_kernel+0x2d/0x2d [ 915.443010] ? wait_for_completion+0x440/0x440 [ 915.443026] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 915.443047] alloc_pages_current+0x107/0x210 [ 915.443065] ion_page_pool_alloc+0x137/0x1d0 [ 915.443083] ion_system_heap_allocate+0x154/0xa90 [ 915.458491] 0*16kB [ 915.459183] ? ion_system_heap_free+0x250/0x250 [ 915.479287] 0*32kB [ 915.482590] ion_alloc+0x29b/0x900 [ 915.482614] ? ion_dma_buf_release+0x50/0x50 [ 915.482639] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 915.482656] ? _copy_from_user+0xdd/0x150 [ 915.482675] ion_ioctl+0x17b/0x329 [ 915.482694] ? ion_alloc.cold+0x28/0x28 [ 915.487161] syz5 [ 915.491956] ? __might_sleep+0x95/0x190 [ 915.498713] 0*64kB [ 915.498864] ? ion_alloc.cold+0x28/0x28 [ 915.509586] 0*128kB [ 915.514552] do_vfs_ioctl+0xd5f/0x1380 [ 915.518691] 0*256kB [ 915.522233] ? selinux_file_ioctl+0x46f/0x5e0 [ 915.522246] ? selinux_file_ioctl+0x125/0x5e0 [ 915.522262] ? ioctl_preallocate+0x210/0x210 [ 915.522274] ? selinux_file_mprotect+0x620/0x620 [ 915.522294] ? iterate_fd+0x360/0x360 [ 915.522309] ? nsecs_to_jiffies+0x30/0x30 [ 915.522332] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 915.522349] ? security_file_ioctl+0x8d/0xc0 [ 915.522366] ksys_ioctl+0xab/0xd0 [ 915.522383] __x64_sys_ioctl+0x73/0xb0 [ 915.539056] mems_allowed=0-1 [ 915.540814] do_syscall_64+0xfd/0x620 [ 915.540834] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 915.540852] RIP: 0033:0x459829 [ 915.540877] Code: Bad RIP value. [ 915.540886] RSP: 002b:00007f71a5b36c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 915.540902] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 915.540917] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 915.569656] 0*512kB [ 915.573181] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 915.573196] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b376d4 [ 915.578741] 0*1024kB [ 915.583147] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 915.629048] CPU: 0 PID: 14167 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 915.654798] 0*2048kB [ 915.655301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 915.655312] Call Trace: [ 915.657737] 0*4096kB [ 915.665030] dump_stack+0x172/0x1f0 [ 915.665050] warn_alloc.cold+0x7b/0x173 [ 915.665068] ? zone_watermark_ok_safe+0x260/0x260 [ 915.665096] ? unreserve_highatomic_pageblock+0x31b/0x460 [ 915.665122] __alloc_pages_slowpath+0x220e/0x2870 [ 915.692138] = 0kB [ 915.692707] ? warn_alloc+0x110/0x110 [ 915.696671] Node 1 [ 915.701525] ? __lock_is_held+0xb6/0x140 [ 915.701547] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 915.701559] ? should_fail+0x14d/0x85c [ 915.701581] ? __might_sleep+0x95/0x190 [ 915.701603] __alloc_pages_nodemask+0x617/0x750 [ 915.701627] ? __alloc_pages_slowpath+0x2870/0x2870 [ 915.701651] ? wait_for_completion+0x440/0x440 [ 915.718830] Normal: [ 915.720144] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 915.720168] alloc_pages_current+0x107/0x210 [ 915.720187] ion_page_pool_alloc+0x137/0x1d0 [ 915.720202] ion_system_heap_allocate+0x154/0xa90 [ 915.720221] ? ion_system_heap_free+0x250/0x250 [ 915.720246] ion_alloc+0x29b/0x900 [ 915.724307] 37*4kB [ 915.729877] ? ion_dma_buf_release+0x50/0x50 [ 915.729901] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 915.729917] ? _copy_from_user+0xdd/0x150 [ 915.729935] ion_ioctl+0x17b/0x329 [ 915.729952] ? ion_alloc.cold+0x28/0x28 [ 915.729973] ? __might_sleep+0x95/0x190 [ 915.729990] ? ion_alloc.cold+0x28/0x28 [ 915.730008] do_vfs_ioctl+0xd5f/0x1380 [ 915.730027] ? selinux_file_ioctl+0x46f/0x5e0 [ 915.752633] (UME) [ 915.752989] ? selinux_file_ioctl+0x125/0x5e0 [ 915.755318] 33*8kB [ 915.761753] ? ioctl_preallocate+0x210/0x210 [ 915.761769] ? selinux_file_mprotect+0x620/0x620 [ 915.761789] ? iterate_fd+0x360/0x360 [ 915.761808] ? nsecs_to_jiffies+0x30/0x30 [ 915.761832] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 915.761862] ? security_file_ioctl+0x8d/0xc0 [ 915.761880] ksys_ioctl+0xab/0xd0 [ 915.770720] (ME) [ 915.775565] __x64_sys_ioctl+0x73/0xb0 [ 915.804740] 24*16kB [ 915.807582] do_syscall_64+0xfd/0x620 [ 915.833606] (UME) [ 915.837267] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 915.842100] 776*32kB [ 915.845856] RIP: 0033:0x459829 [ 915.870465] (UME) [ 915.871795] Code: Bad RIP value. [ 915.875586] 10*64kB [ 915.877723] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 915.892744] (UM) [ 915.894015] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 915.894030] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 915.896349] 1*128kB [ 915.904047] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 915.904055] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 915.904062] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 915.975541] (M) 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26652kB [ 915.985274] warn_alloc_show_mem: 5 callbacks suppressed [ 915.985280] Mem-Info: [ 916.009216] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 916.028266] active_anon:71382 inactive_anon:202 isolated_anon:0 [ 916.028266] active_file:15 inactive_file:13 isolated_file:0 [ 916.028266] unevictable:0 dirty:0 writeback:0 unstable:0 [ 916.028266] slab_reclaimable:12511 slab_unreclaimable:105552 [ 916.028266] mapped:52226 shmem:252 pagetables:847 bounce:0 [ 916.028266] free:13771 free_pcp:124 free_cma:0 [ 916.104334] Node 0 active_anon:284368kB inactive_anon:808kB active_file:48kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117456kB dirty:0kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 916.109533] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 916.132024] Node 1 active_anon:1160kB inactive_anon:0kB active_file:12kB inactive_file:508kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91748kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 916.132033] Node 0 DMA free:10320kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 916.132079] lowmem_reserve[]: [ 916.239543] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 916.279533] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 916.288151] 428 total pagecache pages [ 916.319553] 0 pages in swap cache [ 916.323057] Swap cache stats: add 0, delete 0, find 0/0 [ 916.328424] Free swap = 0kB [ 916.329522] 0 2555 2557 2557 [ 916.334584] Node 0 DMA32 free:84660kB min:36248kB low:45308kB high:54368kB active_anon:282320kB inactive_anon:808kB active_file:48kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6848kB pagetables:2820kB bounce:0kB free_pcp:36kB local_pcp:36kB free_cma:0kB [ 916.359534] Total swap = 0kB [ 916.366286] 1965979 pages RAM [ 916.369386] 0 pages HighMem/MovableOnly [ 916.399546] 338856 pages reserved [ 916.403059] 0 pages cma reserved [ 916.406435] Unreclaimable slab info: [ 916.439538] Name Used Total [ 916.445149] pid_2 44KB 160KB [ 916.479573] lowmem_reserve[]: 0 0 2 2 [ 916.483461] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 916.529591] batadv_tt_change_cache 10KB 15KB [ 916.535446] batadv_tl_cache 12KB 20KB [ 916.569608] TIPC 25KB 50KB [ 916.575042] SCTPv6 35KB 55KB [ 916.576317] lowmem_reserve[]: 0 0 0 0 [ 916.600011] DCCPv6 17KB 36KB [ 916.603454] Node 1 Normal free:1008920kB min:53608kB low:67008kB high:80408kB active_anon:1160kB inactive_anon:0kB active_file:112kB inactive_file:280kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:568kB bounce:0kB free_pcp:252kB local_pcp:32kB free_cma:0kB [ 916.603492] lowmem_reserve[]: 0 0 0 0 [ 916.603519] Node 0 DMA: 2*4kB (E) 17*8kB (UE) 24*16kB (U) 24*32kB (UE) 16*64kB [ 916.609522] DCCP 16KB 34KB [ 916.643712] (UE) [ 916.650360] bridge_fdb_cache 24KB 35KB [ 916.663887] fib6_nodes 249KB 256KB [ 916.669681] ip6_dst_cache 946KB 963KB [ 916.675383] RAWv6 156KB 169KB [ 916.680820] UDPv6 3KB 3KB [ 916.686210] TCPv6 23KB 29KB [ 916.691738] nf_conntrack 0KB 3KB [ 916.696435] 5*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) [ 916.697381] sd_ext_cdb 0KB 7KB [ 916.698044] 0*4096kB [ 916.705008] scsi_sense_cache 1056KB 1060KB [ 916.718066] virtio_scsi_cmd 16KB 16KB [ 916.723495] sgpool-128 8KB 8KB [ 916.728904] sgpool-64 4KB 12KB [ 916.735140] sgpool-32 2KB 15KB [ 916.741287] sgpool-16 1KB 7KB [ 916.749527] = 10896kB [ 916.751965] Node 0 DMA32: 345*4kB (UME) 764*8kB (UME) 131*16kB (UME) 36*32kB (M) 1418*64kB (UM) 359*128kB (UM) 16*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 151540kB [ 916.759520] sgpool-8 0KB 7KB [ 916.772923] mqueue_inode_cache 23KB 43KB [ 916.773050] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 916.805229] Node 1 Normal: 110*4kB (UME) 19*8kB (UME) 8*16kB (UME) 28*32kB (UME) 8932*64kB (UME) 2160*128kB (UM) 558*256kB (UM) 15*512kB (U) 5*1024kB (U) 2*2048kB (U) 0*4096kB = 1009488kB [ 916.805802] bio_post_read_ctx 14KB 15KB [ 916.828049] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 916.856651] bio-2 14KB 15KB [ 916.879539] jfs_mp 7KB 7KB [ 916.885026] nfs_commit_data 3KB 14KB [ 916.897246] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 916.919559] nfs_write_data 34KB 44KB [ 916.925003] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 916.925012] ext4_system_zone 1KB 7KB [ 916.925048] bio-1 1KB 7KB [ 916.938764] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 916.949565] fasync_cache 0KB 4KB [ 916.958936] pid_namespace 5KB 7KB [ 916.964900] rpc_buffers 17KB 25KB [ 916.970938] rpc_tasks 2KB 7KB [ 916.989532] UNIX 1321KB 1384KB [ 916.994970] tcp_bind_bucket 2KB 12KB [ 917.009902] inet_peer_cache 0KB 4KB [ 917.015323] xfrm_state 8KB 8KB [ 917.029523] ip_fib_trie 36KB 39KB [ 917.034924] ip_fib_alias 174KB 177KB [ 917.049578] 1843 total pagecache pages [ 917.053519] 0 pages in swap cache [ 917.055094] ip_dst_cache 4KB 20KB [ 917.056977] Swap cache stats: add 0, delete 0, find 0/0 [ 917.066321] RAW 92KB 115KB [ 917.079549] Free swap = 0kB [ 917.082939] Total swap = 0kB [ 917.085106] UDP 30KB 52KB [ 917.085971] 1965979 pages RAM [ 917.091575] TCP 8KB 16KB [ 917.094794] 0 pages HighMem/MovableOnly [ 917.104098] 338856 pages reserved [ 917.107545] 0 pages cma reserved [ 917.130401] hugetlbfs_inode_cache 2KB 15KB [ 917.136168] fscache_cookie_jar 1KB 11KB [ 917.141755] eventpoll_pwq 19KB 35KB [ 917.149516] eventpoll_epi 38KB 66KB [ 917.154905] inotify_inode_mark 27KB 63KB [ 917.169531] request_queue 163KB 163KB [ 917.174944] blkdev_requests 1KB 3KB [ 917.199555] blkdev_ioc 37KB 54KB [ 917.204988] bio-0 2040KB 2298KB [ 917.210502] biovec-max 3811KB 3910KB [ 917.219637] biovec-64 2165KB 2520KB [ 917.225037] biovec-16 251KB 382KB [ 917.230487] bio_integrity_payload 1KB 8KB [ 917.236222] khugepaged_mm_slot 5KB 19KB [ 917.241778] dmaengine-unmap-256 2KB 6KB [ 917.247333] dmaengine-unmap-128 1KB 3KB [ 917.252983] dmaengine-unmap-16 0KB 4KB [ 917.258458] dmaengine-unmap-2 0KB 3KB [ 917.279580] skbuff_fclone_cache 120KB 191KB [ 917.285199] skbuff_head_cache 7440KB 7781KB [ 917.299578] configfs_dir_cache 0KB 8KB [ 917.305083] file_lock_cache 0KB 3KB [ 917.319593] file_lock_ctx 0KB 3KB [ 917.325009] fsnotify_mark_connector 15KB 39KB [ 917.331035] net_namespace 130KB 139KB [ 917.336425] shmem_inode_cache 5126KB 5433KB [ 917.341893] task_delay_info 68KB 233KB [ 917.347285] taskstats 40KB 80KB [ 917.353089] proc_dir_entry 1115KB 1140KB [ 917.358472] pde_opener 0KB 3KB [ 917.363937] seq_file 161KB 307KB [ 917.369322] sigqueue 48KB 86KB [ 917.374768] kernfs_node_cache 13570KB 13592KB [ 917.380259] mnt_cache 192KB 200KB [ 917.385634] filp 2708KB 4177KB [ 917.391873] names_cache 43226KB 43282KB [ 917.397260] iint_cache 33KB 63KB [ 917.409521] hashtab_node 118KB 119KB [ 917.414923] ebitmap_node 1105KB 1114KB [ 917.429541] avtab_node 1012KB 1013KB [ 917.434951] avc_node 48KB 55KB [ 917.459766] selinux_file_security 171KB 329KB [ 917.469564] selinux_inode_security 3234KB 3488KB [ 917.475410] key_jar 4KB 11KB [ 917.499553] uts_namespace 7KB 15KB [ 917.504972] nsproxy 5KB 11KB [ 917.529695] vm_area_struct 2992KB 5611KB [ 917.555666] mm_struct 461KB 773KB [ 917.575951] fs_cache 41KB 96KB [ 917.581485] files_cache 163KB 258KB [ 917.586879] signal_cache 531KB 797KB [ 917.619567] sighand_cache 499KB 534KB [ 917.624990] task_struct 2314KB 2332KB [ 917.637808] cred_jar 284KB 608KB [ 917.643366] anon_vma_chain 1699KB 3496KB [ 917.648761] anon_vma 184KB 573KB [ 917.661858] pid 46KB 200KB [ 917.667310] Acpi-Operand 156KB 190KB [ 917.676865] Acpi-ParseExt 8KB 11KB [ 917.684401] Acpi-Parse 41KB 47KB [ 917.693957] Acpi-State 52KB 63KB [ 917.699396] Acpi-Namespace 20KB 23KB [ 917.706916] numa_policy 0KB 3KB [ 917.716496] debug_objects_cache 1278KB 1285KB [ 917.724252] trace_event_file 263KB 266KB [ 917.733828] ftrace_event_field 382KB 385KB [ 917.769556] pool_workqueue 116KB 128KB [ 917.774984] task_group 5KB 7KB [ 917.799610] page->ptl 648KB 1612KB [ 917.805076] kmalloc-2097152 2050KB 2050KB [ 917.810949] kmalloc-524288 2056KB 2056KB [ 917.816357] kmalloc-262144 1290KB 1290KB [ 917.822204] kmalloc-131072 650KB 650KB [ 917.839572] kmalloc-65536 36762KB 37488KB [ 917.845002] kmalloc-32768 3102KB 3168KB [ 917.859791] kmalloc-16384 990KB 1039KB [ 917.865223] kmalloc-8192 4628KB 4669KB [ 917.871118] kmalloc-4096 37867KB 37927KB [ 917.876534] kmalloc-2048 19696KB 19941KB [ 917.882355] kmalloc-1024 16270KB 16718KB [ 917.899402] kmalloc-512 12751KB 13031KB [ 917.906203] kmalloc-256 5557KB 5580KB [ 917.919621] kmalloc-128 1568KB 1582KB [ 917.925049] kmalloc-96 2495KB 2572KB [ 917.959580] kmalloc-64 3416KB 3500KB [ 917.965018] kmalloc-32 3446KB 3724KB [ 917.970960] kmalloc-192 3286KB 3404KB [ 917.976374] kmem_cache 248KB 255KB [ 917.982216] Out of memory: Kill process 14165 (syz-executor.4) score 1005 or sacrifice child [ 917.999605] Killed process 14166 (syz-executor.4) total-vm:72976kB, anon-rss:172kB, file-rss:34816kB, shmem-rss:0kB [ 918.039992] oom_reaper: reaped process 14166 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 918.414251] oom_reaper: reaped process 14174 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 918.487213] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 918.488684] rsyslogd invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 918.509023] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 918.527993] rsyslogd cpuset=/ mems_allowed=0-1 [ 918.528788] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 918.532858] syz-executor.3: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 918.538097] CPU: 1 PID: 14202 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 918.549920] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 918.556810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 918.556821] Call Trace: [ 918.580492] dump_stack+0x172/0x1f0 [ 918.584138] warn_alloc.cold+0x7b/0x173 [ 918.588126] ? zone_watermark_ok_safe+0x260/0x260 [ 918.589522] syz-executor.3 cpuset= [ 918.592985] ? try_to_compact_pages+0x44/0xae0 [ 918.592988] syz3 mems_allowed=0-1 [ 918.596553] __alloc_pages_slowpath+0x220e/0x2870 [ 918.601225] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 918.604622] ? warn_alloc+0x110/0x110 [ 918.609431] syz-executor.4 cpuset= [ 918.621148] ? __lock_is_held+0xb6/0x140 [ 918.621169] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 918.621181] ? should_fail+0x14d/0x85c [ 918.621201] ? __isolate_free_page+0x4c0/0x4c0 [ 918.621220] ? __might_sleep+0x95/0x190 [ 918.656661] __alloc_pages_nodemask+0x617/0x750 [ 918.661368] ? __alloc_pages_slowpath+0x2870/0x2870 [ 918.666408] ? find_held_lock+0x35/0x130 [ 918.669528] syz-executor.4 cpuset= [ 918.670484] ? wait_for_completion+0x440/0x440 [ 918.670486] syz4 mems_allowed=0-1 [ 918.674044] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 918.687623] alloc_pages_current+0x107/0x210 [ 918.692054] ion_page_pool_alloc+0x137/0x1d0 [ 918.696482] ion_system_heap_allocate+0x154/0xa90 [ 918.699526] syz4 mems_allowed=0-1 [ 918.701337] ? ion_system_heap_free+0x250/0x250 [ 918.701366] ion_alloc+0x475/0x900 [ 918.713025] ? ion_dma_buf_release+0x50/0x50 [ 918.717458] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 918.723015] ? _copy_from_user+0xdd/0x150 [ 918.727218] ion_ioctl+0x17b/0x329 [ 918.730780] ? ion_alloc.cold+0x28/0x28 [ 918.734771] ? __might_sleep+0x95/0x190 [ 918.738761] ? ion_alloc.cold+0x28/0x28 [ 918.742753] do_vfs_ioctl+0xd5f/0x1380 [ 918.746651] ? selinux_file_ioctl+0x46f/0x5e0 [ 918.751160] ? selinux_file_ioctl+0x125/0x5e0 [ 918.755671] ? ioctl_preallocate+0x210/0x210 [ 918.760108] ? selinux_file_mprotect+0x620/0x620 [ 918.764885] ? iterate_fd+0x360/0x360 [ 918.768695] ? nsecs_to_jiffies+0x30/0x30 [ 918.772863] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 918.778420] ? security_file_ioctl+0x8d/0xc0 [ 918.782844] ksys_ioctl+0xab/0xd0 [ 918.786318] __x64_sys_ioctl+0x73/0xb0 [ 918.790227] do_syscall_64+0xfd/0x620 [ 918.794057] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 918.799268] RIP: 0033:0x459829 [ 918.802485] Code: Bad RIP value. [ 918.805853] RSP: 002b:00007f71a5b36c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 918.813577] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 918.820858] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 918.828140] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 918.835426] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b376d4 [ 918.842708] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 918.850016] CPU: 0 PID: 14166 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 918.857060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 918.866421] Call Trace: [ 918.869028] dump_stack+0x172/0x1f0 [ 918.872670] warn_alloc.cold+0x7b/0x173 [ 918.876658] ? zone_watermark_ok_safe+0x260/0x260 [ 918.881537] __alloc_pages_slowpath+0x220e/0x2870 [ 918.886416] ? warn_alloc+0x110/0x110 [ 918.890227] ? __lock_is_held+0xb6/0x140 [ 918.894302] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 918.899856] ? should_fail+0x14d/0x85c [ 918.903766] ? __might_sleep+0x95/0x190 [ 918.907758] __alloc_pages_nodemask+0x617/0x750 [ 918.912450] ? __alloc_pages_slowpath+0x2870/0x2870 [ 918.917488] ? wait_for_completion+0x440/0x440 [ 918.922081] ? retint_kernel+0x2d/0x2d [ 918.925976] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 918.931529] alloc_pages_current+0x107/0x210 [ 918.935952] ion_page_pool_alloc+0x137/0x1d0 [ 918.940370] ion_system_heap_allocate+0x154/0xa90 [ 918.945226] ? ion_system_heap_free+0x250/0x250 [ 918.949913] ion_alloc+0x29b/0x900 [ 918.953469] ? ion_dma_buf_release+0x50/0x50 [ 918.957896] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 918.963444] ? _copy_from_user+0xdd/0x150 [ 918.967605] ion_ioctl+0x17b/0x329 [ 918.971155] ? ion_alloc.cold+0x28/0x28 [ 918.975140] ? __might_sleep+0x95/0x190 [ 918.979125] ? ion_alloc.cold+0x28/0x28 [ 918.983114] do_vfs_ioctl+0xd5f/0x1380 [ 918.987016] ? selinux_file_ioctl+0x46f/0x5e0 [ 918.991521] ? selinux_file_ioctl+0x125/0x5e0 [ 918.996031] ? ioctl_preallocate+0x210/0x210 [ 919.000448] ? selinux_file_mprotect+0x620/0x620 [ 919.005220] ? iterate_fd+0x360/0x360 [ 919.009026] ? nsecs_to_jiffies+0x30/0x30 [ 919.013191] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 919.018742] ? security_file_ioctl+0x8d/0xc0 [ 919.023161] ksys_ioctl+0xab/0xd0 [ 919.026628] __x64_sys_ioctl+0x73/0xb0 [ 919.030529] do_syscall_64+0xfd/0x620 [ 919.034433] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 919.039633] RIP: 0033:0x459829 [ 919.042846] Code: Bad RIP value. [ 919.046210] RSP: 002b:00007f9e06aa7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 919.053926] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 919.061201] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 919.068475] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 919.075753] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e06aa86d4 [ 919.083032] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 919.092010] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 919.095108] CPU: 1 PID: 14203 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 919.099562] syz-executor.3: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 919.104425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 919.104436] Call Trace: [ 919.128192] dump_stack+0x172/0x1f0 [ 919.131839] warn_alloc.cold+0x7b/0x173 [ 919.135823] ? zone_watermark_ok_safe+0x260/0x260 [ 919.140707] __alloc_pages_slowpath+0x220e/0x2870 [ 919.145582] ? warn_alloc+0x110/0x110 [ 919.149394] ? __lock_is_held+0xb6/0x140 [ 919.153472] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 919.159022] ? should_fail+0x14d/0x85c [ 919.162928] ? __might_sleep+0x95/0x190 [ 919.166950] __alloc_pages_nodemask+0x617/0x750 [ 919.169529] syz-executor.3 cpuset= [ 919.171643] ? __alloc_pages_slowpath+0x2870/0x2870 [ 919.171672] ? wait_for_completion+0x440/0x440 [ 919.184818] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 919.190387] alloc_pages_current+0x107/0x210 [ 919.191243] syz3 mems_allowed=0-1 [ 919.194821] ion_page_pool_alloc+0x137/0x1d0 [ 919.194838] ion_system_heap_allocate+0x154/0xa90 [ 919.207568] ? ion_system_heap_free+0x250/0x250 [ 919.212276] ion_alloc+0x29b/0x900 [ 919.215836] ? ion_dma_buf_release+0x50/0x50 [ 919.220265] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 919.225824] ? _copy_from_user+0xdd/0x150 [ 919.229991] ion_ioctl+0x17b/0x329 [ 919.233548] ? ion_alloc.cold+0x28/0x28 [ 919.237575] ? __might_sleep+0x95/0x190 [ 919.241566] ? ion_alloc.cold+0x28/0x28 [ 919.245552] do_vfs_ioctl+0xd5f/0x1380 [ 919.249449] ? selinux_file_ioctl+0x46f/0x5e0 [ 919.253966] ? selinux_file_ioctl+0x125/0x5e0 [ 919.258477] ? ioctl_preallocate+0x210/0x210 [ 919.262899] ? selinux_file_mprotect+0x620/0x620 [ 919.267674] ? iterate_fd+0x360/0x360 [ 919.271495] ? nsecs_to_jiffies+0x30/0x30 [ 919.275662] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 919.281222] ? security_file_ioctl+0x8d/0xc0 [ 919.285644] ksys_ioctl+0xab/0xd0 [ 919.289115] __x64_sys_ioctl+0x73/0xb0 [ 919.293029] do_syscall_64+0xfd/0x620 [ 919.296846] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 919.302041] RIP: 0033:0x459829 [ 919.305254] Code: Bad RIP value. [ 919.308623] RSP: 002b:00007f9e06a65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 919.316355] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 919.323633] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 919.330911] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 919.338185] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e06a666d4 [ 919.345466] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 919.352790] CPU: 0 PID: 14181 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 919.359835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 919.369203] Call Trace: [ 919.371814] dump_stack+0x172/0x1f0 [ 919.375466] warn_alloc.cold+0x7b/0x173 [ 919.379459] ? zone_watermark_ok_safe+0x260/0x260 [ 919.384345] __alloc_pages_slowpath+0x220e/0x2870 [ 919.389259] ? warn_alloc+0x110/0x110 [ 919.393073] ? __lock_is_held+0xb6/0x140 [ 919.397151] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 919.402705] ? should_fail+0x14d/0x85c [ 919.406617] ? __might_sleep+0x95/0x190 [ 919.410611] __alloc_pages_nodemask+0x617/0x750 [ 919.415301] ? __alloc_pages_slowpath+0x2870/0x2870 [ 919.420344] ? wait_for_completion+0x440/0x440 [ 919.424949] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 919.430508] alloc_pages_current+0x107/0x210 [ 919.434937] ion_page_pool_alloc+0x137/0x1d0 [ 919.439361] ion_system_heap_allocate+0x154/0xa90 [ 919.444241] ? ion_system_heap_free+0x250/0x250 [ 919.448936] ion_alloc+0x29b/0x900 [ 919.452500] ? ion_dma_buf_release+0x50/0x50 [ 919.455147] warn_alloc_show_mem: 1 callbacks suppressed [ 919.455152] Mem-Info: [ 919.456924] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 919.470242] ? _copy_from_user+0xdd/0x150 [ 919.474409] ion_ioctl+0x17b/0x329 [ 919.475080] active_anon:71327 inactive_anon:202 isolated_anon:0 [ 919.475080] active_file:14 inactive_file:14 isolated_file:0 [ 919.475080] unevictable:0 dirty:0 writeback:0 unstable:0 [ 919.475080] slab_reclaimable:12483 slab_unreclaimable:105203 [ 919.475080] mapped:52226 shmem:252 pagetables:847 bounce:0 [ 919.475080] free:13704 free_pcp:833 free_cma:0 [ 919.477985] ? ion_alloc.cold+0x28/0x28 [ 919.514885] ? __might_sleep+0x95/0x190 [ 919.518879] ? ion_alloc.cold+0x28/0x28 [ 919.522872] do_vfs_ioctl+0xd5f/0x1380 [ 919.526770] ? selinux_file_ioctl+0x46f/0x5e0 [ 919.531296] ? selinux_file_ioctl+0x125/0x5e0 [ 919.535804] ? ioctl_preallocate+0x210/0x210 [ 919.540223] ? selinux_file_mprotect+0x620/0x620 [ 919.544995] ? iterate_fd+0x360/0x360 [ 919.548807] ? nsecs_to_jiffies+0x30/0x30 [ 919.552985] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 919.558543] ? security_file_ioctl+0x8d/0xc0 [ 919.562973] ksys_ioctl+0xab/0xd0 [ 919.566442] __x64_sys_ioctl+0x73/0xb0 [ 919.570344] do_syscall_64+0xfd/0x620 [ 919.574164] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 919.575737] Node 0 active_anon:284148kB inactive_anon:808kB active_file:48kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117456kB dirty:0kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 919.579355] RIP: 0033:0x459829 [ 919.579381] Code: Bad RIP value. [ 919.613452] RSP: 002b:00007f8d57f6dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 919.621178] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 919.629967] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 919.637247] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 919.644532] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f6e6d4 [ 919.651818] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 919.653240] Node 1 active_anon:1160kB inactive_anon:0kB active_file:8kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91448kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 919.667704] CPU: 0 PID: 7801 Comm: rsyslogd Not tainted 4.19.63 #37 [ 919.692717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 919.702085] Call Trace: [ 919.705211] dump_stack+0x172/0x1f0 [ 919.708859] dump_header+0x15e/0xa55 [ 919.712589] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 919.717709] ? ___ratelimit+0x60/0x595 [ 919.721609] ? do_raw_spin_unlock+0x57/0x270 [ 919.726037] oom_kill_process.cold+0x10/0x6ef [ 919.730546] ? lock_downgrade+0x810/0x810 [ 919.734713] ? kasan_check_read+0x11/0x20 [ 919.739504] out_of_memory+0x936/0x12d0 [ 919.739555] Node 0 DMA free:10332kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 919.743525] ? oom_killer_disable+0x280/0x280 [ 919.743545] ? mutex_trylock+0x18e/0x1e0 [ 919.778508] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 919.783464] __alloc_pages_slowpath+0x20af/0x2870 [ 919.788341] ? warn_alloc+0x110/0x110 [ 919.792155] ? __lock_is_held+0xb6/0x140 [ 919.796229] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 919.801772] ? should_fail+0x14d/0x85c [ 919.805678] ? __might_sleep+0x95/0x190 [ 919.809669] __alloc_pages_nodemask+0x617/0x750 [ 919.814354] ? kasan_check_read+0x11/0x20 [ 919.818535] ? __alloc_pages_slowpath+0x2870/0x2870 [ 919.823560] ? find_get_entry+0x3e8/0x820 [ 919.827719] ? filemap_map_pages+0x1130/0x1130 [ 919.832317] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 919.837878] alloc_pages_current+0x107/0x210 [ 919.842304] __page_cache_alloc+0x2bd/0x450 [ 919.846637] ? kasan_check_read+0x11/0x20 [ 919.850805] filemap_fault+0x10bb/0x2250 [ 919.854889] ? lock_downgrade+0x810/0x810 [ 919.859064] ? __lock_page_or_retry+0xdc0/0xdc0 [ 919.863746] ? lock_acquire+0x16f/0x3f0 [ 919.867737] ? ext4_filemap_fault+0x7b/0xaf [ 919.872082] ext4_filemap_fault+0x83/0xaf [ 919.876243] __do_fault+0x111/0x480 [ 919.879519] lowmem_reserve[]: 0 [ 919.879885] __handle_mm_fault+0x2d78/0x3f80 [ 919.879905] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 919.883182] 2555 [ 919.887630] ? count_memcg_event_mm+0x2b1/0x4d0 [ 919.899171] handle_mm_fault+0x1b5/0x690 [ 919.903249] __do_page_fault+0x62a/0xe90 [ 919.907324] ? ksys_read+0x1f1/0x2d0 [ 919.911056] ? vmalloc_fault+0x740/0x740 [ 919.915127] ? trace_hardirqs_off_caller+0x65/0x220 [ 919.920153] ? trace_hardirqs_on_caller+0x6a/0x220 [ 919.925095] ? page_fault+0x8/0x30 [ 919.928646] do_page_fault+0x71/0x57d [ 919.932456] ? page_fault+0x8/0x30 [ 919.935293] 2557 2557 [ 919.936012] page_fault+0x1e/0x30 [ 919.936040] RIP: 0033:0x7f334cd9a1fd [ 919.942000] Code: Bad RIP value. [ 919.942008] RSP: 002b:00007f334a339e30 EFLAGS: 00010293 [ 919.942020] RAX: 0000000000000077 RBX: 0000000000b924b0 RCX: 00007f334cd9a1fd [ 919.942027] RDX: 0000000000000fff RSI: 00007f334bb6e5a0 RDI: 0000000000000004 [ 919.942034] RBP: 0000000000000000 R08: 0000000000b7d260 R09: 0000000004000001 [ 919.942042] R10: 0000000000000001 R11: 0000000000000293 R12: 000000000065e420 [ 919.942049] R13: 00007f334a33a9c0 R14: 00007f334d3df040 R15: 0000000000000003 [ 919.991493] CPU: 1 PID: 14174 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 919.998527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 920.007889] Call Trace: [ 920.010500] dump_stack+0x172/0x1f0 [ 920.014152] warn_alloc.cold+0x7b/0x173 [ 920.018136] ? zone_watermark_ok_safe+0x260/0x260 [ 920.023015] __alloc_pages_slowpath+0x220e/0x2870 [ 920.027903] ? warn_alloc+0x110/0x110 [ 920.031718] ? __lock_is_held+0xb6/0x140 [ 920.035792] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 920.041350] ? should_fail+0x14d/0x85c [ 920.045265] ? __might_sleep+0x95/0x190 [ 920.049259] __alloc_pages_nodemask+0x617/0x750 [ 920.053951] ? __alloc_pages_slowpath+0x2870/0x2870 [ 920.058991] ? wait_for_completion+0x440/0x440 [ 920.063587] ? kasan_check_write+0x14/0x20 [ 920.067834] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 920.073389] alloc_pages_current+0x107/0x210 [ 920.077813] ion_page_pool_alloc+0x137/0x1d0 [ 920.082233] ion_system_heap_allocate+0x154/0xa90 [ 920.087089] ? ion_system_heap_free+0x250/0x250 [ 920.091782] ion_alloc+0x29b/0x900 [ 920.095338] ? ion_dma_buf_release+0x50/0x50 [ 920.099772] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 920.105318] ? _copy_from_user+0xdd/0x150 [ 920.109485] ion_ioctl+0x17b/0x329 [ 920.113047] ? ion_alloc.cold+0x28/0x28 [ 920.117035] ? __might_sleep+0x95/0x190 [ 920.121022] ? ion_alloc.cold+0x28/0x28 [ 920.125008] do_vfs_ioctl+0xd5f/0x1380 [ 920.128907] ? selinux_file_ioctl+0x46f/0x5e0 [ 920.133411] ? selinux_file_ioctl+0x125/0x5e0 [ 920.137916] ? ioctl_preallocate+0x210/0x210 [ 920.142337] ? selinux_file_mprotect+0x620/0x620 [ 920.147119] ? iterate_fd+0x360/0x360 [ 920.150933] ? nsecs_to_jiffies+0x30/0x30 [ 920.155118] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 920.159525] Mem-Info: [ 920.160674] ? security_file_ioctl+0x8d/0xc0 [ 920.163102] active_anon:71327 inactive_anon:202 isolated_anon:0 [ 920.163102] active_file:14 inactive_file:14 isolated_file:0 [ 920.163102] unevictable:0 dirty:0 writeback:0 unstable:0 [ 920.163102] slab_reclaimable:12483 slab_unreclaimable:105202 [ 920.163102] mapped:52226 shmem:252 pagetables:847 bounce:0 [ 920.163102] free:56355 free_pcp:820 free_cma:0 [ 920.167512] ksys_ioctl+0xab/0xd0 [ 920.203872] __x64_sys_ioctl+0x73/0xb0 [ 920.207783] do_syscall_64+0xfd/0x620 [ 920.211604] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 920.216816] RIP: 0033:0x459829 [ 920.220028] Code: Bad RIP value. [ 920.223396] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 920.231115] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 920.238396] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 920.245676] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 920.252953] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 920.260236] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 920.268732] CPU: 1 PID: 14167 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 920.275770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 920.277147] Node 0 active_anon:284148kB inactive_anon:808kB active_file:48kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117456kB dirty:0kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 920.285137] Call Trace: [ 920.285166] dump_stack+0x172/0x1f0 [ 920.285185] warn_alloc.cold+0x7b/0x173 [ 920.285212] ? zone_watermark_ok_safe+0x260/0x260 [ 920.327783] ? try_to_compact_pages+0x44/0xae0 [ 920.332410] __alloc_pages_slowpath+0x220e/0x2870 [ 920.337311] ? warn_alloc+0x110/0x110 [ 920.339608] Node 1 active_anon:1160kB inactive_anon:0kB active_file:8kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91448kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 920.341132] ? __lock_is_held+0xb6/0x140 [ 920.371600] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 920.377155] ? should_fail+0x14d/0x85c [ 920.381062] ? __isolate_free_page+0x4c0/0x4c0 [ 920.385887] ? __might_sleep+0x95/0x190 [ 920.389886] __alloc_pages_nodemask+0x617/0x750 [ 920.394580] ? __alloc_pages_slowpath+0x2870/0x2870 [ 920.399627] ? wait_for_completion+0x440/0x440 [ 920.404225] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 920.409792] alloc_pages_current+0x107/0x210 [ 920.414219] ion_page_pool_alloc+0x137/0x1d0 [ 920.418643] ion_system_heap_allocate+0x154/0xa90 [ 920.419546] Node 0 DMA free:10332kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 920.423528] ? ion_system_heap_free+0x250/0x250 [ 920.423553] ion_alloc+0x475/0x900 [ 920.458165] ? ion_dma_buf_release+0x50/0x50 [ 920.462605] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 920.468160] ? _copy_from_user+0xdd/0x150 [ 920.472327] ion_ioctl+0x17b/0x329 [ 920.475890] ? ion_alloc.cold+0x28/0x28 [ 920.479901] ? __might_sleep+0x95/0x190 [ 920.483899] ? ion_alloc.cold+0x28/0x28 [ 920.487885] do_vfs_ioctl+0xd5f/0x1380 [ 920.489520] lowmem_reserve[]: [ 920.491782] ? selinux_file_ioctl+0x46f/0x5e0 [ 920.491786] 0 2555 [ 920.494928] ? selinux_file_ioctl+0x125/0x5e0 [ 920.506237] ? ioctl_preallocate+0x210/0x210 [ 920.509548] 2557 [ 920.510658] ? selinux_file_mprotect+0x620/0x620 [ 920.510661] 2557 [ 920.512733] ? iterate_fd+0x360/0x360 [ 920.517479] Node 0 [ 920.519538] ? nsecs_to_jiffies+0x30/0x30 [ 920.519560] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 920.519578] ? security_file_ioctl+0x8d/0xc0 [ 920.519596] ksys_ioctl+0xab/0xd0 [ 920.523428] DMA32 free:179232kB min:36248kB low:45308kB high:54368kB active_anon:282100kB inactive_anon:808kB active_file:48kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6848kB pagetables:2820kB bounce:0kB free_pcp:2312kB local_pcp:1484kB free_cma:0kB [ 920.525637] __x64_sys_ioctl+0x73/0xb0 [ 920.559533] lowmem_reserve[]: [ 920.571661] do_syscall_64+0xfd/0x620 [ 920.571681] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 920.571694] RIP: 0033:0x459829 [ 920.571719] Code: Bad RIP value. [ 920.594250] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 920.599550] 0 [ 920.601998] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 920.602014] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 920.603831] 0 [ 920.612234] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 920.612242] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 920.612250] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 920.617612] warn_alloc_show_mem: 1 callbacks suppressed [ 920.617619] Mem-Info: [ 920.627311] Node 0 [ 920.628861] active_anon:71327 inactive_anon:202 isolated_anon:0 [ 920.628861] active_file:15 inactive_file:13 isolated_file:0 [ 920.628861] unevictable:0 dirty:0 writeback:0 unstable:0 [ 920.628861] slab_reclaimable:12483 slab_unreclaimable:105190 [ 920.628861] mapped:52226 shmem:252 pagetables:847 bounce:0 [ 920.628861] free:84445 free_pcp:1053 free_cma:0 [ 920.649640] DMA32 free:171288kB min:36248kB low:45308kB high:54368kB active_anon:282100kB inactive_anon:808kB active_file:48kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6848kB pagetables:2820kB bounce:0kB free_pcp:2340kB local_pcp:1496kB free_cma:0kB [ 920.656913] Node 0 active_anon:284148kB inactive_anon:808kB active_file:48kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117456kB dirty:0kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 920.699539] 2 [ 920.720910] Node 1 active_anon:1160kB inactive_anon:0kB active_file:12kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91448kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 920.777875] Node 0 DMA free:10332kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 920.799534] 2 [ 920.819608] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 920.824400] lowmem_reserve[]: [ 920.846691] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 920.851508] lowmem_reserve[]: [ 920.879538] lowmem_reserve[]: 0 0 0 0 [ 920.889233] 0 0 2 2 [ 920.894608] 0 2555 2557 2557 [ 920.897786] Node 0 DMA32 free:192944kB min:36248kB low:45308kB high:54368kB active_anon:282100kB inactive_anon:808kB active_file:48kB inactive_file:844kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6848kB pagetables:2820kB bounce:0kB free_pcp:1408kB local_pcp:124kB free_cma:0kB [ 920.909540] syz-executor.4 cpuset= [ 920.927019] Node 1 Normal free:169188kB min:53608kB low:67008kB high:80408kB active_anon:1160kB inactive_anon:0kB active_file:12kB inactive_file:8kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:568kB bounce:0kB free_pcp:1404kB local_pcp:1404kB free_cma:0kB [ 920.934500] Node 0 [ 920.979627] lowmem_reserve[]: 0 0 0 0 [ 920.999542] syz4 mems_allowed=0-1 [ 921.003084] CPU: 0 PID: 14203 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 921.005176] Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 921.010107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 921.010113] Call Trace: [ 921.010144] dump_stack+0x172/0x1f0 [ 921.010162] warn_alloc.cold+0x7b/0x173 [ 921.010180] ? zone_watermark_ok_safe+0x260/0x260 [ 921.010201] ? try_to_compact_pages+0x44/0xae0 [ 921.010230] __alloc_pages_slowpath+0x220e/0x2870 [ 921.010267] ? warn_alloc+0x110/0x110 [ 921.010283] ? __lock_is_held+0xb6/0x140 [ 921.010305] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 921.041179] lowmem_reserve[]: [ 921.044876] ? should_fail+0x14d/0x85c [ 921.047454] 0 [ 921.051099] ? __isolate_free_page+0x4c0/0x4c0 [ 921.051117] ? __might_sleep+0x95/0x190 [ 921.051134] __alloc_pages_nodemask+0x617/0x750 [ 921.051155] ? __alloc_pages_slowpath+0x2870/0x2870 [ 921.051174] ? find_held_lock+0x35/0x130 [ 921.051192] ? wait_for_completion+0x440/0x440 [ 921.051208] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 921.051228] alloc_pages_current+0x107/0x210 [ 921.051247] ion_page_pool_alloc+0x137/0x1d0 [ 921.051264] ion_system_heap_allocate+0x154/0xa90 [ 921.059067] 0 [ 921.060095] ? ion_system_heap_free+0x250/0x250 [ 921.060120] ion_alloc+0x475/0x900 [ 921.060141] ? ion_dma_buf_release+0x50/0x50 [ 921.060164] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 921.060180] ? _copy_from_user+0xdd/0x150 [ 921.060200] ion_ioctl+0x17b/0x329 [ 921.060219] ? ion_alloc.cold+0x28/0x28 [ 921.067565] 2 [ 921.069680] ? __might_sleep+0x95/0x190 [ 921.069698] ? ion_alloc.cold+0x28/0x28 [ 921.069715] do_vfs_ioctl+0xd5f/0x1380 [ 921.069729] ? selinux_file_ioctl+0x46f/0x5e0 [ 921.069741] ? selinux_file_ioctl+0x125/0x5e0 [ 921.069756] ? ioctl_preallocate+0x210/0x210 [ 921.069768] ? selinux_file_mprotect+0x620/0x620 [ 921.069791] ? iterate_fd+0x360/0x360 [ 921.069806] ? nsecs_to_jiffies+0x30/0x30 [ 921.069834] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 921.077625] 2 [ 921.077715] ? security_file_ioctl+0x8d/0xc0 [ 921.118867] ksys_ioctl+0xab/0xd0 [ 921.135086] lowmem_reserve[]: [ 921.138067] __x64_sys_ioctl+0x73/0xb0 [ 921.139934] Node 0 [ 921.144533] do_syscall_64+0xfd/0x620 [ 921.148076] Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 921.152461] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 921.152473] RIP: 0033:0x459829 [ 921.152497] Code: Bad RIP value. [ 921.152504] RSP: 002b:00007f9e06a65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 921.152518] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 921.152526] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 921.152533] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 921.152541] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e06a666d4 [ 921.152549] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 921.152717] Node 0 [ 921.184173] 0 [ 921.196753] DMA: [ 921.225059] 0 [ 921.279533] 1*4kB [ 921.289030] lowmem_reserve[]: [ 921.299520] (E) [ 921.310712] 0 [ 921.329533] 3*8kB (UE) 2*16kB (UE) 23*32kB (UE) 15*64kB (UE) 5*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10332kB [ 921.359522] 0 0 [ 921.361547] Node 1 Normal free:262844kB min:53608kB low:67008kB high:80408kB active_anon:1160kB inactive_anon:0kB active_file:12kB inactive_file:8kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:568kB bounce:0kB free_pcp:1272kB local_pcp:0kB free_cma:0kB [ 921.373706] Node 0 [ 921.399542] 0 0 0 [ 921.403976] Node 1 Normal free:329916kB min:53608kB low:67008kB high:80408kB active_anon:1160kB inactive_anon:0kB active_file:12kB inactive_file:8kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:568kB bounce:0kB free_pcp:1272kB local_pcp:0kB free_cma:0kB [ 921.429530] DMA32: 8275*4kB (UME) 6980*8kB (UME) 4104*16kB (UME) 1264*32kB (UME) 1125*64kB (UE) 280*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 302892kB [ 921.447535] Node 0 Normal: [ 921.459584] lowmem_reserve[]: 0 0 [ 921.462577] 0*4kB 0*8kB [ 921.466023] 0 0 [ 921.468708] 0*16kB [ 921.470741] 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 921.470795] Node 1 Normal: 12356*4kB (UM) 3110*8kB (UM) 3492*16kB (UM) 1824*32kB (U) 2818*64kB (U) 14*128kB (U) 20*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 375808kB [ 921.509551] lowmem_reserve[]: 0 0 0 0 [ 921.518885] Node 0 DMA: 1*4kB (E) 3*8kB (UE) 2*16kB (UE) 23*32kB (UE) 21*64kB (UE) 6*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10844kB [ 921.539577] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 921.548466] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 921.554763] Node 0 DMA: 1*4kB (E) 3*8kB (UE) 2*16kB (UE) 23*32kB (UE) 21*64kB (UE) 6*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10844kB [ 921.577906] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 921.595527] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 921.599529] Node 0 DMA32: 8275*4kB (UME) 6980*8kB (UME) 4104*16kB (UME) 1264*32kB (UME) 1135*64kB (UE) 281*128kB (U) 0*256kB 0*512kB [ 921.604261] 494 total pagecache pages [ 921.604277] 0 pages in swap cache [ 921.629559] Node 0 DMA32: 8275*4kB (UME) 6980*8kB (UME) 4104*16kB (UME) 1264*32kB (UME) 1135*64kB (UE) 281*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 303660kB [ 921.633594] Swap cache stats: add 0, delete 0, find 0/0 [ 921.669550] 0*1024kB 0*2048kB 0*4096kB = 303660kB [ 921.674465] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 921.692128] Free swap = 0kB [ 921.697306] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 921.709606] Node 1 Normal: 12356*4kB (UM) 3110*8kB (UM) 3492*16kB (UM) 1824*32kB (U) 5610*64kB (U) 565*128kB (U) 22*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 625536kB [ 921.714966] Total swap = 0kB [ 921.725329] Node 1 Normal: 12356*4kB (UM) 3110*8kB (UM) 3492*16kB (UM) 1824*32kB (U) 5610*64kB (U) [ 921.739555] 1965979 pages RAM [ 921.740276] 565*128kB [ 921.748775] 0 pages HighMem/MovableOnly [ 921.748786] 338856 pages reserved [ 921.769546] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 921.778424] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 921.779555] 0 pages cma reserved [ 921.787179] (U) 22*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 625536kB [ 921.797591] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 921.829589] warn_alloc_show_mem: 3 callbacks suppressed [ 921.829595] Mem-Info: [ 921.837451] active_anon:71327 inactive_anon:202 isolated_anon:0 [ 921.837451] active_file:14 inactive_file:326 isolated_file:0 [ 921.837451] unevictable:0 dirty:0 writeback:0 unstable:0 [ 921.837451] slab_reclaimable:12483 slab_unreclaimable:105181 [ 921.837451] mapped:52402 shmem:252 pagetables:847 bounce:0 [ 921.837451] free:245714 free_pcp:1392 free_cma:0 [ 921.839525] Unreclaimable slab info: [ 921.871619] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 921.909571] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 921.909575] Name Used Total [ 921.909607] pid_2 36KB 160KB [ 921.918207] 605 total pagecache pages [ 921.929934] batadv_tt_change_cache 10KB 15KB [ 921.949550] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 921.954925] batadv_tl_cache 12KB 20KB [ 921.958194] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 921.963686] TIPC 25KB 50KB [ 921.972643] Node 0 active_anon:284148kB inactive_anon:808kB active_file:48kB inactive_file:1292kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:118160kB dirty:0kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 922.003508] SCTPv6 35KB 55KB [ 922.006546] 0 pages in swap cache [ 922.014530] Swap cache stats: add 0, delete 0, find 0/0 [ 922.016570] DCCPv6 17KB 36KB [ 922.020149] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 922.025494] DCCP 16KB 34KB [ 922.034560] Free swap = 0kB [ 922.034568] Total swap = 0kB [ 922.034577] 1965979 pages RAM [ 922.034582] 0 pages HighMem/MovableOnly [ 922.034587] 338856 pages reserved [ 922.034592] 0 pages cma reserved [ 922.034623] 605 total pagecache pages [ 922.045565] bridge_fdb_cache 24KB 35KB [ 922.069524] fib6_nodes 249KB 256KB [ 922.079527] ip6_dst_cache 945KB 963KB [ 922.079543] 0 pages in swap cache [ 922.084918] RAWv6 156KB 169KB [ 922.088377] Swap cache stats: add 0, delete 0, find 0/0 [ 922.109596] Node 1 active_anon:1160kB inactive_anon:0kB active_file:8kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91448kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 922.114782] UDPv6 3KB 3KB [ 922.136875] Free swap = 0kB [ 922.144598] Total swap = 0kB [ 922.159566] 1965979 pages RAM [ 922.162711] 0 pages HighMem/MovableOnly [ 922.164975] TCPv6 23KB 29KB [ 922.166927] 338856 pages reserved [ 922.166937] 0 pages cma reserved [ 922.172383] nf_conntrack 0KB 3KB [ 922.172444] sd_ext_cdb 0KB 7KB [ 922.199539] Node 0 DMA free:10844kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 922.205010] scsi_sense_cache 1056KB 1060KB [ 922.265380] virtio_scsi_cmd 16KB 16KB [ 922.270898] sgpool-128 8KB 8KB [ 922.276282] sgpool-64 4KB 12KB [ 922.289532] sgpool-32 2KB 15KB [ 922.299595] lowmem_reserve[]: 0 2555 2557 2557 [ 922.304262] Node 0 DMA32 free:363416kB min:36248kB low:45308kB high:54368kB active_anon:282100kB inactive_anon:808kB active_file:48kB inactive_file:1292kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6848kB pagetables:2820kB bounce:0kB free_pcp:2812kB local_pcp:1440kB free_cma:0kB [ 922.305182] sgpool-16 1KB 7KB [ 922.349825] lowmem_reserve[]: 0 0 2 2 [ 922.353709] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 922.358077] sgpool-8 0KB 7KB [ 922.409598] mqueue_inode_cache 23KB 43KB [ 922.415125] bio_post_read_ctx 14KB 15KB [ 922.439674] bio-2 14KB 15KB [ 922.445092] jfs_mp 7KB 7KB [ 922.449601] lowmem_reserve[]: 0 0 0 0 [ 922.454383] Node 1 Normal free:852380kB min:53608kB low:67008kB high:80408kB active_anon:1160kB inactive_anon:0kB active_file:8kB inactive_file:12kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:568kB bounce:0kB free_pcp:2720kB local_pcp:1448kB free_cma:0kB [ 922.456414] nfs_commit_data 3KB 14KB [ 922.509541] nfs_write_data 34KB 44KB [ 922.515006] ext4_system_zone 1KB 7KB [ 922.521306] lowmem_reserve[]: 0 0 0 0 [ 922.525162] Node 0 DMA: 1*4kB (E) 3*8kB (UE) 2*16kB (UE) 23*32kB (UE) 22*64kB (UE) 6*128kB (UE) 1*256kB (E) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10908kB [ 922.549559] bio-1 1KB 7KB [ 922.554976] pid_namespace 5KB 7KB [ 922.559521] Node 0 DMA32: 10888*4kB (UME) 7925*8kB (UME) 4751*16kB (UME) 1771*32kB (UME) 1263*64kB (UE) 336*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 363480kB [ 922.569626] rpc_buffers 17KB 25KB [ 922.589532] rpc_tasks 2KB 7KB [ 922.594077] Node 0 Normal: [ 922.594943] UNIX 1306KB 1366KB [ 922.594961] tcp_bind_bucket 2KB 12KB [ 922.597892] 0*4kB [ 922.619556] inet_peer_cache 0KB 4KB [ 922.627134] xfrm_state 8KB 8KB [ 922.634336] 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 922.650409] ip_fib_trie 36KB 39KB [ 922.655822] ip_fib_alias 174KB 177KB [ 922.669526] ip_dst_cache 4KB 20KB [ 922.675044] RAW 92KB 115KB [ 922.677148] Node 1 Normal: 18647*4kB (UM) 3770*8kB (UM) 3807*16kB (UM) 2150*32kB (U) 8557*64kB (U) 2100*128kB (U) 159*256kB (U) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 1092124kB [ 922.689554] UDP 30KB 52KB [ 922.714262] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 922.719552] TCP 8KB 16KB [ 922.728539] hugetlbfs_inode_cache 2KB 15KB [ 922.745261] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 922.749571] fscache_cookie_jar 1KB 11KB [ 922.759370] eventpoll_pwq 19KB 35KB [ 922.765023] eventpoll_epi 36KB 66KB [ 922.770541] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 922.780540] inotify_inode_mark 25KB 63KB [ 922.786015] request_queue 163KB 163KB [ 922.791460] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 922.800165] blkdev_requests 1KB 3KB [ 922.805552] blkdev_ioc 35KB 54KB [ 922.810992] 600 total pagecache pages [ 922.814822] 0 pages in swap cache [ 922.818289] Swap cache stats: add 0, delete 0, find 0/0 [ 922.823748] bio-0 2040KB 2298KB [ 922.829122] biovec-max 3852KB 3935KB [ 922.834562] Free swap = 0kB [ 922.837591] Total swap = 0kB [ 922.849521] biovec-64 2154KB 2512KB [ 922.854925] biovec-16 246KB 382KB [ 922.860487] 1965979 pages RAM [ 922.863604] 0 pages HighMem/MovableOnly [ 922.867587] 338856 pages reserved [ 922.879535] bio_integrity_payload 1KB 8KB [ 922.885279] khugepaged_mm_slot 4KB 19KB [ 922.890807] dmaengine-unmap-256 2KB 6KB [ 922.896443] dmaengine-unmap-128 1KB 3KB [ 922.910587] 0 pages cma reserved [ 922.919540] dmaengine-unmap-16 0KB 4KB [ 922.925015] dmaengine-unmap-2 0KB 3KB [ 922.930436] skbuff_fclone_cache 112KB 191KB [ 922.935988] skbuff_head_cache 7440KB 7781KB [ 922.941530] configfs_dir_cache 0KB 8KB [ 922.946991] file_lock_cache 0KB 3KB [ 922.952527] file_lock_ctx 0KB 3KB [ 922.957899] fsnotify_mark_connector 14KB 39KB [ 922.963862] net_namespace 130KB 130KB [ 922.969238] shmem_inode_cache 5118KB 5433KB [ 922.974806] task_delay_info 67KB 233KB [ 922.980240] taskstats 35KB 80KB [ 922.985626] proc_dir_entry 1112KB 1136KB [ 922.991053] pde_opener 0KB 3KB [ 922.996425] seq_file 153KB 307KB [ 923.001860] sigqueue 36KB 86KB [ 923.007233] kernfs_node_cache 13570KB 13592KB [ 923.012654] mnt_cache 192KB 200KB [ 923.018030] filp 2701KB 4177KB [ 923.023477] names_cache 43214KB 43269KB [ 923.028849] iint_cache 32KB 63KB [ 923.034267] hashtab_node 118KB 119KB [ 923.040664] ebitmap_node 1089KB 1114KB [ 923.046046] avtab_node 1012KB 1013KB [ 923.051476] avc_node 48KB 55KB [ 923.056849] selinux_file_security 165KB 329KB [ 923.062634] selinux_inode_security 3228KB 3488KB [ 923.068439] key_jar 4KB 11KB [ 923.079547] uts_namespace 7KB 15KB [ 923.084956] nsproxy 5KB 11KB [ 923.099527] vm_area_struct 2977KB 5611KB [ 923.104921] mm_struct 425KB 760KB [ 923.119549] fs_cache 40KB 96KB [ 923.124951] files_cache 149KB 255KB [ 923.130386] signal_cache 517KB 797KB [ 923.135765] sighand_cache 483KB 534KB [ 923.149524] task_struct 2289KB 2320KB [ 923.155269] cred_jar 271KB 608KB [ 923.170549] anon_vma_chain 1682KB 3496KB [ 923.176105] anon_vma 159KB 573KB [ 923.181545] pid 45KB 200KB [ 923.186918] Acpi-Operand 156KB 190KB [ 923.192339] Acpi-ParseExt 8KB 11KB [ 923.197717] Acpi-Parse 41KB 47KB [ 923.203169] Acpi-State 52KB 63KB [ 923.208539] Acpi-Namespace 20KB 23KB [ 923.213961] numa_policy 0KB 3KB [ 923.219339] debug_objects_cache 1277KB 1285KB [ 923.227055] trace_event_file 263KB 266KB [ 923.235717] ftrace_event_field 382KB 385KB [ 923.252543] pool_workqueue 116KB 128KB [ 923.257948] task_group 5KB 7KB [ 923.279643] page->ptl 634KB 1612KB [ 923.299642] kmalloc-2097152 2050KB 2050KB [ 923.309614] kmalloc-524288 2056KB 2056KB [ 923.319513] kmalloc-262144 1290KB 1290KB [ 923.324898] kmalloc-131072 650KB 650KB [ 923.349533] kmalloc-65536 36432KB 37356KB [ 923.354948] kmalloc-32768 3102KB 3168KB [ 923.369527] kmalloc-16384 957KB 1039KB [ 923.374929] kmalloc-8192 4628KB 4669KB [ 923.380497] kmalloc-4096 37837KB 37897KB [ 923.385882] kmalloc-2048 19630KB 19921KB [ 923.391292] kmalloc-1024 16305KB 16718KB [ 923.396667] kmalloc-512 12751KB 13031KB [ 923.402080] kmalloc-256 5532KB 5580KB [ 923.407452] kmalloc-128 1547KB 1582KB [ 923.412871] kmalloc-96 2491KB 2572KB [ 923.418243] kmalloc-64 3400KB 3500KB [ 923.429512] kmalloc-32 3446KB 3724KB [ 923.434907] kmalloc-192 3244KB 3384KB [ 923.449609] kmem_cache 248KB 255KB [ 923.455014] Out of memory: Kill process 7947 (syz-fuzzer) score 41 or sacrifice child [ 923.469598] Killed process 14137 (syz-executor.4) total-vm:72452kB, anon-rss:68kB, file-rss:0kB, shmem-rss:0kB [ 923.480134] oom_reaper: reaped process 14137 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 924.108023] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 924.120139] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 924.125255] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 924.125553] CPU: 0 PID: 14174 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 924.144287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 924.153659] Call Trace: [ 924.156302] dump_stack+0x172/0x1f0 [ 924.159954] warn_alloc.cold+0x7b/0x173 [ 924.163955] ? zone_watermark_ok_safe+0x260/0x260 [ 924.168824] ? try_to_compact_pages+0x44/0xae0 [ 924.173452] __alloc_pages_slowpath+0x220e/0x2870 [ 924.178334] ? warn_alloc+0x110/0x110 [ 924.182150] ? __lock_is_held+0xb6/0x140 [ 924.186232] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 924.191790] ? should_fail+0x14d/0x85c [ 924.195700] ? __isolate_free_page+0x4c0/0x4c0 [ 924.200305] ? __might_sleep+0x95/0x190 [ 924.204300] __alloc_pages_nodemask+0x617/0x750 [ 924.208997] ? __alloc_pages_slowpath+0x2870/0x2870 [ 924.214038] ? wait_for_completion+0x440/0x440 [ 924.215959] syz-executor.3 cpuset= [ 924.218631] ? kasan_check_write+0x14/0x20 [ 924.218651] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 924.232095] alloc_pages_current+0x107/0x210 [ 924.236523] ion_page_pool_alloc+0x137/0x1d0 [ 924.240945] ion_system_heap_allocate+0x154/0xa90 [ 924.245810] ? ion_system_heap_free+0x250/0x250 [ 924.250506] ion_alloc+0x475/0x900 [ 924.254071] ? ion_dma_buf_release+0x50/0x50 [ 924.258506] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 924.259561] syz3 [ 924.264057] ? _copy_from_user+0xdd/0x150 [ 924.264079] ion_ioctl+0x17b/0x329 [ 924.266054] mems_allowed=0-1 [ 924.270206] ? ion_alloc.cold+0x28/0x28 [ 924.270224] ? __might_sleep+0x95/0x190 [ 924.270239] ? ion_alloc.cold+0x28/0x28 [ 924.270255] do_vfs_ioctl+0xd5f/0x1380 [ 924.270269] ? selinux_file_ioctl+0x46f/0x5e0 [ 924.270280] ? selinux_file_ioctl+0x125/0x5e0 [ 924.270294] ? ioctl_preallocate+0x210/0x210 [ 924.270307] ? selinux_file_mprotect+0x620/0x620 [ 924.270329] ? iterate_fd+0x360/0x360 [ 924.270344] ? nsecs_to_jiffies+0x30/0x30 [ 924.270372] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 924.324883] ? security_file_ioctl+0x8d/0xc0 [ 924.329321] ksys_ioctl+0xab/0xd0 [ 924.332792] __x64_sys_ioctl+0x73/0xb0 [ 924.336694] do_syscall_64+0xfd/0x620 [ 924.340512] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 924.346060] RIP: 0033:0x459829 [ 924.349281] Code: Bad RIP value. [ 924.352653] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 924.360375] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 924.367656] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 924.374941] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 924.382220] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 924.389528] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 924.396835] CPU: 1 PID: 14181 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 924.398856] Mem-Info: [ 924.403963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 924.403970] Call Trace: [ 924.403993] dump_stack+0x172/0x1f0 [ 924.404013] warn_alloc.cold+0x7b/0x173 [ 924.404033] ? zone_watermark_ok_safe+0x260/0x260 [ 924.404053] ? try_to_compact_pages+0x44/0xae0 [ 924.406555] active_anon:71360 inactive_anon:202 isolated_anon:0 [ 924.406555] active_file:15 inactive_file:757 isolated_file:0 [ 924.406555] unevictable:0 dirty:59 writeback:0 unstable:0 [ 924.406555] slab_reclaimable:12483 slab_unreclaimable:105181 [ 924.406555] mapped:52689 shmem:252 pagetables:823 bounce:0 [ 924.406555] free:109968 free_pcp:121 free_cma:0 [ 924.415856] __alloc_pages_slowpath+0x220e/0x2870 [ 924.415892] ? warn_alloc+0x110/0x110 [ 924.415914] ? __lock_is_held+0xb6/0x140 [ 924.420173] Node 0 active_anon:284280kB inactive_anon:808kB active_file:48kB inactive_file:3020kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:119308kB dirty:232kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 924.422127] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 924.426106] Node 1 active_anon:1160kB inactive_anon:0kB active_file:12kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91448kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 924.430925] ? should_fail+0x14d/0x85c [ 924.430946] ? __isolate_free_page+0x4c0/0x4c0 [ 924.430972] ? __might_sleep+0x95/0x190 [ 924.430992] __alloc_pages_nodemask+0x617/0x750 [ 924.431013] ? __alloc_pages_slowpath+0x2870/0x2870 [ 924.437294] Node 0 [ 924.468805] ? wait_for_completion+0x440/0x440 [ 924.468830] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 924.468850] alloc_pages_current+0x107/0x210 [ 924.468870] ion_page_pool_alloc+0x137/0x1d0 [ 924.468896] ion_system_heap_allocate+0x154/0xa90 [ 924.474333] DMA free:10396kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 924.477550] ? ion_system_heap_free+0x250/0x250 [ 924.481955] lowmem_reserve[]: [ 924.509574] ion_alloc+0x475/0x900 [ 924.509598] ? ion_dma_buf_release+0x50/0x50 [ 924.509623] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 924.509640] ? _copy_from_user+0xdd/0x150 [ 924.509660] ion_ioctl+0x17b/0x329 [ 924.516570] 0 [ 924.541604] ? ion_alloc.cold+0x28/0x28 [ 924.541623] ? __might_sleep+0x95/0x190 [ 924.541639] ? ion_alloc.cold+0x28/0x28 [ 924.541654] do_vfs_ioctl+0xd5f/0x1380 [ 924.541669] ? selinux_file_ioctl+0x46f/0x5e0 [ 924.541688] ? selinux_file_ioctl+0x125/0x5e0 [ 924.547183] 2555 [ 924.550164] ? ioctl_preallocate+0x210/0x210 [ 924.550179] ? selinux_file_mprotect+0x620/0x620 [ 924.550208] ? iterate_fd+0x360/0x360 [ 924.550227] ? nsecs_to_jiffies+0x30/0x30 [ 924.555224] 2557 [ 924.558877] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 924.564194] 2557 [ 924.566115] ? security_file_ioctl+0x8d/0xc0 [ 924.576229] ksys_ioctl+0xab/0xd0 [ 924.581013] Node 0 [ 924.585041] __x64_sys_ioctl+0x73/0xb0 [ 924.590349] DMA32 free:192400kB min:36248kB low:45308kB high:54368kB active_anon:282232kB inactive_anon:808kB active_file:48kB inactive_file:3020kB unevictable:0kB writepending:232kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6816kB pagetables:2724kB bounce:0kB free_pcp:468kB local_pcp:220kB free_cma:0kB [ 924.615656] do_syscall_64+0xfd/0x620 [ 924.615675] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 924.615687] RIP: 0033:0x459829 [ 924.615720] Code: Bad RIP value. [ 924.620859] lowmem_reserve[]: [ 924.623509] RSP: 002b:00007f8d57f6dc78 EFLAGS: 00000246 [ 924.627044] 0 [ 924.631442] ORIG_RAX: 0000000000000010 [ 924.631451] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 924.631459] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 924.631466] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 924.631473] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f6e6d4 [ 924.631480] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 924.827751] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 924.849593] 0 2 2 [ 924.851803] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 924.875090] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 924.896162] CPU: 1 PID: 14166 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 924.903229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 924.912614] Call Trace: [ 924.915234] dump_stack+0x172/0x1f0 [ 924.918901] warn_alloc.cold+0x7b/0x173 [ 924.922913] ? zone_watermark_ok_safe+0x260/0x260 [ 924.927803] ? try_to_compact_pages+0x44/0xae0 [ 924.932437] __alloc_pages_slowpath+0x220e/0x2870 [ 924.937332] ? warn_alloc+0x110/0x110 [ 924.941177] ? __lock_is_held+0xb6/0x140 [ 924.945281] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 924.950849] ? should_fail+0x14d/0x85c [ 924.954779] ? __isolate_free_page+0x4c0/0x4c0 [ 924.959398] ? __might_sleep+0x95/0x190 [ 924.963433] __alloc_pages_nodemask+0x617/0x750 [ 924.968143] ? __alloc_pages_slowpath+0x2870/0x2870 [ 924.969533] lowmem_reserve[]: 0 [ 924.973186] ? find_held_lock+0x35/0x130 [ 924.973210] ? wait_for_completion+0x440/0x440 [ 924.976485] 0 [ 924.980554] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 924.980574] alloc_pages_current+0x107/0x210 [ 924.980592] ion_page_pool_alloc+0x137/0x1d0 [ 924.980606] ion_system_heap_allocate+0x154/0xa90 [ 924.980627] ? ion_system_heap_free+0x250/0x250 [ 924.980664] ion_alloc+0x475/0x900 [ 925.014450] ? ion_dma_buf_release+0x50/0x50 [ 925.018901] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 925.019532] 0 [ 925.024467] ? _copy_from_user+0xdd/0x150 [ 925.024471] 0 [ 925.026286] ion_ioctl+0x17b/0x329 [ 925.035788] ? ion_alloc.cold+0x28/0x28 [ 925.039786] ? __might_sleep+0x95/0x190 [ 925.043781] ? ion_alloc.cold+0x28/0x28 [ 925.047773] do_vfs_ioctl+0xd5f/0x1380 [ 925.051676] ? selinux_file_ioctl+0x46f/0x5e0 [ 925.056192] ? selinux_file_ioctl+0x125/0x5e0 [ 925.060703] ? ioctl_preallocate+0x210/0x210 [ 925.065127] ? selinux_file_mprotect+0x620/0x620 [ 925.069939] ? iterate_fd+0x360/0x360 [ 925.073755] ? nsecs_to_jiffies+0x30/0x30 [ 925.077927] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 925.083484] ? security_file_ioctl+0x8d/0xc0 [ 925.087913] ksys_ioctl+0xab/0xd0 [ 925.091388] __x64_sys_ioctl+0x73/0xb0 [ 925.095291] do_syscall_64+0xfd/0x620 [ 925.099110] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 925.099537] Node 1 [ 925.104308] RIP: 0033:0x459829 [ 925.104346] Normal free:78924kB min:53608kB low:67008kB high:80408kB active_anon:1160kB inactive_anon:0kB active_file:12kB inactive_file:8kB unevictable:0kB writepending:4kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:568kB bounce:0kB free_pcp:520kB local_pcp:436kB free_cma:0kB [ 925.106553] Code: Bad RIP value. [ 925.139531] lowmem_reserve[]: [ 925.140788] RSP: 002b:00007f9e06aa7c78 EFLAGS: 00000246 [ 925.140802] 0 [ 925.143894] ORIG_RAX: 0000000000000010 [ 925.143909] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 925.162725] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 925.170015] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 925.177298] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e06aa86d4 [ 925.184583] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 925.189527] 0 0 0 [ 925.210030] Node 0 DMA: 1*4kB (E) 3*8kB (UE) 2*16kB (UE) 23*32kB (UE) 20*64kB (UE) 7*128kB (UE) 3*256kB (UE) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10396kB [ 925.226686] rs:main Q:Reg invoked oom-killer: gfp_mask=0x6201ca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), nodemask=(null), order=0, oom_score_adj=0 [ 925.258710] rs:main Q:Reg cpuset=/ mems_allowed=0-1 [ 925.269532] Node 0 DMA32: 416*4kB (UME) 482*8kB (ME) 88*16kB (UME) 350*32kB (UM) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18128kB [ 925.285086] CPU: 0 PID: 7799 Comm: rs:main Q:Reg Not tainted 4.19.63 #37 [ 925.291963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 925.301321] Call Trace: [ 925.303921] dump_stack+0x172/0x1f0 [ 925.307562] dump_header+0x15e/0xa55 [ 925.311290] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 925.316408] ? ___ratelimit+0x60/0x595 [ 925.320304] ? do_raw_spin_unlock+0x57/0x270 [ 925.324726] oom_kill_process.cold+0x10/0x6ef [ 925.329230] ? lock_downgrade+0x810/0x810 [ 925.333398] ? kasan_check_read+0x11/0x20 [ 925.337562] out_of_memory+0x936/0x12d0 [ 925.341559] ? oom_killer_disable+0x280/0x280 [ 925.346064] ? mutex_trylock+0x18e/0x1e0 [ 925.350133] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 925.355076] __alloc_pages_slowpath+0x20af/0x2870 [ 925.359951] ? warn_alloc+0x110/0x110 [ 925.363764] ? __lock_is_held+0xb6/0x140 [ 925.367837] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 925.373391] ? should_fail+0x14d/0x85c [ 925.377318] ? __might_sleep+0x95/0x190 [ 925.381309] __alloc_pages_nodemask+0x617/0x750 [ 925.386055] ? __alloc_pages_slowpath+0x2870/0x2870 [ 925.391097] ? find_get_entry+0x3e8/0x820 [ 925.395261] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 925.400823] alloc_pages_current+0x107/0x210 [ 925.405250] __page_cache_alloc+0x2bd/0x450 [ 925.409594] pagecache_get_page+0x231/0xa40 [ 925.413932] grab_cache_page_write_begin+0x7b/0xb0 [ 925.418878] ext4_da_write_begin+0x2d7/0xec0 [ 925.423304] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 925.428864] ? ext4_write_begin+0x1470/0x1470 [ 925.433377] ? copy_page_from_iter+0x7f0/0x7f0 [ 925.437978] generic_perform_write+0x22a/0x520 [ 925.442581] ? page_endio+0x780/0x780 [ 925.446396] ? current_time+0x140/0x140 [ 925.450388] ? lock_acquire+0x16f/0x3f0 [ 925.454374] ? ext4_file_write_iter+0x23f/0x1060 [ 925.459167] __generic_file_write_iter+0x25e/0x630 [ 925.464122] ext4_file_write_iter+0x32b/0x1060 [ 925.468717] ? mark_held_locks+0x100/0x100 [ 925.472963] ? dput+0x542/0x670 [ 925.476255] ? xfs_trans_init+0x430/0x6d0 [ 925.480422] ? ext4_file_mmap+0x410/0x410 [ 925.484581] ? mark_held_locks+0x100/0x100 [ 925.488828] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 925.494387] ? iov_iter_init+0xc6/0x1f0 [ 925.498385] __vfs_write+0x587/0x810 [ 925.502117] ? kernel_read+0x120/0x120 [ 925.506030] ? rcu_read_lock_sched_held+0x110/0x130 [ 925.511056] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 925.515818] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 925.521368] ? __sb_start_write+0x1a9/0x360 [ 925.525694] vfs_write+0x20c/0x560 [ 925.529245] ksys_write+0x14f/0x2d0 [ 925.532884] ? __ia32_sys_read+0xb0/0xb0 [ 925.536954] ? do_syscall_64+0x26/0x620 [ 925.540931] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 925.546302] ? do_syscall_64+0x26/0x620 [ 925.550294] __x64_sys_write+0x73/0xb0 [ 925.554194] do_syscall_64+0xfd/0x620 [ 925.558007] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 925.563202] RIP: 0033:0x7f334cd9a19d [ 925.566922] Code: d1 20 00 00 75 10 b8 01 00 00 00 0f 05 48 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 be fa ff ff 48 89 04 24 b8 01 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 07 fb ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 925.585871] RSP: 002b:00007f334b33b000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 925.593601] RAX: ffffffffffffffda RBX: 0000000000000191 RCX: 00007f334cd9a19d [ 925.605573] RDX: 0000000000000191 RSI: 0000000000b73340 RDI: 0000000000000002 [ 925.612864] RBP: 0000000000b73340 R08: 656c6c616b7a7973 R09: 6c656e72656b2072 [ 925.620147] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 925.629120] R13: 00007f334b33b480 R14: 0000000000000004 R15: 0000000000b73140 [ 925.645828] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 925.646808] Mem-Info: [ 925.657405] Node 1 Normal: 21*4kB (UM) 19*8kB (UM) 9*16kB (M) 825*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26780kB [ 925.665038] active_anon:71348 inactive_anon:202 isolated_anon:0 [ 925.665038] active_file:115 inactive_file:114 isolated_file:27 [ 925.665038] unevictable:0 dirty:17 writeback:0 unstable:0 [ 925.665038] slab_reclaimable:12453 slab_unreclaimable:105034 [ 925.665038] mapped:52400 shmem:252 pagetables:800 bounce:0 [ 925.665038] free:13755 free_pcp:0 free_cma:0 [ 925.674225] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 925.711552] Node 0 active_anon:284232kB inactive_anon:808kB active_file:448kB inactive_file:448kB unevictable:0kB isolated(anon):0kB isolated(file):108kB mapped:118152kB dirty:64kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 925.714574] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 925.749604] Node 1 active_anon:1160kB inactive_anon:0kB active_file:12kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91448kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 925.752642] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 925.792636] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 925.795741] Node 0 [ 925.801315] 452 total pagecache pages [ 925.801332] 0 pages in swap cache [ 925.801341] Swap cache stats: add 0, delete 0, find 0/0 [ 925.801346] Free swap = 0kB [ 925.801350] Total swap = 0kB [ 925.801357] 1965979 pages RAM [ 925.801363] 0 pages HighMem/MovableOnly [ 925.801368] 338856 pages reserved [ 925.801374] 0 pages cma reserved [ 925.842722] DMA free:10340kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 925.882613] lowmem_reserve[]: 0 2555 2557 2557 [ 925.887288] Node 0 DMA32 free:18756kB min:36248kB low:45308kB high:54368kB active_anon:282184kB inactive_anon:808kB active_file:364kB inactive_file:352kB unevictable:0kB writepending:264kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6816kB pagetables:2632kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 925.930594] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 925.959522] lowmem_reserve[]: 0 0 2 2 [ 925.963404] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 925.968411] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 926.047264] CPU: 1 PID: 14202 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 926.054283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 926.063654] Call Trace: [ 926.066266] dump_stack+0x172/0x1f0 [ 926.069915] warn_alloc.cold+0x7b/0x173 [ 926.073906] ? zone_watermark_ok_safe+0x260/0x260 [ 926.078797] __alloc_pages_slowpath+0x220e/0x2870 [ 926.083683] ? warn_alloc+0x110/0x110 [ 926.087503] ? __lock_is_held+0xb6/0x140 [ 926.091592] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 926.097147] ? should_fail+0x14d/0x85c [ 926.101064] ? __might_sleep+0x95/0x190 [ 926.105062] __alloc_pages_nodemask+0x617/0x750 [ 926.109761] ? __alloc_pages_slowpath+0x2870/0x2870 [ 926.114821] ? wait_for_completion+0x440/0x440 [ 926.119422] ? kasan_check_write+0x14/0x20 [ 926.123672] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 926.129233] alloc_pages_current+0x107/0x210 [ 926.133667] ion_page_pool_alloc+0x137/0x1d0 [ 926.138091] ion_system_heap_allocate+0x154/0xa90 [ 926.142957] ? ion_system_heap_free+0x250/0x250 [ 926.147659] ion_alloc+0x475/0x900 [ 926.151226] ? ion_dma_buf_release+0x50/0x50 [ 926.155665] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 926.161225] ? _copy_from_user+0xdd/0x150 [ 926.165398] ion_ioctl+0x17b/0x329 [ 926.168957] ? ion_alloc.cold+0x28/0x28 [ 926.172951] ? __might_sleep+0x95/0x190 [ 926.176947] ? ion_alloc.cold+0x28/0x28 [ 926.180938] do_vfs_ioctl+0xd5f/0x1380 [ 926.184841] ? selinux_file_ioctl+0x46f/0x5e0 [ 926.189343] ? selinux_file_ioctl+0x125/0x5e0 [ 926.193865] ? ioctl_preallocate+0x210/0x210 [ 926.198289] ? selinux_file_mprotect+0x620/0x620 [ 926.203063] ? iterate_fd+0x360/0x360 [ 926.206883] ? nsecs_to_jiffies+0x30/0x30 [ 926.211057] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 926.216610] ? security_file_ioctl+0x8d/0xc0 [ 926.221042] ksys_ioctl+0xab/0xd0 [ 926.224511] __x64_sys_ioctl+0x73/0xb0 [ 926.228416] do_syscall_64+0xfd/0x620 [ 926.232232] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 926.237430] RIP: 0033:0x459829 [ 926.240638] Code: Bad RIP value. [ 926.244008] RSP: 002b:00007f71a5b36c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 926.251729] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 926.259009] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 926.266314] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 926.273613] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b376d4 [ 926.280901] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 926.303192] lowmem_reserve[]: 0 0 0 0 [ 926.307065] Node 1 Normal free:26212kB min:53608kB low:67008kB high:80408kB active_anon:1160kB inactive_anon:0kB active_file:12kB inactive_file:8kB unevictable:0kB writepending:4kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:568kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 926.363380] lowmem_reserve[]: 0 0 0 0 [ 926.367260] Node 0 DMA: 1*4kB (E) 2*8kB (UE) 1*16kB (E) 22*32kB (UE) 20*64kB (UE) 7*128kB (UE) 3*256kB (UE) 1*512kB (E) 2*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10340kB [ 926.398204] Node 0 DMA32: 694*4kB (UME) 613*8kB (UME) 88*16kB (UME) 287*32kB (UM) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18272kB [ 926.427934] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 926.446781] Node 1 Normal: 20*4kB (M) 19*8kB (UM) 9*16kB (M) 817*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26520kB [ 926.459971] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 926.465644] warn_alloc_show_mem: 2 callbacks suppressed [ 926.465649] Mem-Info: [ 926.477334] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 926.479830] syz-executor.3: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 926.488685] syz-executor.3: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 926.508598] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 926.518189] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 926.538783] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 926.539406] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 926.547762] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 926.547806] CPU: 1 PID: 14203 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 926.569452] syz-executor.3 cpuset= [ 926.571931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 926.571943] Call Trace: [ 926.575495] syz3 [ 926.584880] dump_stack+0x172/0x1f0 [ 926.587536] syz-executor.4 cpuset= [ 926.589433] warn_alloc.cold+0x7b/0x173 [ 926.593143] active_anon:71348 inactive_anon:202 isolated_anon:0 [ 926.593143] active_file:14 inactive_file:14 isolated_file:0 [ 926.593143] unevictable:0 dirty:0 writeback:0 unstable:0 [ 926.593143] slab_reclaimable:12451 slab_unreclaimable:105017 [ 926.593143] mapped:52226 shmem:252 pagetables:800 bounce:0 [ 926.593143] free:13720 free_pcp:62 free_cma:0 [ 926.596593] ? zone_watermark_ok_safe+0x260/0x260 [ 926.600633] syz4 [ 926.633423] __alloc_pages_slowpath+0x220e/0x2870 [ 926.638363] Node 0 active_anon:284232kB inactive_anon:808kB active_file:44kB inactive_file:48kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117456kB dirty:0kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 926.640253] ? warn_alloc+0x110/0x110 [ 926.640276] ? __lock_is_held+0xb6/0x140 [ 926.645140] Node 1 active_anon:1160kB inactive_anon:0kB active_file:12kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91448kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 926.672644] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 926.672657] ? should_fail+0x14d/0x85c [ 926.672678] ? __might_sleep+0x95/0x190 [ 926.672706] __alloc_pages_nodemask+0x617/0x750 [ 926.676540] mems_allowed=0-1 [ 926.680596] ? __alloc_pages_slowpath+0x2870/0x2870 [ 926.680620] ? wait_for_completion+0x440/0x440 [ 926.680637] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 926.680659] alloc_pages_current+0x107/0x210 [ 926.713873] syz-executor.5 cpuset= [ 926.716493] ion_page_pool_alloc+0x137/0x1d0 [ 926.728855] syz5 [ 926.733280] ion_system_heap_allocate+0x154/0xa90 [ 926.739864] mems_allowed=0-1 [ 926.743432] ? ion_system_heap_free+0x250/0x250 [ 926.769550] mems_allowed=0-1 [ 926.770540] ion_alloc+0x475/0x900 [ 926.777204] ? ion_dma_buf_release+0x50/0x50 [ 926.779542] Node 0 DMA free:10340kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 926.781665] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 926.781687] ? _copy_from_user+0xdd/0x150 [ 926.817787] ion_ioctl+0x17b/0x329 [ 926.821355] ? ion_alloc.cold+0x28/0x28 [ 926.825344] ? __might_sleep+0x95/0x190 [ 926.829338] ? ion_alloc.cold+0x28/0x28 [ 926.833333] do_vfs_ioctl+0xd5f/0x1380 [ 926.837237] ? selinux_file_ioctl+0x46f/0x5e0 [ 926.841740] ? selinux_file_ioctl+0x125/0x5e0 [ 926.846249] ? ioctl_preallocate+0x210/0x210 [ 926.850670] ? selinux_file_mprotect+0x620/0x620 [ 926.855449] ? iterate_fd+0x360/0x360 [ 926.859281] ? nsecs_to_jiffies+0x30/0x30 [ 926.863457] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 926.869013] ? security_file_ioctl+0x8d/0xc0 [ 926.873453] ksys_ioctl+0xab/0xd0 [ 926.876926] __x64_sys_ioctl+0x73/0xb0 [ 926.880848] do_syscall_64+0xfd/0x620 [ 926.884682] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 926.889892] RIP: 0033:0x459829 [ 926.893106] Code: Bad RIP value. [ 926.896483] RSP: 002b:00007f9e06a65c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 926.904212] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 926.911501] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 926.918789] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 926.919530] lowmem_reserve[]: [ 926.926072] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e06a666d4 [ 926.926088] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 926.929205] 0 [ 926.950576] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 926.968318] 280 total pagecache pages [ 926.972275] 0 pages in swap cache [ 926.975421] CPU: 0 PID: 14166 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 926.975757] Swap cache stats: add 0, delete 0, find 0/0 [ 926.982786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 926.982793] Call Trace: [ 926.982821] dump_stack+0x172/0x1f0 [ 926.982841] warn_alloc.cold+0x7b/0x173 [ 926.982866] ? zone_watermark_ok_safe+0x260/0x260 [ 926.982908] __alloc_pages_slowpath+0x220e/0x2870 [ 926.982945] ? warn_alloc+0x110/0x110 [ 926.982967] ? __lock_is_held+0xb6/0x140 [ 926.993569] Free swap = 0kB [ 926.997726] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 927.001434] syz-executor.3 cpuset= [ 927.003938] ? should_fail+0x14d/0x85c [ 927.007902] syz3 [ 927.012767] ? __might_sleep+0x95/0x190 [ 927.023383] Total swap = 0kB [ 927.025497] __alloc_pages_nodemask+0x617/0x750 [ 927.028511] 1965979 pages RAM [ 927.034092] ? __alloc_pages_slowpath+0x2870/0x2870 [ 927.034112] ? find_held_lock+0x35/0x130 [ 927.034130] ? wait_for_completion+0x440/0x440 [ 927.034145] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 927.034164] alloc_pages_current+0x107/0x210 [ 927.034182] ion_page_pool_alloc+0x137/0x1d0 [ 927.034197] ion_system_heap_allocate+0x154/0xa90 [ 927.034216] ? ion_system_heap_free+0x250/0x250 [ 927.038813] 0 pages HighMem/MovableOnly [ 927.041780] ion_alloc+0x475/0x900 [ 927.041804] ? ion_dma_buf_release+0x50/0x50 [ 927.041828] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 927.041844] ? _copy_from_user+0xdd/0x150 [ 927.041871] ion_ioctl+0x17b/0x329 [ 927.041889] ? ion_alloc.cold+0x28/0x28 [ 927.041909] ? __might_sleep+0x95/0x190 [ 927.041924] ? ion_alloc.cold+0x28/0x28 [ 927.041941] do_vfs_ioctl+0xd5f/0x1380 [ 927.041966] ? selinux_file_ioctl+0x46f/0x5e0 [ 927.048574] 338856 pages reserved [ 927.050972] ? selinux_file_ioctl+0x125/0x5e0 [ 927.050989] ? ioctl_preallocate+0x210/0x210 [ 927.051001] ? selinux_file_mprotect+0x620/0x620 [ 927.051022] ? iterate_fd+0x360/0x360 [ 927.051035] ? nsecs_to_jiffies+0x30/0x30 [ 927.051057] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 927.051074] ? security_file_ioctl+0x8d/0xc0 [ 927.051091] ksys_ioctl+0xab/0xd0 [ 927.056710] 0 pages cma reserved [ 927.058899] __x64_sys_ioctl+0x73/0xb0 [ 927.068732] Unreclaimable slab info: [ 927.072571] do_syscall_64+0xfd/0x620 [ 927.072590] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 927.072602] RIP: 0033:0x459829 [ 927.072627] Code: Bad RIP value. [ 927.072635] RSP: 002b:00007f9e06aa7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 927.072649] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 927.072657] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 927.072665] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 927.072674] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e06aa86d4 [ 927.072688] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 927.079214] mems_allowed=0-1 [ 927.091416] CPU: 0 PID: 14181 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 927.093020] Name Used Total [ 927.096791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 927.096803] Call Trace: [ 927.106342] pid_2 35KB 160KB [ 927.108735] dump_stack+0x172/0x1f0 [ 927.114495] batadv_tt_change_cache 10KB 15KB [ 927.118424] warn_alloc.cold+0x7b/0x173 [ 927.129630] batadv_tl_cache 12KB 20KB [ 927.129893] ? zone_watermark_ok_safe+0x260/0x260 [ 927.133870] TIPC 25KB 50KB [ 927.137778] __alloc_pages_slowpath+0x220e/0x2870 [ 927.165316] SCTPv6 35KB 55KB [ 927.167836] ? warn_alloc+0x110/0x110 [ 927.173515] DCCPv6 17KB 36KB [ 927.177764] ? __lock_is_held+0xb6/0x140 [ 927.189614] DCCP 16KB 34KB [ 927.192163] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 927.195990] bridge_fdb_cache 24KB 35KB [ 927.201143] ? should_fail+0x14d/0x85c [ 927.201166] ? __might_sleep+0x95/0x190 [ 927.201187] __alloc_pages_nodemask+0x617/0x750 [ 927.201210] ? __alloc_pages_slowpath+0x2870/0x2870 [ 927.201235] ? wait_for_completion+0x440/0x440 [ 927.201252] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 927.201274] alloc_pages_current+0x107/0x210 [ 927.201293] ion_page_pool_alloc+0x137/0x1d0 [ 927.225390] fib6_nodes 249KB 256KB [ 927.230086] ion_system_heap_allocate+0x154/0xa90 [ 927.230108] ? ion_system_heap_free+0x250/0x250 [ 927.230132] ion_alloc+0x475/0x900 [ 927.230155] ? ion_dma_buf_release+0x50/0x50 [ 927.230186] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 927.237532] ip6_dst_cache 930KB 956KB [ 927.244765] ? _copy_from_user+0xdd/0x150 [ 927.244786] ion_ioctl+0x17b/0x329 [ 927.244803] ? ion_alloc.cold+0x28/0x28 [ 927.244822] ? __might_sleep+0x95/0x190 [ 927.244838] ? ion_alloc.cold+0x28/0x28 [ 927.244863] do_vfs_ioctl+0xd5f/0x1380 [ 927.244879] ? selinux_file_ioctl+0x46f/0x5e0 [ 927.244893] ? selinux_file_ioctl+0x125/0x5e0 [ 927.244911] ? ioctl_preallocate+0x210/0x210 [ 927.275119] RAWv6 156KB 169KB [ 927.277245] ? selinux_file_mprotect+0x620/0x620 [ 927.279897] UDPv6 3KB 3KB [ 927.285228] ? iterate_fd+0x360/0x360 [ 927.288843] TCPv6 23KB 29KB [ 927.294646] ? nsecs_to_jiffies+0x30/0x30 [ 927.294669] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 927.294684] ? security_file_ioctl+0x8d/0xc0 [ 927.294701] ksys_ioctl+0xab/0xd0 [ 927.294718] __x64_sys_ioctl+0x73/0xb0 [ 927.294735] do_syscall_64+0xfd/0x620 [ 927.294755] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 927.294767] RIP: 0033:0x459829 [ 927.294792] Code: Bad RIP value. [ 927.294800] RSP: 002b:00007f8d57f6dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 927.294815] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 927.294829] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 927.309561] nf_conntrack 0KB 3KB [ 927.314348] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 927.314363] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f6e6d4 [ 927.319275] sd_ext_cdb 0KB 7KB [ 927.324580] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 927.353805] 2555 [ 927.361867] CPU: 1 PID: 14174 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 927.390266] 2557 [ 927.390822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 927.396194] 2557 [ 927.401029] Call Trace: [ 927.401057] dump_stack+0x172/0x1f0 [ 927.401075] warn_alloc.cold+0x7b/0x173 [ 927.401093] ? zone_watermark_ok_safe+0x260/0x260 [ 927.401140] __alloc_pages_slowpath+0x220e/0x2870 [ 927.413753] ? warn_alloc+0x110/0x110 [ 927.419262] Node 0 [ 927.424631] ? __lock_is_held+0xb6/0x140 [ 927.424651] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 927.424663] ? should_fail+0x14d/0x85c [ 927.424687] ? __might_sleep+0x95/0x190 [ 927.424709] __alloc_pages_nodemask+0x617/0x750 [ 927.428886] DMA32 free:18020kB min:36248kB low:45308kB high:54368kB active_anon:282184kB inactive_anon:808kB active_file:44kB inactive_file:48kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6816kB pagetables:2632kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 927.432394] ? __alloc_pages_slowpath+0x2870/0x2870 [ 927.432419] ? wait_for_completion+0x440/0x440 [ 927.432441] ? kasan_check_write+0x14/0x20 [ 927.436415] lowmem_reserve[]: [ 927.440392] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 927.440420] alloc_pages_current+0x107/0x210 [ 927.440445] ion_page_pool_alloc+0x137/0x1d0 [ 927.444411] 0 [ 927.448298] ion_system_heap_allocate+0x154/0xa90 [ 927.452832] 0 [ 927.457281] ? ion_system_heap_free+0x250/0x250 [ 927.461724] 2 [ 927.467046] ion_alloc+0x475/0x900 [ 927.471831] 2 [ 927.477157] ? ion_dma_buf_release+0x50/0x50 [ 927.486312] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 927.493268] Node 0 [ 927.495997] ? _copy_from_user+0xdd/0x150 [ 927.508763] Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 927.511544] ion_ioctl+0x17b/0x329 [ 927.511563] ? ion_alloc.cold+0x28/0x28 [ 927.511583] ? __might_sleep+0x95/0x190 [ 927.511602] ? ion_alloc.cold+0x28/0x28 [ 927.516791] lowmem_reserve[]: [ 927.519996] do_vfs_ioctl+0xd5f/0x1380 [ 927.520011] ? selinux_file_ioctl+0x46f/0x5e0 [ 927.520023] ? selinux_file_ioctl+0x125/0x5e0 [ 927.520045] ? ioctl_preallocate+0x210/0x210 [ 927.529291] 0 [ 927.531129] ? selinux_file_mprotect+0x620/0x620 [ 927.531151] ? iterate_fd+0x360/0x360 [ 927.531166] ? nsecs_to_jiffies+0x30/0x30 [ 927.531189] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 927.538465] 0 [ 927.545761] ? security_file_ioctl+0x8d/0xc0 [ 927.545778] ksys_ioctl+0xab/0xd0 [ 927.545796] __x64_sys_ioctl+0x73/0xb0 [ 927.545819] do_syscall_64+0xfd/0x620 [ 927.551253] 0 [ 927.558502] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 927.565830] 0 [ 927.571135] RIP: 0033:0x459829 [ 927.571162] Code: Bad RIP value. [ 927.571170] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 927.580542] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 927.580550] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 927.580558] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 927.580566] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 927.580573] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 927.587910] CPU: 1 PID: 14167 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 927.590046] syz-executor.4: page allocation failure: order:0, mode:0x6280ca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), nodemask=(null) [ 927.599034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 927.599046] Call Trace: [ 927.633484] Node 1 [ 927.637425] dump_stack+0x172/0x1f0 [ 927.643207] warn_alloc_show_mem: 1 callbacks suppressed [ 927.643213] Mem-Info: [ 927.645289] warn_alloc.cold+0x7b/0x173 [ 927.650032] active_anon:71348 inactive_anon:202 isolated_anon:0 [ 927.650032] active_file:14 inactive_file:14 isolated_file:0 [ 927.650032] unevictable:0 dirty:0 writeback:0 unstable:0 [ 927.650032] slab_reclaimable:12451 slab_unreclaimable:105013 [ 927.650032] mapped:52226 shmem:252 pagetables:800 bounce:0 [ 927.650032] free:13725 free_pcp:125 free_cma:0 [ 927.678192] ? zone_watermark_ok_safe+0x260/0x260 [ 927.678232] __alloc_pages_slowpath+0x220e/0x2870 [ 927.678265] ? warn_alloc+0x110/0x110 [ 927.683365] Normal free:26520kB min:53608kB low:67008kB high:80408kB active_anon:1160kB inactive_anon:0kB active_file:12kB inactive_file:8kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:568kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 927.687874] ? __lock_is_held+0xb6/0x140 [ 927.692174] lowmem_reserve[]: [ 927.695261] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 927.700923] syz-executor.4 cpuset= [ 927.705191] ? should_fail+0x14d/0x85c [ 927.705214] ? __might_sleep+0x95/0x190 [ 927.705238] __alloc_pages_nodemask+0x617/0x750 [ 927.705261] ? __alloc_pages_slowpath+0x2870/0x2870 [ 927.710079] 0 [ 927.711823] ? wait_for_completion+0x440/0x440 [ 927.716641] 0 [ 927.718453] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 927.723294] syz4 [ 927.724920] alloc_pages_current+0x107/0x210 [ 927.724943] ion_page_pool_alloc+0x137/0x1d0 [ 927.724962] ion_system_heap_allocate+0x154/0xa90 [ 927.724984] ? ion_system_heap_free+0x250/0x250 [ 927.728834] mems_allowed=0-1 [ 927.730647] ion_alloc+0x475/0x900 [ 927.730670] ? ion_dma_buf_release+0x50/0x50 [ 927.730699] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 927.759563] Node 0 active_anon:284232kB inactive_anon:808kB active_file:44kB inactive_file:48kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117456kB dirty:0kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 927.772679] ? _copy_from_user+0xdd/0x150 [ 927.772699] ion_ioctl+0x17b/0x329 [ 927.772717] ? ion_alloc.cold+0x28/0x28 [ 927.772736] ? __might_sleep+0x95/0x190 [ 927.776307] 0 [ 927.780268] ? ion_alloc.cold+0x28/0x28 [ 927.780285] do_vfs_ioctl+0xd5f/0x1380 [ 927.780301] ? selinux_file_ioctl+0x46f/0x5e0 [ 927.780318] ? selinux_file_ioctl+0x125/0x5e0 [ 927.784294] 0 [ 927.788279] ? ioctl_preallocate+0x210/0x210 [ 927.823098] ? selinux_file_mprotect+0x620/0x620 [ 927.828627] Node 0 [ 927.830442] ? iterate_fd+0x360/0x360 [ 927.830456] ? nsecs_to_jiffies+0x30/0x30 [ 927.830478] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 927.830498] ? security_file_ioctl+0x8d/0xc0 [ 927.834947] Node 1 active_anon:1160kB inactive_anon:0kB active_file:12kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:91448kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 927.838359] ksys_ioctl+0xab/0xd0 [ 927.869536] Node 0 [ 927.876296] __x64_sys_ioctl+0x73/0xb0 [ 927.883639] DMA: [ 927.890860] do_syscall_64+0xfd/0x620 [ 927.890880] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 927.890892] RIP: 0033:0x459829 [ 927.890917] Code: Bad RIP value. [ 927.919561] DMA free:10340kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 927.923896] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 [ 927.933351] 1*4kB [ 927.935852] ORIG_RAX: 0000000000000010 [ 927.935867] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 927.938096] (E) [ 927.941726] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 927.941735] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 927.941742] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 927.941749] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 927.953123] scsi_sense_cache 1056KB 1060KB [ 927.955292] CPU: 0 PID: 14166 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 927.993335] virtio_scsi_cmd 16KB 16KB [ 927.997060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 927.997072] Call Trace: [ 928.002075] sgpool-128 8KB 8KB [ 928.028234] dump_stack+0x172/0x1f0 [ 928.028254] warn_alloc.cold+0x7b/0x173 [ 928.028271] ? zone_watermark_ok_safe+0x260/0x260 [ 928.028308] __alloc_pages_slowpath+0x220e/0x2870 [ 928.028342] ? warn_alloc+0x110/0x110 [ 928.028357] ? __lock_is_held+0xb6/0x140 [ 928.028377] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 928.028391] ? should_fail+0x14d/0x85c [ 928.028414] ? __might_sleep+0x95/0x190 [ 928.028435] __alloc_pages_nodemask+0x617/0x750 [ 928.028457] ? __alloc_pages_slowpath+0x2870/0x2870 [ 928.028471] ? mark_held_locks+0x100/0x100 [ 928.028489] ? pmd_val+0x85/0x100 [ 928.028503] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 928.028523] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 928.044194] sgpool-64 4KB 12KB [ 928.044786] alloc_pages_vma+0xdd/0x590 [ 928.048671] sgpool-32 2KB 15KB [ 928.052653] __handle_mm_fault+0x1dfe/0x3f80 [ 928.052673] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 928.052702] ? count_memcg_event_mm+0x2b1/0x4d0 [ 928.052718] handle_mm_fault+0x1b5/0x690 [ 928.052735] __get_user_pages+0x609/0x17a0 [ 928.052759] ? follow_page_mask+0x19d0/0x19d0 [ 928.052776] ? get_user_pages_unlocked+0xcb/0x440 [ 928.052799] get_user_pages_unlocked+0x291/0x440 [ 928.052823] ? get_user_pages_longterm+0x480/0x480 [ 928.059623] sgpool-16 1KB 7KB [ 928.062517] ? get_user_pages_fast+0x1fd/0x3b0 [ 928.064306] sgpool-8 0KB 7KB [ 928.068893] ? lockdep_hardirqs_on+0x415/0x5d0 [ 928.076402] mqueue_inode_cache 23KB 43KB [ 928.078241] ? trace_hardirqs_on+0x67/0x220 [ 928.083576] bio_post_read_ctx 14KB 15KB [ 928.087049] get_user_pages_fast+0x2e9/0x3b0 [ 928.097823] bio-2 14KB 15KB [ 928.099654] ? __get_user_pages_fast+0x370/0x370 [ 928.099669] ? find_held_lock+0x35/0x130 [ 928.099683] ? __handle_mm_fault+0x21d3/0x3f80 [ 928.099703] get_futex_key+0x26b/0x1690 [ 928.099719] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 928.099733] ? bsearch+0xa1/0xc0 [ 928.099752] ? cmp_ex_sort+0xd0/0xd0 [ 928.103330] jfs_mp 7KB 7KB [ 928.107700] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 928.118829] nfs_commit_data 3KB 14KB [ 928.140733] ? search_extable+0x80/0xb0 [ 928.140748] ? trim_init_extable+0x300/0x300 [ 928.140760] ? __put_user_4+0x1c/0x30 [ 928.140780] futex_wake+0xf9/0x4d0 [ 928.140794] ? fixup_exception+0x94/0xb9 [ 928.140809] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 928.140822] ? get_futex_key+0x1690/0x1690 [ 928.140843] ? lock_downgrade+0x810/0x810 [ 928.140866] ? count_memcg_event_mm+0x2b1/0x4d0 [ 928.140884] do_futex+0x358/0x1d70 [ 928.140903] ? __do_page_fault+0x484/0xe90 [ 928.140920] ? retint_kernel+0x2d/0x2d [ 928.150649] nfs_write_data 34KB 44KB [ 928.152633] ? exit_robust_list+0x2c0/0x2c0 [ 928.156636] ext4_system_zone 1KB 7KB [ 928.158409] ? retint_kernel+0x2d/0x2d [ 928.166541] bio-1 1KB 7KB [ 928.170737] ? trace_hardirqs_on_caller+0x6a/0x220 [ 928.170757] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 928.170775] ? __do_page_fault+0x484/0xe90 [ 928.170789] ? retint_kernel+0x2d/0x2d [ 928.170815] mm_release+0x33d/0x490 [ 928.170839] do_exit+0x490/0x2fa0 [ 928.177328] pid_namespace 5KB 7KB [ 928.181547] ? find_held_lock+0x35/0x130 [ 928.181564] ? task_work_run+0x118/0x1c0 [ 928.181579] ? get_signal+0x384/0x1fc0 [ 928.181594] ? find_held_lock+0x35/0x130 [ 928.181609] ? mm_update_next_owner+0x660/0x660 [ 928.181628] ? _raw_spin_unlock_irq+0x28/0x90 [ 928.181642] ? get_signal+0x384/0x1fc0 [ 928.181653] ? _raw_spin_unlock_irq+0x28/0x90 [ 928.181672] do_group_exit+0x135/0x370 [ 928.181691] get_signal+0x3ec/0x1fc0 [ 928.181710] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 928.192079] rpc_buffers 17KB 25KB [ 928.192503] ? ion_ioctl+0x1fe/0x329 [ 928.196636] rpc_tasks 2KB 7KB [ 928.202181] do_signal+0x95/0x1960 [ 928.202198] ? ion_alloc.cold+0x28/0x28 [ 928.202215] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 928.202227] ? do_vfs_ioctl+0x120/0x1380 [ 928.202240] ? selinux_file_ioctl+0x46f/0x5e0 [ 928.202254] ? setup_sigcontext+0x7d0/0x7d0 [ 928.202267] ? ioctl_preallocate+0x210/0x210 [ 928.202280] ? selinux_file_mprotect+0x620/0x620 [ 928.202301] ? iterate_fd+0x360/0x360 [ 928.202313] ? nsecs_to_jiffies+0x30/0x30 [ 928.202328] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 928.202346] ? task_work_add+0x9c/0x110 [ 928.210407] UNIX 1305KB 1352KB [ 928.233167] ? exit_to_usermode_loop+0x43/0x2c0 [ 928.233181] ? do_syscall_64+0x53d/0x620 [ 928.233192] ? exit_to_usermode_loop+0x43/0x2c0 [ 928.233205] ? lockdep_hardirqs_on+0x415/0x5d0 [ 928.233219] ? trace_hardirqs_on+0x67/0x220 [ 928.233236] exit_to_usermode_loop+0x244/0x2c0 [ 928.233254] do_syscall_64+0x53d/0x620 [ 928.233272] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 928.233284] RIP: 0033:0x459829 [ 928.233309] Code: Bad RIP value. [ 928.241593] tcp_bind_bucket 2KB 12KB [ 928.242886] RSP: 002b:00007f9e06aa7c78 EFLAGS: 00000246 [ 928.244946] inet_peer_cache 0KB 4KB [ 928.248733] ORIG_RAX: 0000000000000010 [ 928.256938] xfrm_state 8KB 8KB [ 928.257121] RAX: fffffffffffffff4 RBX: 0000000000000003 RCX: 0000000000459829 [ 928.265153] ip_fib_trie 36KB 39KB [ 928.286246] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 928.286255] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 928.286262] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9e06aa86d4 [ 928.286269] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 928.347045] 2*8kB [ 928.355940] ip_fib_alias 174KB 177KB [ 928.405274] (UE) [ 928.413451] ip_dst_cache 4KB 20KB [ 928.448172] 1*16kB [ 928.455462] RAW 92KB 115KB [ 928.489595] (E) [ 928.498484] UDP 30KB 52KB [ 928.565190] 22*32kB (UE) [ 928.568642] TCP 8KB 16KB [ 928.568657] hugetlbfs_inode_cache 2KB 15KB [ 928.568666] fscache_cookie_jar 1KB 11KB [ 928.568677] eventpoll_pwq 19KB 35KB [ 928.568687] eventpoll_epi 36KB 66KB [ 928.568697] inotify_inode_mark 25KB 63KB [ 928.568712] request_queue 163KB 163KB [ 928.583720] 20*64kB [ 928.588550] blkdev_requests 1KB 3KB [ 928.634680] (UE) [ 928.636082] blkdev_ioc 35KB 54KB [ 928.639140] 7*128kB [ 928.650408] bio-0 2057KB 2298KB [ 928.679513] (UE) [ 928.681972] warn_alloc_show_mem: 3 callbacks suppressed [ 928.681978] Mem-Info: [ 928.694284] 3*256kB (UE) 1*512kB [ 928.703913] biovec-max 3902KB 3935KB [ 928.719531] (E) [ 928.719932] active_anon:71348 inactive_anon:202 isolated_anon:0 [ 928.719932] active_file:81 inactive_file:1799 isolated_file:0 [ 928.719932] unevictable:0 dirty:0 writeback:0 unstable:0 [ 928.719932] slab_reclaimable:12451 slab_unreclaimable:105013 [ 928.719932] mapped:53539 shmem:252 pagetables:800 bounce:0 [ 928.719932] free:171952 free_pcp:154 free_cma:0 [ 928.734576] 2*1024kB [ 928.735871] biovec-64 2216KB 2504KB [ 928.759599] (UE) 2*2048kB [ 928.764476] Node 0 active_anon:284232kB inactive_anon:808kB active_file:144kB inactive_file:2828kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:119088kB dirty:0kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 928.769133] (UM) [ 928.773283] biovec-16 250KB 382KB [ 928.773296] bio_integrity_payload 1KB 8KB [ 928.773308] khugepaged_mm_slot 4KB 19KB [ 928.773331] dmaengine-unmap-256 2KB 6KB [ 928.852272] 0*4096kB [ 928.853789] Node 1 active_anon:1160kB inactive_anon:0kB active_file:180kB inactive_file:4868kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:95268kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 928.857070] = 10340kB [ 928.862566] lowmem_reserve[]: [ 928.925006] Node 0 DMA32: [ 928.927952] dmaengine-unmap-128 1KB 3KB [ 928.959542] 284*4kB [ 928.968898] Node 0 [ 928.968965] (E) [ 928.974528] DMA free:10564kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:80kB inactive_file:840kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 928.974538] lowmem_reserve[]: [ 929.039534] 470*8kB [ 929.046201] dmaengine-unmap-16 0KB 4KB [ 929.119647] 0 2555 2557 2557 [ 929.119674] Node 0 DMA32 free:266592kB min:36248kB low:45308kB high:54368kB active_anon:282184kB inactive_anon:808kB active_file:44kB inactive_file:2548kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6784kB pagetables:2632kB bounce:0kB free_pcp:424kB local_pcp:424kB free_cma:0kB [ 929.119720] lowmem_reserve[]: [ 929.137857] 0 [ 929.169534] 0 [ 929.178146] (ME) [ 929.199591] dmaengine-unmap-2 0KB 3KB [ 929.219704] 2555 [ 929.250452] 0 [ 929.265074] skbuff_fclone_cache 105KB 191KB [ 929.275029] 2 [ 929.277524] skbuff_head_cache 7482KB 7781KB [ 929.283643] 88*16kB [ 929.288935] configfs_dir_cache 0KB 8KB [ 929.291091] (UME) [ 929.293055] file_lock_cache 0KB 3KB [ 929.298730] 282*32kB [ 929.304470] file_lock_ctx 0KB 3KB [ 929.306196] 2 [ 929.307753] fsnotify_mark_connector 14KB 39KB [ 929.307765] net_namespace 130KB 130KB [ 929.307776] shmem_inode_cache 5117KB 5433KB [ 929.307795] task_delay_info 66KB 233KB [ 929.337330] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 929.337637] taskstats 35KB 80KB [ 929.364402] (UM) 374*64kB (UE) 234*128kB (U) 31*256kB (U) 3*512kB (U) 4*1024kB (U) 0*2048kB 0*4096kB = 82784kB [ 929.374972] proc_dir_entry 1111KB 1132KB [ 929.385305] pde_opener 0KB 3KB [ 929.397846] seq_file 153KB 307KB [ 929.399184] Node 0 [ 929.403504] sigqueue 38KB 86KB [ 929.417869] kernfs_node_cache 13570KB 13592KB [ 929.419057] Normal: [ 929.423773] mnt_cache 192KB 200KB [ 929.423785] filp 2700KB 4177KB [ 929.423796] names_cache 43273KB 43290KB [ 929.423886] iint_cache 32KB 63KB [ 929.427261] 0*4kB [ 929.437660] hashtab_node 118KB 119KB [ 929.462236] ebitmap_node 1077KB 1114KB [ 929.467810] avtab_node 1012KB 1013KB [ 929.469520] 2557 2557 [ 929.475842] lowmem_reserve[]: 0 0 0 0 [ 929.476412] avc_node 48KB 55KB [ 929.479894] 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 929.488211] selinux_file_security 162KB 329KB [ 929.497702] Node 0 [ 929.503823] Node 1 Normal free:1004140kB min:53608kB low:67008kB high:80408kB active_anon:1160kB inactive_anon:0kB active_file:556kB inactive_file:4416kB unevictable:0kB writepending:8kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:568kB bounce:0kB free_pcp:340kB local_pcp:340kB free_cma:0kB [ 929.509274] selinux_inode_security 3223KB 3488KB [ 929.549161] key_jar 4KB 11KB [ 929.549616] Node 1 Normal: 1*4kB (M) 1*8kB (U) 0*16kB 805*32kB (UM) 9161*64kB (UM) [ 929.554805] uts_namespace 7KB 15KB [ 929.559631] DMA32 free:261604kB min:36248kB low:45308kB high:54368kB active_anon:282208kB inactive_anon:808kB active_file:136kB inactive_file:6408kB unevictable:0kB writepending:28kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6784kB pagetables:2528kB bounce:0kB free_pcp:740kB local_pcp:748kB free_cma:0kB [ 929.569123] nsproxy 5KB 11KB [ 929.599364] 2329*128kB (UM) 325*256kB [ 929.609546] lowmem_reserve[]: 0 0 0 0 [ 929.617367] Node 0 DMA: 3*4kB (ME) 3*8kB (UME) 2*16kB (ME) 22*32kB (UE) 29*64kB (UME) 7*128kB (UE) 3*256kB (UE) 1*512kB (E) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10948kB [ 929.629536] (U) 3*512kB (U) 5*1024kB (U) 2*2048kB (U) 0*4096kB = 1004140kB [ 929.641133] vm_area_struct 2966KB 5611KB [ 929.644942] lowmem_reserve[]: 0 0 2 2 [ 929.648793] mm_struct 435KB 747KB [ 929.659599] fs_cache 43KB 96KB [ 929.665001] files_cache 163KB 255KB [ 929.670020] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 929.676871] signal_cache 514KB 797KB [ 929.698066] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 929.708022] sighand_cache 481KB 534KB [ 929.716648] task_struct 2277KB 2307KB [ 929.722316] Node 0 DMA32: 222*4kB (UE) 158*8kB (UE) 17*16kB (E) 259*32kB (UM) 2250*64kB (UE) 674*128kB (UM) 56*256kB (U) 5*512kB (U) 4*1024kB (U) 0*2048kB 0*4096kB = 261976kB [ 929.727958] cred_jar 268KB 608KB [ 929.746644] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 929.749535] lowmem_reserve[]: 0 0 0 0 [ 929.761519] anon_vma_chain 1670KB 3488KB [ 929.767001] anon_vma 166KB 573KB [ 929.769543] Node 0 [ 929.776918] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 929.778403] pid 46KB 200KB [ 929.785220] Normal: [ 929.797516] Node 1 [ 929.799812] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 929.801736] Normal free:1004140kB min:53608kB low:67008kB high:80408kB active_anon:1160kB inactive_anon:0kB active_file:556kB inactive_file:4416kB unevictable:0kB writepending:8kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:568kB bounce:0kB free_pcp:340kB local_pcp:0kB free_cma:0kB [ 929.803341] 3564 total pagecache pages [ 929.818041] Acpi-Operand 156KB 190KB [ 929.846597] 0*4kB [ 929.855239] lowmem_reserve[]: 0 0 0 0 [ 929.861931] 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 929.862113] Node 1 Normal: 1*4kB (M) 1*8kB (U) 0*16kB 805*32kB (UM) 9161*64kB (UM) 2329*128kB (UM) 325*256kB (U) 3*512kB (U) 5*1024kB (U) 2*2048kB (U) 0*4096kB = 1004140kB [ 929.879618] Acpi-ParseExt 8KB 11KB [ 929.903037] Acpi-Parse 41KB 47KB [ 929.908468] Acpi-State 52KB 63KB [ 929.916098] Node 0 DMA: 3*4kB (ME) 3*8kB (UME) 2*16kB (ME) 22*32kB (UE) 29*64kB (UME) 7*128kB (UE) 3*256kB (UE) 1*512kB (E) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10948kB [ 929.929563] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 929.938586] Acpi-Namespace 20KB 23KB [ 929.946456] numa_policy 0KB 3KB [ 929.957779] debug_objects_cache 1277KB 1285KB [ 929.963727] trace_event_file 263KB 266KB [ 929.969142] ftrace_event_field 382KB 385KB [ 929.969545] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 929.980313] Node 0 DMA32: 223*4kB (UME) 126*8kB (UME) 17*16kB (E) 254*32kB (U) 2247*64kB (UE) 673*128kB (U) 57*256kB (UM) 4*512kB (U) 4*1024kB (UM) 0*2048kB 0*4096kB = 260988kB [ 929.984835] 0 pages in swap cache [ 930.013035] pool_workqueue 116KB 128KB [ 930.018438] task_group 5KB 7KB [ 930.019547] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 930.025977] page->ptl 625KB 1612KB [ 930.045645] kmalloc-2097152 2050KB 2050KB [ 930.049551] Swap cache stats: add 0, delete 0, find 0/0 [ 930.052623] kmalloc-524288 2056KB 2056KB [ 930.059599] Free swap = 0kB [ 930.066289] Total swap = 0kB [ 930.069329] 1965979 pages RAM [ 930.069962] kmalloc-262144 1290KB 1290KB [ 930.072694] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 930.077820] kmalloc-131072 650KB 650KB [ 930.098123] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 930.099525] 0 pages HighMem/MovableOnly [ 930.109111] kmalloc-65536 36432KB 37224KB [ 930.113608] 3663 total pagecache pages [ 930.119540] kmalloc-32768 3102KB 3168KB [ 930.128086] kmalloc-16384 957KB 1006KB [ 930.129144] 338856 pages reserved [ 930.138532] kmalloc-8192 4628KB 4669KB [ 930.143585] 0 pages in swap cache [ 930.144072] Node 1 Normal: 1*4kB (M) 1*8kB (U) 0*16kB 805*32kB (UM) 9161*64kB (UM) 2329*128kB (UM) 325*256kB (U) 3*512kB (U) 5*1024kB (U) 2*2048kB (U) 0*4096kB = 1004140kB [ 930.148198] Swap cache stats: add 0, delete 0, find 0/0 [ 930.169916] 0 pages cma reserved [ 930.170264] kmalloc-4096 37829KB 37888KB [ 930.178768] kmalloc-2048 19575KB 19896KB [ 930.196501] kmalloc-1024 16467KB 16718KB [ 930.199523] Free swap = 0kB [ 930.202828] kmalloc-512 12724KB 13031KB [ 930.205083] Total swap = 0kB [ 930.220568] kmalloc-256 5514KB 5580KB [ 930.225966] kmalloc-128 1535KB 1582KB [ 930.235593] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 930.239546] 1965979 pages RAM [ 930.248254] kmalloc-96 2479KB 2572KB [ 930.259302] kmalloc-64 3393KB 3500KB [ 930.259527] 0 pages HighMem/MovableOnly [ 930.264976] kmalloc-32 3461KB 3724KB [ 930.279575] 338856 pages reserved [ 930.282559] kmalloc-192 3213KB 3364KB [ 930.283159] 0 pages cma reserved [ 930.288539] kmem_cache 248KB 255KB [ 930.299609] Out of memory: Kill process 7947 (syz-fuzzer) score 41 or sacrifice child [ 930.307694] Killed process 13949 (syz-executor.2) total-vm:72452kB, anon-rss:64kB, file-rss:0kB, shmem-rss:0kB [ 930.309541] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 930.342279] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 930.363985] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 930.397046] 3811 total pagecache pages [ 930.404745] 0 pages in swap cache [ 930.408229] Swap cache stats: add 0, delete 0, find 0/0 [ 930.419094] Free swap = 0kB [ 930.425103] Total swap = 0kB [ 930.428147] 1965979 pages RAM [ 930.436936] 0 pages HighMem/MovableOnly [ 930.454775] 338856 pages reserved [ 930.458391] 0 pages cma reserved 04:54:02 executing program 5: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x9, 0x8}) 04:54:02 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x138, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x0) 04:54:02 executing program 3: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) getsockopt$llc_int(r2, 0x10c, 0xd, &(0x7f00000000c0), &(0x7f0000000100)=0x4) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") ioctl$sock_SIOCBRDELBR(r1, 0x89a1, &(0x7f0000000140)='erspan0\x00') setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f0000000180)=0x1, 0x4) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) 04:54:02 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008000100000007e10500ac14341b080003000800e80f01"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0xfffffffffffffffe, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x1000000000000000) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) writev(r1, &(0x7f0000000780)=[{&(0x7f0000000400)="062c542ea7f16350a3f38f627c4afbbf790d8be4313ca137285459806a43775cc0127b0a38c880b094572b8802292d3a497622d7bc4b39e65c786ecd8269e67866a794dcc31ffcfc69252a3b5380451d9eb6f3d01c84cb5e1e173dcc4c4aea0c9f76e245026909b7fb9771b3d8595ae412c6621b7c3cb0", 0x77}, {&(0x7f0000000480)="5995793e5e6eb7aaa6e9804e83a702f99085805ffd4d726bf3618185287cc5426adb55ad909166d83069364bc15e75f09924edb59f1a3c4a1d209b388a43c8b86634bb8d0df115e5edb4244a083371b0f869562bea82951e079671af7d4a961c9e26c8c5a659f6d523e81b97855b1dbf4a1919e2e2df82d6908bf5879bcb65ee97294691ff64f066e59f6c1186c78a6595fa50b18ac92d6ac9527133c8b9464ca6485850a6e077372452377f5715dcf525c0ea97325881ae1c299536441fa53af363083b73", 0xc5}, {&(0x7f0000001140)="a55bd7437eed8df3df1ee46b6250f6c80f291a7a479599a5d38e19ea39fcc4e1fd638758ac32eb23577798d40eb63849b6fadc8bc01ed0131ad496fe97b40f93239f0d5d7697fbc149ec28a279f4f87e8ba0cc139f52d6f8a28e21e98a51ece14e40bc4efb1cab18bdc73ff2f7f0a3615d95f8b81cb9b4e1163b6cacf105ad7690a8f13428a314748767cb7f0fab505fca55ad73ff799db29a14ac291abee942439a47a12aeeea318977274530cac30a5bc46a109d164a34ec68e9e6acb70da5dc777e5931ed6051eaadc5076dda2aa75056ad791cf8fb72a733e18305d97dd8e7aae5d6cb2e3b475003ed4bf6e17cf5024510b1f730a6a38cc50fe717bf358b41d1ec9db9d8811a92cde4bec6023b20b84ef1c106a97c1dbf74db84e2687c4bf6b61b7dcaeb8929084fd914aab30a4fc52e9f298fd48745a3c2bb0f31cec9b454efc35d3c5476fb9c1cfec338e02b326be0ea4643d310698fcc560f1be09c8d5a4ec0c80f08780133f50e66072908dfb16ac588ad1934e8e50a1229ff966685a75ffe017018502595ef94c79104cb10910ce4a2d0c6686d0a01a629eec756f7484aa3301a02722d371a73aa768d29dda4c520701def31550cdf24b8d797a2f473910f2c6f1207e358da1e8900e8022bc678b0089cf9a5c686a63bd3f983c0185b74a0b5ac8da8f3dcfd5fcc059bf8846f585a6220614bda6d18c894a5edb69fdd1edd960c14f0f1bca5a8f2c69995c517375987691ec61943d85fe323b76820bf245f7889900f11181026654d10d3469e67e9e33711372f72619f7ff422ea2ea2fcadf73e6bcaad058d59ed68b27ce6ddea26077de18f695fa55872bb85d4d08e42236834d1c7ef887437b95f11a8acb675c9085da9ad4b8f4de04863cb0a054339c271bb983d8b5f7ddf20df38e01d8084eabf20412b6bf92cee2b7ba198eeaf9e6a5b39cc88b15a32a3201ee646e198145d4283f0fa15bb5804fefb626f771e60141c8cc808ee1c4bd21ca87af900896c4a2ce523f41e1ec586108eae5f93d3b7acd8abb16d2d2e51254a7e4ae28a6d09e7a02f494043088927798aefde3b1fb6f984500b92d551955df95e68f71264472f7aad5648dd5aa68b54aad43f723d95908a74c970b1c709e0cdbe4e5eb8776c9d7c718403b645fa942b3fcbe8baf1833eb5127358883260ac95607117ed74b2aea428e50f5672157570ad9d3dbeb7ca87dfe0fefb223643641e74f7a58c1e80042a12b0ef866363f81a22dc5c9f62d2f393f3e6d2b69a69618afb6d1bd033e263524642dee04d1b8d10efa8ec350c43e12714963cc888f8f0270ba6d403ce9ae5ae2e4935187db141be00bb73a03059dc6d4bfbf12d0acabf0b27044221e2e3e8c136c0b1edf92f74d1b20fffa05f886ebb443648890eb28c181559bff19fb85a7d9f131f782ed57b1412d4422bd4103a01a2a277775e7c339d07b4cd82014026177482609fb4764e3490015d6ba474749f8db439a1b7792f8c3dadff05ebed9e2d831a90f75702dcda507e66ba2d18224a0a1978e0b4a4c69ac6375057124be65f175e4dc6a0fbf452831711f40b5148bab918d7cbfc1a083b0a436355f51052f1fea6183ffb962787d6dc1764b17ef88dbb22c2089789c9462af522fa074cb62aa52b16441739e956ace59bbdcde1daa1be11efe46ea608f5c26b8fca1f324b5e08a3ff9c6de06aacace0776246f2021a7ff538be8cb46ba1d0a9672a16f9613a17f847817aeb1222d7320a855aa554a35a734c116bd84f5409932c7f244a488efc70a142b5fcde07b9ad476f8f0914934927c57aaad2f599fa58b6da403253bdf29cb733d0627a2f00762bebe2155cb3e07c707cea8792f7ae8902e6d8eea05ac281d357663d89bd3b9c40d3bd97c54adff147be487d4d5a253308d4c314b852944a5d8069db1e5189a4736f0e0cd0376aa9339f5cfdf452bb7a2a753c3bccf61101f53271876fb3104ab5a0ea869ac7bb6e58df48dc63e5d534958ed14efa6911bed807022bb4081112af147d4501c89dfdb349a5c4cf4ac8c3d30f6f7b850287cd6761fae317b693002a4695a7112b5d04c636dfd2ffdea3526d95e34a1c14ca6f7c9c2284ce8d7d2c48c9fc098d5521e9afe1ebdc750e8ff2033d68bef79be53853992cf8e83efdf6c838c306715c2539382a3aa623eaae8eb1160975b743dd7f40422cec91f6546df9e7331da09eb9e4cac1fe8f6ea23343970ececad69274916a69ab5f584506ae2a616f46a9e4900b0ae10af3569e16fa8de08c1715645eff697693c4915f2f675fdde5fe165af40bc2bbfc9d792505572674b0352344b9ca49e816aa32855418e6cee9b0da59aa4aa3acaba014ac60104fa08d89b31de14b65afe124b6b4643cefc2a6f49805838a9f8dacc8c57b40616ac25f64a51926ebc4534599165361d9b8df61b8363e1b5f99647c021f22f9f6552056e79810d27643c1cc0659d5bbbbb71e13dbd8d7378c771326ebcbf982a0275016b2343280382ec61bd43322f32bafd01f425fb5acd51cc24035edabaa8cc1e86b0e657aff25d5a60ba552d0ca25f0f8080b8f3738163dccf7978e619fbc980fe09557b797006645ac10b245d53ec8f2b3236e3105c0a2d542fbb462d9332e4eacb7d5a654324ec0dde9fa104c5e691de9a0ab5e8c23791348885e8bb8e6429f1038bb09f7ab3f921e77cc7a9c314208890ce804c12947346fa8a2e10e56ffbebc8a0a9dda7da20aea345e4f48a1e30d3853d3930e2809ae2d2e7fdbe86d10b3d75f462c50e00b0969ca1a4f1fb3d179cf309b10c35a8a215139ecd1ce8c4ff41a2eae474011910aececb62f6cae9640a6f1ae537e2a568b9d30ec2f0a5049896d0e45e9960f94793fdbf4dc0c32b4a495177bd2303481d38aeb1efbe6c73a1f4ca445e783143717a558eb80acd5d3568f7d3ac37ec65bb4780a83f52237bbd44324205aa6b5b25f51c6250c8de78595186eea79a046e15121221e4238d87b31b0aabe5469595acece2b3ab158a16bf1551e13fadf8d5c896600d3a99efd757392a1e388decd66a600d97eb3f9b1cd75bdb0d674eec16d3d228d1900bd333f11d3609f5d952c93f394c8eea88f38b86e04666f9ba8e55eadfd41d3744ad6816f244eb83192779e9c72be8eaf43474bf5b1eeb93b38129c08a6e2ef20a6452781aff37554db0c43a0cb84be40eab45a39a4f4875992e4be3cab0098173fbc4f24c95a0f909ee4da37b054e5516bfa13f07e0614c974359d40420556343e76f514093b31a2bdf588c66ca03e80d49ea69cd783e360461c78b419c57be47601f52a3e278d0c39c18728bbd2e03fb0da56cfaf1bfc57e61ec9d94b1cbfa7acb4379b484ca16ab1cf0cfd265445126de7a99b7310606b29861b9b04bcd7e53e1a89d700ba981320b434672eb9d19ece8ff57d7e22d91c9e1b995d3e8e3a1e6f92c0ae0b14676e7454061a4ed4d3ef3e8526f3354291a41d3802d6ef482ac7dbbe876526da0cc4cdf6a63c96f8511fd3b4f36b10cfac44540c8be725d04a469585e75b2d6df7b0e677a5ba7f725c8c51e94eb18e98f7367e2240b2496e65cd97e97217c3af9162d735eea9710950e1b823c988779ced1eb8a89307662f30cdbe7badea50c53264aa7f3f060a5c5475e710f0c444a44bf4fd4816da0059720c0c2492c0ca86cb2371d72764a0d0f4e7930d429c1bec7b0c368f4d2459a702eb90fa63c3def50592677a9708b440f9cbda6159cdb3c41ed29f33a396e844502bd9a806f63fb9f7e47f609dc1f3ef3c83ba117019543a7d17d97c69ad72b2aef4d58a6338a29f7c80d1517beb24639bc805f427d91df58d08b456a6283c6d170bc7bab6d69df396fbfe7807d00129fa836947afdc833ad4ec512a800d3d6aa2f01d4827860df3588a11bab28cc0a48444f863fba40c04e1e57153b5c847997319bf91fa22122df58c631216d57b3816f5065058777e324b3a4836e3ecea447e9ab73a93edd62fcd8096574506c6f5de73150a715fd809006b774687e5e9fa7cfbbb0f919fb7baf8260040e9e25ebf995cc1675d37b552df5e072f14d36539e734a4e3310bf72b7d1af111c7fd793ef86de5a3ebe2c9f2be79c805bad90d0a743742cf766209e466dcc727f90f3727c524c98044de7923193e01f814b7866ed3b384b03cae40e246b7d961a4247f52f15fce2c5913549ff7639e9b2ac707e40b477d3d907026be5f3fd7c053cc7d827f84f371552ae7fe5fbf8119130b8cd80f399df31fb0971c4ef4a08692aec60e08718013c6a6a9e60ff6a6ab18f01afbc2f3d6b91106b97372563a786d039d1a88b19fe6842f64a4d213c465e8061da500f2b38db57f518bf61831ef727ae43c64524eaba5a3bd8374228c223e6ad7113c74f9fc669fccd0bae6e31c0107584686cee509c12037aef0764941f23350c38d3146347e21e746b5b694f6d986ddb51ba0586d6ca9a8e44935c284182e2da90bb7e9938d3ba7fc5769f8080bc536627f5c483393bb0655d86424de01fa68aa33d2495c400f6444468b15295db4877b5666c1c74c579bbcee7d462686fecc823e825932ef370959325fde35a4de0701afe5a9d60b44344590ff727a573c11cdad592cf96795e3dee2df201fdb07fac95bc94a0e0c73ea153428700a3304617502defbe34c69452566e14822963d53b6c3c8e7fe932efb477c27ace0a0aa70b426506b56bd2223fa9fd08bcc36ea301729693a626a38b926774843b1fdafe4862c819b7631b397150e85dd3faeff0f5b5535d7f5a172a3aeb62c3a98e548a0cb60465fdf2bd44d2d3b548960166e6b67b893819eabfc543280feec77e2c3cb5c50d3daeb5b42d87565df8d078bde230c1c21c25bf36645a767ceaf80edf4bfb35d3a6cd9d24b75ff7bd9a40dc05fba0206f439a794f56243a24ebb2afcc2ee6eb0fa49f2d2438218d6df8e0e23ff3cc5ef23254514b92ac8d2fb64990fb1e97c39f2b51f3914289b2158266c8a8e63d6f277d971d8e1b8fd1ce4d734d66276cd7de07a87bd4d5531cc0d89152eb35753d4d10a54f7a0083d89057d72e99e215ffe4006786eb9ed5b8654e800ac1e2cf03819c1c081a42083ba21e99ed7c2c33f51c65c59130255071b18ced560c4beecf7ad94611cda99a70cb431f630c9fbd24e2ceee9fb5be61604f0a4a79c8263287cff2ce40f8f781f4000b9716634136b596b21361dfd874b4bb1ee5ff1c7ff2faf9f7e808f19c64d98f101cb7262ef6080161e28fabf37ff8d4bebb187463a468142442dfa0af96676c51b9740102347344d29b8c87b3c17fa364494b0da78090e0868b69c7a28cc4e9863a73c50a8487dd9b7b380bbb58131cb036f5e451468d8812549da406901ff46362766f33997a93bd31a803c25ff89320d34e95dddcd343ea8c6de590944af13331014fb3595d52e04f98c00f93a9c673a2151f09fd144a71711bca2fe7e5af9cf3f3cbdebda4a6413295664820362da40c5a6d18c1f099bd468ccfd1789308c2201dac13ac1caf390e1ca6200008954d6c833847fbe9b362b8218f7a2623db1d045520d368979e856e906338918efcbccef5b964c3cd493ce8c6fd724ff938e63ec0fd64d2cb14a15af33272ed4d37531b0cb82be4595580bbf9a9d6ded2bc7e3d0f927119a8ce1226f01473734baff263105ac77dbdab5ebd4b51dadbc16e7ae27587b36c9dce9f4c3f874f08eabdba0ef86605cc56a3f34aa19c6621d50e14cf0641ef872a3455bf8944f3fe5dba354f78720f63f8be3e26810e2", 0x1000}, {&(0x7f0000000580)="445d0af7d7cc8ec77e317a0a6171df233e21570f51c025b9fa7418b2b6c8cc3500004ad33a6cd8c3fac75126e53d20d7816559ce9f94dd5124d6eb0a0e629fe8390e16271c9f0900832392b522", 0x4d}, {&(0x7f0000000600)="baa151b532140f92d4488881d39f890506c7c06754e37dffa1ae993b065329b626b17c637ffe6ea23ba9d78d27b64339d96aa3b21ed69d0331ece18ec5df3f176264c3b0cdc245da46ac3289cdce3b89046c6179c6540c728442071a80b472ddd06f80525d508e9ab9c532ff7a67773473718d661917d147fbec09d23c68f86e0446a0ee58abe5685a6983dcbfc18980ada7125176c1", 0x96}, {&(0x7f00000006c0)="672f6951c5f0683b92d3369f647ab5e77355028eb5b6abf63a9408aa682b8db49babe34cfa7bff92d90ee46fe1db962f34cdf5332dc07887e55ea8b89a3dff70adf5d46838f99838705f8fe7a3455ae843a19190e73d660ea9cc4d07363e18253f5628300debd2f56ef87405e9d448a84a01ebbf66dff8cacab64ceac8e93d96ced4887a0d3cf140", 0x88}], 0x6) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$VIDIOC_LOG_STATUS(r2, 0x5646, 0x0) ioctl$DRM_IOCTL_AGP_INFO(r2, 0x80386433, &(0x7f0000000380)=""/67) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) 04:54:02 executing program 4: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x420000, 0x0) ioctl$ASHMEM_GET_NAME(r1, 0x81007702, &(0x7f0000000100)=""/37) ioctl(0xffffffffffffffff, 0x1000008912, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x8001, 0x2c0402) accept4$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x2711}, 0x10, 0x80800) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) 04:54:02 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x0, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x74) 04:54:02 executing program 5: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x454d40, 0x0) r2 = syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x5) writev(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000140)="53000000c90dca800337f4080700000000000000090000000001a00000000000000000003bf4fa3337b5805bdf7e8bc121b3b8483ed8202ded99cc17a7a1bb1d056ec024b6af23b19284e83691f0b8a1fe7577d476039144", 0x58}], 0x2) ioctl$PPPIOCGFLAGS(r1, 0x8004745a, &(0x7f0000000080)) 04:54:02 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008000100000007e10500ac14341b080003000800e80f01"], 0x1}}, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r2, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 931.100834] device bridge_slave_1 left promiscuous mode [ 931.106492] bridge0: port 2(bridge_slave_1) entered disabled state [ 931.230544] device bridge_slave_0 left promiscuous mode [ 931.236092] bridge0: port 1(bridge_slave_0) entered disabled state [ 931.482681] device hsr_slave_1 left promiscuous mode [ 931.544683] device hsr_slave_0 left promiscuous mode [ 931.612022] team0 (unregistering): Port device team_slave_1 removed [ 931.654679] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 931.682345] team0 (unregistering): Port device team_slave_0 removed [ 931.708302] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 931.719574] CPU: 0 PID: 14221 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 931.726621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 931.726628] Call Trace: [ 931.726652] dump_stack+0x172/0x1f0 [ 931.726680] warn_alloc.cold+0x7b/0x173 [ 931.747055] ? zone_watermark_ok_safe+0x260/0x260 [ 931.752015] ? compaction_deferred+0x16a/0x3b0 [ 931.756654] ? try_to_compact_pages+0x44/0xae0 [ 931.761270] __alloc_pages_slowpath+0x220e/0x2870 [ 931.761306] ? warn_alloc+0x110/0x110 [ 931.761322] ? __lock_is_held+0xb6/0x140 [ 931.761343] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 931.761357] ? should_fail+0x14d/0x85c [ 931.761376] ? __isolate_free_page+0x4c0/0x4c0 [ 931.761394] ? __might_sleep+0x95/0x190 [ 931.761414] __alloc_pages_nodemask+0x617/0x750 [ 931.761435] ? __alloc_pages_slowpath+0x2870/0x2870 [ 931.761454] ? retint_kernel+0x2d/0x2d [ 931.761477] ? wait_for_completion+0x440/0x440 [ 931.779909] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 931.779934] alloc_pages_current+0x107/0x210 [ 931.779954] ion_page_pool_alloc+0x137/0x1d0 [ 931.779968] ion_system_heap_allocate+0x154/0xa90 [ 931.779989] ? ion_system_heap_free+0x250/0x250 [ 931.780013] ion_alloc+0x29b/0x900 [ 931.780037] ? ion_dma_buf_release+0x50/0x50 [ 931.780061] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 931.780077] ? _copy_from_user+0xdd/0x150 [ 931.780096] ion_ioctl+0x17b/0x329 [ 931.780110] ? ion_alloc.cold+0x28/0x28 [ 931.780127] ? __might_sleep+0x95/0x190 [ 931.780143] ? ion_alloc.cold+0x28/0x28 [ 931.780157] do_vfs_ioctl+0xd5f/0x1380 [ 931.780171] ? selinux_file_ioctl+0x46f/0x5e0 [ 931.780183] ? selinux_file_ioctl+0x125/0x5e0 [ 931.780199] ? ioctl_preallocate+0x210/0x210 [ 931.780213] ? selinux_file_mprotect+0x620/0x620 [ 931.780236] ? iterate_fd+0x360/0x360 [ 931.780252] ? nsecs_to_jiffies+0x30/0x30 [ 931.780275] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 931.780292] ? security_file_ioctl+0x8d/0xc0 [ 931.780309] ksys_ioctl+0xab/0xd0 [ 931.780327] __x64_sys_ioctl+0x73/0xb0 [ 931.780346] do_syscall_64+0xfd/0x620 [ 931.780365] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 931.780377] RIP: 0033:0x459829 [ 931.780392] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 931.780400] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 931.780414] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 931.780422] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 931.780431] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 931.780440] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 931.780449] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 931.873942] Mem-Info: 04:54:03 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x0, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x74) [ 932.065683] active_anon:71269 inactive_anon:202 isolated_anon:0 [ 932.065683] active_file:1055 inactive_file:5114 isolated_file:0 [ 932.065683] unevictable:0 dirty:155 writeback:0 unstable:0 [ 932.065683] slab_reclaimable:12486 slab_unreclaimable:105105 [ 932.065683] mapped:39654 shmem:245 pagetables:744 bounce:0 [ 932.065683] free:69994 free_pcp:1391 free_cma:0 [ 932.199623] Node 0 active_anon:284316kB inactive_anon:808kB active_file:3460kB inactive_file:16444kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:84840kB dirty:704kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 932.301395] Node 1 active_anon:860kB inactive_anon:0kB active_file:1860kB inactive_file:2424kB unevictable:0kB isolated(anon):0kB isolated(file):48kB mapped:73976kB dirty:16kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 932.377610] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 932.389456] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 932.426181] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 932.444406] CPU: 1 PID: 14224 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 932.451464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 932.451478] Call Trace: [ 932.463470] dump_stack+0x172/0x1f0 [ 932.467113] warn_alloc.cold+0x7b/0x173 [ 932.471101] ? zone_watermark_ok_safe+0x260/0x260 [ 932.471125] ? try_to_compact_pages+0x44/0xae0 [ 932.471158] __alloc_pages_slowpath+0x220e/0x2870 [ 932.471194] ? warn_alloc+0x110/0x110 [ 932.471215] ? __lock_is_held+0xb6/0x140 [ 932.480654] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 932.480671] ? should_fail+0x14d/0x85c [ 932.480693] ? __isolate_free_page+0x4c0/0x4c0 [ 932.480713] ? __might_sleep+0x95/0x190 [ 932.489367] __alloc_pages_nodemask+0x617/0x750 [ 932.489393] ? __alloc_pages_slowpath+0x2870/0x2870 [ 932.489419] ? wait_for_completion+0x440/0x440 [ 932.502900] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 932.502926] alloc_pages_current+0x107/0x210 [ 932.502954] ion_page_pool_alloc+0x137/0x1d0 [ 932.521207] ion_system_heap_allocate+0x154/0xa90 [ 932.521231] ? ion_system_heap_free+0x250/0x250 [ 932.521258] ion_alloc+0x29b/0x900 [ 932.521282] ? ion_dma_buf_release+0x50/0x50 [ 932.521307] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 932.521328] ? _copy_from_user+0xdd/0x150 [ 932.535853] ion_ioctl+0x17b/0x329 [ 932.535875] ? ion_alloc.cold+0x28/0x28 [ 932.535897] ? __might_sleep+0x95/0x190 [ 932.535916] ? ion_alloc.cold+0x28/0x28 [ 932.553571] do_vfs_ioctl+0xd5f/0x1380 [ 932.553591] ? selinux_file_ioctl+0x46f/0x5e0 [ 932.553605] ? selinux_file_ioctl+0x125/0x5e0 [ 932.553623] ? ioctl_preallocate+0x210/0x210 [ 932.564210] ? selinux_file_mprotect+0x620/0x620 [ 932.564236] ? iterate_fd+0x360/0x360 [ 932.564252] ? nsecs_to_jiffies+0x30/0x30 [ 932.564276] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 932.577111] ? security_file_ioctl+0x8d/0xc0 [ 932.577133] ksys_ioctl+0xab/0xd0 [ 932.577152] __x64_sys_ioctl+0x73/0xb0 [ 932.577171] do_syscall_64+0xfd/0x620 [ 932.577191] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 932.593607] RIP: 0033:0x459829 [ 932.593626] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 932.593635] RSP: 002b:00007f71a5b36c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 932.593653] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 932.593661] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 932.593675] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 932.610193] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b376d4 [ 932.610203] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 932.723783] FAT-fs (loop1): Directory bread(block 1281) failed [ 932.745963] FAT-fs (loop1): Directory bread(block 1282) failed [ 932.752393] Node 0 DMA free:10500kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:720kB inactive_file:92kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 932.789350] FAT-fs (loop1): Directory bread(block 1283) failed [ 932.805156] FAT-fs (loop1): Directory bread(block 1284) failed [ 932.826430] FAT-fs (loop1): Directory bread(block 1285) failed [ 932.834743] FAT-fs (loop1): Directory bread(block 1286) failed [ 932.846801] FAT-fs (loop1): Directory bread(block 1287) failed [ 932.854782] lowmem_reserve[]: 0 2555 2557 2557 [ 932.875390] FAT-fs (loop1): Directory bread(block 1288) failed [ 932.887425] Node 0 DMA32 free:296196kB min:36248kB low:45308kB high:54368kB active_anon:282232kB inactive_anon:832kB active_file:2960kB inactive_file:16048kB unevictable:0kB writepending:732kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6848kB pagetables:2688kB bounce:0kB free_pcp:2056kB local_pcp:604kB free_cma:0kB [ 932.904908] Mem-Info: [ 932.939616] FAT-fs (loop1): Directory bread(block 1289) failed [ 932.949631] active_anon:71189 inactive_anon:208 isolated_anon:0 [ 932.949631] active_file:1491 inactive_file:4478 isolated_file:0 [ 932.949631] unevictable:0 dirty:187 writeback:0 unstable:0 [ 932.949631] slab_reclaimable:12490 slab_unreclaimable:104778 [ 932.949631] mapped:39614 shmem:252 pagetables:781 bounce:0 [ 932.949631] free:138472 free_pcp:1080 free_cma:0 [ 932.999123] lowmem_reserve[]: 0 0 2 2 [ 933.006804] FAT-fs (loop1): Directory bread(block 1290) failed [ 933.015304] bond0 (unregistering): Releasing backup interface bond_slave_0 04:54:04 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x0, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x74) [ 933.027179] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 933.105290] Node 0 active_anon:284080kB inactive_anon:832kB active_file:3980kB inactive_file:16240kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:107440kB dirty:732kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 933.156495] lowmem_reserve[]: 0 0 0 0 [ 933.168402] Node 1 Normal free:272080kB min:53608kB low:67008kB high:80408kB active_anon:776kB inactive_anon:0kB active_file:2184kB inactive_file:1940kB unevictable:0kB writepending:16kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:436kB bounce:0kB free_pcp:2648kB local_pcp:1284kB free_cma:0kB [ 933.205788] lowmem_reserve[]: 0 0 0 0 [ 933.225436] Node 0 DMA: 24*4kB (UME) 20*8kB (UME) 6*16kB (UME) 22*32kB (UE) 18*64kB (UME) 7*128kB (UE) 3*256kB (UE) 1*512kB (E) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10528kB [ 933.226832] Node 1 active_anon:776kB inactive_anon:0kB active_file:2184kB inactive_file:1940kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:73716kB dirty:16kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 933.265032] Node 0 DMA32: 13721*4kB (UE) 12871*8kB (UME) 6145*16kB (UME) 1821*32kB (U) 58*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 318156kB [ 933.290750] Node 0 DMA free:10528kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:720kB inactive_file:92kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 933.330019] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 933.347454] Node 1 Normal: 25655*4kB (U) 8908*8kB (UE) 2919*16kB (UE) 2214*32kB (U) 128*64kB (U) 137*128kB (U) 27*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 324076kB [ 933.370602] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 933.386638] lowmem_reserve[]: 0 2555 2557 2557 [ 933.394268] Node 0 DMA32 free:331836kB min:36248kB low:45308kB high:54368kB active_anon:282232kB inactive_anon:832kB active_file:2960kB inactive_file:16048kB unevictable:0kB writepending:732kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6848kB pagetables:2688kB bounce:0kB free_pcp:1712kB local_pcp:376kB free_cma:0kB [ 933.430921] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 933.446214] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 933.457348] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 933.474833] lowmem_reserve[]: 0 0 2 2 [ 933.478921] 6385 total pagecache pages [ 933.491716] bond0 (unregistering): Released all slaves [ 933.509809] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 933.512095] 0 pages in swap cache [ 933.542264] lowmem_reserve[]: 0 0 0 0 [ 933.546266] Node 1 Normal free:353560kB min:53608kB low:67008kB high:80408kB active_anon:776kB inactive_anon:0kB active_file:2188kB inactive_file:1936kB unevictable:0kB writepending:16kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:436kB bounce:0kB free_pcp:2596kB local_pcp:1284kB free_cma:0kB [ 933.578801] Swap cache stats: add 0, delete 0, find 0/0 [ 933.582082] lowmem_reserve[]: 0 0 0 0 [ 933.584693] Free swap = 0kB [ 933.588339] Node 0 [ 933.596053] Total swap = 0kB [ 933.599316] 1965979 pages RAM 04:54:05 executing program 3: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x4040c0, 0x0) ioctl$TIOCMBIC(r2, 0x5417, &(0x7f00000000c0)=0xeefd) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) 04:54:05 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008000100000007e10500ac14341b080003000800e80f01"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 933.609272] IPVS: ftp: loaded support on port[0] = 21 [ 933.610007] DMA: [ 933.617449] 0 pages HighMem/MovableOnly [ 933.629304] 338856 pages reserved [ 933.643070] 24*4kB (UME) 20*8kB (UME) 6*16kB [ 933.647760] 0 pages cma reserved [ 933.679629] (UME) 22*32kB (UE) 18*64kB (UME) 7*128kB (UE) 3*256kB (UE) 1*512kB (E) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10528kB [ 933.707996] Node 0 DMA32: 18002*4kB (UE) 13209*8kB (UE) 6343*16kB (UME) 1851*32kB (UM) 77*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 343328kB [ 933.734376] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 933.765333] Node 1 Normal: 27938*4kB (U) 9218*8kB (UE) 3514*16kB (UE) 2451*32kB (U) 0*64kB 111*128kB (U) 27*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 341272kB [ 933.799442] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 933.815419] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 933.844316] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 933.889366] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 933.896336] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) 04:54:05 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x64) [ 933.929978] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 933.935436] CPU: 1 PID: 14256 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 933.942459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 933.951903] Call Trace: [ 933.954512] dump_stack+0x172/0x1f0 [ 933.958338] warn_alloc.cold+0x7b/0x173 [ 933.962343] ? zone_watermark_ok_safe+0x260/0x260 [ 933.967298] ? __lock_is_held+0xb6/0x140 [ 933.971408] __alloc_pages_slowpath+0x220e/0x2870 [ 933.976386] ? warn_alloc+0x110/0x110 [ 933.980307] ? __lock_is_held+0xb6/0x140 [ 933.984401] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 933.989957] ? should_fail+0x14d/0x85c [ 933.993912] ? __isolate_free_page+0x4c0/0x4c0 [ 933.998533] ? __might_sleep+0x95/0x190 [ 934.002539] __alloc_pages_nodemask+0x617/0x750 [ 934.007232] ? __alloc_pages_slowpath+0x2870/0x2870 [ 934.012273] ? wait_for_completion+0x440/0x440 [ 934.016869] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 934.022440] alloc_pages_current+0x107/0x210 [ 934.026871] ion_page_pool_alloc+0x137/0x1d0 [ 934.031294] ion_system_heap_allocate+0x154/0xa90 [ 934.036161] ? ion_system_heap_free+0x250/0x250 [ 934.040864] ion_alloc+0x29b/0x900 [ 934.044434] ? ion_dma_buf_release+0x50/0x50 [ 934.048874] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 934.054443] ? _copy_from_user+0xdd/0x150 [ 934.058626] ion_ioctl+0x17b/0x329 [ 934.062193] ? ion_alloc.cold+0x28/0x28 [ 934.066186] ? __might_sleep+0x95/0x190 [ 934.070186] ? ion_alloc.cold+0x28/0x28 [ 934.074177] do_vfs_ioctl+0xd5f/0x1380 [ 934.078083] ? selinux_file_ioctl+0x46f/0x5e0 [ 934.082597] ? selinux_file_ioctl+0x125/0x5e0 [ 934.087114] ? ioctl_preallocate+0x210/0x210 [ 934.091977] ? selinux_file_mprotect+0x620/0x620 [ 934.096757] ? iterate_fd+0x360/0x360 [ 934.100572] ? nsecs_to_jiffies+0x30/0x30 [ 934.104744] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 934.110302] ? security_file_ioctl+0x8d/0xc0 [ 934.114727] ksys_ioctl+0xab/0xd0 [ 934.118212] __x64_sys_ioctl+0x73/0xb0 [ 934.122206] do_syscall_64+0xfd/0x620 [ 934.126030] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 934.131232] RIP: 0033:0x459829 [ 934.134442] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 934.153394] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 934.161222] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 934.168512] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 934.175808] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 934.183181] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 934.190472] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 934.210257] 6459 total pagecache pages [ 934.229163] 0 pages in swap cache [ 934.255627] Swap cache stats: add 0, delete 0, find 0/0 [ 934.272024] Mem-Info: [ 934.274596] active_anon:71285 inactive_anon:208 isolated_anon:0 [ 934.274596] active_file:1642 inactive_file:4369 isolated_file:48 [ 934.274596] unevictable:0 dirty:288 writeback:0 unstable:0 [ 934.274596] slab_reclaimable:12491 slab_unreclaimable:105403 [ 934.274596] mapped:57119 shmem:252 pagetables:814 bounce:0 [ 934.274596] free:195153 free_pcp:896 free_cma:0 [ 934.329018] Free swap = 0kB [ 934.362111] Total swap = 0kB [ 934.403434] 1965979 pages RAM [ 934.426068] 0 pages HighMem/MovableOnly [ 934.447944] chnl_net:caif_netlink_parms(): no params data found [ 934.448784] 338856 pages reserved [ 934.458244] Node 0 active_anon:284380kB inactive_anon:828kB active_file:4492kB inactive_file:15772kB unevictable:0kB isolated(anon):0kB isolated(file):48kB mapped:154924kB dirty:48kB writeback:32kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 934.501735] 0 pages cma reserved [ 934.548697] Node 1 active_anon:752kB inactive_anon:0kB active_file:2220kB inactive_file:1852kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:73664kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 934.606925] bridge0: port 1(bridge_slave_0) entered blocking state [ 934.637608] bridge0: port 1(bridge_slave_0) entered disabled state [ 934.657064] Node 0 DMA free:10496kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:720kB inactive_file:92kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 934.693912] device bridge_slave_0 entered promiscuous mode [ 934.705769] bridge0: port 2(bridge_slave_1) entered blocking state [ 934.735681] bridge0: port 2(bridge_slave_1) entered disabled state [ 934.744961] device bridge_slave_1 entered promiscuous mode [ 934.763332] lowmem_reserve[]: 0 2555 2557 2557 [ 934.782831] Node 0 DMA32 free:465372kB min:36248kB low:45308kB high:54368kB active_anon:282340kB inactive_anon:800kB active_file:3848kB inactive_file:15752kB unevictable:0kB writepending:80kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:7008kB pagetables:3056kB bounce:0kB free_pcp:2324kB local_pcp:824kB free_cma:0kB [ 934.872660] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 934.921066] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 934.945699] lowmem_reserve[]: 0 0 2 2 [ 934.949733] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 934.991670] lowmem_reserve[]: 0 0 0 0 [ 934.995640] Node 1 Normal free:451284kB min:53608kB low:67008kB high:80408kB active_anon:752kB inactive_anon:0kB active_file:2220kB inactive_file:1852kB unevictable:0kB writepending:4kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:436kB bounce:0kB free_pcp:1268kB local_pcp:8kB free_cma:0kB [ 935.030499] lowmem_reserve[]: 0 0 0 0 [ 935.035657] Node 0 DMA: 24*4kB (UME) 20*8kB (UME) 8*16kB (UME) 22*32kB (UE) 17*64kB (UME) 7*128kB (UE) 3*256kB (UE) 1*512kB (E) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10496kB [ 935.065845] Node 0 DMA32: 35643*4kB (UME) 16408*8kB (UME) 7761*16kB (UME) 2270*32kB (UM) 254*64kB (UM) 9*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 488060kB [ 935.109586] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 935.123707] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 935.150211] team0: Port device team_slave_0 added [ 935.156210] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 935.156247] Node 1 [ 935.180601] team0: Port device team_slave_1 added [ 935.188510] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 935.188537] Normal: [ 935.210322] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 935.210363] 38916*4kB [ 935.245605] (UE) 12279*8kB (UE) 4808*16kB (UE) 3407*32kB (U) 321*64kB (U) 22*128kB (U) 3*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 463976kB [ 935.285772] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 935.307841] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 935.329712] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 935.338627] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 935.352570] device hsr_slave_0 entered promiscuous mode [ 935.369003] 6383 total pagecache pages [ 935.378190] 0 pages in swap cache [ 935.382105] Swap cache stats: add 0, delete 0, find 0/0 [ 935.387482] Free swap = 0kB [ 935.390916] Total swap = 0kB [ 935.400085] device hsr_slave_1 entered promiscuous mode [ 935.405879] 1965979 pages RAM [ 935.408995] 0 pages HighMem/MovableOnly [ 935.429555] 338856 pages reserved [ 935.433048] 0 pages cma reserved [ 935.440342] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 935.447446] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 935.502124] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 935.535219] IPVS: ftp: loaded support on port[0] = 21 [ 935.618502] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 935.639535] 8021q: adding VLAN 0 to HW filter on device bond0 [ 935.647776] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 935.681294] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 935.722758] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 935.730068] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 935.739060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 935.766288] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 935.773641] 8021q: adding VLAN 0 to HW filter on device team0 [ 935.804223] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 935.819772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 935.829321] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 935.850338] bridge0: port 1(bridge_slave_0) entered blocking state [ 935.856839] bridge0: port 1(bridge_slave_0) entered forwarding state [ 935.886797] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 935.943143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 935.960479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 935.979769] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 935.987604] bridge0: port 2(bridge_slave_1) entered blocking state [ 935.994086] bridge0: port 2(bridge_slave_1) entered forwarding state [ 936.025014] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 936.065819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 936.084923] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 936.109110] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 936.130173] chnl_net:caif_netlink_parms(): no params data found [ 936.183182] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 936.199181] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 936.213146] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 936.253900] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 936.271032] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 936.282994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 936.300615] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 936.358277] bridge0: port 1(bridge_slave_0) entered blocking state [ 936.364862] bridge0: port 1(bridge_slave_0) entered disabled state [ 936.380259] device bridge_slave_0 entered promiscuous mode [ 936.413003] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 936.426608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 936.439287] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 936.458678] bridge0: port 2(bridge_slave_1) entered blocking state [ 936.467748] bridge0: port 2(bridge_slave_1) entered disabled state [ 936.483361] device bridge_slave_1 entered promiscuous mode [ 936.499155] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 936.512094] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 936.521473] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 936.539056] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 936.559687] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 936.585484] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 936.612861] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 936.622636] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 936.638034] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 936.695597] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 936.751234] team0: Port device team_slave_0 added [ 936.774865] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 936.808177] team0: Port device team_slave_1 added 04:54:08 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x138, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x0) 04:54:08 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc42000000000080000000000800000000080008000100000007e10500ac14341b080000000000000004"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x1, 0x2) getsockopt$IP_VS_SO_GET_VERSION(r2, 0x0, 0x480, &(0x7f00000000c0), &(0x7f0000000180)=0x40) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) 04:54:08 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x64) [ 936.828472] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 936.868345] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 937.002182] FAT-fs (loop1): Directory bread(block 1281) failed [ 937.012434] FAT-fs (loop1): Directory bread(block 1282) failed [ 937.034135] FAT-fs (loop1): Directory bread(block 1283) failed [ 937.052418] FAT-fs (loop1): Directory bread(block 1284) failed [ 937.068300] FAT-fs (loop1): Directory bread(block 1285) failed [ 937.090212] device hsr_slave_0 entered promiscuous mode [ 937.091856] FAT-fs (loop1): Directory bread(block 1286) failed [ 937.132333] FAT-fs (loop1): Directory bread(block 1287) failed [ 937.140477] device hsr_slave_1 entered promiscuous mode [ 937.155098] FAT-fs (loop1): Directory bread(block 1288) failed [ 937.178414] FAT-fs (loop1): Directory bread(block 1289) failed [ 937.186497] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 937.202621] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 937.210440] FAT-fs (loop1): Directory bread(block 1290) failed [ 937.282818] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 937.431236] 8021q: adding VLAN 0 to HW filter on device bond0 [ 937.468304] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 937.489666] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 937.514788] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 937.540772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 937.563224] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 937.569429] 8021q: adding VLAN 0 to HW filter on device team0 [ 937.593785] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 937.630384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 937.638421] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 937.668137] bridge0: port 1(bridge_slave_0) entered blocking state [ 937.674592] bridge0: port 1(bridge_slave_0) entered forwarding state [ 937.702398] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 937.725055] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 937.740174] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 937.748224] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 937.799987] bridge0: port 2(bridge_slave_1) entered blocking state [ 937.806398] bridge0: port 2(bridge_slave_1) entered forwarding state [ 937.832765] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 937.852725] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 937.873068] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 937.899164] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 937.911188] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 937.931210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 937.939261] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 937.962458] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 938.029412] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 938.051096] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 938.059034] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 938.101216] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 938.120026] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 938.127971] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 938.171480] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 938.193012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 938.250672] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 938.261340] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 938.267411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 938.404891] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 938.422254] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 938.810629] device bridge_slave_1 left promiscuous mode [ 938.816239] bridge0: port 2(bridge_slave_1) entered disabled state [ 938.879949] device bridge_slave_0 left promiscuous mode [ 938.885941] bridge0: port 1(bridge_slave_0) entered disabled state [ 939.864137] device hsr_slave_1 left promiscuous mode [ 939.913648] device hsr_slave_0 left promiscuous mode [ 939.984709] team0 (unregistering): Port device team_slave_1 removed [ 940.018471] team0 (unregistering): Port device team_slave_0 removed [ 940.061348] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 940.105975] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 940.299217] bond0 (unregistering): Released all slaves [ 941.430023] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 941.503122] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 941.529628] CPU: 1 PID: 14307 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 941.536706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 941.546079] Call Trace: [ 941.548698] dump_stack+0x172/0x1f0 [ 941.552359] warn_alloc.cold+0x7b/0x173 [ 941.556362] ? zone_watermark_ok_safe+0x260/0x260 [ 941.561234] ? try_to_compact_pages+0x44/0xae0 [ 941.567027] __alloc_pages_slowpath+0x220e/0x2870 [ 941.573320] ? warn_alloc+0x110/0x110 [ 941.577237] ? __lock_is_held+0xb6/0x140 [ 941.581320] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 941.586873] ? should_fail+0x14d/0x85c [ 941.590788] ? __isolate_free_page+0x4c0/0x4c0 [ 941.595405] ? __might_sleep+0x95/0x190 [ 941.599415] __alloc_pages_nodemask+0x617/0x750 [ 941.604210] ? __alloc_pages_slowpath+0x2870/0x2870 [ 941.609253] ? get_task_policy.part.0+0x1f/0xb0 [ 941.614383] ? wait_for_completion+0x440/0x440 [ 941.618992] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 941.625085] alloc_pages_current+0x107/0x210 [ 941.630673] ion_page_pool_alloc+0x137/0x1d0 [ 941.635281] ion_system_heap_allocate+0x154/0xa90 [ 941.640149] ? ion_system_heap_free+0x250/0x250 [ 941.644855] ion_alloc+0x29b/0x900 [ 941.648422] ? ion_dma_buf_release+0x50/0x50 [ 941.652855] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 941.658417] ? _copy_from_user+0xdd/0x150 [ 941.662590] ion_ioctl+0x17b/0x329 [ 941.666142] ? ion_alloc.cold+0x28/0x28 [ 941.670138] ? __might_sleep+0x95/0x190 [ 941.674145] ? ion_alloc.cold+0x28/0x28 [ 941.678158] do_vfs_ioctl+0xd5f/0x1380 [ 941.682063] ? selinux_file_ioctl+0x46f/0x5e0 [ 941.686571] ? selinux_file_ioctl+0x125/0x5e0 [ 941.691091] ? ioctl_preallocate+0x210/0x210 [ 941.695516] ? selinux_file_mprotect+0x620/0x620 [ 941.700297] ? iterate_fd+0x360/0x360 [ 941.704144] ? nsecs_to_jiffies+0x30/0x30 [ 941.708318] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 941.713884] ? security_file_ioctl+0x8d/0xc0 [ 941.718322] ksys_ioctl+0xab/0xd0 [ 941.721800] __x64_sys_ioctl+0x73/0xb0 [ 941.725708] do_syscall_64+0xfd/0x620 [ 941.729715] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 941.736426] RIP: 0033:0x459829 [ 941.739737] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 941.758663] RSP: 002b:00007fa015674c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 941.766394] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 941.773766] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 941.781049] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 941.788351] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156756d4 [ 941.795644] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 941.850192] Mem-Info: [ 941.852732] active_anon:71311 inactive_anon:208 isolated_anon:0 [ 941.852732] active_file:49 inactive_file:145 isolated_file:28 [ 941.852732] unevictable:0 dirty:6 writeback:0 unstable:0 [ 941.852732] slab_reclaimable:12480 slab_unreclaimable:106376 [ 941.852732] mapped:52300 shmem:252 pagetables:849 bounce:0 [ 941.852732] free:24865 free_pcp:353 free_cma:0 [ 941.886607] Node 0 active_anon:284264kB inactive_anon:788kB active_file:16kB inactive_file:120kB unevictable:0kB isolated(anon):0kB isolated(file):108kB mapped:139412kB dirty:24kB writeback:0kB shmem:960kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 941.920553] Node 1 active_anon:980kB inactive_anon:44kB active_file:180kB inactive_file:460kB unevictable:0kB isolated(anon):0kB isolated(file):4kB mapped:69788kB dirty:0kB writeback:0kB shmem:48kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 941.959608] Node 0 DMA free:10440kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 942.013172] lowmem_reserve[]: 0 2555 2557 2557 [ 942.017839] Node 0 DMA32 free:36144kB min:36248kB low:45308kB high:54368kB active_anon:282216kB inactive_anon:788kB active_file:252kB inactive_file:668kB unevictable:0kB writepending:24kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2852kB bounce:0kB free_pcp:20kB local_pcp:20kB free_cma:0kB [ 942.047889] lowmem_reserve[]: 0 0 2 2 [ 942.051863] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 942.116377] lowmem_reserve[]: 0 0 0 0 [ 942.120381] Node 1 Normal free:53232kB min:53608kB low:67008kB high:80408kB active_anon:980kB inactive_anon:44kB active_file:180kB inactive_file:460kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:448kB pagetables:544kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 942.148833] lowmem_reserve[]: 0 0 0 0 [ 942.152745] Node 0 DMA: 0*4kB 1*8kB (E) 2*16kB (UE) 1*32kB (E) 14*64kB (UE) 8*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10440kB [ 942.167532] Node 0 DMA32: 705*4kB (ME) 647*8kB (UME) 113*16kB (ME) 36*32kB (M) 32*64kB (MEH) 26*128kB (UMH) 78*256kB (UMH) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 36812kB [ 942.183239] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 942.194531] Node 1 Normal: 30*4kB (UME) 17*8kB (UME) 13*16kB (UME) 10*32kB (UM) 7*64kB (ME) 3*128kB (M) 3*256kB (UM) 101*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 54096kB [ 942.242652] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 942.268347] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 942.384767] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 942.440531] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 942.493079] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 942.514475] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 942.519313] CPU: 0 PID: 7951 Comm: syz-fuzzer Not tainted 4.19.63 #37 [ 942.526012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 942.535381] Call Trace: [ 942.537995] dump_stack+0x172/0x1f0 [ 942.541823] dump_header+0x15e/0xa55 [ 942.545557] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 942.550672] ? ___ratelimit+0x60/0x595 [ 942.554580] ? do_raw_spin_unlock+0x57/0x270 [ 942.559131] oom_kill_process.cold+0x10/0x6ef [ 942.563638] ? lock_downgrade+0x810/0x810 [ 942.567804] ? kasan_check_read+0x11/0x20 [ 942.571970] out_of_memory+0x936/0x12d0 [ 942.575967] ? oom_killer_disable+0x280/0x280 [ 942.580490] ? mutex_trylock+0x18e/0x1e0 [ 942.584572] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 942.589540] __alloc_pages_slowpath+0x20af/0x2870 [ 942.594420] ? warn_alloc+0x110/0x110 [ 942.598245] ? __lock_is_held+0xb6/0x140 [ 942.602328] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 942.607887] ? should_fail+0x14d/0x85c [ 942.611900] ? __might_sleep+0x95/0x190 [ 942.615923] __alloc_pages_nodemask+0x617/0x750 [ 942.620606] ? kasan_check_read+0x11/0x20 [ 942.624775] ? __alloc_pages_slowpath+0x2870/0x2870 [ 942.630451] ? find_get_entry+0x3e8/0x820 [ 942.634627] ? filemap_map_pages+0x1130/0x1130 [ 942.639222] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 942.644783] alloc_pages_current+0x107/0x210 [ 942.649210] __page_cache_alloc+0x2bd/0x450 [ 942.653543] ? kasan_check_read+0x11/0x20 [ 942.657709] filemap_fault+0x10bb/0x2250 [ 942.661886] ? lock_downgrade+0x810/0x810 [ 942.666070] ? __lock_page_or_retry+0xdc0/0xdc0 [ 942.670757] ? lock_acquire+0x16f/0x3f0 [ 942.674753] ? ext4_filemap_fault+0x7b/0xaf [ 942.679195] ext4_filemap_fault+0x83/0xaf [ 942.683384] __do_fault+0x111/0x480 [ 942.687030] __handle_mm_fault+0x2d78/0x3f80 [ 942.691453] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 942.696330] ? count_memcg_event_mm+0x2b1/0x4d0 [ 942.701018] handle_mm_fault+0x1b5/0x690 [ 942.705093] __do_page_fault+0x62a/0xe90 [ 942.709181] ? vmalloc_fault+0x740/0x740 [ 942.713254] ? trace_hardirqs_off_caller+0x65/0x220 [ 942.718285] ? trace_hardirqs_on_caller+0x6a/0x220 [ 942.723224] ? page_fault+0x8/0x30 [ 942.726781] do_page_fault+0x71/0x57d [ 942.730596] ? page_fault+0x8/0x30 [ 942.734156] page_fault+0x1e/0x30 [ 942.737610] RIP: 0033:0x40f170 [ 942.740820] Code: Bad RIP value. [ 942.744192] RSP: 002b:000000c420039ef8 EFLAGS: 00010216 [ 942.749563] RAX: ffffffffffffff92 RBX: 000000003b9884ee RCX: 000000000045b153 [ 942.756927] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000017be660 [ 942.764203] RBP: 000000c420039ef0 R08: 0000000000000000 R09: 0000000000000000 [ 942.771482] R10: 000000c420039ed8 R11: 0000000000000206 R12: 000000e75842052d [ 942.778754] R13: 0000000000000001 R14: 00007fdb28dcb6c8 R15: 0000000000000080 [ 942.805571] 305 total pagecache pages [ 942.809429] 0 pages in swap cache [ 942.816133] Swap cache stats: add 0, delete 0, find 0/0 [ 942.842767] Free swap = 0kB [ 942.845835] Total swap = 0kB [ 942.848862] 1965979 pages RAM [ 942.859793] 0 pages HighMem/MovableOnly [ 942.863794] 338856 pages reserved [ 942.867245] 0 pages cma reserved [ 942.879730] Mem-Info: [ 942.882217] active_anon:71311 inactive_anon:208 isolated_anon:0 [ 942.882217] active_file:9 inactive_file:5 isolated_file:1 [ 942.882217] unevictable:0 dirty:0 writeback:0 unstable:0 [ 942.882217] slab_reclaimable:12430 slab_unreclaimable:105776 [ 942.882217] mapped:52226 shmem:252 pagetables:849 bounce:0 [ 942.882217] free:25258 free_pcp:196 free_cma:0 [ 942.925994] Node 0 active_anon:284264kB inactive_anon:788kB active_file:12kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):4kB mapped:139272kB dirty:0kB writeback:0kB shmem:960kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 942.954387] Node 1 active_anon:980kB inactive_anon:44kB active_file:24kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:0kB writeback:0kB shmem:48kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 942.985379] Node 0 DMA free:10440kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 943.024033] lowmem_reserve[]: 0 2555 2557 2557 [ 943.028695] Node 0 DMA32 free:35808kB min:36248kB low:45308kB high:54368kB active_anon:282216kB inactive_anon:788kB active_file:396kB inactive_file:584kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2852kB bounce:0kB free_pcp:432kB local_pcp:260kB free_cma:0kB [ 943.057874] lowmem_reserve[]: 0 0 2 2 [ 943.061844] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 943.087966] lowmem_reserve[]: 0 0 0 0 [ 943.091868] Node 1 Normal free:53204kB min:53608kB low:67008kB high:80408kB active_anon:980kB inactive_anon:44kB active_file:24kB inactive_file:24kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:448kB pagetables:544kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 943.120113] lowmem_reserve[]: 0 0 0 0 [ 943.124028] Node 0 DMA: 0*4kB 1*8kB (E) 2*16kB (UE) 1*32kB (E) 14*64kB (UE) 8*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10440kB [ 943.138842] Node 0 DMA32: 559*4kB (UME) 723*8kB (UME) 115*16kB (UME) 35*32kB (UM) 36*64kB (UMEH) 18*128kB (UMH) 79*256kB (UMH) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 36324kB [ 943.155739] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 943.170009] Node 1 Normal: 19*4kB (ME) 11*8kB (ME) 7*16kB (UME) 4*32kB (UM) 7*64kB (ME) 3*128kB (UM) 3*256kB (UM) 100*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 53204kB [ 943.185498] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 943.194390] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 943.203200] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 943.212145] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 943.221059] 322 total pagecache pages [ 943.224893] 0 pages in swap cache [ 943.228358] Swap cache stats: add 0, delete 0, find 0/0 [ 943.233890] Free swap = 0kB [ 943.236915] Total swap = 0kB [ 943.239992] 1965979 pages RAM [ 943.243188] 0 pages HighMem/MovableOnly [ 943.247263] 338856 pages reserved [ 943.250811] 0 pages cma reserved [ 943.254182] Unreclaimable slab info: [ 943.258000] Name Used Total [ 943.263621] pid_2 31KB 160KB [ 943.269154] batadv_tt_change_cache 13KB 15KB [ 943.275983] batadv_tl_cache 16KB 20KB [ 943.295913] TIPC 27KB 50KB [ 943.319892] SCTPv6 35KB 61KB [ 943.325395] DCCPv6 19KB 43KB [ 943.336142] DCCP 18KB 41KB [ 943.341738] bridge_fdb_cache 23KB 35KB [ 943.347108] fib6_nodes 243KB 256KB [ 943.352621] ip6_dst_cache 1016KB 1016KB [ 943.358018] RAWv6 157KB 169KB [ 943.363552] UDPv6 3KB 3KB [ 943.368929] TCPv6 23KB 35KB [ 943.374443] nf_conntrack 0KB 3KB [ 943.380008] sd_ext_cdb 0KB 7KB [ 943.385385] scsi_sense_cache 1056KB 1060KB [ 943.391259] virtio_scsi_cmd 16KB 16KB [ 943.396676] sgpool-128 8KB 8KB [ 943.402172] sgpool-64 4KB 12KB [ 943.407556] sgpool-32 2KB 15KB [ 943.416612] sgpool-16 1KB 7KB [ 943.423135] sgpool-8 0KB 7KB [ 943.428534] mqueue_inode_cache 21KB 43KB [ 943.434620] bio_post_read_ctx 14KB 15KB [ 943.443905] bio-2 14KB 15KB [ 943.449304] jfs_mp 7KB 7KB [ 943.454958] nfs_commit_data 3KB 14KB [ 943.460497] nfs_write_data 34KB 44KB [ 943.466009] ext4_system_zone 1KB 7KB [ 943.471493] bio-1 1KB 7KB [ 943.476871] pid_namespace 4KB 7KB [ 943.482382] rpc_buffers 17KB 25KB [ 943.487937] rpc_tasks 2KB 7KB [ 943.498564] UNIX 1578KB 1580KB [ 943.504095] tcp_bind_bucket 2KB 12KB [ 943.518139] xfrm_state 2KB 8KB [ 943.523591] ip_fib_trie 35KB 39KB [ 943.528967] ip_fib_alias 168KB 177KB [ 943.547889] ip_dst_cache 5KB 20KB [ 943.554898] RAW 92KB 122KB [ 943.594088] UDP 32KB 58KB [ 943.625664] TCP 8KB 16KB [ 943.664101] hugetlbfs_inode_cache 2KB 15KB [ 943.699554] fscache_cookie_jar 1KB 11KB [ 943.705074] eventpoll_pwq 20KB 35KB [ 943.741388] eventpoll_epi 37KB 66KB [ 943.746850] inotify_inode_mark 33KB 63KB [ 943.765665] request_queue 163KB 163KB [ 943.796056] blkdev_requests 1KB 3KB [ 943.805110] blkdev_ioc 39KB 54KB [ 943.829253] bio-0 1763KB 1927KB [ 943.838838] biovec-max 3374KB 3374KB [ 943.861468] biovec-64 1714KB 2008KB [ 943.866909] biovec-16 221KB 367KB [ 943.886608] bio_integrity_payload 1KB 8KB [ 943.910462] khugepaged_mm_slot 5KB 19KB [ 943.915974] dmaengine-unmap-256 2KB 6KB [ 943.935592] dmaengine-unmap-128 1KB 3KB [ 943.941678] dmaengine-unmap-16 0KB 4KB [ 943.947154] dmaengine-unmap-2 0KB 3KB [ 943.970860] skbuff_fclone_cache 99KB 183KB [ 943.976436] skbuff_head_cache 8012KB 8013KB [ 944.000782] configfs_dir_cache 0KB 8KB [ 944.006295] file_lock_cache 0KB 3KB [ 944.027335] file_lock_ctx 0KB 3KB [ 944.050783] fsnotify_mark_connector 19KB 39KB [ 944.056724] net_namespace 130KB 130KB [ 944.064873] shmem_inode_cache 5104KB 5433KB [ 944.094938] task_delay_info 66KB 233KB [ 944.106917] taskstats 29KB 80KB [ 944.117451] proc_dir_entry 1128KB 1147KB [ 944.136923] pde_opener 2KB 3KB [ 944.144391] seq_file 172KB 307KB [ 944.157177] sigqueue 44KB 86KB [ 944.177459] kernfs_node_cache 13649KB 13848KB [ 944.183127] mnt_cache 186KB 208KB [ 944.188513] filp 2703KB 4173KB [ 944.212370] names_cache 41569KB 41628KB [ 944.217771] iint_cache 41KB 63KB [ 944.238490] hashtab_node 118KB 119KB [ 944.243992] ebitmap_node 1135KB 1137KB [ 944.249382] avtab_node 1012KB 1013KB [ 944.274681] avc_node 49KB 55KB [ 944.280197] selinux_file_security 166KB 329KB [ 944.285929] selinux_inode_security 3218KB 3488KB [ 944.316053] key_jar 4KB 11KB [ 944.321547] uts_namespace 6KB 15KB [ 944.326926] nsproxy 6KB 11KB [ 944.346149] vm_area_struct 2847KB 5564KB [ 944.367862] mm_struct 435KB 747KB [ 944.378196] fs_cache 42KB 96KB [ 944.400030] files_cache 159KB 247KB [ 944.405456] signal_cache 514KB 797KB [ 944.423701] sighand_cache 508KB 534KB [ 944.429113] task_struct 2227KB 2264KB [ 944.453711] cred_jar 283KB 608KB [ 944.459130] anon_vma_chain 1624KB 3468KB [ 944.476029] anon_vma 186KB 573KB [ 944.488693] pid 54KB 200KB [ 944.507387] Acpi-Operand 156KB 190KB [ 944.512928] Acpi-ParseExt 8KB 11KB [ 944.518313] Acpi-Parse 41KB 47KB [ 944.542140] Acpi-State 52KB 63KB [ 944.547826] Acpi-Namespace 20KB 23KB [ 944.568242] numa_policy 0KB 3KB [ 944.590811] debug_objects_cache 1245KB 1285KB [ 944.596420] trace_event_file 263KB 266KB [ 944.605620] ftrace_event_field 382KB 385KB [ 944.630780] pool_workqueue 114KB 132KB [ 944.636231] task_group 5KB 7KB [ 944.655782] page->ptl 606KB 1612KB [ 944.679546] kmalloc-2097152 2050KB 2050KB [ 944.685002] kmalloc-524288 2056KB 2056KB [ 944.707617] kmalloc-262144 1290KB 1290KB [ 944.719417] kmalloc-131072 650KB 650KB [ 944.724905] kmalloc-65536 38082KB 38874KB [ 944.754599] kmalloc-32768 3003KB 3201KB [ 944.760214] kmalloc-16384 924KB 1006KB [ 944.765700] kmalloc-8192 4488KB 4578KB [ 944.792492] kmalloc-4096 39699KB 39737KB [ 944.797921] kmalloc-2048 20257KB 20278KB [ 944.813533] kmalloc-1024 16619KB 16742KB [ 944.818975] kmalloc-512 13413KB 13428KB [ 944.849206] kmalloc-256 5455KB 5580KB [ 944.915506] kmalloc-128 1579KB 1582KB [ 944.921002] kmalloc-96 2382KB 2568KB [ 944.926397] kmalloc-64 3414KB 3500KB [ 944.979395] kmalloc-32 3379KB 3724KB [ 944.984906] kmalloc-192 3192KB 3364KB [ 945.020862] kmem_cache 248KB 255KB [ 945.026303] Out of memory: Kill process 14255 (syz-executor.3) score 1005 or sacrifice child [ 945.075174] Killed process 14256 (syz-executor.3) total-vm:73240kB, anon-rss:188kB, file-rss:34816kB, shmem-rss:0kB [ 945.099728] oom_reaper: reaped process 14256 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 945.158495] oom_reaper: reaped process 14224 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 945.235589] rsyslogd invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 945.268028] rsyslogd cpuset=/ mems_allowed=0-1 [ 945.291306] CPU: 1 PID: 7801 Comm: rsyslogd Not tainted 4.19.63 #37 [ 945.297804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 945.307174] Call Trace: [ 945.309782] dump_stack+0x172/0x1f0 [ 945.313784] dump_header+0x15e/0xa55 [ 945.317526] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 945.322650] ? ___ratelimit+0x60/0x595 [ 945.326555] ? do_raw_spin_unlock+0x57/0x270 [ 945.330990] oom_kill_process.cold+0x10/0x6ef [ 945.335513] ? lock_downgrade+0x810/0x810 [ 945.339668] ? kasan_check_read+0x11/0x20 [ 945.343812] out_of_memory+0x936/0x12d0 [ 945.347793] ? oom_killer_disable+0x280/0x280 [ 945.352313] ? mutex_trylock+0x18e/0x1e0 [ 945.356597] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 945.361555] __alloc_pages_slowpath+0x20af/0x2870 [ 945.366405] ? warn_alloc+0x110/0x110 [ 945.370215] ? __lock_is_held+0xb6/0x140 [ 945.374272] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 945.379799] ? should_fail+0x14d/0x85c [ 945.383695] ? __might_sleep+0x95/0x190 [ 945.387662] __alloc_pages_nodemask+0x617/0x750 [ 945.392330] ? kasan_check_read+0x11/0x20 [ 945.396481] ? __alloc_pages_slowpath+0x2870/0x2870 [ 945.401590] ? find_get_entry+0x3e8/0x820 [ 945.405739] ? filemap_map_pages+0x1130/0x1130 [ 945.410333] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 945.415882] alloc_pages_current+0x107/0x210 [ 945.420287] __page_cache_alloc+0x2bd/0x450 [ 945.424598] ? kasan_check_read+0x11/0x20 [ 945.428739] filemap_fault+0x10bb/0x2250 [ 945.432790] ? lock_downgrade+0x810/0x810 [ 945.436955] ? __lock_page_or_retry+0xdc0/0xdc0 [ 945.441619] ? lock_acquire+0x16f/0x3f0 [ 945.445585] ? ext4_filemap_fault+0x7b/0xaf [ 945.449902] ext4_filemap_fault+0x83/0xaf [ 945.454042] __do_fault+0x111/0x480 [ 945.457662] __handle_mm_fault+0x2d78/0x3f80 [ 945.462064] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 945.466912] ? count_memcg_event_mm+0x2b1/0x4d0 [ 945.471570] handle_mm_fault+0x1b5/0x690 [ 945.475621] __do_page_fault+0x62a/0xe90 [ 945.479686] ? ksys_read+0x1f1/0x2d0 [ 945.483403] ? vmalloc_fault+0x740/0x740 [ 945.487454] ? trace_hardirqs_off_caller+0x65/0x220 [ 945.492566] ? trace_hardirqs_on_caller+0x6a/0x220 [ 945.497509] ? page_fault+0x8/0x30 [ 945.501050] do_page_fault+0x71/0x57d [ 945.504843] ? page_fault+0x8/0x30 [ 945.508466] page_fault+0x1e/0x30 [ 945.511909] RIP: 0033:0x7f334c672d50 [ 945.515616] Code: Bad RIP value. [ 945.518969] RSP: 002b:00007f334a339c38 EFLAGS: 00010246 [ 945.524320] RAX: 0000000000b92140 RBX: 00007f334a339cd0 RCX: 0000000000000001 [ 945.531604] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000b92150 [ 945.538869] RBP: 00007f334a339cdc R08: 0000000000000000 R09: 0000000000000001 [ 945.546193] R10: 00007f334a339d00 R11: 0000000000029070 R12: 00007f334c97a540 [ 945.553457] R13: 0000000000b92150 R14: 0000000000000000 R15: 0000000000000000 [ 945.563102] Mem-Info: [ 945.565573] active_anon:71249 inactive_anon:208 isolated_anon:0 [ 945.565573] active_file:17 inactive_file:13 isolated_file:0 [ 945.565573] unevictable:0 dirty:0 writeback:0 unstable:0 [ 945.565573] slab_reclaimable:12418 slab_unreclaimable:105763 [ 945.565573] mapped:52226 shmem:252 pagetables:849 bounce:0 [ 945.565573] free:13773 free_pcp:278 free_cma:0 [ 945.579548] syz-executor.3: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 945.598800] Node 0 active_anon:284016kB inactive_anon:788kB active_file:28kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:139272kB dirty:0kB writeback:0kB shmem:960kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 945.639550] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 945.642028] Node 1 active_anon:980kB inactive_anon:44kB active_file:24kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:0kB writeback:0kB shmem:48kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 945.679949] Node 0 DMA free:10340kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 945.709511] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 945.714947] CPU: 1 PID: 14221 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 945.721976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 945.731344] Call Trace: [ 945.731705] lowmem_reserve[]: 0 [ 945.733983] dump_stack+0x172/0x1f0 [ 945.734004] warn_alloc.cold+0x7b/0x173 [ 945.738058] 2555 2557 [ 945.741737] ? zone_watermark_ok_safe+0x260/0x260 [ 945.741775] __alloc_pages_slowpath+0x220e/0x2870 [ 945.741810] ? warn_alloc+0x110/0x110 [ 945.745781] 2557 [ 945.748282] ? __lock_is_held+0xb6/0x140 [ 945.748304] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 945.758297] ? should_fail+0x14d/0x85c [ 945.762127] Node 0 [ 945.764152] ? __might_sleep+0x95/0x190 [ 945.768215] DMA32 free:18008kB min:36248kB low:45308kB high:54368kB active_anon:281936kB inactive_anon:788kB active_file:44kB inactive_file:36kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2852kB bounce:0kB free_pcp:652kB local_pcp:296kB free_cma:0kB [ 945.773737] __alloc_pages_nodemask+0x617/0x750 [ 945.773760] ? __alloc_pages_slowpath+0x2870/0x2870 [ 945.773786] ? wait_for_completion+0x440/0x440 [ 945.777745] lowmem_reserve[]: [ 945.779994] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 945.780013] alloc_pages_current+0x107/0x210 [ 945.780033] ion_page_pool_alloc+0x137/0x1d0 [ 945.780050] ion_system_heap_allocate+0x154/0xa90 [ 945.784109] 0 [ 945.812332] ? ion_system_heap_free+0x250/0x250 [ 945.812363] ion_alloc+0x29b/0x900 [ 945.812385] ? ion_dma_buf_release+0x50/0x50 [ 945.818016] 0 [ 945.823057] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 945.823073] ? _copy_from_user+0xdd/0x150 [ 945.823094] ion_ioctl+0x17b/0x329 [ 945.823114] ? ion_alloc.cold+0x28/0x28 [ 945.827686] 2 [ 945.830801] ? __might_sleep+0x95/0x190 [ 945.830823] ? ion_alloc.cold+0x28/0x28 [ 945.830847] do_vfs_ioctl+0xd5f/0x1380 [ 945.830866] ? selinux_file_ioctl+0x46f/0x5e0 [ 945.836506] 2 [ 945.840917] ? selinux_file_ioctl+0x125/0x5e0 [ 945.840933] ? ioctl_preallocate+0x210/0x210 [ 945.840946] ? selinux_file_mprotect+0x620/0x620 [ 945.840971] ? iterate_fd+0x360/0x360 [ 945.845372] Node 0 [ 945.850217] ? nsecs_to_jiffies+0x30/0x30 [ 945.850241] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 945.850257] ? security_file_ioctl+0x8d/0xc0 [ 945.850274] ksys_ioctl+0xab/0xd0 [ 945.850292] __x64_sys_ioctl+0x73/0xb0 [ 945.859549] Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 945.860282] do_syscall_64+0xfd/0x620 [ 945.864670] lowmem_reserve[]: [ 945.866481] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 945.880931] 0 [ 945.883751] RIP: 0033:0x459829 [ 945.885548] 0 [ 945.889534] Code: Bad RIP value. [ 945.889543] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 945.889557] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 945.889565] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 945.889579] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 945.893549] 0 [ 945.897426] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 945.897439] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 945.901977] 0 [ 945.903836] syz-executor.3 cpuset= [ 945.913808] syz3 [ 945.938488] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 945.942053] mems_allowed=0-1 [ 945.972814] Node 1 [ 945.975127] CPU: 1 PID: 14256 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 945.978249] Normal free:26944kB min:53608kB low:67008kB high:80408kB active_anon:980kB inactive_anon:44kB active_file:24kB inactive_file:24kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:448kB pagetables:544kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 945.983421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 945.983427] Call Trace: [ 945.983453] dump_stack+0x172/0x1f0 [ 945.983472] warn_alloc.cold+0x7b/0x173 [ 945.983491] ? zone_watermark_ok_safe+0x260/0x260 [ 945.983531] __alloc_pages_slowpath+0x220e/0x2870 [ 945.983568] ? warn_alloc+0x110/0x110 [ 945.983585] ? __lock_is_held+0xb6/0x140 [ 945.983606] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 945.992097] syz-executor.5 cpuset= [ 945.993790] ? should_fail+0x14d/0x85c [ 946.033564] lowmem_reserve[]: [ 946.040316] ? __might_sleep+0x95/0x190 [ 946.040339] __alloc_pages_nodemask+0x617/0x750 [ 946.040368] ? __alloc_pages_slowpath+0x2870/0x2870 [ 946.060509] 0 [ 946.062812] ? write_comp_data+0x1e/0x70 [ 946.065037] 0 [ 946.072053] ? wait_for_completion+0x440/0x440 [ 946.072069] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 946.072091] alloc_pages_current+0x107/0x210 [ 946.072111] ion_page_pool_alloc+0x137/0x1d0 [ 946.100457] syz5 [ 946.109090] ion_system_heap_allocate+0x154/0xa90 [ 946.111820] mems_allowed=0-1 [ 946.115389] ? ion_system_heap_free+0x250/0x250 [ 946.119525] 0 [ 946.124376] ion_alloc+0x29b/0x900 [ 946.129221] 0 [ 946.133068] ? ion_dma_buf_release+0x50/0x50 [ 946.133093] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 946.133110] ? _copy_from_user+0xdd/0x150 [ 946.133129] ion_ioctl+0x17b/0x329 [ 946.150137] ? ion_alloc.cold+0x28/0x28 [ 946.153225] Node 0 [ 946.157204] ? __might_sleep+0x95/0x190 [ 946.169521] DMA: [ 946.172707] ? ion_alloc.cold+0x28/0x28 [ 946.174490] 1*4kB [ 946.179077] do_vfs_ioctl+0xd5f/0x1380 [ 946.189520] (U) [ 946.193484] ? selinux_file_ioctl+0x46f/0x5e0 [ 946.195471] 2*8kB [ 946.200313] ? selinux_file_ioctl+0x125/0x5e0 [ 946.200329] ? ioctl_preallocate+0x210/0x210 [ 946.200341] ? selinux_file_mprotect+0x620/0x620 [ 946.200372] ? iterate_fd+0x360/0x360 [ 946.209518] (UE) [ 946.209914] ? nsecs_to_jiffies+0x30/0x30 [ 946.213437] 1*16kB [ 946.215258] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 946.229528] (E) [ 946.232844] ? security_file_ioctl+0x8d/0xc0 [ 946.236900] 2*32kB [ 946.239142] ksys_ioctl+0xab/0xd0 [ 946.249524] (UE) [ 946.251262] __x64_sys_ioctl+0x73/0xb0 [ 946.255129] 12*64kB [ 946.257115] do_syscall_64+0xfd/0x620 [ 946.269523] (UE) [ 946.272619] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 946.277354] 8*128kB [ 946.281173] RIP: 0033:0x459829 [ 946.281199] Code: Bad RIP value. [ 946.281206] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 946.281221] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 946.281234] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 946.283296] (UE) [ 946.287432] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 946.287446] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 946.299527] 3*256kB [ 946.301931] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 946.304156] (UE) [ 946.308765] Mem-Info: [ 946.377704] 1*512kB [ 946.384825] active_anon:71241 inactive_anon:208 isolated_anon:0 [ 946.384825] active_file:17 inactive_file:15 isolated_file:0 [ 946.384825] unevictable:0 dirty:0 writeback:0 unstable:0 [ 946.384825] slab_reclaimable:12418 slab_unreclaimable:105765 [ 946.384825] mapped:52226 shmem:252 pagetables:849 bounce:0 [ 946.384825] free:13948 free_pcp:0 free_cma:0 [ 946.384856] Node 0 active_anon:283984kB inactive_anon:788kB active_file:44kB inactive_file:36kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:139272kB dirty:0kB writeback:0kB shmem:960kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 946.420708] CPU: 0 PID: 14224 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 946.456179] (E) [ 946.459106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 946.459123] 3*1024kB [ 946.461083] Call Trace: [ 946.461109] dump_stack+0x172/0x1f0 [ 946.461129] warn_alloc.cold+0x7b/0x173 [ 946.461147] ? zone_watermark_ok_safe+0x260/0x260 [ 946.461185] __alloc_pages_slowpath+0x220e/0x2870 [ 946.493231] ? warn_alloc+0x110/0x110 [ 946.497069] ? __lock_is_held+0xb6/0x140 [ 946.499657] (UE) 2*2048kB [ 946.501157] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 946.501174] ? should_fail+0x14d/0x85c [ 946.504033] (UM) [ 946.509589] ? __might_sleep+0x95/0x190 [ 946.509611] __alloc_pages_nodemask+0x617/0x750 [ 946.509633] ? __alloc_pages_slowpath+0x2870/0x2870 [ 946.509657] ? wait_for_completion+0x440/0x440 [ 946.509674] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 946.509695] alloc_pages_current+0x107/0x210 [ 946.513756] Node 1 active_anon:980kB inactive_anon:44kB active_file:24kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:0kB writeback:0kB shmem:48kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 946.515744] ion_page_pool_alloc+0x137/0x1d0 [ 946.569600] 0*4096kB [ 946.570511] ion_system_heap_allocate+0x154/0xa90 [ 946.574917] = 10340kB [ 946.577338] ? ion_system_heap_free+0x250/0x250 [ 946.582267] Node 0 [ 946.584585] ion_alloc+0x29b/0x900 [ 946.589249] DMA free:10340kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 946.591472] ? ion_dma_buf_release+0x50/0x50 [ 946.591495] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 946.591510] ? _copy_from_user+0xdd/0x150 [ 946.591527] ion_ioctl+0x17b/0x329 [ 946.591543] ? ion_alloc.cold+0x28/0x28 [ 946.591568] ? __might_sleep+0x95/0x190 [ 946.619693] Node 0 [ 946.621062] ? ion_alloc.cold+0x28/0x28 [ 946.625551] DMA32: [ 946.631592] do_vfs_ioctl+0xd5f/0x1380 [ 946.631608] ? selinux_file_ioctl+0x46f/0x5e0 [ 946.631621] ? selinux_file_ioctl+0x125/0x5e0 [ 946.631636] ? ioctl_preallocate+0x210/0x210 [ 946.631649] ? selinux_file_mprotect+0x620/0x620 [ 946.631670] ? iterate_fd+0x360/0x360 [ 946.631684] ? nsecs_to_jiffies+0x30/0x30 [ 946.631705] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 946.631723] ? security_file_ioctl+0x8d/0xc0 [ 946.631740] ksys_ioctl+0xab/0xd0 [ 946.649613] lowmem_reserve[]: [ 946.653541] __x64_sys_ioctl+0x73/0xb0 [ 946.655852] 0 [ 946.659742] do_syscall_64+0xfd/0x620 [ 946.659760] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 946.659771] RIP: 0033:0x459829 [ 946.659796] Code: Bad RIP value. [ 946.659804] RSP: 002b:00007f71a5b36c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 946.659819] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 946.659827] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 946.659840] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 946.664705] 2065*4kB [ 946.669186] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b376d4 [ 946.669201] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 946.699607] (UME) [ 946.707882] 2555 [ 946.709335] 957*8kB [ 946.712776] 2557 [ 946.719370] (UME) [ 946.723026] 2557 [ 946.730793] 145*16kB [ 946.763214] (UME) [ 946.839549] Node 0 DMA32 free:77496kB min:36248kB low:45308kB high:54368kB active_anon:281936kB inactive_anon:788kB active_file:136kB inactive_file:544kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2852kB bounce:0kB free_pcp:2704kB local_pcp:1404kB free_cma:0kB [ 946.845251] 242*32kB [ 946.871080] lowmem_reserve[]: 0 0 2 2 [ 946.877332] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 946.919598] lowmem_reserve[]: [ 946.919607] (UM) 133*64kB (UMEH) 10*128kB (UMH) 15*256kB (UMH) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 40124kB [ 946.923625] 0 0 0 0 [ 946.949627] Node 1 Normal free:193032kB min:53608kB low:67008kB high:80408kB active_anon:980kB inactive_anon:44kB active_file:24kB inactive_file:24kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:448kB pagetables:544kB bounce:0kB free_pcp:2796kB local_pcp:1344kB free_cma:0kB [ 946.994134] lowmem_reserve[]: 0 0 0 0 [ 946.995372] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 946.998505] Node 0 DMA: 13*4kB (U) 5*8kB (UE) 3*16kB (UE) 2*32kB (UE) 13*64kB (UE) 8*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10508kB [ 947.044204] Node 1 Normal: 12832*4kB (UME) 472*8kB (UME) 1199*16kB (UME) 500*32kB (UM) 913*64kB (UME) 270*128kB (UM) 30*256kB (UM) 49*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 216048kB [ 947.065728] Node 0 DMA32: 6022*4kB (UEH) 847*8kB (UME) 540*16kB (UME) 934*32kB (UMH) 166*64kB (UMEH) 10*128kB (UMH) 15*256kB (UMH) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 85648kB [ 947.086057] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 947.106008] Node 0 [ 947.109853] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 947.109879] Normal: [ 947.126559] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 947.137587] 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 947.158718] Node 1 Normal: 12832*4kB (UME) 472*8kB (UME) 1199*16kB (UME) 501*32kB (UM) 913*64kB (UME) 270*128kB (UM) 30*256kB (UM) 49*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 216080kB [ 947.175007] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 947.184646] 1689 total pagecache pages [ 947.188564] 0 pages in swap cache [ 947.201749] Swap cache stats: add 0, delete 0, find 0/0 [ 947.208208] Free swap = 0kB [ 947.220403] Total swap = 0kB [ 947.223464] 1965979 pages RAM [ 947.226606] 0 pages HighMem/MovableOnly [ 947.226710] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 947.249543] 338856 pages reserved [ 947.253043] 0 pages cma reserved [ 947.259609] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 947.265123] Unreclaimable slab info: [ 947.269266] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 947.272022] Name Used Total [ 947.289539] pid_2 31KB 160KB [ 947.295098] batadv_tt_change_cache 12KB 15KB [ 947.306148] batadv_tl_cache 13KB 20KB [ 947.307911] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 947.311634] TIPC 25KB 50KB [ 947.328756] 2429 total pagecache pages [ 947.340455] SCTPv6 33KB 55KB [ 947.345968] DCCPv6 17KB 43KB [ 947.349579] 0 pages in swap cache [ 947.354956] Swap cache stats: add 0, delete 0, find 0/0 [ 947.356810] DCCP 16KB 41KB [ 947.360406] Free swap = 0kB [ 947.365814] bridge_fdb_cache 23KB 35KB [ 947.374435] Total swap = 0kB [ 947.389617] 1965979 pages RAM [ 947.392855] 0 pages HighMem/MovableOnly [ 947.397697] 338856 pages reserved [ 947.398330] fib6_nodes 239KB 256KB [ 947.401901] 0 pages cma reserved [ 947.406654] ip6_dst_cache 1027KB 1027KB [ 947.406670] RAWv6 156KB 169KB [ 947.406686] UDPv6 3KB 3KB [ 947.432728] TCPv6 23KB 35KB [ 947.438232] nf_conntrack 0KB 3KB [ 947.445809] sd_ext_cdb 0KB 7KB [ 947.455385] scsi_sense_cache 1056KB 1060KB [ 947.462974] virtio_scsi_cmd 16KB 16KB [ 947.468396] sgpool-128 8KB 8KB [ 947.478816] sgpool-64 4KB 12KB [ 947.486319] sgpool-32 2KB 15KB [ 947.495753] sgpool-16 1KB 7KB [ 947.503220] sgpool-8 0KB 7KB [ 947.508615] mqueue_inode_cache 21KB 43KB [ 947.529661] bio_post_read_ctx 14KB 15KB [ 947.549634] bio-2 14KB 15KB [ 947.555151] jfs_mp 7KB 7KB [ 947.569667] nfs_commit_data 3KB 14KB [ 947.575089] nfs_write_data 34KB 44KB [ 947.599585] ext4_system_zone 1KB 7KB [ 947.605079] bio-1 1KB 7KB [ 947.619765] pid_namespace 4KB 7KB [ 947.625194] rpc_buffers 17KB 25KB [ 947.630797] rpc_tasks 2KB 7KB [ 947.636178] UNIX 1578KB 1580KB [ 947.641625] tcp_bind_bucket 2KB 12KB [ 947.647599] xfrm_state 2KB 8KB [ 947.653658] ip_fib_trie 35KB 39KB [ 947.659047] ip_fib_alias 165KB 177KB [ 947.664500] ip_dst_cache 5KB 20KB [ 947.679560] RAW 92KB 122KB [ 947.684995] UDP 30KB 58KB [ 947.699748] TCP 8KB 16KB [ 947.705438] hugetlbfs_inode_cache 2KB 15KB [ 947.729555] fscache_cookie_jar 1KB 11KB [ 947.736541] eventpoll_pwq 19KB 35KB [ 947.749560] eventpoll_epi 35KB 66KB [ 947.756816] inotify_inode_mark 27KB 63KB [ 947.762628] request_queue 163KB 163KB [ 947.768451] blkdev_requests 1KB 3KB [ 947.773905] blkdev_ioc 36KB 54KB [ 947.779292] bio-0 1797KB 1927KB [ 947.785045] biovec-max 3374KB 3374KB [ 947.790586] biovec-64 1795KB 2008KB [ 947.796066] biovec-16 226KB 367KB [ 947.801513] bio_integrity_payload 1KB 8KB [ 947.807331] khugepaged_mm_slot 4KB 19KB [ 947.829613] dmaengine-unmap-256 2KB 6KB [ 947.835241] dmaengine-unmap-128 1KB 3KB [ 947.840844] dmaengine-unmap-16 0KB 4KB [ 947.846333] dmaengine-unmap-2 0KB 3KB [ 947.851765] skbuff_fclone_cache 91KB 172KB [ 947.857342] skbuff_head_cache 8065KB 8066KB [ 947.862782] configfs_dir_cache 0KB 8KB [ 947.868597] file_lock_cache 0KB 3KB [ 947.874226] file_lock_ctx 0KB 3KB [ 947.889552] fsnotify_mark_connector 15KB 39KB [ 947.895502] net_namespace 130KB 130KB [ 947.909548] shmem_inode_cache 5084KB 5421KB [ 947.914975] task_delay_info 65KB 233KB [ 947.920456] taskstats 35KB 80KB [ 947.939551] proc_dir_entry 1110KB 1132KB [ 947.945272] pde_opener 1KB 3KB [ 947.959557] seq_file 166KB 307KB [ 947.964994] sigqueue 39KB 86KB [ 947.970410] kernfs_node_cache 13617KB 13828KB [ 947.975798] mnt_cache 186KB 204KB [ 947.981232] filp 2689KB 4173KB [ 947.986612] names_cache 41586KB 41620KB [ 947.992037] iint_cache 35KB 63KB [ 947.997421] hashtab_node 118KB 119KB [ 948.002893] ebitmap_node 1131KB 1137KB [ 948.008536] avtab_node 1012KB 1013KB [ 948.014329] avc_node 49KB 55KB [ 948.019763] selinux_file_security 164KB 329KB [ 948.025489] selinux_inode_security 3213KB 3488KB [ 948.031348] key_jar 4KB 11KB [ 948.036736] uts_namespace 6KB 15KB [ 948.042255] nsproxy 6KB 11KB [ 948.047641] vm_area_struct 2830KB 5557KB [ 948.053074] mm_struct 419KB 747KB [ 948.058457] fs_cache 39KB 96KB [ 948.063886] files_cache 147KB 247KB [ 948.069257] signal_cache 507KB 797KB [ 948.074730] sighand_cache 485KB 534KB [ 948.089575] task_struct 2215KB 2252KB [ 948.094976] cred_jar 271KB 608KB [ 948.100398] anon_vma_chain 1608KB 3468KB [ 948.105794] anon_vma 171KB 573KB [ 948.111203] pid 48KB 200KB [ 948.116577] Acpi-Operand 156KB 190KB [ 948.121986] Acpi-ParseExt 8KB 11KB [ 948.127355] Acpi-Parse 41KB 47KB [ 948.132763] Acpi-State 52KB 63KB [ 948.138134] Acpi-Namespace 20KB 23KB [ 948.143553] numa_policy 0KB 3KB [ 948.148921] debug_objects_cache 1240KB 1285KB [ 948.157014] trace_event_file 263KB 266KB [ 948.162569] ftrace_event_field 382KB 385KB [ 948.179693] pool_workqueue 113KB 132KB [ 948.185105] task_group 5KB 7KB [ 948.205031] page->ptl 594KB 1612KB [ 948.219700] kmalloc-2097152 2050KB 2050KB [ 948.225205] kmalloc-524288 2056KB 2056KB [ 948.250391] kmalloc-262144 1290KB 1290KB [ 948.255809] kmalloc-131072 650KB 650KB [ 948.269540] kmalloc-65536 37818KB 38610KB [ 948.285565] kmalloc-32768 2970KB 3135KB [ 948.291042] kmalloc-16384 924KB 973KB [ 948.296428] kmalloc-8192 4455KB 4554KB [ 948.309546] kmalloc-4096 39682KB 39712KB [ 948.319685] kmalloc-2048 20215KB 20266KB [ 948.349545] kmalloc-1024 16634KB 16742KB [ 948.354968] kmalloc-512 13421KB 13436KB [ 948.360382] kmalloc-256 5434KB 5580KB [ 948.365769] kmalloc-128 1574KB 1582KB [ 948.371183] kmalloc-96 2397KB 2568KB [ 948.377056] kmalloc-64 3402KB 3500KB [ 948.382472] kmalloc-32 3379KB 3724KB [ 948.387844] kmalloc-192 3179KB 3364KB [ 948.393263] kmem_cache 248KB 255KB [ 948.398646] Out of memory: Kill process 14306 (syz-executor.4) score 1005 or sacrifice child [ 948.407336] Killed process 14307 (syz-executor.4) total-vm:72716kB, anon-rss:144kB, file-rss:35544kB, shmem-rss:0kB [ 948.418797] oom_reaper: reaped process 14307 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 948.737658] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 948.769707] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 948.775199] CPU: 0 PID: 14256 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 948.782218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 948.791590] Call Trace: [ 948.794196] dump_stack+0x172/0x1f0 [ 948.797842] warn_alloc.cold+0x7b/0x173 [ 948.801869] ? zone_watermark_ok_safe+0x260/0x260 [ 948.806748] ? try_to_compact_pages+0x44/0xae0 [ 948.811369] __alloc_pages_slowpath+0x220e/0x2870 [ 948.816251] ? warn_alloc+0x110/0x110 [ 948.820062] ? __lock_is_held+0xb6/0x140 [ 948.824139] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 948.829689] ? should_fail+0x14d/0x85c [ 948.834038] ? __isolate_free_page+0x4c0/0x4c0 [ 948.838629] ? __might_sleep+0x95/0x190 [ 948.842617] __alloc_pages_nodemask+0x617/0x750 [ 948.847300] ? __alloc_pages_slowpath+0x2870/0x2870 [ 948.852335] ? wait_for_completion+0x440/0x440 [ 948.856923] ? kasan_check_write+0x14/0x20 [ 948.861185] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 948.866734] alloc_pages_current+0x107/0x210 [ 948.871157] ion_page_pool_alloc+0x137/0x1d0 [ 948.875580] ion_system_heap_allocate+0x154/0xa90 [ 948.880441] ? ion_system_heap_free+0x250/0x250 [ 948.885142] ion_alloc+0x475/0x900 [ 948.888704] ? ion_dma_buf_release+0x50/0x50 [ 948.893137] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 948.898691] ? _copy_from_user+0xdd/0x150 [ 948.902867] ion_ioctl+0x17b/0x329 [ 948.906441] ? ion_alloc.cold+0x28/0x28 [ 948.910434] ? __might_sleep+0x95/0x190 [ 948.914419] ? ion_alloc.cold+0x28/0x28 [ 948.918405] do_vfs_ioctl+0xd5f/0x1380 [ 948.922309] ? selinux_file_ioctl+0x46f/0x5e0 [ 948.926816] ? selinux_file_ioctl+0x125/0x5e0 [ 948.931321] ? ioctl_preallocate+0x210/0x210 [ 948.935736] ? selinux_file_mprotect+0x620/0x620 [ 948.940508] ? iterate_fd+0x360/0x360 [ 948.944315] ? nsecs_to_jiffies+0x30/0x30 [ 948.948483] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 948.954029] ? security_file_ioctl+0x8d/0xc0 [ 948.958449] ksys_ioctl+0xab/0xd0 [ 948.961935] __x64_sys_ioctl+0x73/0xb0 [ 948.965835] do_syscall_64+0xfd/0x620 [ 948.969680] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 948.974913] RIP: 0033:0x459829 [ 948.978124] Code: Bad RIP value. [ 948.981494] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 948.989304] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 948.996586] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 949.003873] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 949.011154] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 949.018431] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 949.038190] warn_alloc_show_mem: 2 callbacks suppressed [ 949.038197] Mem-Info: [ 949.065910] active_anon:71227 inactive_anon:208 isolated_anon:0 [ 949.065910] active_file:236 inactive_file:2476 isolated_file:0 [ 949.065910] unevictable:0 dirty:61 writeback:0 unstable:0 [ 949.065910] slab_reclaimable:12382 slab_unreclaimable:105505 [ 949.065910] mapped:53990 shmem:252 pagetables:849 bounce:0 [ 949.065910] free:42562 free_pcp:299 free_cma:0 [ 949.144814] Node 0 active_anon:284012kB inactive_anon:788kB active_file:916kB inactive_file:9884kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:146328kB dirty:240kB writeback:0kB shmem:960kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:54:20 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x64) 04:54:20 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x138, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x0) 04:54:20 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc42000000080008000100000007e10500ac14241b080003000800e80f01"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@initdev, @in=@initdev}}, {{@in6=@empty}, 0x0, @in6}}, &(0x7f0000000000)=0xe8) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 949.213239] Node 1 active_anon:896kB inactive_anon:44kB active_file:28kB inactive_file:20kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:4kB writeback:0kB shmem:48kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 949.248374] Node 0 DMA free:10380kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 949.292630] lowmem_reserve[]: 0 2555 2557 2557 [ 949.298799] Node 0 DMA32 free:78512kB min:36248kB low:45308kB high:54368kB active_anon:281964kB inactive_anon:788kB active_file:916kB inactive_file:14420kB unevictable:0kB writepending:240kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2852kB bounce:0kB free_pcp:1680kB local_pcp:268kB free_cma:0kB [ 949.347776] lowmem_reserve[]: 0 0 2 2 [ 949.353128] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 949.379154] lowmem_reserve[]: 0 0 0 0 [ 949.379188] Node 1 Normal free:106020kB min:53608kB low:67008kB high:80408kB active_anon:896kB inactive_anon:44kB active_file:28kB inactive_file:20kB unevictable:0kB writepending:4kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:396kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 949.426431] lowmem_reserve[]: 0 0 0 0 [ 949.440712] Node 0 DMA: 13*4kB (U) 5*8kB (UE) 3*16kB (UE) 2*32kB (UE) 11*64kB (UE) 8*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10380kB [ 949.473834] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 949.488913] Node 0 DMA32: 8762*4kB (UH) 2277*8kB (UE) 817*16kB (UE) 927*32kB (UH) 3*64kB (H) 1*128kB (H) 1*256kB (H) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 96576kB [ 949.512636] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 949.521041] syz-executor.5 cpuset= [ 949.528295] Node 1 Normal: 14276*4kB (U) 863*8kB (U) 1438*16kB (U) 868*32kB (U) 29*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 116648kB [ 949.531260] syz5 [ 949.572730] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 949.588790] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 949.597937] mems_allowed=0-1 [ 949.599457] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 949.616292] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 949.617923] CPU: 0 PID: 14221 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 949.625094] 4440 total pagecache pages [ 949.633458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 949.633465] Call Trace: [ 949.633492] dump_stack+0x172/0x1f0 [ 949.633512] warn_alloc.cold+0x7b/0x173 [ 949.633530] ? zone_watermark_ok_safe+0x260/0x260 [ 949.633551] ? try_to_compact_pages+0x44/0xae0 [ 949.633583] __alloc_pages_slowpath+0x220e/0x2870 [ 949.637544] 0 pages in swap cache [ 949.646871] ? warn_alloc+0x110/0x110 [ 949.646887] ? __lock_is_held+0xb6/0x140 [ 949.646906] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 949.646925] ? should_fail+0x14d/0x85c [ 949.649599] Swap cache stats: add 0, delete 0, find 0/0 [ 949.653139] ? __isolate_free_page+0x4c0/0x4c0 [ 949.653163] ? __might_sleep+0x95/0x190 [ 949.657183] Free swap = 0kB [ 949.661979] __alloc_pages_nodemask+0x617/0x750 [ 949.662002] ? __alloc_pages_slowpath+0x2870/0x2870 [ 949.662028] ? wait_for_completion+0x440/0x440 [ 949.662047] ? retint_kernel+0x2d/0x2d [ 949.666686] Total swap = 0kB [ 949.671479] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 949.671502] alloc_pages_current+0x107/0x210 [ 949.671521] ion_page_pool_alloc+0x137/0x1d0 [ 949.671536] ion_system_heap_allocate+0x154/0xa90 [ 949.671556] ? ion_system_heap_free+0x250/0x250 [ 949.675157] 1965979 pages RAM [ 949.678909] ion_alloc+0x475/0x900 [ 949.678934] ? ion_dma_buf_release+0x50/0x50 [ 949.683073] 0 pages HighMem/MovableOnly [ 949.688531] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 949.688548] ? _copy_from_user+0xdd/0x150 [ 949.688568] ion_ioctl+0x17b/0x329 [ 949.692548] 338856 pages reserved [ 949.697820] ? ion_alloc.cold+0x28/0x28 [ 949.697846] ? __might_sleep+0x95/0x190 [ 949.702515] 0 pages cma reserved [ 949.706392] ? ion_alloc.cold+0x28/0x28 [ 949.706410] do_vfs_ioctl+0xd5f/0x1380 [ 949.706429] ? selinux_file_ioctl+0x46f/0x5e0 [ 949.810487] ? selinux_file_ioctl+0x125/0x5e0 [ 949.814993] ? ioctl_preallocate+0x210/0x210 [ 949.819411] ? selinux_file_mprotect+0x620/0x620 [ 949.824187] ? iterate_fd+0x360/0x360 [ 949.827997] ? nsecs_to_jiffies+0x30/0x30 [ 949.832165] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 949.837714] ? security_file_ioctl+0x8d/0xc0 [ 949.842143] ksys_ioctl+0xab/0xd0 [ 949.845611] __x64_sys_ioctl+0x73/0xb0 [ 949.849518] do_syscall_64+0xfd/0x620 [ 949.853331] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 949.858537] RIP: 0033:0x459829 [ 949.861743] Code: Bad RIP value. [ 949.865111] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 949.872825] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 949.880101] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 949.887375] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 949.894650] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 949.901926] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 950.035884] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 950.065582] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 950.097416] CPU: 1 PID: 14224 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 950.104486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 950.113865] Call Trace: [ 950.116489] dump_stack+0x172/0x1f0 [ 950.120142] warn_alloc.cold+0x7b/0x173 [ 950.124133] ? zone_watermark_ok_safe+0x260/0x260 [ 950.128995] ? try_to_compact_pages+0x44/0xae0 [ 950.133616] __alloc_pages_slowpath+0x220e/0x2870 [ 950.138512] ? warn_alloc+0x110/0x110 [ 950.142330] ? __lock_is_held+0xb6/0x140 [ 950.146415] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 950.152577] ? should_fail+0x14d/0x85c [ 950.156503] ? __isolate_free_page+0x4c0/0x4c0 [ 950.161112] ? __might_sleep+0x95/0x190 [ 950.165192] __alloc_pages_nodemask+0x617/0x750 [ 950.169884] ? __alloc_pages_slowpath+0x2870/0x2870 [ 950.174926] ? retint_kernel+0x2d/0x2d [ 950.178842] ? wait_for_completion+0x440/0x440 [ 950.183439] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 950.188997] alloc_pages_current+0x107/0x210 [ 950.193425] ion_page_pool_alloc+0x137/0x1d0 [ 950.197861] ion_system_heap_allocate+0x154/0xa90 [ 950.202729] ? ion_system_heap_free+0x250/0x250 [ 950.207423] ion_alloc+0x475/0x900 [ 950.210987] ? ion_dma_buf_release+0x50/0x50 [ 950.215428] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 950.220984] ? _copy_from_user+0xdd/0x150 [ 950.225159] ion_ioctl+0x17b/0x329 [ 950.228715] ? ion_alloc.cold+0x28/0x28 [ 950.232708] ? __might_sleep+0x95/0x190 [ 950.236713] ? ion_alloc.cold+0x28/0x28 [ 950.240713] do_vfs_ioctl+0xd5f/0x1380 [ 950.244614] ? selinux_file_ioctl+0x46f/0x5e0 [ 950.249123] ? selinux_file_ioctl+0x125/0x5e0 [ 950.253637] ? ioctl_preallocate+0x210/0x210 [ 950.257230] Mem-Info: [ 950.258069] ? selinux_file_mprotect+0x620/0x620 [ 950.258097] ? iterate_fd+0x360/0x360 [ 950.260633] active_anon:71457 inactive_anon:205 isolated_anon:0 [ 950.260633] active_file:1144 inactive_file:2986 isolated_file:0 [ 950.260633] unevictable:0 dirty:104 writeback:0 unstable:0 [ 950.260633] slab_reclaimable:12395 slab_unreclaimable:105466 [ 950.260633] mapped:55156 shmem:252 pagetables:903 bounce:0 [ 950.260633] free:95161 free_pcp:656 free_cma:0 [ 950.265255] ? nsecs_to_jiffies+0x30/0x30 [ 950.265285] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 950.269156] Node 0 active_anon:284956kB inactive_anon:788kB active_file:4536kB inactive_file:11936kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:150992kB dirty:380kB writeback:0kB shmem:960kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 950.302616] ? security_file_ioctl+0x8d/0xc0 [ 950.302635] ksys_ioctl+0xab/0xd0 [ 950.302651] __x64_sys_ioctl+0x73/0xb0 [ 950.302668] do_syscall_64+0xfd/0x620 [ 950.302686] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 950.302697] RIP: 0033:0x459829 [ 950.302724] Code: Bad RIP value. [ 950.312817] Node 1 active_anon:872kB inactive_anon:32kB active_file:40kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:36kB writeback:0kB shmem:48kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 950.340379] RSP: 002b:00007f71a5b36c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 950.340396] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 950.340403] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 950.340410] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 950.340418] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b376d4 [ 950.340426] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 950.354592] Node 0 [ 950.483833] DMA free:10380kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 950.556593] lowmem_reserve[]: 0 2555 2557 2557 [ 950.562629] Node 0 DMA32 free:182196kB min:36248kB low:45308kB high:54368kB active_anon:282744kB inactive_anon:800kB active_file:4900kB inactive_file:12152kB unevictable:0kB writepending:504kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6816kB pagetables:2876kB bounce:0kB free_pcp:2536kB local_pcp:1268kB free_cma:0kB [ 950.602985] lowmem_reserve[]: 0 0 2 2 [ 950.606902] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 950.640833] lowmem_reserve[]: 0 0 0 0 [ 950.644724] Node 1 Normal free:187720kB min:53608kB low:67008kB high:80408kB active_anon:836kB inactive_anon:0kB active_file:40kB inactive_file:8kB unevictable:0kB writepending:36kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:440kB bounce:0kB free_pcp:1328kB local_pcp:0kB free_cma:0kB [ 950.700546] lowmem_reserve[]: 0 0 0 0 [ 950.704456] Node 0 DMA: 14*4kB (U) 5*8kB (UE) 3*16kB (UE) 2*32kB (UE) 11*64kB (UE) 10*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10640kB [ 950.746868] Node 0 DMA32: 16587*4kB (UH) 5066*8kB (UEH) 2079*16kB (UEH) 1299*32kB (UH) 3*64kB (H) 4*128kB (UH) 1*256kB (H) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 182668kB [ 950.789579] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 950.817232] Node 1 Normal: 20378*4kB (U) 2150*8kB (U) 1797*16kB (U) 1029*32kB (U) 91*64kB (U) 168*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 187720kB [ 950.884604] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 950.894083] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 950.925288] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 950.958707] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 950.968122] 4575 total pagecache pages [ 950.988984] 0 pages in swap cache [ 951.001721] Swap cache stats: add 0, delete 0, find 0/0 [ 951.007131] Free swap = 0kB [ 951.015103] Total swap = 0kB [ 951.018171] 1965979 pages RAM [ 951.023411] 0 pages HighMem/MovableOnly [ 951.027411] 338856 pages reserved [ 951.034990] 0 pages cma reserved [ 954.029768] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 954.056884] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 954.062089] CPU: 1 PID: 14084 Comm: syz-fuzzer Not tainted 4.19.63 #37 [ 954.068779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 954.078151] Call Trace: [ 954.080765] dump_stack+0x172/0x1f0 [ 954.084410] dump_header+0x15e/0xa55 [ 954.088144] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 954.093266] ? ___ratelimit+0x60/0x595 [ 954.097169] ? do_raw_spin_unlock+0x57/0x270 [ 954.101595] oom_kill_process.cold+0x10/0x6ef [ 954.106115] ? lock_downgrade+0x810/0x810 [ 954.110275] ? kasan_check_read+0x11/0x20 [ 954.114440] out_of_memory+0x936/0x12d0 [ 954.118437] ? oom_killer_disable+0x280/0x280 [ 954.122945] ? mutex_trylock+0x18e/0x1e0 [ 954.127020] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 954.131964] __alloc_pages_slowpath+0x20af/0x2870 [ 954.136834] ? warn_alloc+0x110/0x110 [ 954.140903] ? __lock_is_held+0xb6/0x140 [ 954.144972] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 954.150517] ? should_fail+0x14d/0x85c [ 954.154423] ? __might_sleep+0x95/0x190 [ 954.158433] __alloc_pages_nodemask+0x617/0x750 [ 954.163117] ? kasan_check_read+0x11/0x20 [ 954.167279] ? __alloc_pages_slowpath+0x2870/0x2870 [ 954.172294] ? find_get_entry+0x3e8/0x820 [ 954.176451] ? filemap_map_pages+0x1130/0x1130 [ 954.181035] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 954.186579] alloc_pages_current+0x107/0x210 [ 954.190999] __page_cache_alloc+0x2bd/0x450 [ 954.195321] ? kasan_check_read+0x11/0x20 [ 954.199483] filemap_fault+0x10bb/0x2250 [ 954.203549] ? lock_downgrade+0x810/0x810 [ 954.207711] ? __lock_page_or_retry+0xdc0/0xdc0 [ 954.212479] ? lock_acquire+0x16f/0x3f0 [ 954.216472] ? ext4_filemap_fault+0x7b/0xaf [ 954.220913] ext4_filemap_fault+0x83/0xaf [ 954.225155] __do_fault+0x111/0x480 [ 954.228791] __handle_mm_fault+0x2d78/0x3f80 [ 954.233218] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 954.238088] ? count_memcg_event_mm+0x2b1/0x4d0 [ 954.242767] handle_mm_fault+0x1b5/0x690 [ 954.246841] __do_page_fault+0x62a/0xe90 [ 954.250904] ? ksys_read+0x1f1/0x2d0 [ 954.254627] ? vmalloc_fault+0x740/0x740 [ 954.258691] ? trace_hardirqs_off_caller+0x65/0x220 [ 954.263713] ? trace_hardirqs_on_caller+0x6a/0x220 [ 954.268649] ? page_fault+0x8/0x30 [ 954.272211] do_page_fault+0x71/0x57d [ 954.276038] ? page_fault+0x8/0x30 [ 954.279597] page_fault+0x1e/0x30 [ 954.283059] RIP: 0033:0x428430 [ 954.286265] Code: Bad RIP value. [ 954.289626] RSP: 002b:000000c434a49e48 EFLAGS: 00010246 [ 954.294993] RAX: 000000c4296e7080 RBX: 000000c424bc6000 RCX: ffffffffffffffff [ 954.302264] RDX: 000000c424bc6148 RSI: 0000000000000002 RDI: 0000000000000001 [ 954.309536] RBP: 000000c434a49e78 R08: 0000000000000003 R09: 000000c4296e7080 [ 954.316810] R10: 0000000000000000 R11: 0000000000000286 R12: 01ffffffffffffff [ 954.324090] R13: 00000000000000ff R14: 00000000000000ff R15: 0000000000000000 [ 954.334443] Mem-Info: [ 954.336927] active_anon:71408 inactive_anon:202 isolated_anon:0 [ 954.336927] active_file:48 inactive_file:31 isolated_file:6 [ 954.336927] unevictable:0 dirty:2 writeback:0 unstable:0 [ 954.336927] slab_reclaimable:12392 slab_unreclaimable:104996 [ 954.336927] mapped:52303 shmem:252 pagetables:827 bounce:0 [ 954.336927] free:13586 free_pcp:127 free_cma:0 [ 954.370096] Node 0 active_anon:284796kB inactive_anon:808kB active_file:148kB inactive_file:124kB unevictable:0kB isolated(anon):0kB isolated(file):24kB mapped:139544kB dirty:4kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 954.398436] Node 1 active_anon:836kB inactive_anon:0kB active_file:44kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69668kB dirty:4kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 954.425159] Node 0 DMA free:10336kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 954.459594] lowmem_reserve[]: 0 2555 2557 2557 [ 954.464257] Node 0 DMA32 free:18172kB min:36248kB low:45308kB high:54368kB active_anon:282748kB inactive_anon:808kB active_file:144kB inactive_file:292kB unevictable:0kB writepending:4kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6784kB pagetables:2868kB bounce:0kB free_pcp:96kB local_pcp:88kB free_cma:0kB [ 954.494780] lowmem_reserve[]: 0 0 2 2 [ 954.498651] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 954.524964] lowmem_reserve[]: 0 0 0 0 [ 954.528851] Node 1 Normal free:26596kB min:53608kB low:67008kB high:80408kB active_anon:836kB inactive_anon:0kB active_file:24kB inactive_file:12kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:440kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 954.557157] lowmem_reserve[]: 0 0 0 0 [ 954.561428] Node 0 DMA: 0*4kB 2*8kB (UE) 1*16kB (E) 2*32kB (UE) 8*64kB (UE) 10*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10336kB [ 954.576405] Node 0 DMA32: 801*4kB (UMEH) 672*8kB (UMEH) 107*16kB (UMEH) 28*32kB (UMH) 23*64kB (MEH) 4*128kB (MH) 18*256kB (UH) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 18292kB [ 954.601236] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 954.612166] Node 1 Normal: 3*4kB (U) 3*8kB (U) 0*16kB 2*32kB (U) 10*64kB (UME) 2*128kB (U) 0*256kB 48*512kB (U) 1*1024kB (M) 0*2048kB 0*4096kB = 26596kB [ 954.633625] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 954.644373] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 954.667549] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 954.678926] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 954.700651] 289 total pagecache pages [ 954.704513] 0 pages in swap cache [ 954.708068] Swap cache stats: add 0, delete 0, find 0/0 [ 954.731928] Free swap = 0kB [ 954.734987] Total swap = 0kB [ 954.738007] 1965979 pages RAM [ 954.767397] 0 pages HighMem/MovableOnly [ 954.771594] 338856 pages reserved [ 954.775055] 0 pages cma reserved [ 954.778420] Unreclaimable slab info: [ 954.802880] Name Used Total [ 954.808570] pid_2 36KB 160KB [ 954.837470] batadv_tt_change_cache 9KB 15KB [ 954.868922] batadv_tl_cache 12KB 20KB [ 954.874463] TIPC 24KB 50KB [ 954.895379] SCTPv6 33KB 55KB [ 954.905411] DCCPv6 17KB 43KB [ 954.928674] DCCP 16KB 41KB [ 954.953457] bridge_fdb_cache 23KB 35KB [ 954.958891] fib6_nodes 233KB 256KB [ 955.010223] ip6_dst_cache 1046KB 1046KB [ 955.015651] RAWv6 156KB 169KB [ 955.046512] UDPv6 3KB 3KB [ 955.078388] TCPv6 23KB 35KB [ 955.111050] nf_conntrack 0KB 3KB [ 955.116531] sd_ext_cdb 0KB 7KB [ 955.130588] scsi_sense_cache 1056KB 1060KB [ 955.136003] virtio_scsi_cmd 16KB 16KB [ 955.154793] sgpool-128 8KB 8KB [ 955.167132] sgpool-64 4KB 12KB [ 955.173726] sgpool-32 2KB 15KB [ 955.179111] sgpool-16 1KB 7KB [ 955.198122] sgpool-8 0KB 7KB [ 955.207475] mqueue_inode_cache 21KB 43KB [ 955.217410] bio_post_read_ctx 14KB 15KB [ 955.236382] bio-2 14KB 15KB [ 955.245705] jfs_mp 7KB 7KB [ 955.256213] nfs_commit_data 3KB 14KB [ 955.274121] nfs_write_data 34KB 44KB [ 955.282735] ext4_system_zone 1KB 7KB [ 955.288154] bio-1 1KB 7KB [ 955.297691] pid_namespace 4KB 7KB [ 955.312745] rpc_buffers 17KB 25KB [ 955.318162] rpc_tasks 2KB 7KB [ 955.339586] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 955.356172] UNIX 1578KB 1580KB [ 955.368345] tcp_bind_bucket 2KB 12KB [ 955.369824] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 955.376858] xfrm_state 4KB 8KB [ 955.379157] CPU: 1 PID: 14221 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 955.391518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 955.400882] Call Trace: [ 955.403495] dump_stack+0x172/0x1f0 [ 955.407142] warn_alloc.cold+0x7b/0x173 [ 955.411147] ? zone_watermark_ok_safe+0x260/0x260 [ 955.416021] ? unreserve_highatomic_pageblock+0x31b/0x460 [ 955.421588] __alloc_pages_slowpath+0x220e/0x2870 [ 955.422145] ip_fib_trie 34KB 39KB [ 955.426460] ? warn_alloc+0x110/0x110 [ 955.435624] ? __lock_is_held+0xb6/0x140 [ 955.439704] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 955.445251] ? should_fail+0x14d/0x85c [ 955.449156] ? __might_sleep+0x95/0x190 [ 955.453149] __alloc_pages_nodemask+0x617/0x750 [ 955.457843] ? __alloc_pages_slowpath+0x2870/0x2870 [ 955.462882] ? wait_for_completion+0x440/0x440 [ 955.467485] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 955.473041] alloc_pages_current+0x107/0x210 [ 955.474489] ip_fib_alias 163KB 177KB [ 955.477464] ion_page_pool_alloc+0x137/0x1d0 [ 955.487250] ion_system_heap_allocate+0x154/0xa90 [ 955.489585] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 955.492108] ? ion_system_heap_free+0x250/0x250 [ 955.508494] ion_alloc+0x475/0x900 [ 955.512059] ? ion_dma_buf_release+0x50/0x50 [ 955.516494] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 955.522049] ? _copy_from_user+0xdd/0x150 [ 955.526216] ion_ioctl+0x17b/0x329 [ 955.526832] ip_dst_cache 4KB 20KB [ 955.529769] ? ion_alloc.cold+0x28/0x28 [ 955.529789] ? __might_sleep+0x95/0x190 [ 955.529807] ? ion_alloc.cold+0x28/0x28 [ 955.529824] do_vfs_ioctl+0xd5f/0x1380 [ 955.529840] ? selinux_file_ioctl+0x46f/0x5e0 [ 955.529854] ? selinux_file_ioctl+0x125/0x5e0 [ 955.529869] ? ioctl_preallocate+0x210/0x210 [ 955.529888] ? selinux_file_mprotect+0x620/0x620 [ 955.543718] RAW 92KB 122KB [ 955.547159] ? iterate_fd+0x360/0x360 [ 955.578336] ? nsecs_to_jiffies+0x30/0x30 [ 955.579017] UDP 30KB 58KB [ 955.582515] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 955.582532] ? security_file_ioctl+0x8d/0xc0 [ 955.582550] ksys_ioctl+0xab/0xd0 [ 955.582575] __x64_sys_ioctl+0x73/0xb0 [ 955.582600] do_syscall_64+0xfd/0x620 [ 955.582621] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 955.582632] RIP: 0033:0x459829 [ 955.582664] Code: Bad RIP value. [ 955.588136] TCP 8KB 16KB [ 955.593569] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 955.593584] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 955.593592] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 955.593599] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 955.593607] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 955.593615] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 955.630431] syz-executor.5 cpuset= [ 955.646498] hugetlbfs_inode_cache 2KB 15KB [ 955.662973] syz5 [ 955.669547] warn_alloc_show_mem: 1 callbacks suppressed [ 955.669552] Mem-Info: [ 955.682181] mems_allowed=0-1 [ 955.714287] fscache_cookie_jar 1KB 11KB [ 955.727905] active_anon:71408 inactive_anon:202 isolated_anon:0 [ 955.727905] active_file:13 inactive_file:15 isolated_file:0 [ 955.727905] unevictable:0 dirty:0 writeback:0 unstable:0 [ 955.727905] slab_reclaimable:12390 slab_unreclaimable:104935 [ 955.727905] mapped:52226 shmem:252 pagetables:827 bounce:0 [ 955.727905] free:13743 free_pcp:62 free_cma:0 [ 955.732571] eventpoll_pwq 20KB 35KB [ 955.785368] CPU: 0 PID: 14224 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 955.792426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 955.794020] eventpoll_epi 37KB 66KB [ 955.801786] Call Trace: [ 955.801815] dump_stack+0x172/0x1f0 [ 955.801833] warn_alloc.cold+0x7b/0x173 [ 955.801852] ? zone_watermark_ok_safe+0x260/0x260 [ 955.801890] ? unreserve_highatomic_pageblock+0x31b/0x460 [ 955.807338] inotify_inode_mark 24KB 63KB [ 955.809858] __alloc_pages_slowpath+0x220e/0x2870 [ 955.809902] ? warn_alloc+0x110/0x110 [ 955.813519] request_queue 163KB 163KB [ 955.817493] ? __lock_is_held+0xb6/0x140 [ 955.817515] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 955.822420] blkdev_requests 1KB 3KB [ 955.827905] ? should_fail+0x14d/0x85c [ 955.833488] blkdev_ioc 35KB 54KB [ 955.838293] ? __might_sleep+0x95/0x190 [ 955.842109] bio-0 1900KB 1927KB [ 955.847432] __alloc_pages_nodemask+0x617/0x750 [ 955.851510] biovec-max 3514KB 3514KB [ 955.857011] ? __alloc_pages_slowpath+0x2870/0x2870 [ 955.862405] biovec-64 1865KB 2008KB [ 955.866242] ? retint_kernel+0x2d/0x2d [ 955.871651] biovec-16 224KB 367KB [ 955.875584] ? wait_for_completion+0x440/0x440 [ 955.880968] bio_integrity_payload 1KB 8KB [ 955.885606] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 955.890990] khugepaged_mm_slot 4KB 19KB [ 955.895966] alloc_pages_current+0x107/0x210 [ 955.901376] dmaengine-unmap-256 2KB 6KB [ 955.905199] ion_page_pool_alloc+0x137/0x1d0 [ 955.910597] dmaengine-unmap-128 1KB 3KB [ 955.915131] ion_system_heap_allocate+0x154/0xa90 [ 955.920869] dmaengine-unmap-16 0KB 4KB [ 955.926372] ? ion_system_heap_free+0x250/0x250 [ 955.931876] dmaengine-unmap-2 0KB 3KB [ 955.936252] ion_alloc+0x475/0x900 [ 955.941902] skbuff_fclone_cache 82KB 172KB [ 955.946277] ? ion_dma_buf_release+0x50/0x50 [ 955.951838] skbuff_head_cache 8128KB 8130KB [ 955.956638] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 955.962111] configfs_dir_cache 0KB 8KB [ 955.966742] ? _copy_from_user+0xdd/0x150 [ 955.972132] file_lock_cache 0KB 3KB [ 955.975636] ion_ioctl+0x17b/0x329 [ 955.981198] file_lock_ctx 0KB 3KB [ 955.985565] ? ion_alloc.cold+0x28/0x28 [ 955.990957] fsnotify_mark_connector 14KB 39KB [ 955.996453] ? __might_sleep+0x95/0x190 [ 956.001934] net_namespace 130KB 130KB [ 956.006034] ? ion_alloc.cold+0x28/0x28 [ 956.011424] shmem_inode_cache 5080KB 5406KB [ 956.014914] do_vfs_ioctl+0xd5f/0x1380 [ 956.020298] task_delay_info 66KB 233KB [ 956.024230] ? selinux_file_ioctl+0x46f/0x5e0 [ 956.030134] taskstats 31KB 80KB [ 956.034073] ? selinux_file_ioctl+0x125/0x5e0 [ 956.039422] proc_dir_entry 1099KB 1128KB [ 956.043389] ? ioctl_preallocate+0x210/0x210 [ 956.043403] ? selinux_file_mprotect+0x620/0x620 [ 956.043426] ? iterate_fd+0x360/0x360 [ 956.043444] ? nsecs_to_jiffies+0x30/0x30 [ 956.048798] pde_opener 0KB 3KB [ 956.052691] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 956.052708] ? security_file_ioctl+0x8d/0xc0 [ 956.052727] ksys_ioctl+0xab/0xd0 [ 956.058079] seq_file 160KB 307KB [ 956.062591] __x64_sys_ioctl+0x73/0xb0 [ 956.062610] do_syscall_64+0xfd/0x620 [ 956.062631] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 956.067980] sigqueue 41KB 86KB [ 956.072465] RIP: 0033:0x459829 [ 956.072492] Code: Bad RIP value. [ 956.072505] RSP: 002b:00007f71a5b36c78 EFLAGS: 00000246 [ 956.077860] kernfs_node_cache 13591KB 13820KB [ 956.082262] ORIG_RAX: 0000000000000010 [ 956.082271] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 956.082278] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 956.082286] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 956.082294] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b376d4 [ 956.082302] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 956.197606] Node 0 active_anon:284796kB inactive_anon:808kB active_file:40kB inactive_file:36kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:139272kB dirty:0kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 956.226032] Node 1 active_anon:836kB inactive_anon:0kB active_file:12kB inactive_file:724kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69932kB dirty:0kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 956.253309] mnt_cache 185KB 204KB [ 956.258706] filp 2702KB 4173KB [ 956.264137] Node 0 DMA free:10336kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 956.291515] names_cache 41658KB 41718KB [ 956.297631] iint_cache 34KB 63KB [ 956.303948] hashtab_node 118KB 119KB [ 956.310006] ebitmap_node 1137KB 1141KB [ 956.315401] avtab_node 1012KB 1013KB [ 956.322455] avc_node 49KB 55KB [ 956.328516] selinux_file_security 165KB 329KB [ 956.334945] selinux_inode_security 3219KB 3488KB [ 956.341897] key_jar 4KB 11KB [ 956.347935] uts_namespace 6KB 15KB [ 956.364870] nsproxy 6KB 11KB [ 956.370639] vm_area_struct 2859KB 5557KB [ 956.376109] mm_struct 414KB 747KB [ 956.381851] lowmem_reserve[]: 0 2555 2557 2557 [ 956.386480] Node 0 DMA32 free:79268kB min:36248kB low:45308kB high:54368kB active_anon:282748kB inactive_anon:808kB active_file:40kB inactive_file:536kB unevictable:0kB writepending:148kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6784kB pagetables:2868kB bounce:0kB free_pcp:1704kB local_pcp:364kB free_cma:0kB [ 956.416180] fs_cache 40KB 96KB [ 956.422031] files_cache 147KB 247KB [ 956.427412] signal_cache 506KB 797KB [ 956.433227] sighand_cache 499KB 534KB [ 956.438613] task_struct 2215KB 2252KB [ 956.444394] cred_jar 271KB 608KB [ 956.451064] anon_vma_chain 1600KB 3468KB [ 956.456445] anon_vma 182KB 573KB [ 956.462224] pid 44KB 200KB [ 956.467611] Acpi-Operand 156KB 190KB [ 956.473553] Acpi-ParseExt 8KB 11KB [ 956.478938] Acpi-Parse 41KB 47KB [ 956.484724] lowmem_reserve[]: 0 0 2 2 [ 956.488573] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 956.515050] Acpi-State 52KB 63KB [ 956.520832] Acpi-Namespace 20KB 23KB [ 956.526215] numa_policy 0KB 3KB [ 956.531990] debug_objects_cache 1233KB 1285KB [ 956.537555] trace_event_file 263KB 266KB [ 956.543356] ftrace_event_field 382KB 385KB [ 956.548840] pool_workqueue 113KB 132KB [ 956.554741] task_group 5KB 7KB [ 956.560639] page->ptl 589KB 1612KB [ 956.566243] kmalloc-2097152 2050KB 2050KB [ 956.572174] kmalloc-524288 2056KB 2056KB [ 956.577743] kmalloc-262144 1290KB 1290KB [ 956.584435] lowmem_reserve[]: 0 0 0 0 [ 956.588299] Node 1 Normal free:143216kB min:53608kB low:67008kB high:80408kB active_anon:836kB inactive_anon:0kB active_file:216kB inactive_file:1112kB unevictable:0kB writepending:4kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:440kB bounce:0kB free_pcp:1372kB local_pcp:80kB free_cma:0kB [ 956.617983] kmalloc-131072 650KB 650KB [ 956.623899] kmalloc-65536 36300KB 37224KB [ 956.629413] kmalloc-32768 2970KB 3069KB [ 956.635488] kmalloc-16384 924KB 973KB [ 956.641499] kmalloc-8192 4397KB 4504KB [ 956.646976] kmalloc-4096 39644KB 39682KB [ 956.652854] kmalloc-2048 20187KB 20266KB [ 956.658430] kmalloc-1024 16735KB 16750KB [ 956.664471] kmalloc-512 13520KB 13530KB [ 956.670409] kmalloc-256 5426KB 5580KB [ 956.676081] kmalloc-128 1563KB 1582KB [ 956.681970] lowmem_reserve[]: 0 0 0 0 [ 956.685832] Node 0 DMA: 95*4kB (U) 2*8kB (UE) 1*16kB (E) 2*32kB (UE) 8*64kB (UE) 10*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10716kB [ 956.701801] kmalloc-96 2479KB 2568KB [ 956.719569] kmalloc-64 3404KB 3500KB [ 956.724996] kmalloc-32 3377KB 3724KB [ 956.739964] kmalloc-192 3258KB 3364KB [ 956.745511] kmem_cache 248KB 255KB [ 956.759579] Out of memory: Kill process 7947 (syz-fuzzer) score 41 or sacrifice child [ 956.768289] Killed process 14246 (syz-executor.2) total-vm:72452kB, anon-rss:64kB, file-rss:0kB, shmem-rss:0kB [ 956.779671] Node 0 DMA32: 11308*4kB (UME) 2953*8kB (UME) 2824*16kB (UME) 803*32kB (UM) 47*64kB (UME) 14*128kB (UM) 18*256kB (U) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 149656kB [ 956.829795] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 956.846117] Node 1 Normal: 24442*4kB (UM) 425*8kB (UM) 216*16kB (UM) 293*32kB (UM) 428*64kB (UE) 144*128kB (U) 48*256kB (U) 51*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 198224kB [ 956.862761] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 956.872257] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 956.881419] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 956.899797] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 956.908440] 799 total pagecache pages [ 956.919870] 0 pages in swap cache [ 956.924121] Swap cache stats: add 0, delete 0, find 0/0 [ 956.930349] Free swap = 0kB [ 956.933397] Total swap = 0kB [ 956.936427] 1965979 pages RAM [ 956.949972] 0 pages HighMem/MovableOnly [ 956.954035] 338856 pages reserved [ 956.957497] 0 pages cma reserved [ 957.563857] device bridge_slave_1 left promiscuous mode [ 957.569406] bridge0: port 2(bridge_slave_1) entered disabled state [ 957.626992] device bridge_slave_0 left promiscuous mode [ 957.634662] bridge0: port 1(bridge_slave_0) entered disabled state 04:54:29 executing program 3: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/status\x00', 0x0, 0x0) ioctl$PPPIOCGDEBUG(r1, 0x80047441, &(0x7f00000000c0)) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) openat$ion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ion\x00', 0x200, 0x0) 04:54:29 executing program 4: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000140)='/proc/capi/capi20ncci\x00', 0x400, 0x0) ioctl$NBD_SET_TIMEOUT(r1, 0xab09, 0x4) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) r2 = accept4(r0, 0x0, &(0x7f0000000040), 0x80000) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000100)={0xa, &(0x7f0000000080)=[{0x10000, 0x9, 0x401, 0x1f}, {0x8, 0x68, 0xefbc, 0xffff}, {0xba1c, 0x100, 0x3, 0x4c2}, {0x5, 0x1ff, 0x7, 0x4}, {0x1, 0x9, 0x8, 0x4}, {0x4, 0xdb3, 0x8, 0x3}, {0x9, 0xfffffffffffffffe, 0x2, 0x2}, {0x1, 0x6, 0x0, 0x81}, {0xffffffff, 0x100000000, 0x7, 0x80}, {0x1ed4, 0x2, 0x7ff, 0x7ff}]}, 0x10) recvmsg(r1, &(0x7f00000016c0)={&(0x7f0000000180)=@alg, 0x80, &(0x7f0000001600)=[{&(0x7f0000000200)}, {&(0x7f0000000240)=""/105, 0x69}, {&(0x7f0000000340)=""/253, 0xfd}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000001440)=""/216, 0xd8}, {&(0x7f0000001540)=""/152, 0x98}, {&(0x7f00000002c0)=""/29, 0x1d}], 0x7, &(0x7f0000001680)=""/27, 0x1b}, 0x75afc4097050d9fc) 04:54:29 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x0, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x74) [ 957.852793] device hsr_slave_1 left promiscuous mode 04:54:29 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x114, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@lifetime_val={0x24}]}, 0x114}}, 0x0) 04:54:29 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x41, &(0x7f0000000200)=0x3, 0x2) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008080003000800e80f0100"/43], 0x1}}, 0x0) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000180)={0x15, 0x4}) r3 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r4 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$clear(0x7, r4) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r5, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BLKRESETZONE(r2, 0x40101283, &(0x7f0000000380)={0x7fff, 0x1000}) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 957.914493] device hsr_slave_0 left promiscuous mode 04:54:29 executing program 5: r0 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x400000) connect$pppoe(r0, &(0x7f00000000c0)={0x18, 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}, 'syz_tun\x00'}}, 0x1e) r1 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x400, 0x0) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000040)={0x80000002, 0x1, 0x0, 0xffffffffffffffff}) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80180282}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x68, r3, 0x10, 0x8, 0x25dfdbfe, {{}, 0x0, 0x4107, 0x0, {0x4c, 0x18, {0x6, @media='udp\x00'}}}}, 0x68}, 0x1, 0x0, 0x0, 0x400c0}, 0x40) fcntl$getflags(r2, 0x40b) [ 957.974184] team0 (unregistering): Port device team_slave_1 removed [ 958.049023] team0 (unregistering): Port device team_slave_0 removed [ 958.084637] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 958.106238] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 958.106753] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 958.134322] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 958.149663] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 958.162450] CPU: 1 PID: 14334 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 958.169559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 958.169567] Call Trace: [ 958.169592] dump_stack+0x172/0x1f0 [ 958.169611] warn_alloc.cold+0x7b/0x173 [ 958.169630] ? zone_watermark_ok_safe+0x260/0x260 [ 958.169646] ? compaction_deferred+0x16a/0x3b0 [ 958.169664] ? try_to_compact_pages+0x44/0xae0 [ 958.169697] __alloc_pages_slowpath+0x220e/0x2870 [ 958.169730] ? warn_alloc+0x110/0x110 [ 958.189372] ? __lock_is_held+0xb6/0x140 [ 958.216068] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 958.221629] ? should_fail+0x14d/0x85c [ 958.225543] ? __isolate_free_page+0x4c0/0x4c0 [ 958.225562] ? __might_sleep+0x95/0x190 [ 958.234143] __alloc_pages_nodemask+0x617/0x750 [ 958.238843] ? __alloc_pages_slowpath+0x2870/0x2870 [ 958.243895] ? wait_for_completion+0x440/0x440 [ 958.248509] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 958.254071] alloc_pages_current+0x107/0x210 [ 958.254093] ion_page_pool_alloc+0x137/0x1d0 [ 958.254112] ion_system_heap_allocate+0x154/0xa90 [ 958.267788] ? ion_system_heap_free+0x250/0x250 [ 958.272488] ion_alloc+0x29b/0x900 [ 958.276058] ? ion_dma_buf_release+0x50/0x50 [ 958.276085] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 958.286041] ? _copy_from_user+0xdd/0x150 [ 958.290210] ion_ioctl+0x17b/0x329 [ 958.293762] ? ion_alloc.cold+0x28/0x28 [ 958.297767] ? __might_sleep+0x95/0x190 [ 958.301762] ? ion_alloc.cold+0x28/0x28 [ 958.305746] do_vfs_ioctl+0xd5f/0x1380 [ 958.305763] ? selinux_file_ioctl+0x46f/0x5e0 [ 958.305777] ? selinux_file_ioctl+0x125/0x5e0 [ 958.305795] ? ioctl_preallocate+0x210/0x210 [ 958.323078] ? selinux_file_mprotect+0x620/0x620 [ 958.327860] ? iterate_fd+0x360/0x360 [ 958.331686] ? nsecs_to_jiffies+0x30/0x30 [ 958.335856] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 958.341406] ? security_file_ioctl+0x8d/0xc0 [ 958.341427] ksys_ioctl+0xab/0xd0 [ 958.341444] __x64_sys_ioctl+0x73/0xb0 [ 958.341461] do_syscall_64+0xfd/0x620 [ 958.341482] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 958.341493] RIP: 0033:0x459829 [ 958.341509] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 958.341516] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 958.341532] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 958.341540] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 958.341548] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 958.341556] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 958.341565] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 958.438694] CPU: 0 PID: 14329 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 958.445755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 958.455114] Call Trace: [ 958.457716] dump_stack+0x172/0x1f0 [ 958.461358] warn_alloc.cold+0x7b/0x173 [ 958.465358] ? zone_watermark_ok_safe+0x260/0x260 [ 958.470207] ? __lock_is_held+0xb6/0x140 [ 958.474302] __alloc_pages_slowpath+0x220e/0x2870 [ 958.479167] ? warn_alloc+0x110/0x110 [ 958.482975] ? __lock_is_held+0xb6/0x140 [ 958.487045] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 958.492586] ? should_fail+0x14d/0x85c [ 958.496480] ? __isolate_free_page+0x4c0/0x4c0 [ 958.501069] ? __might_sleep+0x95/0x190 [ 958.505054] __alloc_pages_nodemask+0x617/0x750 [ 958.509746] ? __alloc_pages_slowpath+0x2870/0x2870 [ 958.514782] ? wait_for_completion+0x440/0x440 [ 958.519388] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 958.524955] alloc_pages_current+0x107/0x210 [ 958.529372] ion_page_pool_alloc+0x137/0x1d0 [ 958.533805] ion_system_heap_allocate+0x154/0xa90 [ 958.538664] ? ion_system_heap_free+0x250/0x250 [ 958.543348] ion_alloc+0x29b/0x900 [ 958.546903] ? ion_dma_buf_release+0x50/0x50 [ 958.551327] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 958.556877] ? _copy_from_user+0xdd/0x150 [ 958.561042] ion_ioctl+0x17b/0x329 [ 958.564605] ? ion_alloc.cold+0x28/0x28 [ 958.568767] ? __might_sleep+0x95/0x190 [ 958.572762] ? ion_alloc.cold+0x28/0x28 [ 958.576746] do_vfs_ioctl+0xd5f/0x1380 [ 958.580652] ? selinux_file_ioctl+0x46f/0x5e0 [ 958.585153] ? selinux_file_ioctl+0x125/0x5e0 [ 958.589659] ? ioctl_preallocate+0x210/0x210 [ 958.594069] ? selinux_file_mprotect+0x620/0x620 [ 958.598836] ? iterate_fd+0x360/0x360 [ 958.602646] ? nsecs_to_jiffies+0x30/0x30 [ 958.606811] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 958.612358] ? security_file_ioctl+0x8d/0xc0 [ 958.616787] ksys_ioctl+0xab/0xd0 [ 958.620269] __x64_sys_ioctl+0x73/0xb0 [ 958.624178] do_syscall_64+0xfd/0x620 [ 958.628463] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 958.633760] RIP: 0033:0x459829 [ 958.636974] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 958.655897] RSP: 002b:00007fa015674c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 958.663622] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 958.670905] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 958.678183] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 958.685468] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156756d4 [ 958.692739] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff 04:54:30 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x0, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x74) [ 958.842982] warn_alloc_show_mem: 1 callbacks suppressed [ 958.842988] Mem-Info: [ 958.886510] active_anon:71463 inactive_anon:199 isolated_anon:0 [ 958.886510] active_file:835 inactive_file:5154 isolated_file:0 [ 958.886510] unevictable:0 dirty:10 writeback:0 unstable:0 [ 958.886510] slab_reclaimable:12403 slab_unreclaimable:103986 [ 958.886510] mapped:48251 shmem:245 pagetables:876 bounce:0 [ 958.886510] free:91842 free_pcp:1474 free_cma:0 [ 959.015223] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 959.027582] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 959.081993] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 959.106230] CPU: 1 PID: 14342 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 959.113290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 959.113296] Call Trace: [ 959.113320] dump_stack+0x172/0x1f0 [ 959.113339] warn_alloc.cold+0x7b/0x173 [ 959.113359] ? zone_watermark_ok_safe+0x260/0x260 [ 959.113384] ? __lock_is_held+0xb6/0x140 [ 959.113422] __alloc_pages_slowpath+0x220e/0x2870 [ 959.113460] ? warn_alloc+0x110/0x110 [ 959.113475] ? __lock_is_held+0xb6/0x140 [ 959.113495] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 959.113508] ? should_fail+0x14d/0x85c [ 959.113533] ? __isolate_free_page+0x4c0/0x4c0 [ 959.169675] ? __might_sleep+0x95/0x190 [ 959.173671] __alloc_pages_nodemask+0x617/0x750 [ 959.178359] ? __alloc_pages_slowpath+0x2870/0x2870 [ 959.183412] ? wait_for_completion+0x440/0x440 [ 959.188010] ? retint_kernel+0x2d/0x2d [ 959.191908] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 959.191933] alloc_pages_current+0x107/0x210 [ 959.191952] ion_page_pool_alloc+0x137/0x1d0 [ 959.206314] ion_system_heap_allocate+0x154/0xa90 [ 959.211184] ? ion_system_heap_free+0x250/0x250 [ 959.215902] ion_alloc+0x29b/0x900 [ 959.219557] ? ion_dma_buf_release+0x50/0x50 [ 959.223989] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 959.224010] ? _copy_from_user+0xdd/0x150 [ 959.233746] ion_ioctl+0x17b/0x329 [ 959.237304] ? ion_alloc.cold+0x28/0x28 [ 959.241297] ? __might_sleep+0x95/0x190 [ 959.245291] ? ion_alloc.cold+0x28/0x28 [ 959.249282] do_vfs_ioctl+0xd5f/0x1380 [ 959.253184] ? selinux_file_ioctl+0x46f/0x5e0 [ 959.253200] ? selinux_file_ioctl+0x125/0x5e0 [ 959.253217] ? ioctl_preallocate+0x210/0x210 [ 959.253239] ? selinux_file_mprotect+0x620/0x620 [ 959.271414] ? iterate_fd+0x360/0x360 [ 959.275238] ? nsecs_to_jiffies+0x30/0x30 [ 959.279415] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 959.284971] ? security_file_ioctl+0x8d/0xc0 [ 959.284993] ksys_ioctl+0xab/0xd0 [ 959.285011] __x64_sys_ioctl+0x73/0xb0 [ 959.292887] do_syscall_64+0xfd/0x620 [ 959.300563] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 959.300575] RIP: 0033:0x459829 [ 959.300591] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 959.300600] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 959.300615] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 959.300623] RDX: 0000000020000040 RSI: 00000000c0184900 RDI: 0000000000000003 [ 959.300631] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 959.300640] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 959.300649] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 959.388348] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 959.437517] syz-executor.4 cpuset= [ 959.437533] syz4 mems_allowed=0-1 [ 959.458530] CPU: 1 PID: 14354 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 959.465583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 959.465589] Call Trace: [ 959.465614] dump_stack+0x172/0x1f0 [ 959.465634] warn_alloc.cold+0x7b/0x173 [ 959.485197] ? zone_watermark_ok_safe+0x260/0x260 [ 959.490081] ? try_to_compact_pages+0x44/0xae0 [ 959.494705] __alloc_pages_slowpath+0x220e/0x2870 [ 959.499591] ? warn_alloc+0x110/0x110 [ 959.503415] ? __lock_is_held+0xb6/0x140 [ 959.507497] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 959.507512] ? should_fail+0x14d/0x85c [ 959.507533] ? __isolate_free_page+0x4c0/0x4c0 [ 959.521542] ? __might_sleep+0x95/0x190 [ 959.525570] __alloc_pages_nodemask+0x617/0x750 [ 959.530261] ? __alloc_pages_slowpath+0x2870/0x2870 [ 959.535300] ? wait_for_completion+0x440/0x440 [ 959.535323] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 959.545495] alloc_pages_current+0x107/0x210 [ 959.550118] ion_page_pool_alloc+0x137/0x1d0 [ 959.554568] ion_system_heap_allocate+0x154/0xa90 [ 959.559611] ? ion_system_heap_free+0x250/0x250 [ 959.559638] ion_alloc+0x29b/0x900 [ 959.559666] ? ion_dma_buf_release+0x50/0x50 [ 959.572507] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 959.578074] ? _copy_from_user+0xdd/0x150 [ 959.578103] ion_ioctl+0x17b/0x329 [ 959.585845] ? ion_alloc.cold+0x28/0x28 [ 959.589850] ? __might_sleep+0x95/0x190 [ 959.593844] ? ion_alloc.cold+0x28/0x28 [ 959.593864] do_vfs_ioctl+0xd5f/0x1380 [ 959.593879] ? selinux_file_ioctl+0x46f/0x5e0 [ 959.593897] ? selinux_file_ioctl+0x125/0x5e0 [ 959.613751] ? ioctl_preallocate+0x210/0x210 [ 959.613769] ? selinux_file_mprotect+0x620/0x620 [ 959.613790] ? iterate_fd+0x360/0x360 [ 959.627047] ? nsecs_to_jiffies+0x30/0x30 [ 959.632158] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 959.637723] ? security_file_ioctl+0x8d/0xc0 [ 959.642155] ksys_ioctl+0xab/0xd0 [ 959.645630] __x64_sys_ioctl+0x73/0xb0 [ 959.649627] do_syscall_64+0xfd/0x620 [ 959.653448] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 959.658661] RIP: 0033:0x459829 [ 959.661889] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 959.680905] RSP: 002b:00007fa015632c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 959.688706] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 959.696001] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 959.703313] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 959.710600] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156336d4 [ 959.717885] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 959.732016] FAT-fs (loop1): Directory bread(block 1281) failed [ 959.739095] FAT-fs (loop1): Directory bread(block 1282) failed [ 959.745603] FAT-fs (loop1): Directory bread(block 1283) failed [ 959.754474] FAT-fs (loop1): Directory bread(block 1284) failed [ 959.760733] FAT-fs (loop1): Directory bread(block 1285) failed [ 959.767141] FAT-fs (loop1): Directory bread(block 1286) failed [ 959.774228] FAT-fs (loop1): Directory bread(block 1287) failed [ 959.780659] FAT-fs (loop1): Directory bread(block 1288) failed 04:54:31 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote, 0x2}, @in={0x2, 0x0, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x74) [ 959.786753] FAT-fs (loop1): Directory bread(block 1289) failed [ 959.793035] FAT-fs (loop1): Directory bread(block 1290) failed [ 959.921337] bond0 (unregistering): Released all slaves [ 959.986667] Node 0 active_anon:285448kB inactive_anon:804kB active_file:4888kB inactive_file:18048kB unevictable:0kB isolated(anon):48kB isolated(file):0kB mapped:122724kB dirty:364kB writeback:0kB shmem:984kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 04:54:31 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900800e80000080008000100000007e10567cb3aa6c419f879000800e80f01"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)={0x0, 0x7fffffff, 0x8, 0x0, 0xfff, 0xd459, 0x455d, 0x80, 0xffffffffffff0000, 0x800, 0xfffffffffffffc01, 0x5, 0x0, 0x79, 0x0, 0x1, 0x57, 0x8000, 0x7f}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x4001ff) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 960.102794] Node 1 active_anon:600kB inactive_anon:0kB active_file:644kB inactive_file:584kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:70816kB dirty:48kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 960.209628] Node 0 DMA free:10512kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 960.358050] lowmem_reserve[]: 0 2555 2557 2557 [ 960.384505] Node 0 DMA32 free:220452kB min:36248kB low:45308kB high:54368kB active_anon:283400kB inactive_anon:804kB active_file:4888kB inactive_file:18048kB unevictable:0kB writepending:516kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6976kB pagetables:3148kB bounce:0kB free_pcp:2164kB local_pcp:852kB free_cma:0kB [ 960.429630] lowmem_reserve[]: 0 0 2 2 [ 960.437274] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 04:54:32 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vga_arbiter\x00', 0x2442, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f00000004c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100080}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0xbc, r2, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x447239af}, @IPVS_CMD_ATTR_DEST={0x50, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x8001}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x80000000}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x1}, @IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@local}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x9}, @IPVS_DEST_ATTR_U_THRESH={0x8}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x24}, @IPVS_CMD_ATTR_DEST={0x30, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x7}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xcc1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3ff}]}, 0xbc}, 0x1, 0x0, 0x0, 0x40}, 0x8000) pipe2(&(0x7f0000000540), 0x80800) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000000)={0x8000}) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008000100000007e10500ac14341b080003000800e80f01"], 0x1}}, 0x0) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f0000000500)={0x1, r1}) r4 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) write$FUSE_POLL(r4, &(0x7f00000000c0)={0x18, 0x0, 0x4, {0x6}}, 0x18) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x3) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r5, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$KVM_RUN(r5, 0xae80, 0x0) [ 960.612947] lowmem_reserve[]: 0 0 0 0 [ 960.646635] Node 1 Normal free:201980kB min:53608kB low:67008kB high:80408kB active_anon:576kB inactive_anon:0kB active_file:676kB inactive_file:652kB unevictable:0kB writepending:28kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:320kB pagetables:380kB bounce:0kB free_pcp:1276kB local_pcp:1276kB free_cma:0kB [ 960.705588] lowmem_reserve[]: 0 0 0 0 04:54:32 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x58) [ 960.729740] Node 0 DMA: 104*4kB (U) 17*8kB (UE) 3*16kB (UE) 4*32kB (UE) 1*64kB (E) 10*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10520kB [ 960.817181] Node 0 DMA32: 23467*4kB (UME) 4935*8kB (UME) 3403*16kB (UE) 1075*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 222196kB [ 960.853663] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 960.869701] Node 1 Normal: 33189*4kB (UM) 1118*8kB (U) 1015*16kB (U) 1526*32kB (U) 42*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 209460kB [ 960.942401] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 960.970150] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 961.043321] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 961.110337] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 961.156888] 6340 total pagecache pages [ 961.182673] 0 pages in swap cache [ 961.230565] Swap cache stats: add 0, delete 0, find 0/0 [ 961.240907] Free swap = 0kB [ 961.268158] Total swap = 0kB [ 961.272271] 1965979 pages RAM [ 961.298300] 0 pages HighMem/MovableOnly [ 961.302650] 338856 pages reserved [ 961.306334] 0 pages cma reserved 04:54:32 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008000100000007e10500ac14341b080003000800e80f01"], 0x1}}, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) socket$l2tp(0x18, 0x1, 0x1) getuid() r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r2, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 961.998138] IPVS: ftp: loaded support on port[0] = 21 [ 962.242480] chnl_net:caif_netlink_parms(): no params data found [ 962.408527] bridge0: port 1(bridge_slave_0) entered blocking state [ 962.426464] bridge0: port 1(bridge_slave_0) entered disabled state [ 962.446826] device bridge_slave_0 entered promiscuous mode [ 962.470718] bridge0: port 2(bridge_slave_1) entered blocking state [ 962.477154] bridge0: port 2(bridge_slave_1) entered disabled state [ 962.510829] device bridge_slave_1 entered promiscuous mode [ 962.579236] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 962.602030] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 962.670478] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 962.678326] team0: Port device team_slave_0 added [ 962.706050] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 962.714536] team0: Port device team_slave_1 added [ 962.746136] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 962.766044] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 962.870806] device hsr_slave_0 entered promiscuous mode [ 962.931705] device hsr_slave_1 entered promiscuous mode [ 962.971167] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 962.978377] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 963.062616] bridge0: port 2(bridge_slave_1) entered blocking state [ 963.069050] bridge0: port 2(bridge_slave_1) entered forwarding state [ 963.076508] bridge0: port 1(bridge_slave_0) entered blocking state [ 963.085154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 963.187622] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 963.210027] 8021q: adding VLAN 0 to HW filter on device bond0 [ 963.220561] bridge0: port 1(bridge_slave_0) entered disabled state [ 963.233886] bridge0: port 2(bridge_slave_1) entered disabled state [ 963.243911] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 963.277534] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 963.302283] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 963.308534] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 963.315819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 963.362962] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 963.369084] 8021q: adding VLAN 0 to HW filter on device team0 [ 963.412386] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 963.420115] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 963.428052] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 963.437409] bridge0: port 1(bridge_slave_0) entered blocking state [ 963.443856] bridge0: port 1(bridge_slave_0) entered forwarding state [ 963.460461] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 963.482035] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 963.489379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 963.530451] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 963.538315] bridge0: port 2(bridge_slave_1) entered blocking state [ 963.544754] bridge0: port 2(bridge_slave_1) entered forwarding state [ 963.579836] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 963.598004] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 963.631146] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 963.643522] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 963.699829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 963.709019] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 963.789337] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 963.860077] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 963.867169] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 963.880316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 964.300210] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 964.308119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 964.442671] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 965.032070] syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0 [ 965.089089] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 965.102577] CPU: 1 PID: 7963 Comm: syz-fuzzer Not tainted 4.19.63 #37 [ 965.109178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 965.118536] Call Trace: [ 965.121147] dump_stack+0x172/0x1f0 [ 965.124803] dump_header+0x15e/0xa55 [ 965.128541] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 965.133658] ? ___ratelimit+0x60/0x595 [ 965.137562] ? do_raw_spin_unlock+0x57/0x270 [ 965.141994] oom_kill_process.cold+0x10/0x6ef [ 965.146508] ? lock_downgrade+0x810/0x810 [ 965.150671] ? kasan_check_read+0x11/0x20 [ 965.154914] out_of_memory+0x936/0x12d0 [ 965.158909] ? oom_killer_disable+0x280/0x280 [ 965.163427] ? mutex_trylock+0x18e/0x1e0 [ 965.167616] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 965.172576] __alloc_pages_slowpath+0x20af/0x2870 [ 965.177503] ? warn_alloc+0x110/0x110 [ 965.181319] ? __lock_is_held+0xb6/0x140 [ 965.185402] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 965.190971] ? should_fail+0x14d/0x85c [ 965.194893] ? __might_sleep+0x95/0x190 [ 965.198893] __alloc_pages_nodemask+0x617/0x750 [ 965.203667] ? kasan_check_read+0x11/0x20 [ 965.207846] ? __alloc_pages_slowpath+0x2870/0x2870 [ 965.212870] ? find_get_entry+0x3e8/0x820 [ 965.217040] ? filemap_map_pages+0x1130/0x1130 [ 965.221645] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 965.227199] alloc_pages_current+0x107/0x210 [ 965.231619] __page_cache_alloc+0x2bd/0x450 [ 965.236040] ? kasan_check_read+0x11/0x20 [ 965.240203] filemap_fault+0x10bb/0x2250 [ 965.244284] ? lock_downgrade+0x810/0x810 [ 965.248462] ? __lock_page_or_retry+0xdc0/0xdc0 [ 965.253146] ? lock_acquire+0x16f/0x3f0 [ 965.257173] ? ext4_filemap_fault+0x7b/0xaf [ 965.261521] ext4_filemap_fault+0x83/0xaf [ 965.265676] __do_fault+0x111/0x480 [ 965.269317] __handle_mm_fault+0x2d78/0x3f80 [ 965.273744] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 965.278615] ? count_memcg_event_mm+0x2b1/0x4d0 [ 965.283301] handle_mm_fault+0x1b5/0x690 [ 965.287382] __do_page_fault+0x62a/0xe90 [ 965.291560] ? vmalloc_fault+0x740/0x740 [ 965.295638] ? trace_hardirqs_off_caller+0x65/0x220 [ 965.300669] ? trace_hardirqs_on_caller+0x6a/0x220 [ 965.305611] ? page_fault+0x8/0x30 [ 965.309166] do_page_fault+0x71/0x57d [ 965.312985] ? page_fault+0x8/0x30 [ 965.316543] page_fault+0x1e/0x30 [ 965.320006] RIP: 0033:0x45b153 [ 965.323223] Code: Bad RIP value. [ 965.326594] RSP: 002b:000000c420039ea0 EFLAGS: 00010202 [ 965.331969] RAX: ffffffffffffff92 RBX: 000000003b97e9f7 RCX: 000000000045b153 [ 965.339244] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000017be660 [ 965.346549] RBP: 000000c420039ee8 R08: 0000000000000000 R09: 0000000000000000 [ 965.353828] R10: 000000c420039ed8 R11: 0000000000000202 R12: 000000ed1ab9918f [ 965.361109] R13: 0000000000000002 R14: 0000000000000002 R15: 0000000000000001 [ 965.467186] Mem-Info: [ 965.469741] active_anon:71426 inactive_anon:202 isolated_anon:0 [ 965.469741] active_file:15 inactive_file:14 isolated_file:1 [ 965.469741] unevictable:0 dirty:0 writeback:0 unstable:0 [ 965.469741] slab_reclaimable:12415 slab_unreclaimable:107028 [ 965.469741] mapped:52226 shmem:245 pagetables:863 bounce:0 [ 965.469741] free:25319 free_pcp:28 free_cma:0 [ 965.502815] Node 0 active_anon:285180kB inactive_anon:808kB active_file:44kB inactive_file:48kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:139272kB dirty:0kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 965.531241] Node 1 active_anon:524kB inactive_anon:0kB active_file:16kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):4kB mapped:69632kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 965.557909] Node 0 DMA free:10432kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 965.601611] lowmem_reserve[]: 0 2555 2557 2557 [ 965.607775] Node 0 DMA32 free:36184kB min:36248kB low:45308kB high:54368kB active_anon:283132kB inactive_anon:808kB active_file:44kB inactive_file:48kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6848kB pagetables:3072kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 965.639227] lowmem_reserve[]: 0 0 2 2 [ 965.643273] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 965.669963] lowmem_reserve[]: 0 0 0 0 [ 965.673786] Node 1 Normal free:53600kB min:53608kB low:67008kB high:80408kB active_anon:524kB inactive_anon:0kB active_file:16kB inactive_file:8kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:320kB pagetables:380kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 965.706343] lowmem_reserve[]: 0 0 0 0 [ 965.710461] Node 0 DMA: 74*4kB (U) 17*8kB (UE) 5*16kB (UE) 4*32kB (UE) 1*64kB (E) 10*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10432kB [ 965.725834] Node 0 DMA32: 816*4kB (ME) 645*8kB (ME) 139*16kB (ME) 486*32kB (UM) 126*64kB (UM) 5*128kB (UM) 3*256kB (UM) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 36184kB [ 965.742787] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 965.753842] Node 1 Normal: 22*4kB (UM) 12*8kB (UM) 4*16kB (M) 5*32kB (UM) 735*64kB (UM) 42*128kB (UM) 2*256kB (UM) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 53848kB [ 965.774316] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 965.783693] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 965.793217] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 965.803151] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 965.811924] 275 total pagecache pages [ 965.819274] 0 pages in swap cache [ 965.822784] Swap cache stats: add 0, delete 0, find 0/0 [ 965.828135] Free swap = 0kB [ 965.831215] Total swap = 0kB [ 965.834253] 1965979 pages RAM [ 965.837349] 0 pages HighMem/MovableOnly [ 965.841424] 338856 pages reserved [ 965.844887] 0 pages cma reserved [ 965.848234] Unreclaimable slab info: [ 965.852005] Name Used Total [ 965.857567] pid_2 42KB 160KB [ 965.863007] batadv_tt_change_cache 10KB 15KB [ 965.868846] batadv_tl_cache 11KB 20KB [ 965.882991] TIPC 33KB 50KB [ 965.888629] SCTPv6 33KB 55KB [ 965.903449] DCCPv6 26KB 43KB [ 965.908899] DCCP 16KB 41KB [ 965.917875] bridge_fdb_cache 24KB 35KB [ 965.923445] fib6_nodes 234KB 256KB [ 965.928837] ip6_dst_cache 911KB 956KB [ 965.934995] RAWv6 146KB 162KB [ 965.940627] UDPv6 3KB 3KB [ 965.946027] TCPv6 29KB 35KB [ 965.951752] nf_conntrack 0KB 3KB [ 965.957290] sd_ext_cdb 0KB 7KB [ 965.962995] scsi_sense_cache 1056KB 1060KB [ 965.968379] virtio_scsi_cmd 16KB 16KB [ 965.973908] sgpool-128 8KB 8KB [ 965.979275] sgpool-64 4KB 12KB [ 965.984722] sgpool-32 2KB 15KB [ 965.993138] sgpool-16 1KB 7KB [ 965.998613] sgpool-8 0KB 7KB [ 966.005682] mqueue_inode_cache 30KB 43KB [ 966.011511] bio_post_read_ctx 14KB 15KB [ 966.017568] bio-2 14KB 15KB [ 966.042756] jfs_mp 7KB 7KB [ 966.048215] nfs_commit_data 3KB 14KB [ 966.054898] nfs_write_data 34KB 44KB [ 966.061255] ext4_system_zone 1KB 7KB [ 966.066649] bio-1 1KB 7KB [ 966.072067] pid_namespace 5KB 7KB [ 966.077447] rpc_buffers 17KB 25KB [ 966.083027] rpc_tasks 2KB 7KB [ 966.088385] UNIX 1375KB 1413KB [ 966.093779] tcp_bind_bucket 3KB 12KB [ 966.099151] xfrm_state 3KB 8KB [ 966.104678] ip_fib_trie 39KB 39KB [ 966.110110] ip_fib_alias 163KB 177KB [ 966.115470] ip_dst_cache 6KB 20KB [ 966.120875] RAW 86KB 115KB [ 966.126247] UDP 29KB 58KB [ 966.131684] TCP 8KB 16KB [ 966.137050] hugetlbfs_inode_cache 2KB 15KB [ 966.142896] fscache_cookie_jar 1KB 11KB [ 966.148362] eventpoll_pwq 22KB 35KB [ 966.165210] eventpoll_epi 42KB 66KB [ 966.180532] inotify_inode_mark 33KB 63KB [ 966.186140] request_queue 163KB 163KB [ 966.192555] blkdev_requests 1KB 3KB [ 966.197953] blkdev_ioc 40KB 54KB [ 966.203385] bio-0 1895KB 2055KB [ 966.208759] biovec-max 3531KB 3531KB [ 966.214259] biovec-64 1990KB 2086KB [ 966.219681] biovec-16 247KB 367KB [ 966.225047] bio_integrity_payload 1KB 8KB [ 966.230855] khugepaged_mm_slot 6KB 19KB [ 966.236316] dmaengine-unmap-256 2KB 6KB [ 966.241900] dmaengine-unmap-128 1KB 3KB [ 966.247451] dmaengine-unmap-16 0KB 4KB [ 966.252954] dmaengine-unmap-2 0KB 3KB [ 966.258319] skbuff_fclone_cache 90KB 172KB [ 966.264002] skbuff_head_cache 7063KB 7530KB [ 966.269353] configfs_dir_cache 0KB 8KB [ 966.274967] file_lock_cache 0KB 3KB [ 966.280673] file_lock_ctx 0KB 3KB [ 966.288787] fsnotify_mark_connector 19KB 39KB [ 966.299757] net_namespace 121KB 121KB [ 966.307890] shmem_inode_cache 5120KB 5398KB [ 966.314870] task_delay_info 71KB 233KB [ 966.325582] taskstats 35KB 76KB [ 966.331074] proc_dir_entry 1070KB 1106KB [ 966.336448] pde_opener 0KB 3KB [ 966.343776] seq_file 163KB 307KB [ 966.349154] sigqueue 39KB 86KB [ 966.354615] kernfs_node_cache 13548KB 13564KB [ 966.360062] mnt_cache 184KB 200KB [ 966.365439] filp 2695KB 4173KB [ 966.370864] names_cache 43953KB 44013KB [ 966.376246] iint_cache 33KB 63KB [ 966.381677] hashtab_node 118KB 119KB [ 966.387063] ebitmap_node 1067KB 1141KB [ 966.392507] avtab_node 1012KB 1013KB [ 966.397865] avc_node 49KB 55KB [ 966.403307] selinux_file_security 168KB 329KB [ 966.409020] selinux_inode_security 3231KB 3488KB [ 966.415000] key_jar 6KB 15KB [ 966.420585] uts_namespace 8KB 15KB [ 966.426069] nsproxy 8KB 11KB [ 966.431645] vm_area_struct 3048KB 5541KB [ 966.439521] mm_struct 429KB 734KB [ 966.444906] fs_cache 57KB 96KB [ 966.451441] files_cache 173KB 247KB [ 966.456828] signal_cache 516KB 797KB [ 966.465095] sighand_cache 492KB 534KB [ 966.470562] task_struct 2258KB 2264KB [ 966.475936] cred_jar 283KB 608KB [ 966.511140] anon_vma_chain 1735KB 3465KB [ 966.516570] anon_vma 173KB 573KB [ 966.561960] pid 52KB 200KB [ 966.567391] Acpi-Operand 156KB 190KB [ 966.636116] Acpi-ParseExt 8KB 11KB [ 966.665853] Acpi-Parse 41KB 47KB [ 966.687837] Acpi-State 52KB 63KB [ 966.724773] Acpi-Namespace 20KB 23KB [ 966.761793] numa_policy 0KB 3KB [ 966.767246] debug_objects_cache 1238KB 1285KB [ 966.818598] trace_event_file 263KB 266KB [ 966.841348] ftrace_event_field 382KB 385KB [ 966.846892] pool_workqueue 119KB 132KB [ 966.895910] task_group 5KB 7KB [ 966.919957] page->ptl 626KB 1612KB [ 966.925423] kmalloc-2097152 2050KB 2050KB [ 966.971056] kmalloc-524288 2056KB 2056KB [ 966.976474] kmalloc-262144 1290KB 1290KB [ 967.025266] kmalloc-131072 650KB 650KB [ 967.056221] kmalloc-65536 42966KB 43824KB [ 967.096556] kmalloc-32768 2937KB 3069KB [ 967.133061] kmalloc-16384 907KB 957KB [ 967.157163] kmalloc-8192 4347KB 4389KB [ 967.187108] kmalloc-4096 36860KB 36898KB [ 967.222349] kmalloc-2048 18706KB 18774KB [ 967.227768] kmalloc-1024 15606KB 16600KB [ 967.273905] kmalloc-512 12215KB 12982KB [ 967.279318] kmalloc-256 5260KB 5565KB [ 967.354107] kmalloc-128 1530KB 1578KB [ 967.385364] kmalloc-96 2382KB 2568KB [ 967.411962] kmalloc-64 3299KB 3496KB [ 967.417380] kmalloc-32 3404KB 3724KB [ 967.469702] kmalloc-192 3254KB 3396KB [ 967.475127] kmem_cache 248KB 255KB [ 967.526760] Out of memory: Kill process 14341 (syz-executor.5) score 1005 or sacrifice child [ 967.570172] Killed process 14342 (syz-executor.5) total-vm:73240kB, anon-rss:184kB, file-rss:34816kB, shmem-rss:0kB [ 967.625218] oom_reaper: reaped process 14342 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 967.728313] udevd invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=-1000 [ 967.763790] udevd cpuset=/ mems_allowed=0-1 [ 967.768213] CPU: 0 PID: 3602 Comm: udevd Not tainted 4.19.63 #37 [ 967.774370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 967.783737] Call Trace: [ 967.786445] dump_stack+0x172/0x1f0 [ 967.790096] dump_header+0x15e/0xa55 [ 967.793824] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 967.798942] ? ___ratelimit+0x60/0x595 [ 967.802847] ? do_raw_spin_unlock+0x57/0x270 [ 967.807290] oom_kill_process.cold+0x10/0x6ef [ 967.811802] ? lock_downgrade+0x810/0x810 [ 967.815965] ? kasan_check_read+0x11/0x20 [ 967.820127] out_of_memory+0x936/0x12d0 [ 967.824127] ? oom_killer_disable+0x280/0x280 [ 967.828642] ? mutex_trylock+0x18e/0x1e0 [ 967.832713] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 967.837648] __alloc_pages_slowpath+0x20af/0x2870 [ 967.842513] ? warn_alloc+0x110/0x110 [ 967.846319] ? __lock_is_held+0xb6/0x140 [ 967.850369] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 967.855902] ? should_fail+0x14d/0x85c [ 967.859780] ? __might_sleep+0x95/0x190 [ 967.863743] __alloc_pages_nodemask+0x617/0x750 [ 967.868429] ? kasan_check_read+0x11/0x20 [ 967.872600] ? __alloc_pages_slowpath+0x2870/0x2870 [ 967.877605] ? find_get_entry+0x3e8/0x820 [ 967.881743] ? filemap_map_pages+0x1130/0x1130 [ 967.886313] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 967.891858] alloc_pages_current+0x107/0x210 [ 967.896281] __page_cache_alloc+0x2bd/0x450 [ 967.900597] ? kasan_check_read+0x11/0x20 [ 967.904754] filemap_fault+0x10bb/0x2250 [ 967.908828] ? lock_downgrade+0x810/0x810 [ 967.912974] ? __lock_page_or_retry+0xdc0/0xdc0 [ 967.917630] ? lock_acquire+0x16f/0x3f0 [ 967.921593] ? ext4_filemap_fault+0x7b/0xaf [ 967.925902] ext4_filemap_fault+0x83/0xaf [ 967.930038] __do_fault+0x111/0x480 [ 967.933654] __handle_mm_fault+0x2d78/0x3f80 [ 967.938055] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 967.942899] ? count_memcg_event_mm+0x2b1/0x4d0 [ 967.947642] handle_mm_fault+0x1b5/0x690 [ 967.951693] __do_page_fault+0x62a/0xe90 [ 967.955744] ? vmalloc_fault+0x740/0x740 [ 967.959809] ? trace_hardirqs_off_caller+0x65/0x220 [ 967.964836] ? trace_hardirqs_on_caller+0x6a/0x220 [ 967.969760] ? page_fault+0x8/0x30 [ 967.973309] do_page_fault+0x71/0x57d [ 967.977117] ? page_fault+0x8/0x30 [ 967.980648] page_fault+0x1e/0x30 [ 967.984085] RIP: 0033:0x412720 [ 967.987272] Code: Bad RIP value. [ 967.990621] RSP: 002b:00007ffddff9f5c8 EFLAGS: 00010246 [ 967.995976] RAX: 0000000000000000 RBX: 0000000000000bb8 RCX: 00007f25ac6d5943 [ 968.003257] RDX: 0000000000000008 RSI: 00007ffddff9f6c0 RDI: 0000000000000002 [ 968.010529] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 968.017790] R10: 0000000000000bb8 R11: 0000000000000246 R12: 0000000000000003 [ 968.025051] R13: 0000000000000000 R14: 0000000001b35390 R15: 0000000001b34030 [ 968.039129] Mem-Info: [ 968.058952] active_anon:71401 inactive_anon:202 isolated_anon:0 [ 968.058952] active_file:15 inactive_file:15 isolated_file:0 [ 968.058952] unevictable:0 dirty:0 writeback:0 unstable:0 [ 968.058952] slab_reclaimable:12393 slab_unreclaimable:106992 [ 968.058952] mapped:52226 shmem:245 pagetables:863 bounce:0 [ 968.058952] free:13732 free_pcp:160 free_cma:0 [ 968.070497] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 968.145513] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 968.166960] Node 0 active_anon:285080kB inactive_anon:808kB active_file:44kB inactive_file:48kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:139272kB dirty:0kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 968.179765] CPU: 1 PID: 14342 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 968.201458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 968.210832] Call Trace: [ 968.213550] dump_stack+0x172/0x1f0 [ 968.217196] warn_alloc.cold+0x7b/0x173 [ 968.221187] ? zone_watermark_ok_safe+0x260/0x260 [ 968.226074] __alloc_pages_slowpath+0x220e/0x2870 [ 968.230956] ? warn_alloc+0x110/0x110 [ 968.234798] ? __lock_is_held+0xb6/0x140 [ 968.238874] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 968.244434] ? should_fail+0x14d/0x85c [ 968.248346] ? __might_sleep+0x95/0x190 [ 968.252363] __alloc_pages_nodemask+0x617/0x750 [ 968.257061] ? __alloc_pages_slowpath+0x2870/0x2870 [ 968.262108] ? wait_for_completion+0x440/0x440 [ 968.266707] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 968.272269] alloc_pages_current+0x107/0x210 [ 968.274321] Node 1 active_anon:524kB inactive_anon:0kB active_file:16kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 968.276700] ion_page_pool_alloc+0x137/0x1d0 [ 968.307951] ion_system_heap_allocate+0x154/0xa90 [ 968.312913] ? ion_system_heap_free+0x250/0x250 [ 968.317617] ion_alloc+0x29b/0x900 [ 968.321182] ? ion_dma_buf_release+0x50/0x50 [ 968.325615] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 968.331170] ? _copy_from_user+0xdd/0x150 [ 968.335338] ion_ioctl+0x17b/0x329 [ 968.338894] ? ion_alloc.cold+0x28/0x28 [ 968.342887] ? __might_sleep+0x95/0x190 [ 968.345192] Node 0 [ 968.346870] ? ion_alloc.cold+0x28/0x28 [ 968.346906] DMA free:10332kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 968.349122] do_vfs_ioctl+0xd5f/0x1380 [ 968.382755] ? selinux_file_ioctl+0x46f/0x5e0 [ 968.387266] ? selinux_file_ioctl+0x125/0x5e0 [ 968.391774] ? ioctl_preallocate+0x210/0x210 [ 968.396191] ? selinux_file_mprotect+0x620/0x620 [ 968.400965] ? iterate_fd+0x360/0x360 [ 968.404785] ? nsecs_to_jiffies+0x30/0x30 [ 968.405726] lowmem_reserve[]: 0 [ 968.408953] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 968.408974] ? security_file_ioctl+0x8d/0xc0 [ 968.422191] ksys_ioctl+0xab/0xd0 [ 968.425663] __x64_sys_ioctl+0x73/0xb0 [ 968.429569] do_syscall_64+0xfd/0x620 [ 968.433395] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 968.438597] RIP: 0033:0x459829 [ 968.441808] Code: Bad RIP value. [ 968.445187] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 968.453006] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 968.455373] 2555 [ 968.460283] RDX: 0000000020000040 RSI: 00000000c0184900 RDI: 0000000000000003 [ 968.460292] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 968.460300] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 968.460309] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 968.484153] warn_alloc_show_mem: 3 callbacks suppressed [ 968.484159] Mem-Info: [ 968.494491] 2557 [ 968.500168] active_anon:71390 inactive_anon:202 isolated_anon:0 [ 968.500168] active_file:16 inactive_file:14 isolated_file:0 [ 968.500168] unevictable:0 dirty:0 writeback:0 unstable:0 [ 968.500168] slab_reclaimable:12393 slab_unreclaimable:106992 [ 968.500168] mapped:52226 shmem:245 pagetables:863 bounce:0 [ 968.500168] free:13732 free_pcp:164 free_cma:0 [ 968.538929] 2557 [ 968.569529] Node 0 DMA32 free:17968kB min:36248kB low:45308kB high:54368kB active_anon:282988kB inactive_anon:808kB active_file:48kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6848kB pagetables:3072kB bounce:0kB free_pcp:408kB local_pcp:264kB free_cma:0kB [ 968.571484] Node 0 active_anon:285036kB inactive_anon:808kB active_file:48kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:139272kB dirty:0kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 968.625966] lowmem_reserve[]: 0 0 2 2 [ 968.660118] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 968.695159] Node 1 active_anon:524kB inactive_anon:0kB active_file:16kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 968.713048] lowmem_reserve[]: 0 0 0 0 [ 968.756356] Node 1 Normal free:26628kB min:53608kB low:67008kB high:80408kB active_anon:524kB inactive_anon:0kB active_file:16kB inactive_file:12kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:320kB pagetables:380kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 968.783880] Node 0 DMA free:10332kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 968.815424] lowmem_reserve[]: 0 0 0 0 [ 968.819292] Node 0 DMA: 49*4kB (U) 17*8kB (UE) 5*16kB (UE) 4*32kB (UE) 1*64kB (E) 10*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB [ 968.832929] lowmem_reserve[]: [ 968.851225] (UE) 2*2048kB (UM) 0*4096kB = 10332kB [ 968.859244] Node 0 DMA32: 816*4kB (ME) 648*8kB (UME) 140*16kB (UME) 28*32kB (M) 70*64kB (UM) 5*128kB (UM) 3*256kB (UM) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 17984kB [ 968.878993] 0 2555 2557 2557 [ 968.900085] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 968.908554] Node 0 DMA32 free:17968kB min:36248kB low:45308kB high:54368kB active_anon:282988kB inactive_anon:808kB active_file:48kB inactive_file:44kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6848kB pagetables:3072kB bounce:0kB free_pcp:408kB local_pcp:264kB free_cma:0kB [ 968.936262] Node 1 Normal: 21*4kB (UM) 8*8kB (UM) 5*16kB (UM) 5*32kB (UM) 310*64kB (UM) 42*128kB (UM) 2*256kB (UM) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 26628kB [ 969.048565] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 969.057189] lowmem_reserve[]: 0 0 2 2 [ 969.087515] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 969.089759] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 969.127545] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 969.136471] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 969.177171] lowmem_reserve[]: 0 0 0 0 [ 969.178305] 275 total pagecache pages [ 969.184912] 0 pages in swap cache [ 969.188369] Swap cache stats: add 0, delete 0, find 0/0 [ 969.211015] Node 1 Normal free:26628kB min:53608kB low:67008kB high:80408kB active_anon:524kB inactive_anon:0kB active_file:16kB inactive_file:12kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:320kB pagetables:380kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 969.223742] Free swap = 0kB [ 969.273228] lowmem_reserve[]: 0 0 0 0 [ 969.277106] Node 0 DMA: 49*4kB (U) 17*8kB (UE) 5*16kB (UE) 4*32kB (UE) 1*64kB (E) 10*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10332kB [ 969.299804] Node 0 DMA32: 816*4kB (ME) 648*8kB (UME) 140*16kB (UME) 28*32kB (M) 70*64kB (UM) 5*128kB (UM) 3*256kB (UM) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 17984kB [ 969.319087] Total swap = 0kB [ 969.347905] 1965979 pages RAM [ 969.349902] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB [ 969.351093] 0 pages HighMem/MovableOnly [ 969.351103] 338856 pages reserved [ 969.356900] 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 969.376100] Node 1 Normal: 21*4kB (UM) 8*8kB (UM) 5*16kB (UM) 5*32kB (UM) 310*64kB (UM) 42*128kB (UM) 2*256kB (UM) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 26628kB [ 969.382315] 0 pages cma reserved [ 969.416365] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 969.429624] Unreclaimable slab info: [ 969.433384] Name Used Total [ 969.438961] pid_2 39KB 160KB [ 969.448402] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 969.491678] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 969.506113] batadv_tt_change_cache 9KB 15KB [ 969.512065] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 969.512116] batadv_tl_cache 11KB 20KB [ 969.549558] TIPC 25KB 50KB [ 969.553841] 275 total pagecache pages [ 969.554973] SCTPv6 33KB 55KB [ 969.558806] 0 pages in swap cache [ 969.573293] DCCPv6 21KB 43KB [ 969.578838] DCCP 16KB 41KB [ 969.588516] Swap cache stats: add 0, delete 0, find 0/0 [ 969.613128] bridge_fdb_cache 24KB 35KB [ 969.618563] fib6_nodes 241KB 256KB [ 969.636904] Free swap = 0kB [ 969.640037] Total swap = 0kB [ 969.643073] 1965979 pages RAM [ 969.646187] 0 pages HighMem/MovableOnly [ 969.654496] ip6_dst_cache 911KB 956KB [ 969.663652] RAWv6 146KB 162KB [ 969.669069] UDPv6 3KB 3KB [ 969.686461] 338856 pages reserved [ 969.716479] TCPv6 26KB 35KB [ 969.727307] 0 pages cma reserved [ 969.766692] nf_conntrack 0KB 3KB [ 969.780567] sd_ext_cdb 0KB 7KB [ 969.786168] scsi_sense_cache 1056KB 1060KB [ 969.799724] virtio_scsi_cmd 16KB 16KB [ 969.805137] sgpool-128 8KB 8KB [ 969.814967] sgpool-64 4KB 12KB [ 969.826335] sgpool-32 2KB 15KB [ 969.836595] sgpool-16 1KB 7KB [ 969.869710] sgpool-8 0KB 7KB [ 969.889964] mqueue_inode_cache 23KB 43KB [ 969.929723] bio_post_read_ctx 14KB 15KB [ 969.935251] bio-2 14KB 15KB [ 969.950586] jfs_mp 7KB 7KB [ 969.956027] nfs_commit_data 3KB 14KB [ 969.969582] nfs_write_data 34KB 44KB [ 969.975169] ext4_system_zone 1KB 7KB [ 969.984631] bio-1 1KB 7KB [ 969.993661] pid_namespace 5KB 7KB [ 969.999081] rpc_buffers 17KB 25KB [ 970.004595] rpc_tasks 2KB 7KB [ 970.019832] UNIX 1366KB 1413KB [ 970.030676] tcp_bind_bucket 2KB 12KB [ 970.037622] xfrm_state 3KB 8KB [ 970.043924] ip_fib_trie 39KB 39KB [ 970.050194] ip_fib_alias 163KB 177KB [ 970.056388] ip_dst_cache 6KB 20KB [ 970.066400] RAW 86KB 115KB [ 970.080120] UDP 29KB 58KB [ 970.099712] TCP 8KB 16KB [ 970.105122] hugetlbfs_inode_cache 2KB 15KB [ 970.105660] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 970.127936] fscache_cookie_jar 1KB 11KB [ 970.133555] eventpoll_pwq 22KB 35KB [ 970.133769] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 970.138947] eventpoll_epi 41KB 66KB [ 970.138959] inotify_inode_mark 28KB 63KB [ 970.138972] request_queue 163KB 163KB [ 970.138981] blkdev_requests 1KB 3KB [ 970.138990] blkdev_ioc 40KB 54KB [ 970.139000] bio-0 1895KB 2055KB [ 970.139008] biovec-max 3531KB 3531KB [ 970.139020] biovec-64 1990KB 2086KB [ 970.139030] biovec-16 244KB 367KB [ 970.139805] bio_integrity_payload 1KB 8KB [ 970.167954] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 970.212973] khugepaged_mm_slot 5KB 19KB [ 970.216757] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 970.228453] dmaengine-unmap-256 2KB 6KB [ 970.241185] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 970.267537] dmaengine-unmap-128 1KB 3KB [ 970.287720] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 970.294615] dmaengine-unmap-16 0KB 4KB [ 970.309448] dmaengine-unmap-2 0KB 3KB [ 970.326909] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 970.333925] skbuff_fclone_cache 88KB 168KB [ 970.349932] skbuff_head_cache 7114KB 7530KB [ 970.355329] configfs_dir_cache 0KB 8KB [ 970.376641] file_lock_cache 0KB 3KB [ 970.404726] file_lock_ctx 0KB 3KB [ 970.425294] fsnotify_mark_connector 16KB 39KB [ 970.444545] net_namespace 121KB 121KB [ 970.455778] shmem_inode_cache 5113KB 5394KB [ 970.466373] task_delay_info 71KB 233KB [ 970.487088] taskstats 35KB 76KB [ 970.506970] proc_dir_entry 1066KB 1102KB [ 970.518237] pde_opener 0KB 3KB [ 970.537420] seq_file 162KB 307KB [ 970.546766] sigqueue 38KB 86KB [ 970.557190] kernfs_node_cache 13548KB 13564KB [ 970.566077] mnt_cache 183KB 200KB [ 970.576407] filp 2688KB 4173KB [ 970.586729] names_cache 43724KB 43745KB [ 970.610078] iint_cache 32KB 63KB [ 970.629289] hashtab_node 118KB 119KB [ 970.635066] ebitmap_node 1065KB 1141KB [ 970.649529] avtab_node 1012KB 1013KB 04:54:42 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB="14bc429bbb43c233cf2cf8302f9c9afec1450056b500002e900800000000080008000100000007e10500ac14341b080003000800e80f01"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000000)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x10204, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 970.660597] avc_node 49KB 55KB [ 970.669854] selinux_file_security 167KB 329KB [ 970.675590] selinux_inode_security 3228KB 3488KB [ 970.681747] key_jar 6KB 15KB [ 970.687135] uts_namespace 7KB 15KB [ 970.692865] nsproxy 6KB 11KB [ 970.698249] vm_area_struct 3038KB 5541KB [ 970.704051] mm_struct 425KB 734KB [ 970.709436] fs_cache 51KB 96KB [ 970.718509] files_cache 163KB 247KB [ 970.724693] signal_cache 508KB 797KB [ 970.738155] sighand_cache 481KB 534KB [ 970.743761] task_struct 2246KB 2264KB [ 970.754644] cred_jar 277KB 608KB [ 970.760130] anon_vma_chain 1732KB 3465KB [ 970.772419] anon_vma 172KB 573KB [ 970.777808] pid 49KB 200KB [ 970.791927] Acpi-Operand 156KB 190KB [ 970.797330] Acpi-ParseExt 8KB 11KB [ 970.805359] Acpi-Parse 41KB 47KB [ 970.811340] Acpi-State 52KB 63KB [ 970.816779] Acpi-Namespace 20KB 23KB [ 970.829749] numa_policy 0KB 3KB [ 970.835138] debug_objects_cache 1238KB 1285KB [ 970.849543] trace_event_file 263KB 266KB [ 970.854935] ftrace_event_field 382KB 385KB [ 970.863022] pool_workqueue 116KB 132KB [ 970.868409] task_group 5KB 7KB [ 970.874386] page->ptl 624KB 1612KB [ 970.880142] kmalloc-2097152 2050KB 2050KB [ 970.885528] kmalloc-524288 2056KB 2056KB [ 970.890973] kmalloc-262144 1290KB 1290KB [ 970.896599] kmalloc-131072 650KB 650KB [ 970.902275] kmalloc-65536 44748KB 45012KB [ 970.907654] kmalloc-32768 2937KB 3069KB [ 970.913133] kmalloc-16384 907KB 957KB [ 970.918735] kmalloc-8192 4347KB 4389KB [ 970.925255] kmalloc-4096 35993KB 36052KB [ 970.930702] kmalloc-2048 18782KB 18806KB [ 970.936287] kmalloc-1024 15673KB 16600KB [ 970.941961] kmalloc-512 12181KB 12956KB [ 970.947342] kmalloc-256 5294KB 5565KB [ 970.959787] kmalloc-128 1530KB 1578KB [ 970.965177] kmalloc-96 2382KB 2568KB [ 970.970598] kmalloc-64 3314KB 3496KB [ 970.975968] kmalloc-32 3404KB 3724KB [ 970.981398] kmalloc-192 3233KB 3396KB [ 970.987121] kmem_cache 248KB 255KB [ 970.992570] Out of memory: Kill process 14326 (syz-executor.4) score 1005 or sacrifice child [ 971.001541] Killed process 14329 (syz-executor.4) total-vm:72976kB, anon-rss:172kB, file-rss:34816kB, shmem-rss:0kB [ 971.012835] oom_reaper: reaped process 14329 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 04:54:42 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x58) 04:54:42 executing program 3: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) fstat(r0, &(0x7f0000000180)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) r2 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x1c75, 0x4002) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x44240, 0x0) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x40, 0x0) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000140)={r3, 0x3e, 0x81, r4}) [ 971.556138] FAT-fs (loop1): Directory bread(block 1281) failed [ 971.581296] FAT-fs (loop1): Directory bread(block 1282) failed [ 971.587687] FAT-fs (loop1): Directory bread(block 1283) failed [ 971.642474] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 971.646151] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 971.685143] syz-executor.1 invoked oom-killer: gfp_mask=0x6280ca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=1000 [ 971.699135] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 971.700114] FAT-fs (loop1): Directory bread(block 1284) failed [ 971.716318] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 971.729431] CPU: 0 PID: 14410 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 971.737183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 971.739960] FAT-fs (loop1): Directory bread(block 1285) failed [ 971.746548] Call Trace: [ 971.746579] dump_stack+0x172/0x1f0 [ 971.746603] warn_alloc.cold+0x7b/0x173 [ 971.746624] ? zone_watermark_ok_safe+0x260/0x260 [ 971.746654] ? try_to_compact_pages+0x44/0xae0 [ 971.772443] __alloc_pages_slowpath+0x220e/0x2870 [ 971.777346] ? warn_alloc+0x110/0x110 [ 971.779641] syz-executor.1 cpuset= [ 971.781182] ? __lock_is_held+0xb6/0x140 [ 971.781212] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 971.781227] ? should_fail+0x14d/0x85c [ 971.785202] syz1 [ 971.789514] ? __isolate_free_page+0x4c0/0x4c0 [ 971.789533] ? __might_sleep+0x95/0x190 [ 971.789555] __alloc_pages_nodemask+0x617/0x750 [ 971.789580] ? __alloc_pages_slowpath+0x2870/0x2870 [ 971.789607] ? wait_for_completion+0x440/0x440 [ 971.820000] FAT-fs (loop1): Directory bread(block 1286) failed [ 971.820610] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 971.820635] alloc_pages_current+0x107/0x210 [ 971.820658] ion_page_pool_alloc+0x137/0x1d0 [ 971.820680] ion_system_heap_allocate+0x154/0xa90 [ 971.825838] FAT-fs (loop1): Directory bread(block 1287) failed [ 971.831369] ? ion_system_heap_free+0x250/0x250 [ 971.831394] ion_alloc+0x29b/0x900 [ 971.831417] ? ion_dma_buf_release+0x50/0x50 [ 971.831444] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 971.831462] ? _copy_from_user+0xdd/0x150 [ 971.831483] ion_ioctl+0x17b/0x329 [ 971.831508] ? ion_alloc.cold+0x28/0x28 [ 971.869537] mems_allowed=0-1 [ 971.874788] ? __might_sleep+0x95/0x190 [ 971.893507] ? ion_alloc.cold+0x28/0x28 [ 971.897503] do_vfs_ioctl+0xd5f/0x1380 [ 971.901408] ? selinux_file_ioctl+0x46f/0x5e0 [ 971.905930] ? selinux_file_ioctl+0x125/0x5e0 [ 971.910450] ? ioctl_preallocate+0x210/0x210 [ 971.915050] ? selinux_file_mprotect+0x620/0x620 [ 971.919865] ? iterate_fd+0x360/0x360 [ 971.923689] ? nsecs_to_jiffies+0x30/0x30 [ 971.927867] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 971.933519] ? security_file_ioctl+0x8d/0xc0 [ 971.937954] ksys_ioctl+0xab/0xd0 [ 971.941431] __x64_sys_ioctl+0x73/0xb0 [ 971.945350] do_syscall_64+0xfd/0x620 [ 971.949174] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 971.954378] RIP: 0033:0x459829 [ 971.957698] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 971.976617] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 971.984357] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 971.991747] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 971.999043] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 972.006333] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 972.013706] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 972.021023] CPU: 1 PID: 14342 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 972.028076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 972.037445] Call Trace: [ 972.040057] dump_stack+0x172/0x1f0 [ 972.043715] warn_alloc.cold+0x7b/0x173 [ 972.047716] ? zone_watermark_ok_safe+0x260/0x260 [ 972.052587] ? try_to_compact_pages+0x44/0xae0 [ 972.057212] __alloc_pages_slowpath+0x220e/0x2870 [ 972.062101] ? warn_alloc+0x110/0x110 [ 972.065924] ? __lock_is_held+0xb6/0x140 [ 972.070011] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 972.075568] ? should_fail+0x14d/0x85c [ 972.079573] ? __isolate_free_page+0x4c0/0x4c0 [ 972.084182] ? __might_sleep+0x95/0x190 [ 972.088188] __alloc_pages_nodemask+0x617/0x750 [ 972.092885] ? __alloc_pages_slowpath+0x2870/0x2870 [ 972.097934] ? find_held_lock+0x35/0x130 [ 972.102021] ? wait_for_completion+0x440/0x440 [ 972.106621] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 972.112178] alloc_pages_current+0x107/0x210 [ 972.116611] ion_page_pool_alloc+0x137/0x1d0 [ 972.121040] ion_system_heap_allocate+0x154/0xa90 [ 972.125907] ? ion_system_heap_free+0x250/0x250 [ 972.130605] ion_alloc+0x475/0x900 [ 972.134177] ? ion_dma_buf_release+0x50/0x50 [ 972.138615] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 972.144166] ? _copy_from_user+0xdd/0x150 [ 972.148423] ion_ioctl+0x17b/0x329 [ 972.151980] ? ion_alloc.cold+0x28/0x28 [ 972.155974] ? __might_sleep+0x95/0x190 [ 972.159970] ? ion_alloc.cold+0x28/0x28 [ 972.163957] do_vfs_ioctl+0xd5f/0x1380 [ 972.167857] ? selinux_file_ioctl+0x46f/0x5e0 [ 972.172362] ? selinux_file_ioctl+0x125/0x5e0 [ 972.176878] ? ioctl_preallocate+0x210/0x210 [ 972.181297] ? selinux_file_mprotect+0x620/0x620 [ 972.186076] ? iterate_fd+0x360/0x360 [ 972.189889] ? nsecs_to_jiffies+0x30/0x30 [ 972.194066] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 972.199621] ? security_file_ioctl+0x8d/0xc0 [ 972.204049] ksys_ioctl+0xab/0xd0 [ 972.207524] __x64_sys_ioctl+0x73/0xb0 [ 972.211430] do_syscall_64+0xfd/0x620 [ 972.215252] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 972.220459] RIP: 0033:0x459829 [ 972.223666] Code: Bad RIP value. [ 972.227096] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 972.234822] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 972.242099] RDX: 0000000020000040 RSI: 00000000c0184900 RDI: 0000000000000003 [ 972.249383] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 972.256665] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 972.256898] Mem-Info: [ 972.264028] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 972.306992] CPU: 1 PID: 14407 Comm: syz-executor.1 Not tainted 4.19.63 #37 [ 972.314053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 972.319633] active_anon:71405 inactive_anon:202 isolated_anon:0 [ 972.319633] active_file:99 inactive_file:77 isolated_file:29 [ 972.319633] unevictable:0 dirty:89 writeback:0 unstable:0 [ 972.319633] slab_reclaimable:12376 slab_unreclaimable:107328 [ 972.319633] mapped:52268 shmem:246 pagetables:890 bounce:0 [ 972.319633] free:13755 free_pcp:154 free_cma:0 [ 972.323450] Call Trace: [ 972.359217] dump_stack+0x172/0x1f0 [ 972.362865] dump_header+0x15e/0xa55 [ 972.366597] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 972.371765] ? ___ratelimit+0x60/0x595 [ 972.375783] ? do_raw_spin_unlock+0x57/0x270 [ 972.380230] oom_kill_process.cold+0x10/0x6ef [ 972.384751] ? lock_downgrade+0x810/0x810 [ 972.388927] ? kasan_check_read+0x11/0x20 [ 972.393101] out_of_memory+0x936/0x12d0 [ 972.395940] Node 0 active_anon:284764kB inactive_anon:804kB active_file:304kB inactive_file:280kB unevictable:0kB isolated(anon):0kB isolated(file):116kB mapped:139412kB dirty:320kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 972.397093] ? oom_killer_disable+0x280/0x280 [ 972.429644] ? mutex_trylock+0x18e/0x1e0 [ 972.433733] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 972.438867] __alloc_pages_slowpath+0x20af/0x2870 [ 972.443754] ? warn_alloc+0x110/0x110 [ 972.447577] ? __lock_is_held+0xb6/0x140 [ 972.451667] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 972.457222] ? should_fail+0x14d/0x85c [ 972.461138] ? __might_sleep+0x95/0x190 [ 972.465133] __alloc_pages_nodemask+0x617/0x750 [ 972.465340] Node 1 active_anon:856kB inactive_anon:4kB active_file:92kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69660kB dirty:36kB writeback:0kB shmem:4kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 972.469825] ? __anon_vma_prepare+0x184/0x3c0 [ 972.469844] ? __alloc_pages_slowpath+0x2870/0x2870 [ 972.469867] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 972.469879] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 972.469899] alloc_pages_vma+0xdd/0x590 [ 972.469925] __handle_mm_fault+0x1dfe/0x3f80 [ 972.519648] Node 0 [ 972.520970] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 972.525378] DMA free:10316kB min:220kB low:272kB high:324kB active_anon:2052kB inactive_anon:8kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 972.527642] ? count_memcg_event_mm+0x2b1/0x4d0 [ 972.538079] lowmem_reserve[]: [ 972.558760] handle_mm_fault+0x1b5/0x690 [ 972.558780] __do_page_fault+0x62a/0xe90 [ 972.558798] ? vmalloc_fault+0x740/0x740 [ 972.558813] ? trace_hardirqs_off_caller+0x65/0x220 [ 972.558825] ? trace_hardirqs_on_caller+0x6a/0x220 [ 972.558846] ? page_fault+0x8/0x30 [ 972.558865] do_page_fault+0x71/0x57d [ 972.558876] ? page_fault+0x8/0x30 [ 972.558891] page_fault+0x1e/0x30 [ 972.558903] RIP: 0033:0x41116f [ 972.558931] Code: Bad RIP value. [ 972.558939] RSP: 002b:00007ffe057da290 EFLAGS: 00010206 [ 972.558952] RAX: 00007f821645f000 RBX: 0000000000020000 RCX: 000000000045987a [ 972.558961] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 972.558971] RBP: 00007ffe057da370 R08: ffffffffffffffff R09: 0000000000000000 [ 972.558979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe057da460 [ 972.558987] R13: 00007f821647f700 R14: 0000000000000002 R15: 000000000075c07c [ 972.684038] 0 2555 2557 2557 [ 972.687208] Node 0 DMA32 free:18068kB min:36248kB low:45308kB high:54368kB active_anon:282752kB inactive_anon:796kB active_file:256kB inactive_file:372kB unevictable:0kB writepending:176kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6912kB pagetables:3120kB bounce:0kB free_pcp:620kB local_pcp:620kB free_cma:0kB [ 972.786539] Mem-Info: [ 972.796324] active_anon:71402 inactive_anon:208 isolated_anon:0 [ 972.796324] active_file:68 inactive_file:25 isolated_file:0 [ 972.796324] unevictable:0 dirty:47 writeback:0 unstable:0 [ 972.796324] slab_reclaimable:12372 slab_unreclaimable:107338 [ 972.796324] mapped:52242 shmem:252 pagetables:890 bounce:0 [ 972.796324] free:13737 free_pcp:219 free_cma:0 [ 972.885809] Node 0 active_anon:284804kB inactive_anon:804kB active_file:76kB inactive_file:12kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:139336kB dirty:176kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 972.898406] lowmem_reserve[]: 0 0 2 2 [ 972.946383] Node 1 active_anon:804kB inactive_anon:28kB active_file:32kB inactive_file:16kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:12kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 973.000163] Node 0 DMA free:10316kB min:220kB low:272kB high:324kB active_anon:2052kB inactive_anon:8kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 973.014357] Node 0 [ 973.066713] lowmem_reserve[]: 0 2555 2557 2557 [ 973.084299] Node 0 DMA32 free:17916kB min:36248kB low:45308kB high:54368kB active_anon:282752kB inactive_anon:796kB active_file:112kB inactive_file:84kB unevictable:0kB writepending:176kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6912kB pagetables:3120kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 973.115495] Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 973.149402] lowmem_reserve[]: 0 0 2 2 [ 973.160068] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 973.183532] lowmem_reserve[]: 0 0 0 0 [ 973.269303] Node 1 Normal free:26764kB min:53608kB low:67008kB high:80408kB active_anon:804kB inactive_anon:28kB active_file:32kB inactive_file:16kB unevictable:0kB writepending:12kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:448kB pagetables:440kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 973.355612] lowmem_reserve[]: 0 0 0 0 [ 973.375171] Node 0 DMA: 17*4kB (UM) 17*8kB (UE) 6*16kB (UME) 5*32kB (UME) 4*64kB (UME) 11*128kB (UME) 4*256kB (UME) 2*512kB (ME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10316kB [ 973.436328] lowmem_reserve[]: 0 0 0 0 [ 973.449851] Node 1 Normal free:26764kB min:53608kB low:67008kB high:80408kB active_anon:804kB inactive_anon:28kB active_file:32kB inactive_file:16kB unevictable:0kB writepending:12kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:448kB pagetables:440kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 973.478546] Node 0 DMA32: 870*4kB (ME) 648*8kB (UME) 135*16kB (ME) 200*32kB (UM) 11*64kB (UM) 2*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18184kB [ 973.529649] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 973.541531] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 973.556141] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 973.561610] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 973.563555] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB [ 973.567070] CPU: 0 PID: 14342 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 973.567082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 973.591424] Call Trace: [ 973.594031] dump_stack+0x172/0x1f0 [ 973.597678] warn_alloc.cold+0x7b/0x173 [ 973.601674] ? zone_watermark_ok_safe+0x260/0x260 [ 973.606563] __alloc_pages_slowpath+0x220e/0x2870 [ 973.611457] ? warn_alloc+0x110/0x110 [ 973.615277] ? __lock_is_held+0xb6/0x140 [ 973.619200] 0*1024kB 0*2048kB [ 973.619357] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 973.619375] ? should_fail+0x14d/0x85c [ 973.622604] 0*4096kB [ 973.629569] ? __might_sleep+0x95/0x190 [ 973.629592] __alloc_pages_nodemask+0x617/0x750 [ 973.629614] ? __alloc_pages_slowpath+0x2870/0x2870 [ 973.649575] ? find_held_lock+0x35/0x130 [ 973.653656] ? wait_for_completion+0x440/0x440 [ 973.658253] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 973.663812] alloc_pages_current+0x107/0x210 [ 973.668238] ion_page_pool_alloc+0x137/0x1d0 [ 973.669587] = 0kB [ 973.672664] ion_system_heap_allocate+0x154/0xa90 [ 973.674750] Node 1 [ 973.679624] ? ion_system_heap_free+0x250/0x250 [ 973.679647] ion_alloc+0x475/0x900 [ 973.679669] ? ion_dma_buf_release+0x50/0x50 [ 973.679694] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 973.687333] lowmem_reserve[]: [ 973.690129] ? _copy_from_user+0xdd/0x150 [ 973.690149] ion_ioctl+0x17b/0x329 [ 973.690168] ? ion_alloc.cold+0x28/0x28 [ 973.694584] Normal: [ 973.700120] ? __might_sleep+0x95/0x190 [ 973.700138] ? ion_alloc.cold+0x28/0x28 [ 973.700161] do_vfs_ioctl+0xd5f/0x1380 [ 973.703520] 1443*4kB [ 973.707669] ? selinux_file_ioctl+0x46f/0x5e0 [ 973.734264] 0 0 [ 973.736922] ? selinux_file_ioctl+0x125/0x5e0 [ 973.736942] ? ioctl_preallocate+0x210/0x210 [ 973.738910] 0 [ 973.743406] ? selinux_file_mprotect+0x620/0x620 [ 973.743427] ? iterate_fd+0x360/0x360 [ 973.743441] ? nsecs_to_jiffies+0x30/0x30 [ 973.743465] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 973.748037] (UME) [ 973.749819] ? security_file_ioctl+0x8d/0xc0 [ 973.749837] ksys_ioctl+0xab/0xd0 [ 973.749862] __x64_sys_ioctl+0x73/0xb0 [ 973.754607] 1105*8kB [ 973.758419] do_syscall_64+0xfd/0x620 [ 973.762616] (UM) [ 973.768096] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 973.770295] 0 [ 973.774632] RIP: 0033:0x459829 [ 973.781963] Code: Bad RIP value. [ 973.781971] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 973.781985] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 973.781993] RDX: 0000000020000040 RSI: 00000000c0184900 RDI: 0000000000000003 [ 973.782000] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 973.782014] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 973.784436] 653*16kB [ 973.788203] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 973.796033] CPU: 0 PID: 14354 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 973.809218] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 973.811956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 973.811962] Call Trace: [ 973.811987] dump_stack+0x172/0x1f0 [ 973.812007] warn_alloc.cold+0x7b/0x173 [ 973.812030] ? zone_watermark_ok_safe+0x260/0x260 [ 973.852367] syz-executor.4 cpuset= [ 973.857835] __alloc_pages_slowpath+0x220e/0x2870 [ 973.879559] (UM) [ 973.881499] ? warn_alloc+0x110/0x110 [ 973.885090] 31*32kB [ 973.889069] ? __lock_is_held+0xb6/0x140 [ 973.909584] Node 0 [ 973.910425] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 973.914492] DMA: [ 973.916730] ? should_fail+0x14d/0x85c [ 973.926568] (UM) 4*64kB (M) [ 973.928196] ? __might_sleep+0x95/0x190 [ 973.928218] __alloc_pages_nodemask+0x617/0x750 [ 973.931266] 2*128kB [ 973.935204] ? __alloc_pages_slowpath+0x2870/0x2870 [ 973.945976] (UM) 0*256kB [ 973.947192] ? wait_for_completion+0x440/0x440 [ 973.947197] 0*512kB 0*1024kB [ 973.949959] ? alloc_pages_current+0xd7/0x210 [ 973.949974] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 973.949994] alloc_pages_current+0x107/0x210 [ 973.950014] ion_page_pool_alloc+0x137/0x1d0 [ 973.954583] 0*2048kB [ 973.957694] ion_system_heap_allocate+0x154/0xa90 [ 973.962233] syz4 [ 973.967713] ? ion_system_heap_free+0x250/0x250 [ 973.990426] ion_alloc+0x29b/0x900 [ 973.993999] ? ion_dma_buf_release+0x50/0x50 [ 973.998433] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 973.999602] 0*4096kB [ 974.004071] ? _copy_from_user+0xdd/0x150 [ 974.004075] = 26564kB [ 974.004091] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 974.006497] ion_ioctl+0x17b/0x329 [ 974.010768] 17*4kB [ 974.013056] ? ion_alloc.cold+0x28/0x28 [ 974.021955] mems_allowed=0-1 [ 974.025435] ? __might_sleep+0x95/0x190 [ 974.029538] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 974.031631] ? ion_alloc.cold+0x28/0x28 [ 974.034730] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 974.038735] do_vfs_ioctl+0xd5f/0x1380 [ 974.064030] ? selinux_file_ioctl+0x46f/0x5e0 [ 974.068538] ? selinux_file_ioctl+0x125/0x5e0 [ 974.073064] ? ioctl_preallocate+0x210/0x210 [ 974.077495] ? selinux_file_mprotect+0x620/0x620 [ 974.079604] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 974.082269] ? iterate_fd+0x360/0x360 [ 974.094762] ? nsecs_to_jiffies+0x30/0x30 [ 974.095874] (UM) 17*8kB [ 974.098931] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 974.098952] ? security_file_ioctl+0x8d/0xc0 [ 974.109532] 327 total pagecache pages [ 974.111653] ksys_ioctl+0xab/0xd0 [ 974.115448] 0 pages in swap cache [ 974.118989] __x64_sys_ioctl+0x73/0xb0 [ 974.126319] do_syscall_64+0xfd/0x620 [ 974.130145] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 974.135350] RIP: 0033:0x459829 [ 974.137659] (UE) 6*16kB (UME) 5*32kB [ 974.138559] Code: Bad RIP value. [ 974.138572] RSP: 002b:00007fa015632c78 EFLAGS: 00000246 [ 974.142447] Swap cache stats: add 0, delete 0, find 0/0 [ 974.145730] ORIG_RAX: 0000000000000010 [ 974.145744] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 974.167779] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 974.172327] (UME) [ 974.175062] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 974.175076] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156336d4 [ 974.177228] 4*64kB [ 974.184579] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 974.205822] warn_alloc_show_mem: 1 callbacks suppressed [ 974.205828] Mem-Info: [ 974.231673] active_anon:71402 inactive_anon:208 isolated_anon:0 [ 974.231673] active_file:13 inactive_file:11 isolated_file:0 [ 974.231673] unevictable:0 dirty:46 writeback:0 unstable:0 [ 974.231673] slab_reclaimable:12371 slab_unreclaimable:107320 [ 974.231673] mapped:52226 shmem:252 pagetables:890 bounce:0 [ 974.231673] free:13577 free_pcp:125 free_cma:0 [ 974.249126] CPU: 1 PID: 14329 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 974.271766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 974.277711] Node 0 active_anon:284804kB inactive_anon:804kB active_file:132kB inactive_file:88kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:139272kB dirty:172kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 974.281131] Call Trace: [ 974.281159] dump_stack+0x172/0x1f0 [ 974.281179] warn_alloc.cold+0x7b/0x173 [ 974.281198] ? zone_watermark_ok_safe+0x260/0x260 [ 974.281241] __alloc_pages_slowpath+0x220e/0x2870 [ 974.281276] ? warn_alloc+0x110/0x110 [ 974.314279] Free swap = 0kB [ 974.315263] ? __lock_is_held+0xb6/0x140 [ 974.319236] Total swap = 0kB [ 974.324083] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 974.324096] ? should_fail+0x14d/0x85c [ 974.324117] ? __might_sleep+0x95/0x190 [ 974.324138] __alloc_pages_nodemask+0x617/0x750 [ 974.324160] ? __alloc_pages_slowpath+0x2870/0x2870 [ 974.344458] Node 1 active_anon:804kB inactive_anon:28kB active_file:20kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:12kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 974.348397] ? retint_kernel+0x2d/0x2d [ 974.370891] 1965979 pages RAM [ 974.392549] ? wait_for_completion+0x440/0x440 [ 974.392566] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 974.392585] alloc_pages_current+0x107/0x210 [ 974.392603] ion_page_pool_alloc+0x137/0x1d0 [ 974.392618] ion_system_heap_allocate+0x154/0xa90 [ 974.392636] ? ion_system_heap_free+0x250/0x250 [ 974.392662] ion_alloc+0x29b/0x900 [ 974.392685] ? ion_dma_buf_release+0x50/0x50 [ 974.392707] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 974.392729] ? _copy_from_user+0xdd/0x150 [ 974.396712] Node 0 [ 974.399766] ion_ioctl+0x17b/0x329 [ 974.399785] ? ion_alloc.cold+0x28/0x28 [ 974.399802] ? __might_sleep+0x95/0x190 [ 974.399819] ? ion_alloc.cold+0x28/0x28 [ 974.399837] do_vfs_ioctl+0xd5f/0x1380 [ 974.417213] DMA free:10316kB min:220kB low:272kB high:324kB active_anon:2052kB inactive_anon:8kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 974.418764] ? selinux_file_ioctl+0x46f/0x5e0 [ 974.436206] lowmem_reserve[]: [ 974.441839] ? selinux_file_ioctl+0x125/0x5e0 [ 974.441857] ? ioctl_preallocate+0x210/0x210 [ 974.441869] ? selinux_file_mprotect+0x620/0x620 [ 974.441889] ? iterate_fd+0x360/0x360 [ 974.441905] ? nsecs_to_jiffies+0x30/0x30 [ 974.441928] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 974.446948] 0 [ 974.448351] ? security_file_ioctl+0x8d/0xc0 [ 974.470382] 2555 [ 974.493435] ksys_ioctl+0xab/0xd0 [ 974.493454] __x64_sys_ioctl+0x73/0xb0 [ 974.493470] do_syscall_64+0xfd/0x620 [ 974.493489] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 974.493500] RIP: 0033:0x459829 [ 974.493526] Code: Bad RIP value. [ 974.513485] 2557 [ 974.514761] RSP: 002b:00007fa015674c78 EFLAGS: 00000246 [ 974.518560] 2557 [ 974.522689] ORIG_RAX: 0000000000000010 [ 974.522699] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 974.522706] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 974.522714] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 974.522721] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156756d4 [ 974.522729] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 974.600949] 0 pages HighMem/MovableOnly [ 974.658920] (UME) 11*128kB (UME) 4*256kB (UME) 2*512kB (ME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10316kB [ 974.706790] 338856 pages reserved [ 974.712756] Node 0 DMA32: 871*4kB (UME) 649*8kB (UME) 136*16kB (UME) 176*32kB (UM) 11*64kB (UM) 2*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17444kB [ 974.729638] 0 pages cma reserved [ 974.749632] Node 0 DMA32 free:17428kB min:36248kB low:45308kB high:54368kB active_anon:282752kB inactive_anon:796kB active_file:104kB inactive_file:32kB unevictable:0kB writepending:172kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6912kB pagetables:3120kB bounce:0kB free_pcp:272kB local_pcp:252kB free_cma:0kB [ 974.779562] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 974.780574] lowmem_reserve[]: 0 0 2 2 [ 974.795179] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 974.826584] lowmem_reserve[]: 0 0 0 0 [ 974.830591] Node 1 Normal free:35524kB min:53608kB low:67008kB high:80408kB active_anon:804kB inactive_anon:28kB active_file:16kB inactive_file:28kB unevictable:0kB writepending:12kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:448kB pagetables:440kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB [ 974.889682] Node 1 Normal: 1443*4kB (UME) 1105*8kB (UM) 653*16kB (UM) 31*32kB (UM) 835*64kB (UM) 891*128kB (UM) 2*256kB (U) 0*512kB 8*1024kB (U) 0*2048kB 0*4096kB = 202244kB [ 974.989541] lowmem_reserve[]: 0 0 0 0 [ 974.993436] Node 0 DMA: 17*4kB (UM) 17*8kB (UE) 6*16kB (UME) 5*32kB (UME) 4*64kB (UME) 11*128kB (UME) 4*256kB (UME) 2*512kB (ME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10316kB [ 975.059830] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 975.069024] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 975.079668] Node 0 DMA32: 871*4kB (UME) 649*8kB (UME) 136*16kB (UME) 176*32kB (UM) 121*64kB (UME) 243*128kB (UM) 9*256kB (U) 0*512kB 2*1024kB (U) 0*2048kB 0*4096kB = 59684kB [ 975.101294] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 975.109575] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 975.110296] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 975.110307] 327 total pagecache pages [ 975.126712] Node 1 Normal: 1512*4kB (UME) 1289*8kB (UM) 654*16kB (UM) 31*32kB (UM) 2378*64kB (UME) 3488*128kB (UM) 1116*256kB (U) 60*512kB (U) 8*1024kB (U) 0*2048kB 0*4096kB = 951080kB [ 975.159611] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 975.165027] 0 pages in swap cache [ 975.168539] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 975.219896] Swap cache stats: add 0, delete 0, find 0/0 [ 975.225316] Free swap = 0kB [ 975.225914] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 975.228341] Total swap = 0kB [ 975.237347] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 975.269558] 438 total pagecache pages [ 975.269700] 1965979 pages RAM [ 975.273420] 0 pages in swap cache [ 975.276526] 0 pages HighMem/MovableOnly [ 975.284064] 338856 pages reserved [ 975.287522] 0 pages cma reserved [ 975.291072] Unreclaimable slab info: [ 975.295351] Name Used Total [ 975.316027] Swap cache stats: add 0, delete 0, find 0/0 [ 975.319727] pid_2 38KB 160KB [ 975.322108] Free swap = 0kB [ 975.327422] batadv_tt_change_cache 9KB 15KB [ 975.330508] Total swap = 0kB [ 975.339309] 1965979 pages RAM [ 975.343161] 0 pages HighMem/MovableOnly [ 975.347154] 338856 pages reserved [ 975.351835] 0 pages cma reserved [ 975.438757] batadv_tl_cache 12KB 20KB [ 975.469562] TIPC 24KB 50KB [ 975.475003] SCTPv6 33KB 55KB [ 975.503854] DCCPv6 17KB 43KB [ 975.511659] DCCP 16KB 41KB [ 975.517908] bridge_fdb_cache 23KB 35KB [ 975.523818] fib6_nodes 237KB 256KB [ 975.549387] ip6_dst_cache 911KB 956KB [ 975.572357] RAWv6 146KB 162KB [ 975.587996] UDPv6 3KB 3KB [ 975.658904] TCPv6 23KB 35KB [ 975.679298] nf_conntrack 0KB 3KB [ 975.684964] sd_ext_cdb 0KB 7KB [ 975.690666] scsi_sense_cache 1056KB 1060KB [ 975.696171] virtio_scsi_cmd 16KB 16KB [ 975.701763] sgpool-128 8KB 8KB [ 975.707285] sgpool-64 4KB 12KB [ 975.719929] sgpool-32 2KB 15KB [ 975.763304] sgpool-16 1KB 7KB [ 975.774421] sgpool-8 0KB 7KB [ 975.780043] mqueue_inode_cache 20KB 43KB [ 975.785641] bio_post_read_ctx 14KB 15KB [ 975.791261] bio-2 14KB 15KB [ 975.824053] jfs_mp 7KB 7KB [ 975.849642] nfs_commit_data 3KB 14KB [ 975.869618] nfs_write_data 34KB 44KB [ 975.875138] ext4_system_zone 1KB 7KB [ 975.909608] bio-1 1KB 7KB [ 975.915135] pid_namespace 4KB 7KB [ 975.920717] rpc_buffers 17KB 25KB [ 975.949703] rpc_tasks 2KB 7KB [ 975.955215] UNIX 1339KB 1399KB [ 975.969576] tcp_bind_bucket 2KB 12KB [ 975.989584] xfrm_state 3KB 8KB [ 976.019597] ip_fib_trie 34KB 39KB [ 976.025159] ip_fib_alias 165KB 177KB [ 976.030683] ip_dst_cache 5KB 20KB [ 976.036152] RAW 86KB 115KB [ 976.059692] UDP 29KB 58KB [ 976.079607] TCP 8KB 16KB [ 976.089650] hugetlbfs_inode_cache 2KB 15KB [ 976.109587] fscache_cookie_jar 1KB 11KB [ 976.115101] eventpoll_pwq 22KB 35KB [ 976.160601] eventpoll_epi 41KB 66KB [ 976.179687] inotify_inode_mark 28KB 63KB [ 976.185263] request_queue 163KB 163KB [ 976.199763] blkdev_requests 1KB 3KB [ 976.205249] blkdev_ioc 49KB 54KB [ 976.210895] bio-0 1965KB 2047KB [ 976.216356] biovec-max 3555KB 3555KB [ 976.221842] biovec-64 2005KB 2086KB [ 976.227283] biovec-16 223KB 360KB [ 976.239611] bio_integrity_payload 1KB 8KB [ 976.245353] khugepaged_mm_slot 4KB 19KB [ 976.292607] dmaengine-unmap-256 2KB 6KB [ 976.298221] dmaengine-unmap-128 1KB 3KB [ 976.319774] dmaengine-unmap-16 0KB 4KB [ 976.362181] dmaengine-unmap-2 0KB 3KB [ 976.367820] skbuff_fclone_cache 95KB 165KB [ 976.379778] skbuff_head_cache 6760KB 7245KB [ 976.429644] configfs_dir_cache 0KB 8KB [ 976.435157] file_lock_cache 0KB 3KB [ 976.499733] file_lock_ctx 0KB 3KB [ 976.505133] fsnotify_mark_connector 16KB 39KB [ 976.519526] net_namespace 121KB 121KB [ 976.524909] shmem_inode_cache 5138KB 5394KB [ 976.550282] task_delay_info 78KB 233KB [ 976.555677] taskstats 33KB 76KB [ 976.589527] proc_dir_entry 1057KB 1095KB [ 976.594949] pde_opener 0KB 3KB [ 976.619568] seq_file 166KB 307KB [ 976.624966] sigqueue 38KB 86KB [ 976.649690] kernfs_node_cache 13551KB 13568KB [ 976.655102] mnt_cache 178KB 200KB [ 976.690456] filp 2654KB 4166KB [ 976.695870] names_cache 45071KB 45092KB [ 976.730350] iint_cache 33KB 63KB [ 976.736320] hashtab_node 118KB 119KB [ 976.759604] ebitmap_node 1060KB 1141KB [ 976.789628] avtab_node 1012KB 1013KB [ 976.795060] avc_node 50KB 55KB [ 976.800652] selinux_file_security 165KB 329KB [ 976.830259] selinux_inode_security 3216KB 3488KB [ 976.836270] key_jar 5KB 15KB [ 976.859530] uts_namespace 6KB 15KB [ 976.864933] nsproxy 5KB 11KB [ 976.870459] vm_area_struct 3077KB 5541KB [ 976.889599] mm_struct 437KB 734KB [ 976.894997] fs_cache 50KB 96KB [ 976.929547] files_cache 178KB 247KB [ 976.934963] signal_cache 518KB 797KB [ 976.949639] sighand_cache 522KB 534KB [ 976.955040] task_struct 2270KB 2277KB [ 976.989684] cred_jar 292KB 608KB [ 976.995109] anon_vma_chain 1738KB 3465KB [ 977.029581] anon_vma 193KB 573KB [ 977.035006] pid 49KB 200KB [ 977.077751] Acpi-Operand 156KB 190KB [ 977.094733] Acpi-ParseExt 8KB 11KB [ 977.104756] Acpi-Parse 41KB 47KB [ 977.112341] Acpi-State 52KB 63KB [ 977.117736] Acpi-Namespace 20KB 23KB [ 977.128509] numa_policy 0KB 3KB [ 977.136490] debug_objects_cache 1245KB 1285KB [ 977.146447] trace_event_file 263KB 266KB [ 977.154247] ftrace_event_field 382KB 385KB [ 977.164342] pool_workqueue 113KB 132KB [ 977.172562] task_group 5KB 7KB [ 977.177965] page->ptl 627KB 1612KB [ 977.237061] kmalloc-2097152 2050KB 2050KB [ 977.256029] kmalloc-524288 2056KB 2056KB [ 977.275592] kmalloc-262144 1290KB 1290KB [ 977.281480] kmalloc-131072 650KB 650KB [ 977.286881] kmalloc-65536 44484KB 45012KB [ 977.299574] kmalloc-32768 2937KB 3036KB [ 977.315848] kmalloc-16384 907KB 957KB [ 977.322004] kmalloc-8192 4364KB 4405KB [ 977.327502] kmalloc-4096 35729KB 35772KB [ 977.338473] kmalloc-2048 18521KB 18672KB [ 977.344324] kmalloc-1024 15289KB 16537KB [ 977.356066] kmalloc-512 11879KB 12877KB [ 977.361895] kmalloc-256 5291KB 5565KB [ 977.367366] kmalloc-128 1525KB 1578KB [ 977.404387] kmalloc-96 2382KB 2568KB [ 977.410357] kmalloc-64 3311KB 3496KB [ 977.415758] kmalloc-32 3404KB 3724KB [ 977.427742] kmalloc-192 3201KB 3396KB [ 977.433626] kmem_cache 248KB 255KB [ 977.439008] Out of memory: Kill process 14409 (syz-executor.3) score 1005 or sacrifice child [ 977.455855] Killed process 14410 (syz-executor.3) total-vm:72712kB, anon-rss:156kB, file-rss:34944kB, shmem-rss:0kB [ 977.476128] oom_reaper: reaped process 14410 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 977.972641] FAT-fs (loop1): Directory bread(block 1288) failed [ 977.979447] FAT-fs (loop1): Directory bread(block 1289) failed [ 977.986434] FAT-fs (loop1): Directory bread(block 1290) failed [ 977.993474] FAT-fs (loop1): Directory bread(block 1291) failed [ 978.000490] FAT-fs (loop1): Directory bread(block 1292) failed [ 978.006970] FAT-fs (loop1): Directory bread(block 1293) failed [ 978.013923] FAT-fs (loop1): Directory bread(block 1294) failed [ 978.021167] FAT-fs (loop1): Directory bread(block 1295) failed [ 978.030107] FAT-fs (loop1): Directory bread(block 1296) failed [ 978.036805] FAT-fs (loop1): Directory bread(block 1297) failed [ 978.381426] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 978.419826] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 978.431999] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 978.437489] CPU: 0 PID: 14354 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 978.444515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 978.453914] Call Trace: [ 978.456521] dump_stack+0x172/0x1f0 [ 978.460163] warn_alloc.cold+0x7b/0x173 [ 978.464163] ? zone_watermark_ok_safe+0x260/0x260 [ 978.469023] ? try_to_compact_pages+0x44/0xae0 [ 978.473638] __alloc_pages_slowpath+0x220e/0x2870 [ 978.478525] ? warn_alloc+0x110/0x110 [ 978.482440] ? __lock_is_held+0xb6/0x140 [ 978.486517] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 978.492071] ? should_fail+0x14d/0x85c [ 978.496001] ? __isolate_free_page+0x4c0/0x4c0 [ 978.500605] ? __might_sleep+0x95/0x190 [ 978.504600] __alloc_pages_nodemask+0x617/0x750 [ 978.509288] ? __alloc_pages_slowpath+0x2870/0x2870 [ 978.514330] ? policy_node+0xfb/0x140 [ 978.518151] ? wait_for_completion+0x440/0x440 [ 978.522747] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 978.528303] alloc_pages_current+0x107/0x210 [ 978.532730] ion_page_pool_alloc+0x137/0x1d0 [ 978.537152] ion_system_heap_allocate+0x154/0xa90 [ 978.542011] ? ion_system_heap_free+0x250/0x250 [ 978.546701] ion_alloc+0x475/0x900 [ 978.550262] ? ion_dma_buf_release+0x50/0x50 [ 978.554698] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 978.560340] ? _copy_from_user+0xdd/0x150 [ 978.564507] ion_ioctl+0x17b/0x329 [ 978.568065] ? ion_alloc.cold+0x28/0x28 [ 978.572057] ? __might_sleep+0x95/0x190 [ 978.576050] ? ion_alloc.cold+0x28/0x28 [ 978.580042] do_vfs_ioctl+0xd5f/0x1380 [ 978.583946] ? selinux_file_ioctl+0x46f/0x5e0 [ 978.588456] ? selinux_file_ioctl+0x125/0x5e0 [ 978.592971] ? ioctl_preallocate+0x210/0x210 [ 978.597416] ? selinux_file_mprotect+0x620/0x620 [ 978.602191] ? iterate_fd+0x360/0x360 [ 978.606012] ? nsecs_to_jiffies+0x30/0x30 [ 978.610181] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 978.615731] ? security_file_ioctl+0x8d/0xc0 [ 978.620157] ksys_ioctl+0xab/0xd0 [ 978.623626] __x64_sys_ioctl+0x73/0xb0 [ 978.627532] do_syscall_64+0xfd/0x620 [ 978.631351] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 978.636552] RIP: 0033:0x459829 [ 978.639788] Code: Bad RIP value. [ 978.643158] RSP: 002b:00007fa015632c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 978.650885] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 978.658256] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 978.665541] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 978.672822] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156336d4 [ 978.680098] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 978.690439] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 978.695864] CPU: 0 PID: 14329 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 978.702897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 978.712343] Call Trace: [ 978.714956] dump_stack+0x172/0x1f0 [ 978.718601] warn_alloc.cold+0x7b/0x173 [ 978.722595] ? zone_watermark_ok_safe+0x260/0x260 [ 978.727462] ? try_to_compact_pages+0x44/0xae0 [ 978.732080] __alloc_pages_slowpath+0x220e/0x2870 [ 978.736958] ? warn_alloc+0x110/0x110 [ 978.740775] ? __lock_is_held+0xb6/0x140 [ 978.744858] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 978.750409] ? should_fail+0x14d/0x85c [ 978.754317] ? __isolate_free_page+0x4c0/0x4c0 [ 978.758920] ? __might_sleep+0x95/0x190 [ 978.762917] __alloc_pages_nodemask+0x617/0x750 [ 978.767605] ? __alloc_pages_slowpath+0x2870/0x2870 [ 978.772644] ? wait_for_completion+0x440/0x440 [ 978.777234] ? retint_kernel+0x2d/0x2d [ 978.781138] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 978.786698] alloc_pages_current+0x107/0x210 [ 978.791124] ion_page_pool_alloc+0x137/0x1d0 [ 978.795551] ion_system_heap_allocate+0x154/0xa90 [ 978.800412] ? ion_system_heap_free+0x250/0x250 [ 978.805108] ion_alloc+0x475/0x900 [ 978.808665] ? ion_dma_buf_release+0x50/0x50 [ 978.813105] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 978.819092] ? _copy_from_user+0xdd/0x150 [ 978.823265] ion_ioctl+0x17b/0x329 [ 978.826824] ? ion_alloc.cold+0x28/0x28 [ 978.830816] ? __might_sleep+0x95/0x190 [ 978.834810] ? ion_alloc.cold+0x28/0x28 [ 978.838801] do_vfs_ioctl+0xd5f/0x1380 [ 978.842710] ? selinux_file_ioctl+0x46f/0x5e0 [ 978.847218] ? selinux_file_ioctl+0x125/0x5e0 [ 978.851735] ? ioctl_preallocate+0x210/0x210 [ 978.856158] ? selinux_file_mprotect+0x620/0x620 [ 978.860931] ? iterate_fd+0x360/0x360 [ 978.864742] ? nsecs_to_jiffies+0x30/0x30 [ 978.868915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 978.874470] ? security_file_ioctl+0x8d/0xc0 [ 978.878898] ksys_ioctl+0xab/0xd0 [ 978.882372] __x64_sys_ioctl+0x73/0xb0 [ 978.886280] do_syscall_64+0xfd/0x620 [ 978.890106] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 978.895304] RIP: 0033:0x459829 [ 978.898514] Code: Bad RIP value. [ 978.901890] RSP: 002b:00007fa015674c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 978.909613] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 978.917588] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 978.924871] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 978.932160] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156756d4 [ 978.939447] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 978.957315] warn_alloc_show_mem: 2 callbacks suppressed [ 978.957319] Mem-Info: [ 978.966156] active_anon:71285 inactive_anon:202 isolated_anon:0 [ 978.966156] active_file:164 inactive_file:217 isolated_file:0 [ 978.966156] unevictable:0 dirty:29 writeback:0 unstable:0 [ 978.966156] slab_reclaimable:12352 slab_unreclaimable:107291 [ 978.966156] mapped:52450 shmem:252 pagetables:823 bounce:0 [ 978.966156] free:28473 free_pcp:561 free_cma:0 [ 979.029760] rs:main Q:Reg invoked oom-killer: gfp_mask=0x6201ca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), nodemask=(null), order=0, oom_score_adj=0 [ 979.049526] rs:main Q:Reg cpuset=/ mems_allowed=0-1 [ 979.054604] CPU: 0 PID: 7799 Comm: rs:main Q:Reg Not tainted 4.19.63 #37 [ 979.061445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 979.070804] Call Trace: [ 979.073432] dump_stack+0x172/0x1f0 [ 979.077090] dump_header+0x15e/0xa55 [ 979.080807] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 979.085912] ? ___ratelimit+0x60/0x595 [ 979.089809] ? do_raw_spin_unlock+0x57/0x270 [ 979.094225] oom_kill_process.cold+0x10/0x6ef [ 979.098729] ? lock_downgrade+0x810/0x810 [ 979.102887] ? kasan_check_read+0x11/0x20 [ 979.107043] out_of_memory+0x936/0x12d0 [ 979.111032] ? oom_killer_disable+0x280/0x280 [ 979.115532] ? mutex_trylock+0x18e/0x1e0 [ 979.119593] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 979.124533] __alloc_pages_slowpath+0x20af/0x2870 [ 979.129403] ? warn_alloc+0x110/0x110 [ 979.133211] ? __lock_is_held+0xb6/0x140 [ 979.137283] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 979.142819] ? should_fail+0x14d/0x85c [ 979.146723] ? __might_sleep+0x95/0x190 [ 979.150710] __alloc_pages_nodemask+0x617/0x750 [ 979.155391] ? __alloc_pages_slowpath+0x2870/0x2870 [ 979.160424] ? find_get_entry+0x3e8/0x820 [ 979.164580] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 979.170133] alloc_pages_current+0x107/0x210 [ 979.174563] __page_cache_alloc+0x2bd/0x450 [ 979.178899] ? mark_held_locks+0x100/0x100 [ 979.183149] pagecache_get_page+0x231/0xa40 [ 979.187480] grab_cache_page_write_begin+0x7b/0xb0 [ 979.192416] ext4_da_write_begin+0x2d7/0xec0 [ 979.196833] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 979.202384] ? ext4_write_begin+0x1470/0x1470 [ 979.206888] ? copy_page_from_iter+0x7f0/0x7f0 [ 979.211490] generic_perform_write+0x22a/0x520 [ 979.216087] ? page_endio+0x780/0x780 [ 979.219901] ? current_time+0x140/0x140 [ 979.223887] ? lock_acquire+0x16f/0x3f0 [ 979.227864] ? ext4_file_write_iter+0x23f/0x1060 [ 979.232645] __generic_file_write_iter+0x25e/0x630 [ 979.237593] ext4_file_write_iter+0x32b/0x1060 [ 979.242187] ? mark_held_locks+0x100/0x100 [ 979.246440] ? dput+0x542/0x670 [ 979.249725] ? xfs_trans_init+0x430/0x6d0 [ 979.253883] ? ext4_file_mmap+0x410/0x410 [ 979.258037] ? mark_held_locks+0x100/0x100 [ 979.262280] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 979.267839] ? iov_iter_init+0xc6/0x1f0 [ 979.271823] __vfs_write+0x587/0x810 [ 979.275544] ? kernel_read+0x120/0x120 [ 979.279451] ? rcu_read_lock_sched_held+0x110/0x130 [ 979.284472] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 979.289316] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 979.294857] ? __sb_start_write+0x1a9/0x360 [ 979.299201] vfs_write+0x20c/0x560 [ 979.302753] ksys_write+0x14f/0x2d0 [ 979.306384] ? __ia32_sys_read+0xb0/0xb0 [ 979.310448] ? do_syscall_64+0x26/0x620 [ 979.314426] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 979.319798] ? do_syscall_64+0x26/0x620 [ 979.323781] __x64_sys_write+0x73/0xb0 [ 979.327674] do_syscall_64+0xfd/0x620 [ 979.331480] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 979.336957] RIP: 0033:0x7f334cd9a19d [ 979.341027] Code: d1 20 00 00 75 10 b8 01 00 00 00 0f 05 48 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 be fa ff ff 48 89 04 24 b8 01 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 07 fb ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 979.359935] RSP: 002b:00007f334b33af90 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 979.367655] RAX: ffffffffffffffda RBX: 0000000000000400 RCX: 00007f334cd9a19d [ 979.374926] RDX: 0000000000000400 RSI: 0000000000b73340 RDI: 0000000000000002 [ 979.382196] RBP: 0000000000b73340 R08: 656c6c616b7a7973 R09: 6c656e72656b2072 [ 979.389461] R10: 38373920205b203a R11: 0000000000000293 R12: 0000000000000000 [ 979.396736] R13: 00007f334b33b410 R14: 0000000000bcf3d0 R15: 0000000000b73140 [ 979.409580] Node 0 active_anon:284392kB inactive_anon:804kB active_file:632kB inactive_file:960kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:140268kB dirty:96kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 979.437590] Node 1 active_anon:748kB inactive_anon:4kB active_file:392kB inactive_file:324kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:70232kB dirty:20kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 979.497855] Node 0 DMA free:10340kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 979.534801] lowmem_reserve[]: 0 2555 2557 2557 [ 979.540384] Node 0 DMA32 free:17612kB min:36248kB low:45308kB high:54368kB active_anon:282344kB inactive_anon:804kB active_file:572kB inactive_file:296kB unevictable:0kB writepending:220kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2852kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 979.569284] Mem-Info: [ 979.569322] active_anon:71285 inactive_anon:202 isolated_anon:0 [ 979.569322] active_file:183 inactive_file:158 isolated_file:4 [ 979.569322] unevictable:0 dirty:4 writeback:32 unstable:0 [ 979.569322] slab_reclaimable:12349 slab_unreclaimable:107301 [ 979.569322] mapped:52428 shmem:252 pagetables:823 bounce:0 [ 979.569322] free:13696 free_pcp:0 free_cma:0 [ 979.569350] Node 0 active_anon:284392kB inactive_anon:804kB active_file:572kB inactive_file:596kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:139992kB dirty:24kB writeback:96kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 979.569387] Node 1 active_anon:748kB inactive_anon:4kB active_file:160kB inactive_file:36kB unevictable:0kB isolated(anon):0kB isolated(file):16kB mapped:69720kB dirty:0kB writeback:32kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 979.569393] Node 0 DMA free:10340kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 979.569426] lowmem_reserve[]: 0 2555 2557 [ 979.623467] lowmem_reserve[]: [ 979.668283] 2557 [ 979.702542] 0 0 2 2 [ 979.707037] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 979.733143] Node 0 DMA32 free:17612kB min:36248kB low:45308kB high:54368kB active_anon:282344kB inactive_anon:804kB active_file:656kB inactive_file:420kB unevictable:0kB writepending:220kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6752kB pagetables:2852kB bounce:0kB free_pcp:56kB local_pcp:0kB free_cma:0kB [ 979.739073] lowmem_reserve[]: 0 0 0 0 [ 979.772634] Node 1 Normal free:26136kB min:53608kB low:67008kB high:80408kB active_anon:748kB inactive_anon:4kB active_file:220kB inactive_file:0kB unevictable:0kB writepending:24kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:440kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 979.785029] lowmem_reserve[]: 0 0 2 2 [ 979.804929] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 979.810470] lowmem_reserve[]: 0 0 0 0 [ 979.841626] Node 0 DMA: 29*4kB (UE) 26*8kB (UE) 22*16kB (UE) 6*32kB (UE) 2*64kB (UE) 7*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10340kB [ 979.866222] Node 0 DMA32: 710*4kB (ME) 660*8kB (ME) 143*16kB (UME) 164*32kB (UM) 11*64kB (M) 4*128kB (M) 3*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 18152kB [ 979.887419] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 979.898274] Node 1 Normal: 3*4kB (UM) 2*8kB (UM) 21*16kB (M) 817*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26508kB [ 979.899525] lowmem_reserve[]: [ 979.917524] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 979.925776] 0 0 0 0 [ 979.932137] Node 1 Normal free:26136kB min:53608kB low:67008kB high:80408kB active_anon:748kB inactive_anon:4kB active_file:220kB inactive_file:0kB unevictable:0kB writepending:24kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:440kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 979.941606] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 979.971183] lowmem_reserve[]: 0 0 0 0 [ 979.974719] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 979.975043] Node 0 [ 979.988070] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 979.999612] DMA: 29*4kB (UE) 26*8kB (UE) 22*16kB (UE) 6*32kB (UE) 2*64kB (UE) 7*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10340kB [ 980.004725] 467 total pagecache pages [ 980.018628] 0 pages in swap cache [ 980.030270] Node 0 DMA32: 746*4kB (ME) 661*8kB (ME) 143*16kB (UME) 164*32kB (UM) 11*64kB (M) 4*128kB (M) 3*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 18304kB [ 980.045465] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 980.045852] Swap cache stats: add 0, delete 0, find 0/0 [ 980.056298] Node 1 Normal: 3*4kB (UM) 2*8kB (UM) 21*16kB (M) 817*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26508kB [ 980.069911] Free swap = 0kB [ 980.074741] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 980.077702] Total swap = 0kB [ 980.086578] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 980.086591] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 980.086602] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 980.086609] 442 total pagecache pages [ 980.086627] 0 pages in swap cache [ 980.086637] Swap cache stats: add 0, delete 0, find 0/0 [ 980.086643] Free swap = 0kB [ 980.086654] Total swap = 0kB [ 980.095176] 1965979 pages RAM [ 980.139535] 1965979 pages RAM [ 980.142660] 0 pages HighMem/MovableOnly [ 980.146631] 338856 pages reserved [ 980.146841] 0 pages HighMem/MovableOnly [ 980.155161] 338856 pages reserved [ 980.158658] 0 pages cma reserved [ 980.169547] 0 pages cma reserved [ 980.172942] Unreclaimable slab info: [ 980.176657] Name Used Total [ 980.189560] pid_2 35KB 160KB [ 980.195126] batadv_tt_change_cache 9KB 15KB [ 980.210105] batadv_tl_cache 11KB 20KB [ 980.215553] TIPC 23KB 50KB [ 980.224984] SCTPv6 33KB 55KB [ 980.230446] DCCPv6 17KB 43KB [ 980.235835] DCCP 16KB 41KB [ 980.241647] bridge_fdb_cache 22KB 35KB [ 980.250701] fib6_nodes 230KB 256KB [ 980.256098] ip6_dst_cache 897KB 952KB [ 980.271856] RAWv6 146KB 162KB [ 980.277272] UDPv6 3KB 3KB [ 980.287748] TCPv6 23KB 35KB [ 980.319605] nf_conntrack 0KB 3KB [ 980.325102] sd_ext_cdb 0KB 7KB [ 980.354520] scsi_sense_cache 1056KB 1060KB [ 980.369731] virtio_scsi_cmd 16KB 16KB [ 980.375171] sgpool-128 8KB 8KB [ 980.396015] sgpool-64 4KB 12KB [ 980.421628] sgpool-32 2KB 15KB [ 980.427050] sgpool-16 1KB 7KB [ 980.449564] sgpool-8 0KB 7KB [ 980.455014] mqueue_inode_cache 20KB 43KB [ 980.475225] bio_post_read_ctx 14KB 15KB [ 980.489846] bio-2 14KB 15KB [ 980.539582] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 980.558680] jfs_mp 7KB 7KB [ 980.564367] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 980.564403] syz-executor.4 cpuset= [ 980.576328] syz-executor.3: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 980.577859] syz-executor.4 cpuset= [ 980.586639] syz-executor.3 cpuset= [ 980.599651] nfs_commit_data 3KB 14KB [ 980.608579] nfs_write_data 34KB 44KB [ 980.615002] syz4 mems_allowed=0-1 [ 980.615177] syz3 mems_allowed=0-1 [ 980.618497] CPU: 0 PID: 14354 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 980.618510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 980.638324] Call Trace: [ 980.640934] dump_stack+0x172/0x1f0 [ 980.644583] warn_alloc.cold+0x7b/0x173 [ 980.648575] ? zone_watermark_ok_safe+0x260/0x260 [ 980.653463] __alloc_pages_slowpath+0x220e/0x2870 [ 980.658338] ? warn_alloc+0x110/0x110 [ 980.659512] syz4 [ 980.662147] ? __lock_is_held+0xb6/0x140 [ 980.662167] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 980.664142] mems_allowed=0-1 [ 980.668198] ? should_fail+0x14d/0x85c [ 980.680736] ? __might_sleep+0x95/0x190 [ 980.684723] __alloc_pages_nodemask+0x617/0x750 [ 980.689410] ? __alloc_pages_slowpath+0x2870/0x2870 [ 980.694446] ? policy_node+0xfb/0x140 [ 980.698254] ? wait_for_completion+0x440/0x440 [ 980.702845] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 980.708403] alloc_pages_current+0x107/0x210 [ 980.712823] ion_page_pool_alloc+0x137/0x1d0 [ 980.717237] ion_system_heap_allocate+0x154/0xa90 [ 980.722094] ? ion_system_heap_free+0x250/0x250 [ 980.726781] ion_alloc+0x475/0x900 [ 980.730345] ? ion_dma_buf_release+0x50/0x50 [ 980.734785] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 980.740369] ? _copy_from_user+0xdd/0x150 [ 980.744526] ion_ioctl+0x17b/0x329 [ 980.748074] ? ion_alloc.cold+0x28/0x28 [ 980.752069] ? __might_sleep+0x95/0x190 [ 980.756049] ? ion_alloc.cold+0x28/0x28 [ 980.760031] do_vfs_ioctl+0xd5f/0x1380 [ 980.763923] ? selinux_file_ioctl+0x46f/0x5e0 [ 980.768422] ? selinux_file_ioctl+0x125/0x5e0 [ 980.772923] ? ioctl_preallocate+0x210/0x210 [ 980.777340] ? selinux_file_mprotect+0x620/0x620 [ 980.782108] ? iterate_fd+0x360/0x360 [ 980.786000] ? nsecs_to_jiffies+0x30/0x30 [ 980.790164] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 980.795707] ? security_file_ioctl+0x8d/0xc0 [ 980.800120] ksys_ioctl+0xab/0xd0 [ 980.803578] __x64_sys_ioctl+0x73/0xb0 [ 980.807479] do_syscall_64+0xfd/0x620 [ 980.811287] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 980.816498] RIP: 0033:0x459829 [ 980.819707] Code: Bad RIP value. [ 980.823071] RSP: 002b:00007fa015632c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 980.830785] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 980.838054] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 980.845325] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 980.852622] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156336d4 [ 980.859984] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 980.867332] CPU: 1 PID: 14410 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 980.874385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 980.883752] Call Trace: [ 980.886359] dump_stack+0x172/0x1f0 [ 980.887637] ext4_system_zone 1KB 7KB [ 980.890003] warn_alloc.cold+0x7b/0x173 [ 980.890023] ? zone_watermark_ok_safe+0x260/0x260 [ 980.890063] __alloc_pages_slowpath+0x220e/0x2870 [ 980.895447] bio-1 1KB 7KB [ 980.899428] ? warn_alloc+0x110/0x110 [ 980.917999] pid_namespace 4KB 7KB [ 980.918227] ? __lock_is_held+0xb6/0x140 [ 980.923716] rpc_buffers 17KB 25KB [ 980.927649] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 980.938534] ? should_fail+0x14d/0x85c [ 980.942447] ? __might_sleep+0x95/0x190 [ 980.946447] __alloc_pages_nodemask+0x617/0x750 [ 980.946757] rpc_tasks 2KB 7KB [ 980.951138] ? __alloc_pages_slowpath+0x2870/0x2870 [ 980.951163] ? wait_for_completion+0x440/0x440 [ 980.951179] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 980.951203] alloc_pages_current+0x107/0x210 [ 980.960252] UNIX 1276KB 1344KB [ 980.961768] ion_page_pool_alloc+0x137/0x1d0 [ 980.966427] tcp_bind_bucket 2KB 12KB [ 980.971963] ion_system_heap_allocate+0x154/0xa90 [ 980.971983] ? ion_system_heap_free+0x250/0x250 [ 980.972007] ion_alloc+0x29b/0x900 [ 980.972035] ? ion_dma_buf_release+0x50/0x50 [ 980.976455] xfrm_state 3KB 8KB [ 980.981806] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 980.981821] ? _copy_from_user+0xdd/0x150 [ 980.981840] ion_ioctl+0x17b/0x329 [ 980.981857] ? ion_alloc.cold+0x28/0x28 [ 980.981876] ? __might_sleep+0x95/0x190 [ 980.981893] ? ion_alloc.cold+0x28/0x28 [ 980.981911] do_vfs_ioctl+0xd5f/0x1380 [ 980.981929] ? selinux_file_ioctl+0x46f/0x5e0 [ 980.995803] ip_fib_trie 34KB 39KB [ 980.996544] ? selinux_file_ioctl+0x125/0x5e0 [ 981.007939] ip_fib_alias 160KB 177KB [ 981.009141] ? ioctl_preallocate+0x210/0x210 [ 981.015911] ip_dst_cache 5KB 20KB [ 981.020031] ? selinux_file_mprotect+0x620/0x620 [ 981.020055] ? iterate_fd+0x360/0x360 [ 981.020071] ? nsecs_to_jiffies+0x30/0x30 [ 981.020095] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 981.026681] RAW 86KB 115KB [ 981.027778] ? security_file_ioctl+0x8d/0xc0 [ 981.045476] UDP 29KB 58KB [ 981.048033] ksys_ioctl+0xab/0xd0 [ 981.054803] TCP 8KB 16KB [ 981.057906] __x64_sys_ioctl+0x73/0xb0 [ 981.077145] hugetlbfs_inode_cache 2KB 15KB [ 981.077798] do_syscall_64+0xfd/0x620 [ 981.085167] fscache_cookie_jar 1KB 11KB [ 981.085737] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 981.091360] eventpoll_pwq 25KB 35KB [ 981.096616] RIP: 0033:0x459829 [ 981.114482] eventpoll_epi 39KB 66KB [ 981.115187] Code: Bad RIP value. [ 981.119065] inotify_inode_mark 26KB 63KB [ 981.124756] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 981.124772] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 981.124780] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 981.124788] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 981.124796] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 981.124804] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 981.157882] CPU: 1 PID: 14329 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 981.165941] request_queue 163KB 163KB [ 981.169874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 981.169880] Call Trace: [ 981.169919] dump_stack+0x172/0x1f0 [ 981.169941] warn_alloc.cold+0x7b/0x173 [ 981.169962] ? zone_watermark_ok_safe+0x260/0x260 [ 981.177233] blkdev_requests 1KB 3KB [ 981.184533] __alloc_pages_slowpath+0x220e/0x2870 [ 981.184569] ? warn_alloc+0x110/0x110 [ 981.184585] ? __lock_is_held+0xb6/0x140 [ 981.184606] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 981.184624] ? should_fail+0x14d/0x85c [ 981.208953] blkdev_ioc 43KB 54KB [ 981.213566] ? __might_sleep+0x95/0x190 [ 981.213589] __alloc_pages_nodemask+0x617/0x750 [ 981.213613] ? __alloc_pages_slowpath+0x2870/0x2870 [ 981.213638] ? wait_for_completion+0x440/0x440 [ 981.219043] bio-0 1962KB 2028KB [ 981.228359] ? retint_kernel+0x2d/0x2d [ 981.228382] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 981.228406] alloc_pages_current+0x107/0x210 [ 981.228427] ion_page_pool_alloc+0x137/0x1d0 [ 981.228443] ion_system_heap_allocate+0x154/0xa90 [ 981.228464] ? ion_system_heap_free+0x250/0x250 [ 981.248026] biovec-max 3580KB 3580KB [ 981.248913] ion_alloc+0x475/0x900 [ 981.253942] biovec-64 2011KB 2079KB [ 981.257559] ? ion_dma_buf_release+0x50/0x50 [ 981.275325] biovec-16 223KB 360KB [ 981.276396] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 981.283808] bio_integrity_payload 1KB 8KB [ 981.285023] ? _copy_from_user+0xdd/0x150 [ 981.290129] khugepaged_mm_slot 4KB 19KB [ 981.294610] ion_ioctl+0x17b/0x329 [ 981.313821] dmaengine-unmap-256 2KB 6KB [ 981.313870] ? ion_alloc.cold+0x28/0x28 [ 981.318275] dmaengine-unmap-128 1KB 3KB [ 981.323121] ? __might_sleep+0x95/0x190 [ 981.323141] ? ion_alloc.cold+0x28/0x28 [ 981.323156] do_vfs_ioctl+0xd5f/0x1380 [ 981.323171] ? selinux_file_ioctl+0x46f/0x5e0 [ 981.323183] ? selinux_file_ioctl+0x125/0x5e0 [ 981.323196] ? ioctl_preallocate+0x210/0x210 [ 981.323213] ? selinux_file_mprotect+0x620/0x620 [ 981.331826] dmaengine-unmap-16 0KB 4KB [ 981.333437] ? iterate_fd+0x360/0x360 [ 981.336962] dmaengine-unmap-2 0KB 3KB [ 981.342325] ? nsecs_to_jiffies+0x30/0x30 [ 981.342347] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 981.342363] ? security_file_ioctl+0x8d/0xc0 [ 981.342388] ksys_ioctl+0xab/0xd0 [ 981.342407] __x64_sys_ioctl+0x73/0xb0 [ 981.347007] skbuff_fclone_cache 94KB 165KB [ 981.352544] do_syscall_64+0xfd/0x620 [ 981.352563] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 981.352575] RIP: 0033:0x459829 [ 981.352600] Code: Bad RIP value. [ 981.352607] RSP: 002b:00007fa015674c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 981.352623] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 981.352632] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 981.352641] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 981.352649] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156756d4 [ 981.352663] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 981.366460] skbuff_head_cache 6726KB 7226KB [ 981.391856] warn_alloc_show_mem: 1 callbacks suppressed [ 981.391861] Mem-Info: [ 981.401977] configfs_dir_cache 0KB 8KB [ 981.471825] active_anon:71285 inactive_anon:202 isolated_anon:0 [ 981.471825] active_file:17 inactive_file:14 isolated_file:0 [ 981.471825] unevictable:0 dirty:0 writeback:0 unstable:0 [ 981.471825] slab_reclaimable:12347 slab_unreclaimable:107297 [ 981.471825] mapped:52226 shmem:252 pagetables:823 bounce:0 [ 981.471825] free:36797 free_pcp:0 free_cma:0 [ 981.589640] file_lock_cache 0KB 3KB [ 981.595059] file_lock_ctx 0KB 3KB [ 981.629546] fsnotify_mark_connector 15KB 39KB [ 981.635750] net_namespace 121KB 121KB [ 981.659550] shmem_inode_cache 5147KB 5394KB [ 981.664968] task_delay_info 72KB 233KB [ 981.679628] taskstats 32KB 76KB [ 981.685026] proc_dir_entry 1052KB 1095KB [ 981.728135] pde_opener 0KB 3KB [ 981.745247] seq_file 165KB 307KB [ 981.765451] sigqueue 37KB 86KB [ 981.785423] kernfs_node_cache 13550KB 13568KB [ 981.789604] Node 0 active_anon:284392kB inactive_anon:804kB active_file:352kB inactive_file:1468kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:140572kB dirty:0kB writeback:0kB shmem:980kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 981.790886] mnt_cache 171KB 200KB [ 981.858509] Node 1 active_anon:748kB inactive_anon:4kB active_file:12kB inactive_file:16kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:0kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 981.858517] filp 2671KB 4166KB [ 981.858531] names_cache 45390KB 45411KB [ 981.909584] Node 0 DMA free:11108kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 981.949593] iint_cache 32KB 63KB [ 981.955176] hashtab_node 118KB 119KB [ 981.985534] ebitmap_node 1049KB 1141KB [ 981.991047] lowmem_reserve[]: 0 2555 2557 2557 [ 981.995664] Node 0 DMA32 free:154992kB min:36248kB low:45308kB high:54368kB active_anon:282344kB inactive_anon:804kB active_file:352kB inactive_file:1468kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6720kB pagetables:2852kB bounce:0kB free_pcp:2652kB local_pcp:1368kB free_cma:0kB [ 982.031579] avtab_node 1012KB 1013KB [ 982.036989] avc_node 49KB 55KB [ 982.046787] selinux_file_security 165KB 329KB [ 982.054699] selinux_inode_security 3213KB 3488KB [ 982.064585] key_jar 5KB 15KB [ 982.071995] uts_namespace 6KB 15KB [ 982.077383] nsproxy 5KB 11KB [ 982.086806] lowmem_reserve[]: 0 0 2 2 [ 982.093526] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 982.125685] vm_area_struct 3081KB 5541KB [ 982.131137] mm_struct 429KB 728KB [ 982.136519] fs_cache 42KB 96KB [ 982.147852] files_cache 165KB 247KB [ 982.153463] signal_cache 510KB 797KB [ 982.158838] sighand_cache 499KB 534KB [ 982.170624] lowmem_reserve[]: 0 0 0 0 [ 982.174517] Node 1 Normal free:824260kB min:53608kB low:67008kB high:80408kB active_anon:748kB inactive_anon:4kB active_file:12kB inactive_file:16kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:440kB bounce:0kB free_pcp:2844kB local_pcp:1380kB free_cma:0kB [ 982.209593] task_struct 2264KB 2270KB [ 982.215019] cred_jar 292KB 608KB [ 982.227104] anon_vma_chain 1755KB 3465KB [ 982.232720] anon_vma 188KB 573KB [ 982.238093] pid 45KB 200KB [ 982.249657] lowmem_reserve[]: 0 0 0 0 [ 982.253524] Node 0 DMA: 42*4kB (UE) 28*8kB (UE) 23*16kB (UE) 6*32kB (UE) 12*64kB (UE) 8*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 11192kB [ 982.275627] Acpi-Operand 156KB 190KB [ 982.281086] Acpi-ParseExt 8KB 11KB [ 982.286473] Acpi-Parse 41KB 47KB [ 982.297931] Acpi-State 52KB 63KB [ 982.303482] Acpi-Namespace 20KB 23KB [ 982.308861] numa_policy 0KB 3KB [ 982.319540] Node 0 DMA32: 15551*4kB (UME) 3531*8kB (UME) 701*16kB (UME) 572*32kB (UM) 1052*64kB (UME) 401*128kB (UM) 21*256kB (UM) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 244516kB [ 982.349555] debug_objects_cache 1245KB 1285KB [ 982.355148] trace_event_file 263KB 266KB [ 982.355541] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 982.389545] ftrace_event_field 382KB 385KB [ 982.389549] Node 1 Normal: [ 982.395045] pool_workqueue 112KB 132KB [ 982.395051] 18573*4kB (UM) [ 982.397991] task_group 5KB 7KB [ 982.409138] 3065*8kB (UM) 1314*16kB (UM) 1318*32kB (U) 4829*64kB (UE) 1955*128kB (U) 525*256kB (U) 33*512kB (U) 8*1024kB (U) 0*2048kB 0*4096kB = 880796kB [ 982.429559] page->ptl 627KB 1612KB [ 982.434997] kmalloc-2097152 2050KB 2050KB [ 982.449676] kmalloc-524288 2056KB 2056KB [ 982.455077] kmalloc-262144 1290KB 1290KB [ 982.455247] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 982.469391] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 982.489553] kmalloc-131072 650KB 650KB [ 982.494967] kmalloc-65536 44484KB 44880KB [ 982.496283] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 982.521617] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 982.529531] kmalloc-32768 2937KB 3036KB [ 982.535608] kmalloc-16384 907KB 957KB [ 982.549537] kmalloc-8192 4298KB 4389KB [ 982.554932] kmalloc-4096 35483KB 35534KB [ 982.555080] 746 total pagecache pages [ 982.564323] 0 pages in swap cache [ 982.567788] Swap cache stats: add 0, delete 0, find 0/0 [ 982.589529] kmalloc-2048 18379KB 18621KB [ 982.595119] kmalloc-1024 15148KB 16435KB [ 982.609532] kmalloc-512 11794KB 12862KB [ 982.609549] Free swap = 0kB [ 982.614948] kmalloc-256 5260KB 5565KB [ 982.617968] Total swap = 0kB [ 982.639522] kmalloc-128 1507KB 1578KB [ 982.644922] kmalloc-96 2382KB 2568KB [ 982.659527] kmalloc-64 3311KB 3496KB [ 982.664925] kmalloc-32 3404KB 3724KB [ 982.665224] 1965979 pages RAM [ 982.670392] kmalloc-192 3201KB 3396KB [ 982.683856] kmem_cache 248KB 255KB [ 982.689248] Out of memory: Kill process 7947 (syz-fuzzer) score 41 or sacrifice child [ 982.697423] 0 pages HighMem/MovableOnly [ 982.697970] Killed process 14392 (syz-executor.2) total-vm:72452kB, anon-rss:64kB, file-rss:0kB, shmem-rss:0kB [ 982.707574] 338856 pages reserved [ 982.715351] 0 pages cma reserved 04:54:54 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008000100000007e10500ac15341b080003000800e80f01"], 0x1}}, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r2, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_RUN(r2, 0xae80, 0x0) 04:54:54 executing program 5: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) r1 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000080)=0x2) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x12}}, 0x10) 04:54:54 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x58) 04:54:54 executing program 4: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, 0x0) r1 = accept4$unix(0xffffffffffffffff, &(0x7f0000000040), &(0x7f00000000c0)=0x6e, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'veth0_to_bond\x00', &(0x7f0000000100)=@ethtool_rxfh_indir={0x39, 0x1, [0x1f]}}) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1}) 04:54:54 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x114, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@lifetime_val={0x24}]}, 0x114}}, 0x0) [ 983.410333] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 983.488525] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 983.519692] CPU: 1 PID: 14410 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 983.526773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 983.536320] Call Trace: [ 983.538949] dump_stack+0x172/0x1f0 [ 983.542617] warn_alloc.cold+0x7b/0x173 [ 983.546613] ? zone_watermark_ok_safe+0x260/0x260 [ 983.550999] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 983.551470] ? try_to_compact_pages+0x44/0xae0 [ 983.567795] __alloc_pages_slowpath+0x220e/0x2870 [ 983.569087] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 983.572673] ? warn_alloc+0x110/0x110 [ 983.572691] ? __lock_is_held+0xb6/0x140 [ 983.572712] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 983.572726] ? should_fail+0x14d/0x85c [ 983.572746] ? __isolate_free_page+0x4c0/0x4c0 [ 983.572764] ? __might_sleep+0x95/0x190 [ 983.604308] syz-executor.4 cpuset= [ 983.607027] __alloc_pages_nodemask+0x617/0x750 [ 983.607051] ? __alloc_pages_slowpath+0x2870/0x2870 [ 983.622134] syz-executor.5 cpuset= [ 983.623810] ? wait_for_completion+0x440/0x440 [ 983.623829] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 983.623852] alloc_pages_current+0x107/0x210 [ 983.623871] ion_page_pool_alloc+0x137/0x1d0 [ 983.633700] syz4 [ 983.633972] ion_system_heap_allocate+0x154/0xa90 [ 983.654947] syz5 [ 983.659680] ? ion_system_heap_free+0x250/0x250 [ 983.663375] mems_allowed=0-1 [ 983.666344] ion_alloc+0x475/0x900 [ 983.666370] ? ion_dma_buf_release+0x50/0x50 [ 983.666401] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 983.672790] mems_allowed=0-1 [ 983.673126] ? _copy_from_user+0xdd/0x150 [ 983.673149] ion_ioctl+0x17b/0x329 [ 983.673168] ? ion_alloc.cold+0x28/0x28 [ 983.697838] ? __might_sleep+0x95/0x190 [ 983.701828] ? ion_alloc.cold+0x28/0x28 [ 983.705915] do_vfs_ioctl+0xd5f/0x1380 [ 983.709814] ? selinux_file_ioctl+0x46f/0x5e0 [ 983.714319] ? selinux_file_ioctl+0x125/0x5e0 [ 983.718827] ? ioctl_preallocate+0x210/0x210 [ 983.723256] ? selinux_file_mprotect+0x620/0x620 [ 983.728032] ? iterate_fd+0x360/0x360 [ 983.731844] ? nsecs_to_jiffies+0x30/0x30 [ 983.737510] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 983.743061] ? security_file_ioctl+0x8d/0xc0 [ 983.747487] ksys_ioctl+0xab/0xd0 [ 983.750961] __x64_sys_ioctl+0x73/0xb0 [ 983.754861] do_syscall_64+0xfd/0x620 [ 983.758674] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 983.763876] RIP: 0033:0x459829 [ 983.767088] Code: Bad RIP value. [ 983.770456] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 983.778172] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 983.785529] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 983.785538] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 983.785546] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 983.785554] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 983.822588] CPU: 0 PID: 14421 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 983.829626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 983.838983] Call Trace: [ 983.841592] dump_stack+0x172/0x1f0 [ 983.845242] warn_alloc.cold+0x7b/0x173 [ 983.849243] ? zone_watermark_ok_safe+0x260/0x260 [ 983.854106] ? __lock_is_held+0xb6/0x140 [ 983.858211] __alloc_pages_slowpath+0x220e/0x2870 [ 983.863090] ? warn_alloc+0x110/0x110 [ 983.866907] ? __lock_is_held+0xb6/0x140 [ 983.870999] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 983.876545] ? should_fail+0x14d/0x85c [ 983.880457] ? __isolate_free_page+0x4c0/0x4c0 [ 983.885056] ? __might_sleep+0x95/0x190 [ 983.889053] __alloc_pages_nodemask+0x617/0x750 [ 983.893745] ? __alloc_pages_slowpath+0x2870/0x2870 [ 983.898785] ? wait_for_completion+0x440/0x440 [ 983.903389] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 983.908962] alloc_pages_current+0x107/0x210 [ 983.913397] ion_page_pool_alloc+0x137/0x1d0 [ 983.917823] ion_system_heap_allocate+0x154/0xa90 [ 983.922687] ? ion_system_heap_free+0x250/0x250 [ 983.927386] ion_alloc+0x29b/0x900 [ 983.930952] ? ion_dma_buf_release+0x50/0x50 [ 983.935568] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 983.941123] ? _copy_from_user+0xdd/0x150 [ 983.945285] ion_ioctl+0x17b/0x329 [ 983.948856] ? ion_alloc.cold+0x28/0x28 [ 983.952895] ? __might_sleep+0x95/0x190 [ 983.956906] ? ion_alloc.cold+0x28/0x28 [ 983.960927] do_vfs_ioctl+0xd5f/0x1380 [ 983.964835] ? selinux_file_ioctl+0x46f/0x5e0 [ 983.969355] ? selinux_file_ioctl+0x125/0x5e0 [ 983.973867] ? ioctl_preallocate+0x210/0x210 [ 983.978305] ? selinux_file_mprotect+0x620/0x620 [ 983.983089] ? iterate_fd+0x360/0x360 [ 983.986909] ? nsecs_to_jiffies+0x30/0x30 [ 983.991083] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 983.996642] ? security_file_ioctl+0x8d/0xc0 [ 984.001077] ksys_ioctl+0xab/0xd0 [ 984.004549] __x64_sys_ioctl+0x73/0xb0 [ 984.008457] do_syscall_64+0xfd/0x620 [ 984.012273] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 984.017472] RIP: 0033:0x459829 [ 984.020672] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 984.039587] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 984.047315] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 984.054598] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 984.061875] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 984.069161] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 984.076442] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 984.087001] CPU: 0 PID: 14422 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 984.088731] warn_alloc_show_mem: 2 callbacks suppressed [ 984.088737] Mem-Info: [ 984.094032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 984.094038] Call Trace: [ 984.094062] dump_stack+0x172/0x1f0 [ 984.094084] warn_alloc.cold+0x7b/0x173 [ 984.094105] ? zone_watermark_ok_safe+0x260/0x260 [ 984.094123] ? __lock_is_held+0xb6/0x140 [ 984.094164] __alloc_pages_slowpath+0x220e/0x2870 [ 984.094201] ? warn_alloc+0x110/0x110 [ 984.094215] ? __lock_is_held+0xb6/0x140 [ 984.094236] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 984.094249] ? should_fail+0x14d/0x85c [ 984.094266] ? __isolate_free_page+0x4c0/0x4c0 [ 984.094285] ? __might_sleep+0x95/0x190 [ 984.094306] __alloc_pages_nodemask+0x617/0x750 [ 984.165778] ? __alloc_pages_slowpath+0x2870/0x2870 [ 984.170812] ? wait_for_completion+0x440/0x440 [ 984.175398] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 984.180965] alloc_pages_current+0x107/0x210 [ 984.185379] ion_page_pool_alloc+0x137/0x1d0 [ 984.189793] ion_system_heap_allocate+0x154/0xa90 [ 984.194647] ? ion_system_heap_free+0x250/0x250 [ 984.199331] ion_alloc+0x29b/0x900 [ 984.202890] ? ion_dma_buf_release+0x50/0x50 [ 984.207313] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 984.212854] ? _copy_from_user+0xdd/0x150 [ 984.217011] ion_ioctl+0x17b/0x329 [ 984.220557] ? ion_alloc.cold+0x28/0x28 [ 984.224538] ? __might_sleep+0x95/0x190 [ 984.228513] ? ion_alloc.cold+0x28/0x28 [ 984.232492] do_vfs_ioctl+0xd5f/0x1380 [ 984.236401] ? selinux_file_ioctl+0x46f/0x5e0 [ 984.240902] ? selinux_file_ioctl+0x125/0x5e0 [ 984.245401] ? ioctl_preallocate+0x210/0x210 [ 984.249810] ? selinux_file_mprotect+0x620/0x620 [ 984.254575] ? iterate_fd+0x360/0x360 [ 984.258383] ? nsecs_to_jiffies+0x30/0x30 [ 984.262545] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 984.268091] ? security_file_ioctl+0x8d/0xc0 [ 984.272536] ksys_ioctl+0xab/0xd0 [ 984.276079] __x64_sys_ioctl+0x73/0xb0 [ 984.279973] do_syscall_64+0xfd/0x620 [ 984.283781] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 984.288966] RIP: 0033:0x459829 [ 984.292174] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 984.311081] RSP: 002b:00007fa015674c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 984.318809] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 984.326087] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 984.333360] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 04:54:55 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000540)=@newsa={0x114, 0x10, 0x801, 0x0, 0x0, {{@in, @in6=@mcast1}, {@in, 0x0, 0x6c}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@lifetime_val={0x24}]}, 0x114}}, 0x0) [ 984.340642] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156756d4 [ 984.347913] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 984.389611] active_anon:71343 inactive_anon:200 isolated_anon:13 [ 984.389611] active_file:1202 inactive_file:2520 isolated_file:0 [ 984.389611] unevictable:0 dirty:34 writeback:0 unstable:0 [ 984.389611] slab_reclaimable:12380 slab_unreclaimable:107497 [ 984.389611] mapped:46192 shmem:252 pagetables:862 bounce:0 [ 984.389611] free:299145 free_pcp:1399 free_cma:0 [ 984.430460] Node 0 active_anon:284692kB inactive_anon:800kB active_file:4928kB inactive_file:10568kB unevictable:0kB isolated(anon):52kB isolated(file):0kB mapped:115360kB dirty:148kB writeback:0kB shmem:984kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 984.497985] Node 1 active_anon:724kB inactive_anon:0kB active_file:20kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:4kB writeback:0kB shmem:24kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 984.531865] Node 0 DMA free:10460kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 984.605769] lowmem_reserve[]: 0 2555 2557 2557 [ 984.626689] Node 0 DMA32 free:568744kB min:36248kB low:45308kB high:54368kB active_anon:282660kB inactive_anon:808kB active_file:4956kB inactive_file:17268kB unevictable:0kB writepending:172kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6944kB pagetables:2976kB bounce:0kB free_pcp:2920kB local_pcp:1428kB free_cma:0kB [ 984.691582] lowmem_reserve[]: 0 0 2 2 [ 984.697789] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 984.757065] lowmem_reserve[]: 0 0 0 0 [ 984.786277] Node 1 Normal free:682572kB min:53608kB low:67008kB high:80408kB active_anon:724kB inactive_anon:0kB active_file:20kB inactive_file:8kB unevictable:0kB writepending:12kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:384kB pagetables:440kB bounce:0kB free_pcp:2572kB local_pcp:1304kB free_cma:0kB 04:54:56 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008000100000007e10500ac14341b080003000800e80f01"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) bind$alg(r2, &(0x7f00000002c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha256\x00'}, 0x58) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000380)="c744240031b4202bc744240200000000c7442406000000000f011424f30fbd7421bc0f1289ec000000b9400300000f32b805000000b9000000000f01d98fc8788ff69c66b8ed000f00d8c4e2d0f27254c4e16159c4f2af", 0x57}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000), &(0x7f00000000c0)=0x4) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 984.887836] lowmem_reserve[]: 0 0 0 0 [ 984.904410] Node 0 DMA: 69*4kB (UE) 34*8kB (UE) 24*16kB (UE) 6*32kB (UE) 2*64kB (UE) 6*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10468kB [ 984.954453] Node 0 DMA32: 52009*4kB (UME) 19249*8kB (UME) 6749*16kB (UME) 2501*32kB (UM) 292*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 568732kB 04:54:56 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x0, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x74) [ 985.034012] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 985.050686] device bridge_slave_1 left promiscuous mode [ 985.056216] bridge0: port 2(bridge_slave_1) entered disabled state [ 985.069600] Node 1 Normal: 64194*4kB (UME) 15167*8kB (UME) 6464*16kB (UME) 4797*32kB (UE) 428*64kB (U) 99*128kB (U) 19*256kB (U) 4*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 682016kB [ 985.119732] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 985.159619] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 985.175424] device bridge_slave_0 left promiscuous mode [ 985.181264] bridge0: port 1(bridge_slave_0) entered disabled state [ 985.210137] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 985.254402] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 985.280805] 5974 total pagecache pages [ 985.295931] 0 pages in swap cache [ 985.303057] Swap cache stats: add 0, delete 0, find 0/0 [ 985.326757] Free swap = 0kB [ 985.339571] Total swap = 0kB [ 985.343143] 1965979 pages RAM [ 985.346431] 0 pages HighMem/MovableOnly [ 985.365303] 338856 pages reserved [ 985.376617] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 985.379261] 0 pages cma reserved [ 985.408171] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 985.414241] CPU: 0 PID: 14441 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 985.421268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 985.421275] Call Trace: [ 985.421299] dump_stack+0x172/0x1f0 [ 985.421320] warn_alloc.cold+0x7b/0x173 [ 985.421338] ? zone_watermark_ok_safe+0x260/0x260 [ 985.421361] ? try_to_compact_pages+0x44/0xae0 [ 985.421396] __alloc_pages_slowpath+0x220e/0x2870 [ 985.421434] ? warn_alloc+0x110/0x110 [ 985.421450] ? __lock_is_held+0xb6/0x140 [ 985.421469] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 985.421488] ? should_fail+0x14d/0x85c [ 985.437087] ? __isolate_free_page+0x4c0/0x4c0 [ 985.445901] ? __might_sleep+0x95/0x190 [ 985.445925] __alloc_pages_nodemask+0x617/0x750 [ 985.445947] ? __alloc_pages_slowpath+0x2870/0x2870 [ 985.455465] ? wait_for_completion+0x440/0x440 [ 985.455484] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 985.455505] alloc_pages_current+0x107/0x210 [ 985.463373] ion_page_pool_alloc+0x137/0x1d0 [ 985.463389] ion_system_heap_allocate+0x154/0xa90 [ 985.463410] ? ion_system_heap_free+0x250/0x250 [ 985.463437] ion_alloc+0x29b/0x900 [ 985.463463] ? ion_dma_buf_release+0x50/0x50 [ 985.472891] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 985.472910] ? _copy_from_user+0xdd/0x150 [ 985.472932] ion_ioctl+0x17b/0x329 [ 985.472950] ? ion_alloc.cold+0x28/0x28 [ 985.472969] ? __might_sleep+0x95/0x190 [ 985.481546] ? ion_alloc.cold+0x28/0x28 [ 985.481566] do_vfs_ioctl+0xd5f/0x1380 [ 985.481582] ? selinux_file_ioctl+0x46f/0x5e0 [ 985.481595] ? selinux_file_ioctl+0x125/0x5e0 [ 985.481610] ? ioctl_preallocate+0x210/0x210 [ 985.481628] ? selinux_file_mprotect+0x620/0x620 [ 985.491310] ? iterate_fd+0x360/0x360 [ 985.491328] ? nsecs_to_jiffies+0x30/0x30 [ 985.491352] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 985.491369] ? security_file_ioctl+0x8d/0xc0 [ 985.491392] ksys_ioctl+0xab/0xd0 [ 985.501505] __x64_sys_ioctl+0x73/0xb0 [ 985.501526] do_syscall_64+0xfd/0x620 [ 985.501546] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 985.501559] RIP: 0033:0x459829 [ 985.501575] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 985.501588] RSP: 002b:00007fa015632c78 EFLAGS: 00000246 [ 985.510391] ORIG_RAX: 0000000000000010 [ 985.510401] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 985.510409] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 985.510419] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 985.510428] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156336d4 [ 985.510436] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 985.654077] warn_alloc_show_mem: 2 callbacks suppressed [ 985.654082] Mem-Info: [ 985.816613] active_anon:71279 inactive_anon:202 isolated_anon:0 [ 985.816613] active_file:1582 inactive_file:3790 isolated_file:12 [ 985.816613] unevictable:0 dirty:97 writeback:0 unstable:0 [ 985.816613] slab_reclaimable:12405 slab_unreclaimable:107580 [ 985.816613] mapped:48164 shmem:252 pagetables:854 bounce:0 [ 985.816613] free:293727 free_pcp:188 free_cma:0 04:54:57 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x0, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x74) [ 985.884707] Node 0 active_anon:284392kB inactive_anon:808kB active_file:6308kB inactive_file:15036kB unevictable:0kB isolated(anon):0kB isolated(file):48kB mapped:123024kB dirty:372kB writeback:0kB shmem:984kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 985.982984] device hsr_slave_1 left promiscuous mode [ 986.000808] Node 1 active_anon:724kB inactive_anon:0kB active_file:20kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:69632kB dirty:16kB writeback:0kB shmem:24kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 986.030953] Node 0 DMA free:10468kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 986.061176] lowmem_reserve[]: 0 2555 2557 2557 [ 986.065825] Node 0 DMA32 free:341648kB min:36248kB low:45308kB high:54368kB active_anon:282268kB inactive_anon:808kB active_file:6456kB inactive_file:14936kB unevictable:0kB writepending:372kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6912kB pagetables:2976kB bounce:0kB free_pcp:652kB local_pcp:492kB free_cma:0kB [ 986.143123] device hsr_slave_0 left promiscuous mode [ 986.204428] FAT-fs (loop1): Directory bread(block 1281) failed [ 986.205904] lowmem_reserve[]: [ 986.213437] team0 (unregistering): Port device team_slave_1 removed [ 986.217769] FAT-fs (loop1): Directory bread(block 1282) failed [ 986.235842] FAT-fs (loop1): Directory bread(block 1283) failed [ 986.243396] FAT-fs (loop1): Directory bread(block 1284) failed [ 986.255337] 0 0 2 2 [ 986.255872] FAT-fs (loop1): Directory bread(block 1285) failed [ 986.274200] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 986.278790] FAT-fs (loop1): Directory bread(block 1286) failed [ 986.317026] FAT-fs (loop1): Directory bread(block 1287) failed [ 986.317449] team0 (unregistering): Port device team_slave_0 removed [ 986.327313] FAT-fs (loop1): Directory bread(block 1288) failed [ 986.338009] lowmem_reserve[]: [ 986.351399] 0 0 0 0 [ 986.353867] Node 1 Normal free:670540kB min:53608kB low:67008kB high:80408kB active_anon:724kB inactive_anon:0kB active_file:20kB inactive_file:8kB unevictable:0kB writepending:16kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:352kB pagetables:440kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 986.382698] FAT-fs (loop1): Directory bread(block 1289) failed [ 986.396042] FAT-fs (loop1): Directory bread(block 1290) failed [ 986.426050] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 986.427444] lowmem_reserve[]: [ 986.435294] 0 [ 986.466089] 0 0 0 [ 986.476478] Node 0 DMA: 69*4kB (UE) 34*8kB (UE) 24*16kB (UE) 6*32kB (UE) 2*64kB (UE) 6*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10468kB [ 986.505342] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 986.539567] Node 0 DMA32: 1*4kB (U) 71*8kB (UME) 616*16kB (UME) 2753*32kB (UM) 3*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 98716kB [ 986.553843] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 986.604920] Node 1 Normal: 62305*4kB (UE) 16262*8kB (UE) 7563*16kB (UME) 5165*32kB (UE) 20*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 666884kB [ 986.681037] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 04:54:58 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x0, @remote, 0x2}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x74) [ 986.757715] bond0 (unregistering): Released all slaves [ 986.769883] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 986.779376] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 986.859040] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 986.872341] 5827 total pagecache pages [ 986.899046] 0 pages in swap cache [ 986.918606] Swap cache stats: add 0, delete 0, find 0/0 04:54:58 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008000100000007e10500ac14341b080003000800e80f01"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) write$USERIO_CMD_REGISTER(r2, &(0x7f0000000000)={0x0, 0x1}, 0x2) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 986.949590] Free swap = 0kB [ 986.989676] Total swap = 0kB [ 987.015547] 1965979 pages RAM [ 987.043600] 0 pages HighMem/MovableOnly [ 987.083775] 338856 pages reserved [ 987.087301] 0 pages cma reserved [ 987.112570] IPVS: ftp: loaded support on port[0] = 21 [ 987.584619] chnl_net:caif_netlink_parms(): no params data found [ 987.784338] bridge0: port 1(bridge_slave_0) entered blocking state [ 987.820216] bridge0: port 1(bridge_slave_0) entered disabled state [ 987.851522] device bridge_slave_0 entered promiscuous mode [ 987.860791] bridge0: port 2(bridge_slave_1) entered blocking state [ 987.867220] bridge0: port 2(bridge_slave_1) entered disabled state [ 987.897352] device bridge_slave_1 entered promiscuous mode [ 988.010340] oom_reaper: reaped process 14421 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 988.037977] oom_reaper: reaped process 14422 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 988.078171] syz-executor.2: page allocation failure: order:1, mode:0x6044c0(GFP_KERNEL|__GFP_RETRY_MAYFAIL|__GFP_COMP), nodemask=(null) [ 988.129409] syz-executor.2 cpuset=/ [ 988.141393] rs:main Q:Reg invoked oom-killer: gfp_mask=0x6201ca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), nodemask=(null), order=0, oom_score_adj=0 [ 988.164856] mems_allowed=0-1 [ 988.169213] CPU: 0 PID: 14466 Comm: syz-executor.2 Not tainted 4.19.63 #37 [ 988.176243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 988.185599] Call Trace: [ 988.188286] dump_stack+0x172/0x1f0 [ 988.191925] warn_alloc.cold+0x7b/0x173 [ 988.195915] ? zone_watermark_ok_safe+0x260/0x260 [ 988.200769] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 988.205650] ? wait_for_completion+0x440/0x440 [ 988.210249] __alloc_pages_slowpath+0x220e/0x2870 [ 988.215114] ? warn_alloc+0x110/0x110 [ 988.218921] ? __lock_is_held+0xb6/0x140 [ 988.223005] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 988.228547] ? should_fail+0x14d/0x85c [ 988.232448] ? __might_sleep+0x95/0x190 [ 988.236431] __alloc_pages_nodemask+0x617/0x750 [ 988.241114] ? __alloc_pages_slowpath+0x2870/0x2870 [ 988.246142] ? mark_held_locks+0xb1/0x100 [ 988.250300] ? cache_grow_begin+0x597/0x8c0 [ 988.254622] ? lockdep_hardirqs_on+0x415/0x5d0 [ 988.259207] ? trace_hardirqs_on+0x67/0x220 [ 988.263546] cache_grow_begin+0x91/0x8c0 [ 988.267620] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 988.273165] ? __cpuset_node_allowed+0x136/0x540 [ 988.277927] fallback_alloc+0x1fd/0x2d0 [ 988.281921] ____cache_alloc_node+0x1be/0x1e0 [ 988.286426] kmem_cache_alloc_node_trace+0xec/0x720 [ 988.291448] ? rtmsg_ifinfo_event.part.0+0xb5/0xe0 [ 988.296389] __kmalloc_node+0x3d/0x80 [ 988.300202] kvmalloc_node+0x68/0x100 [ 988.304009] alloc_netdev_mqs+0x98/0xd40 [ 988.308076] ? veth_dellink+0x170/0x170 [ 988.312058] rtnl_create_link+0x1dd/0xa00 [ 988.316207] ? netlink_ns_capable+0x26/0x30 [ 988.320552] rtnl_newlink+0xf57/0x1610 [ 988.324452] ? rtnl_link_unregister+0x250/0x250 [ 988.329134] ? find_held_lock+0x35/0x130 [ 988.333201] ? is_bpf_text_address+0xac/0x170 [ 988.337710] ? __lock_acquire+0x6ee/0x49c0 [ 988.341949] ? is_bpf_text_address+0xac/0x170 [ 988.346474] ? mark_held_locks+0x100/0x100 [ 988.350723] ? __lock_acquire+0x6ee/0x49c0 [ 988.354963] ? avc_has_perm_noaudit+0x38f/0x570 [ 988.359647] ? __lock_acquire+0x6ee/0x49c0 [ 988.363892] ? mark_held_locks+0x100/0x100 [ 988.368138] ? mark_held_locks+0x100/0x100 [ 988.372384] ? avc_has_perm_noaudit+0x3b6/0x570 [ 988.377070] ? avc_has_extended_perms+0x10f0/0x10f0 [ 988.382142] ? find_held_lock+0x35/0x130 [ 988.386209] ? rtnetlink_rcv_msg+0x3d0/0xb00 [ 988.390638] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 988.396193] ? rtnl_link_unregister+0x250/0x250 [ 988.400870] rtnetlink_rcv_msg+0x463/0xb00 [ 988.405123] ? rtnetlink_put_metrics+0x560/0x560 [ 988.409900] ? netlink_deliver_tap+0x22d/0xc20 [ 988.414508] ? find_held_lock+0x35/0x130 [ 988.418585] netlink_rcv_skb+0x17d/0x460 [ 988.422658] ? rtnetlink_put_metrics+0x560/0x560 [ 988.427419] ? netlink_ack+0xb30/0xb30 [ 988.431312] ? kasan_check_read+0x11/0x20 [ 988.435469] ? netlink_deliver_tap+0x254/0xc20 [ 988.440060] rtnetlink_rcv+0x1d/0x30 [ 988.444691] netlink_unicast+0x537/0x720 [ 988.448771] ? netlink_attachskb+0x770/0x770 [ 988.453189] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 988.458734] netlink_sendmsg+0x8ae/0xd70 [ 988.462803] ? netlink_unicast+0x720/0x720 [ 988.467047] ? selinux_socket_sendmsg+0x36/0x40 [ 988.471719] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 988.477254] ? security_socket_sendmsg+0x8d/0xc0 [ 988.482029] ? netlink_unicast+0x720/0x720 [ 988.486267] sock_sendmsg+0xd7/0x130 [ 988.489985] __sys_sendto+0x262/0x380 [ 988.493786] ? __ia32_sys_getpeername+0xb0/0xb0 [ 988.498454] ? task_work_run+0x118/0x1c0 [ 988.502524] ? find_held_lock+0x35/0x130 [ 988.506611] ? lockdep_hardirqs_on+0x415/0x5d0 [ 988.511205] ? blkg_prfill_rwstat_field_recursive+0x100/0x100 [ 988.517095] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 988.521856] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 988.526616] ? do_syscall_64+0x26/0x620 [ 988.530595] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 988.535964] __x64_sys_sendto+0xe1/0x1a0 [ 988.540036] do_syscall_64+0xfd/0x620 [ 988.543840] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 988.549029] RIP: 0033:0x413673 [ 988.552229] Code: ff 0f 83 b0 19 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d 1d 2c 66 00 00 75 17 49 89 ca b8 2c 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 81 19 00 00 c3 48 83 ec 08 e8 87 fa ff ff [ 988.571136] RSP: 002b:00007fffaad17418 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 988.578855] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000413673 [ 988.586127] RDX: 0000000000000068 RSI: 0000000000a70070 RDI: 0000000000000003 [ 988.593398] RBP: 0000000000000003 R08: 00007fffaad17420 R09: 000000000000000c [ 988.600668] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffaad177a0 [ 988.607945] R13: 00007fffaad174a8 R14: 00007fffaad17570 R15: 00000000004be631 [ 988.635392] rs:main Q:Reg cpuset=/ mems_allowed=0-1 [ 988.645592] CPU: 0 PID: 7799 Comm: rs:main Q:Reg Not tainted 4.19.63 #37 [ 988.652541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 988.661900] Call Trace: [ 988.664502] dump_stack+0x172/0x1f0 [ 988.668144] dump_header+0x15e/0xa55 [ 988.671866] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 988.676985] ? ___ratelimit+0x60/0x595 [ 988.680886] ? do_raw_spin_unlock+0x57/0x270 [ 988.685315] oom_kill_process.cold+0x10/0x6ef [ 988.689829] ? lock_downgrade+0x810/0x810 [ 988.693991] ? kasan_check_read+0x11/0x20 [ 988.698154] out_of_memory+0x936/0x12d0 [ 988.702144] ? oom_killer_disable+0x280/0x280 [ 988.706646] ? mutex_trylock+0x18e/0x1e0 [ 988.710713] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 988.715657] __alloc_pages_slowpath+0x20af/0x2870 [ 988.720710] ? warn_alloc+0x110/0x110 [ 988.724515] ? __lock_is_held+0xb6/0x140 [ 988.728589] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 988.734132] ? should_fail+0x14d/0x85c [ 988.738042] ? __might_sleep+0x95/0x190 [ 988.742050] __alloc_pages_nodemask+0x617/0x750 [ 988.746758] ? __alloc_pages_slowpath+0x2870/0x2870 [ 988.751796] ? find_get_entry+0x3e8/0x820 [ 988.755949] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 988.761498] alloc_pages_current+0x107/0x210 [ 988.765936] __page_cache_alloc+0x2bd/0x450 [ 988.770266] pagecache_get_page+0x231/0xa40 [ 988.774598] grab_cache_page_write_begin+0x7b/0xb0 [ 988.779538] ext4_da_write_begin+0x2d7/0xec0 [ 988.783957] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 988.789762] ? ext4_write_begin+0x1470/0x1470 [ 988.794263] ? copy_page_from_iter+0x7f0/0x7f0 [ 988.798873] generic_perform_write+0x22a/0x520 [ 988.803477] ? page_endio+0x780/0x780 [ 988.807285] ? current_time+0x140/0x140 [ 988.811268] ? lock_acquire+0x16f/0x3f0 [ 988.815247] ? ext4_file_write_iter+0x23f/0x1060 [ 988.820032] __generic_file_write_iter+0x25e/0x630 [ 988.824985] ext4_file_write_iter+0x32b/0x1060 [ 988.829572] ? mark_held_locks+0x100/0x100 [ 988.833826] ? ext4_file_mmap+0x410/0x410 [ 988.837980] ? mark_held_locks+0x100/0x100 [ 988.842227] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 988.847769] ? iov_iter_init+0xc6/0x1f0 [ 988.851759] __vfs_write+0x587/0x810 [ 988.855479] ? kernel_read+0x120/0x120 [ 988.859392] ? rcu_read_lock_sched_held+0x110/0x130 [ 988.864432] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 988.869198] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 988.874770] ? __sb_start_write+0x1a9/0x360 [ 988.879101] vfs_write+0x20c/0x560 [ 988.882653] ksys_write+0x14f/0x2d0 [ 988.886290] ? __ia32_sys_read+0xb0/0xb0 [ 988.890364] ? do_syscall_64+0x26/0x620 [ 988.894341] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 988.899711] ? do_syscall_64+0x26/0x620 [ 988.903694] __x64_sys_write+0x73/0xb0 [ 988.907589] do_syscall_64+0xfd/0x620 [ 988.911398] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 988.916702] RIP: 0033:0x7f334cd9a19d [ 988.920430] Code: Bad RIP value. [ 988.923801] RSP: 002b:00007f334b33b000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 988.931601] RAX: ffffffffffffffda RBX: 00000000000000f5 RCX: 00007f334cd9a19d [ 988.938869] RDX: 00000000000000f5 RSI: 0000000000b71a90 RDI: 0000000000000001 [ 988.946150] RBP: 0000000000b71a90 R08: 0000000000b71b75 R09: 00007f334c717937 [ 988.953447] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 988.960722] R13: 00007f334b33b480 R14: 0000000000000002 R15: 0000000000b71890 [ 988.982385] Mem-Info: [ 988.984864] active_anon:71299 inactive_anon:201 isolated_anon:0 [ 988.984864] active_file:199 inactive_file:45 isolated_file:34 [ 988.984864] unevictable:0 dirty:1 writeback:0 unstable:0 [ 988.984864] slab_reclaimable:12415 slab_unreclaimable:107664 [ 988.984864] mapped:52436 shmem:252 pagetables:873 bounce:0 [ 988.984864] free:13682 free_pcp:1 free_cma:0 [ 989.025717] Node 0 active_anon:283824kB inactive_anon:800kB active_file:752kB inactive_file:152kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:106052kB dirty:4kB writeback:0kB shmem:996kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 989.060149] Node 1 active_anon:1372kB inactive_anon:4kB active_file:44kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):8kB mapped:103692kB dirty:0kB writeback:0kB shmem:12kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 989.093748] Node 0 DMA free:10328kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 989.132684] Mem-Info: [ 989.135167] active_anon:71299 inactive_anon:201 isolated_anon:0 [ 989.135167] active_file:199 inactive_file:45 isolated_file:34 [ 989.135167] unevictable:0 dirty:1 writeback:0 unstable:0 [ 989.135167] slab_reclaimable:12415 slab_unreclaimable:107664 [ 989.135167] mapped:52436 shmem:252 pagetables:873 bounce:0 [ 989.135167] free:13682 free_pcp:0 free_cma:0 [ 989.174951] lowmem_reserve[]: 0 2555 2557 2557 [ 989.179668] Node 0 DMA32 free:17796kB min:36248kB low:45308kB high:54368kB active_anon:281776kB inactive_anon:800kB active_file:752kB inactive_file:152kB unevictable:0kB writepending:4kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6720kB pagetables:2780kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 989.215438] Node 0 active_anon:283824kB inactive_anon:800kB active_file:752kB inactive_file:152kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:106052kB dirty:4kB writeback:0kB shmem:996kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 989.252971] lowmem_reserve[]: 0 0 2 2 [ 989.256844] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 989.293288] Node 1 active_anon:1372kB inactive_anon:4kB active_file:44kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):8kB mapped:103692kB dirty:0kB writeback:0kB shmem:12kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 989.335623] lowmem_reserve[]: 0 0 0 0 [ 989.349603] Node 1 Normal free:26604kB min:53608kB low:67008kB high:80408kB active_anon:1372kB inactive_anon:4kB active_file:44kB inactive_file:28kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:512kB pagetables:712kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 989.389163] Node 0 DMA free:10328kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 989.436591] lowmem_reserve[]: 0 0 0 0 [ 989.446762] Node 0 DMA: 34*4kB (UE) 34*8kB (UE) 24*16kB (UE) 6*32kB (UE) 2*64kB (UE) 6*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10328kB [ 989.506654] lowmem_reserve[]: 0 2555 2557 2557 [ 989.514009] Node 0 DMA32 free:17644kB min:36248kB low:45308kB high:54368kB active_anon:281776kB inactive_anon:800kB active_file:84kB inactive_file:100kB unevictable:0kB writepending:4kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6720kB pagetables:2780kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 989.545508] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 989.549755] syz-executor.3: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 989.569543] Node 0 DMA32: 848*4kB (UMEH) 623*8kB (UMEH) 130*16kB (UMEH) 221*32kB (UME) 6*64kB (UM) 1*128kB (H) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18040kB [ 989.591279] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 989.609589] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 989.617494] Node 0 [ 989.623657] syz-executor.4 cpuset= [ 989.625334] syz-executor.3 cpuset= [ 989.626665] syz4 [ 989.667920] Normal: [ 989.672191] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 989.681412] 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 989.688134] syz3 [ 989.698650] lowmem_reserve[]: [ 989.700817] mems_allowed=0-1 [ 989.708551] CPU: 1 PID: 14410 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 989.715673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 989.720160] 0 [ 989.725572] Call Trace: [ 989.725603] dump_stack+0x172/0x1f0 [ 989.727497] 0 [ 989.730189] warn_alloc.cold+0x7b/0x173 [ 989.730208] ? zone_watermark_ok_safe+0x260/0x260 [ 989.730246] __alloc_pages_slowpath+0x220e/0x2870 [ 989.730280] ? warn_alloc+0x110/0x110 [ 989.730297] ? __lock_is_held+0xb6/0x140 [ 989.730317] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 989.730331] ? should_fail+0x14d/0x85c [ 989.730354] ? __might_sleep+0x95/0x190 [ 989.738341] syz-executor.4 cpuset= [ 989.741238] __alloc_pages_nodemask+0x617/0x750 [ 989.741260] ? __alloc_pages_slowpath+0x2870/0x2870 [ 989.741281] ? policy_node+0xb3/0x140 [ 989.741298] ? wait_for_completion+0x440/0x440 [ 989.741315] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 989.741335] alloc_pages_current+0x107/0x210 [ 989.741360] ion_page_pool_alloc+0x137/0x1d0 [ 989.748159] Node 1 [ 989.753183] ion_system_heap_allocate+0x154/0xa90 [ 989.753203] ? ion_system_heap_free+0x250/0x250 [ 989.753227] ion_alloc+0x475/0x900 [ 989.753248] ? ion_dma_buf_release+0x50/0x50 [ 989.753274] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 989.753295] ? _copy_from_user+0xdd/0x150 [ 989.768763] syz4 [ 989.769388] ion_ioctl+0x17b/0x329 [ 989.789572] Normal: [ 989.790802] ? ion_alloc.cold+0x28/0x28 [ 989.794691] 6*4kB [ 989.799298] ? __might_sleep+0x95/0x190 [ 989.805055] mems_allowed=0-1 [ 989.809270] ? ion_alloc.cold+0x28/0x28 [ 989.820157] 2 [ 989.820772] do_vfs_ioctl+0xd5f/0x1380 [ 989.825719] 2 [ 989.829297] ? selinux_file_ioctl+0x46f/0x5e0 [ 989.855525] mems_allowed=0-1 [ 989.857743] ? selinux_file_ioctl+0x125/0x5e0 [ 989.894481] ? ioctl_preallocate+0x210/0x210 [ 989.900248] ? selinux_file_mprotect+0x620/0x620 [ 989.906112] (UME) 9*8kB [ 989.906885] ? iterate_fd+0x360/0x360 [ 989.906889] (ME) 5*16kB [ 989.909765] ? nsecs_to_jiffies+0x30/0x30 [ 989.909788] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 989.909816] ? security_file_ioctl+0x8d/0xc0 [ 989.909835] ksys_ioctl+0xab/0xd0 [ 989.909854] __x64_sys_ioctl+0x73/0xb0 [ 989.909874] do_syscall_64+0xfd/0x620 [ 989.934930] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 989.938655] Node 0 [ 989.942561] RIP: 0033:0x459829 [ 989.942587] Code: Bad RIP value. [ 989.942595] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 989.942609] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 989.942617] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 989.942625] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 989.942632] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 989.942640] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 989.966055] CPU: 1 PID: 14421 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 989.966509] (ME) [ 989.974802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 989.974808] Call Trace: [ 989.974836] dump_stack+0x172/0x1f0 [ 989.974854] warn_alloc.cold+0x7b/0x173 [ 989.974872] ? zone_watermark_ok_safe+0x260/0x260 [ 989.974910] __alloc_pages_slowpath+0x220e/0x2870 [ 990.060233] ? warn_alloc+0x110/0x110 [ 990.064059] ? __lock_is_held+0xb6/0x140 [ 990.068146] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 990.068662] 822*32kB [ 990.073741] ? should_fail+0x14d/0x85c [ 990.073764] ? __might_sleep+0x95/0x190 [ 990.073785] __alloc_pages_nodemask+0x617/0x750 [ 990.073807] ? __alloc_pages_slowpath+0x2870/0x2870 [ 990.073831] ? wait_for_completion+0x440/0x440 [ 990.098444] ? retint_kernel+0x2d/0x2d [ 990.102366] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 990.107938] alloc_pages_current+0x107/0x210 [ 990.112480] ion_page_pool_alloc+0x137/0x1d0 [ 990.114260] (UME) 2*64kB [ 990.116911] ion_system_heap_allocate+0x154/0xa90 [ 990.116933] ? ion_system_heap_free+0x250/0x250 [ 990.129305] ion_alloc+0x29b/0x900 [ 990.132869] ? ion_dma_buf_release+0x50/0x50 [ 990.137241] Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 990.137297] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 990.168026] ? _copy_from_user+0xdd/0x150 [ 990.172194] ion_ioctl+0x17b/0x329 [ 990.175752] ? ion_alloc.cold+0x28/0x28 [ 990.179748] ? __might_sleep+0x95/0x190 [ 990.181203] (U) 0*128kB [ 990.183741] ? ion_alloc.cold+0x28/0x28 [ 990.183760] do_vfs_ioctl+0xd5f/0x1380 [ 990.186433] 0*256kB [ 990.190408] ? selinux_file_ioctl+0x46f/0x5e0 [ 990.190420] ? selinux_file_ioctl+0x125/0x5e0 [ 990.190436] ? ioctl_preallocate+0x210/0x210 [ 990.190447] ? selinux_file_mprotect+0x620/0x620 [ 990.190468] ? iterate_fd+0x360/0x360 [ 990.190489] ? nsecs_to_jiffies+0x30/0x30 [ 990.222774] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 990.228339] ? security_file_ioctl+0x8d/0xc0 [ 990.232776] ksys_ioctl+0xab/0xd0 [ 990.236254] __x64_sys_ioctl+0x73/0xb0 [ 990.240170] do_syscall_64+0xfd/0x620 [ 990.243990] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 990.249207] RIP: 0033:0x459829 [ 990.252433] Code: Bad RIP value. [ 990.255805] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 990.263550] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 990.270836] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 990.275520] 0*512kB [ 990.278138] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 990.278152] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 990.295034] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 990.317925] 0*1024kB 0*2048kB 0*4096kB = 26608kB [ 990.319519] CPU: 1 PID: 14422 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 990.329777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 990.339153] Call Trace: [ 990.341764] dump_stack+0x172/0x1f0 [ 990.345760] warn_alloc.cold+0x7b/0x173 [ 990.349756] ? zone_watermark_ok_safe+0x260/0x260 [ 990.349952] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 990.354655] __alloc_pages_slowpath+0x220e/0x2870 [ 990.368375] ? warn_alloc+0x110/0x110 [ 990.369598] Mem-Info: [ 990.372214] ? __lock_is_held+0xb6/0x140 [ 990.374639] active_anon:71299 inactive_anon:201 isolated_anon:0 [ 990.374639] active_file:29 inactive_file:35 isolated_file:0 [ 990.374639] unevictable:0 dirty:1 writeback:0 unstable:0 [ 990.374639] slab_reclaimable:12415 slab_unreclaimable:107658 [ 990.374639] mapped:52254 shmem:252 pagetables:873 bounce:0 [ 990.374639] free:13582 free_pcp:0 free_cma:0 [ 990.378716] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 990.416987] ? should_fail+0x14d/0x85c [ 990.420906] ? __might_sleep+0x95/0x190 [ 990.424902] __alloc_pages_nodemask+0x617/0x750 [ 990.429598] ? __alloc_pages_slowpath+0x2870/0x2870 [ 990.434666] ? retint_kernel+0x2d/0x2d [ 990.438566] ? wait_for_completion+0x440/0x440 [ 990.443161] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 990.448717] alloc_pages_current+0x107/0x210 [ 990.453142] ion_page_pool_alloc+0x137/0x1d0 [ 990.457576] ion_system_heap_allocate+0x154/0xa90 [ 990.459218] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 990.462522] ? ion_system_heap_free+0x250/0x250 [ 990.462547] ion_alloc+0x29b/0x900 [ 990.462569] ? ion_dma_buf_release+0x50/0x50 [ 990.462594] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 990.489347] ? _copy_from_user+0xdd/0x150 [ 990.493531] ion_ioctl+0x17b/0x329 [ 990.497089] ? ion_alloc.cold+0x28/0x28 [ 990.501083] ? __might_sleep+0x95/0x190 [ 990.505081] ? ion_alloc.cold+0x28/0x28 [ 990.509073] do_vfs_ioctl+0xd5f/0x1380 [ 990.512982] ? selinux_file_ioctl+0x46f/0x5e0 [ 990.517486] ? selinux_file_ioctl+0x125/0x5e0 [ 990.521993] ? ioctl_preallocate+0x210/0x210 [ 990.526415] ? selinux_file_mprotect+0x620/0x620 [ 990.531192] ? iterate_fd+0x360/0x360 [ 990.535004] ? nsecs_to_jiffies+0x30/0x30 [ 990.536275] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 990.539170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 990.553580] ? security_file_ioctl+0x8d/0xc0 [ 990.558010] ksys_ioctl+0xab/0xd0 [ 990.561483] __x64_sys_ioctl+0x73/0xb0 [ 990.565401] do_syscall_64+0xfd/0x620 [ 990.569221] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 990.574431] RIP: 0033:0x459829 [ 990.576049] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 990.577637] Code: Bad RIP value. [ 990.589576] RSP: 002b:00007fa015674c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 990.597302] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 990.604593] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 990.611871] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 990.619150] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156756d4 [ 990.626426] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 990.629590] Node 0 active_anon:283824kB inactive_anon:800kB active_file:40kB inactive_file:52kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:105240kB dirty:4kB writeback:0kB shmem:996kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 990.661350] lowmem_reserve[]: 0 0 0 0 [ 990.665251] Node 1 Normal free:26608kB min:53608kB low:67008kB high:80408kB active_anon:1372kB inactive_anon:4kB active_file:32kB inactive_file:36kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:512kB pagetables:712kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 990.704535] 284 total pagecache pages [ 990.708379] 0 pages in swap cache [ 990.714252] CPU: 0 PID: 14441 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 990.721284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 990.730638] Call Trace: [ 990.733239] dump_stack+0x172/0x1f0 [ 990.736902] warn_alloc.cold+0x7b/0x173 [ 990.739509] lowmem_reserve[]: [ 990.740896] ? zone_watermark_ok_safe+0x260/0x260 [ 990.740900] 0 0 [ 990.744059] __alloc_pages_slowpath+0x220e/0x2870 [ 990.748897] 0 [ 990.750904] ? warn_alloc+0x110/0x110 [ 990.750922] ? __lock_is_held+0xb6/0x140 [ 990.750944] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 990.770948] ? should_fail+0x14d/0x85c [ 990.774853] ? __might_sleep+0x95/0x190 [ 990.778851] __alloc_pages_nodemask+0x617/0x750 [ 990.779501] 0 [ 990.783544] ? __alloc_pages_slowpath+0x2870/0x2870 [ 990.785339] Node 0 [ 990.790362] ? wait_for_completion+0x440/0x440 [ 990.790379] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 990.790406] alloc_pages_current+0x107/0x210 [ 990.799496] DMA: [ 990.802752] ion_page_pool_alloc+0x137/0x1d0 [ 990.807151] 34*4kB [ 990.809233] ion_system_heap_allocate+0x154/0xa90 [ 990.820705] ? ion_system_heap_free+0x250/0x250 [ 990.825401] ion_alloc+0x29b/0x900 [ 990.828968] ? ion_dma_buf_release+0x50/0x50 [ 990.829518] (UE) 34*8kB [ 990.833401] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 990.833422] ? _copy_from_user+0xdd/0x150 [ 990.836089] (UE) [ 990.841635] ion_ioctl+0x17b/0x329 [ 990.841653] ? ion_alloc.cold+0x28/0x28 [ 990.841673] ? __might_sleep+0x95/0x190 [ 990.841692] ? ion_alloc.cold+0x28/0x28 [ 990.849903] 24*16kB [ 990.851441] do_vfs_ioctl+0xd5f/0x1380 [ 990.855404] (UE) [ 990.859385] ? selinux_file_ioctl+0x46f/0x5e0 [ 990.863403] 6*32kB [ 990.865695] ? selinux_file_ioctl+0x125/0x5e0 [ 990.869614] (UE) [ 990.871645] ? ioctl_preallocate+0x210/0x210 [ 990.876132] 2*64kB [ 990.878372] ? selinux_file_mprotect+0x620/0x620 [ 990.882907] (UE) [ 990.884928] ? iterate_fd+0x360/0x360 [ 990.889323] 6*128kB [ 990.891561] ? nsecs_to_jiffies+0x30/0x30 [ 990.891583] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 990.891601] ? security_file_ioctl+0x8d/0xc0 [ 990.891618] ksys_ioctl+0xab/0xd0 [ 990.896366] (UE) [ 990.898429] __x64_sys_ioctl+0x73/0xb0 [ 990.902251] 3*256kB [ 990.904539] do_syscall_64+0xfd/0x620 [ 990.908663] (UE) [ 990.914208] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 990.914220] RIP: 0033:0x459829 [ 990.914246] Code: Bad RIP value. [ 990.918648] 1*512kB [ 990.922084] RSP: 002b:00007fa015632c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 990.922099] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 990.922106] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 990.922114] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 990.922122] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156336d4 [ 990.922136] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 990.924189] (E) [ 990.965636] Swap cache stats: add 0, delete 0, find 0/0 [ 991.001747] 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10328kB [ 991.008129] Node 0 DMA32: 848*4kB (UMEH) 623*8kB (UMEH) 130*16kB (UMEH) 221*32kB (UME) 6*64kB (UM) 1*128kB (H) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18040kB [ 991.042842] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 991.048237] Node 1 active_anon:1372kB inactive_anon:4kB active_file:32kB inactive_file:36kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:103692kB dirty:0kB writeback:0kB shmem:12kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 991.061721] Node 1 Normal: 6*4kB (UME) 2*8kB (E) 3*16kB (E) 821*32kB (UME) 170*64kB (U) 87*128kB (UM) 71*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 66552kB [ 991.141580] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 991.151294] Node 0 DMA free:10328kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 991.184466] Free swap = 0kB [ 991.187511] Total swap = 0kB [ 991.200646] 1965979 pages RAM [ 991.203794] 0 pages HighMem/MovableOnly [ 991.207778] 338856 pages reserved [ 991.216127] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 991.234577] 0 pages cma reserved [ 991.237991] Unreclaimable slab info: [ 991.241809] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 991.258316] lowmem_reserve[]: 0 2555 2557 2557 [ 991.263041] Name Used Total [ 991.268633] pid_2 44KB 160KB [ 991.279516] Node 0 DMA32 free:65624kB min:36248kB low:45308kB high:54368kB active_anon:281776kB inactive_anon:800kB active_file:232kB inactive_file:944kB unevictable:0kB writepending:4kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6720kB pagetables:2780kB bounce:0kB free_pcp:2744kB local_pcp:1464kB free_cma:0kB [ 991.308963] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 991.325329] 1726 total pagecache pages [ 991.329290] 0 pages in swap cache [ 991.332922] batadv_tt_change_cache 9KB 15KB [ 991.338741] batadv_tl_cache 10KB 20KB [ 991.349990] Swap cache stats: add 0, delete 0, find 0/0 [ 991.355395] Free swap = 0kB [ 991.358419] Total swap = 0kB [ 991.366405] TIPC 30KB 50KB [ 991.386234] SCTPv6 41KB 55KB [ 991.398137] 1965979 pages RAM [ 991.407480] lowmem_reserve[]: 0 0 2 2 [ 991.411404] 0 pages HighMem/MovableOnly [ 991.415393] 338856 pages reserved [ 991.418848] 0 pages cma reserved [ 991.422363] DCCPv6 24KB 43KB [ 991.427754] DCCP 25KB 41KB [ 991.439532] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 991.500500] bridge_fdb_cache 21KB 35KB [ 991.505952] fib6_nodes 211KB 256KB [ 991.529530] lowmem_reserve[]: 0 0 0 0 [ 991.533410] Node 1 Normal free:256032kB min:53608kB low:67008kB high:80408kB active_anon:1312kB inactive_anon:4kB active_file:844kB inactive_file:2996kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:480kB pagetables:684kB bounce:0kB free_pcp:2652kB local_pcp:1284kB free_cma:0kB [ 991.539514] ip6_dst_cache 859KB 945KB [ 991.564948] lowmem_reserve[]: 0 0 0 0 [ 991.573035] Node 0 DMA: 34*4kB (UE) 34*8kB (UE) 24*16kB (UE) 6*32kB (UE) 3*64kB (UE) 6*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10392kB [ 991.609569] Node 0 DMA32: 7387*4kB (UEH) 2792*8kB (UMEH) 800*16kB (UMEH) 221*32kB (UME) 345*64kB (UM) 10*128kB (UH) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 95116kB [ 991.631108] RAWv6 149KB 162KB [ 991.636506] UDPv6 3KB 3KB [ 991.651363] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 991.675368] TCPv6 29KB 35KB [ 991.693441] nf_conntrack 0KB 3KB [ 991.698898] sd_ext_cdb 0KB 7KB [ 991.706955] Node 1 Normal: 17929*4kB (UME) 633*8kB (UME) 69*16kB (UME) 858*32kB (UME) 1071*64kB (UME) 269*128kB (UM) 285*256kB (UM) 12*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 287420kB [ 991.739735] scsi_sense_cache 1056KB 1060KB [ 991.745163] virtio_scsi_cmd 16KB 16KB [ 991.790100] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 991.797446] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 991.806607] sgpool-128 8KB 8KB [ 991.825316] sgpool-64 4KB 12KB [ 991.839612] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 991.848263] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 991.863757] sgpool-32 2KB 15KB [ 991.869155] sgpool-16 1KB 7KB [ 991.876564] sgpool-8 0KB 7KB [ 991.886062] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 991.896794] mqueue_inode_cache 27KB 43KB [ 991.907071] bio_post_read_ctx 14KB 15KB [ 991.914409] 2988 total pagecache pages [ 991.918321] 0 pages in swap cache [ 991.925796] bio-2 14KB 15KB [ 991.933375] Swap cache stats: add 0, delete 0, find 0/0 [ 991.938761] Free swap = 0kB [ 991.944903] jfs_mp 7KB 7KB [ 991.950506] nfs_commit_data 3KB 14KB [ 991.955885] nfs_write_data 34KB 44KB [ 991.955946] ext4_system_zone 1KB 7KB [ 991.955987] bio-1 1KB 7KB [ 991.956002] pid_namespace 5KB 7KB [ 991.956027] rpc_buffers 17KB 25KB [ 991.956039] rpc_tasks 2KB 7KB [ 991.956051] UNIX 1236KB 1276KB [ 991.956070] tcp_bind_bucket 2KB 12KB [ 991.956088] xfrm_state 3KB 8KB [ 991.994310] Total swap = 0kB [ 992.004737] 1965979 pages RAM [ 992.004743] 0 pages HighMem/MovableOnly [ 992.004749] 338856 pages reserved [ 992.004754] 0 pages cma reserved [ 992.027370] ip_fib_trie 31KB 39KB [ 992.033812] ip_fib_alias 146KB 177KB [ 992.039190] ip_dst_cache 8KB 20KB [ 992.044612] RAW 93KB 115KB [ 992.050076] UDP 39KB 58KB [ 992.055454] TCP 8KB 16KB [ 992.060868] hugetlbfs_inode_cache 2KB 15KB [ 992.066613] fscache_cookie_jar 1KB 11KB [ 992.072151] eventpoll_pwq 29KB 35KB [ 992.077524] eventpoll_epi 48KB 66KB [ 992.082963] inotify_inode_mark 39KB 63KB [ 992.088422] request_queue 163KB 163KB [ 992.093857] blkdev_requests 1KB 3KB [ 992.099231] blkdev_ioc 51KB 54KB [ 992.104693] bio-0 2151KB 2152KB [ 992.110113] biovec-max 3894KB 3894KB [ 992.115507] biovec-64 2131KB 2173KB [ 992.120930] biovec-16 232KB 360KB [ 992.120942] bio_integrity_payload 1KB 8KB [ 992.120953] khugepaged_mm_slot 8KB 19KB [ 992.120975] dmaengine-unmap-256 2KB 6KB [ 992.120986] dmaengine-unmap-128 1KB 3KB [ 992.120999] dmaengine-unmap-16 0KB 4KB [ 992.164281] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 992.180498] team0: Port device team_slave_0 added [ 992.186448] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 992.220693] team0: Port device team_slave_1 added [ 992.226190] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 992.233756] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 992.249638] dmaengine-unmap-2 0KB 3KB [ 992.255081] skbuff_fclone_cache 87KB 161KB [ 992.291688] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 992.306805] device hsr_slave_0 entered promiscuous mode [ 992.312287] skbuff_head_cache 6405KB 7016KB [ 992.317670] configfs_dir_cache 0KB 8KB [ 992.349575] file_lock_cache 0KB 3KB [ 992.354995] file_lock_ctx 0KB 3KB [ 992.360817] device hsr_slave_1 entered promiscuous mode [ 992.366397] syz-executor.4 cpuset=syz4 mems_allowed=0-1 [ 992.389539] fsnotify_mark_connector 23KB 39KB [ 992.395487] net_namespace 121KB 130KB [ 992.398116] CPU: 0 PID: 14441 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 992.400979] shmem_inode_cache 5165KB 5394KB [ 992.407895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 992.407906] Call Trace: [ 992.413315] task_delay_info 78KB 233KB [ 992.422636] dump_stack+0x172/0x1f0 [ 992.422657] warn_alloc.cold+0x7b/0x173 [ 992.422679] ? zone_watermark_ok_safe+0x260/0x260 [ 992.425256] taskstats 37KB 76KB [ 992.430626] ? try_to_compact_pages+0x44/0xae0 [ 992.430660] __alloc_pages_slowpath+0x220e/0x2870 [ 992.430696] ? warn_alloc+0x110/0x110 [ 992.434299] proc_dir_entry 1053KB 1091KB [ 992.438273] ? __lock_is_held+0xb6/0x140 [ 992.438296] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 992.443174] pde_opener 0KB 3KB [ 992.448492] ? should_fail+0x14d/0x85c [ 992.453105] seq_file 170KB 307KB [ 992.457910] ? __isolate_free_page+0x4c0/0x4c0 [ 992.461734] sigqueue 45KB 86KB [ 992.467052] ? __might_sleep+0x95/0x190 [ 992.471153] kernfs_node_cache 13511KB 13517KB [ 992.476643] __alloc_pages_nodemask+0x617/0x750 [ 992.482045] mnt_cache 162KB 192KB [ 992.485904] ? __alloc_pages_slowpath+0x2870/0x2870 [ 992.491290] filp 2681KB 4166KB [ 992.495836] ? policy_node+0xfb/0x140 [ 992.501231] names_cache 45832KB 45853KB [ 992.505160] ? wait_for_completion+0x440/0x440 [ 992.510552] iint_cache 33KB 63KB [ 992.515185] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 992.520583] hashtab_node 118KB 119KB [ 992.525566] alloc_pages_current+0x107/0x210 [ 992.530966] ebitmap_node 1047KB 1141KB [ 992.534725] ion_page_pool_alloc+0x137/0x1d0 [ 992.540129] avtab_node 1012KB 1013KB [ 992.544670] ion_system_heap_allocate+0x154/0xa90 [ 992.550091] avc_node 49KB 55KB [ 992.555600] ? ion_system_heap_free+0x250/0x250 [ 992.561037] selinux_file_security 166KB 329KB [ 992.565415] ion_alloc+0x475/0x900 [ 992.570828] selinux_inode_security 3235KB 3488KB [ 992.575198] ? ion_dma_buf_release+0x50/0x50 [ 992.580594] key_jar 5KB 15KB [ 992.585400] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 992.590810] uts_namespace 7KB 15KB [ 992.595438] ? _copy_from_user+0xdd/0x150 [ 992.601193] nsproxy 7KB 11KB [ 992.604693] ion_ioctl+0x17b/0x329 [ 992.610535] vm_area_struct 3190KB 5541KB [ 992.614925] ? ion_alloc.cold+0x28/0x28 [ 992.620345] mm_struct 451KB 728KB [ 992.625860] ? __might_sleep+0x95/0x190 [ 992.631285] fs_cache 56KB 96KB [ 992.635401] ? ion_alloc.cold+0x28/0x28 [ 992.640823] files_cache 177KB 243KB [ 992.644320] do_vfs_ioctl+0xd5f/0x1380 [ 992.649736] signal_cache 526KB 797KB [ 992.653675] ? selinux_file_ioctl+0x46f/0x5e0 [ 992.659039] sighand_cache 504KB 534KB [ 992.663038] ? selinux_file_ioctl+0x125/0x5e0 [ 992.663055] ? ioctl_preallocate+0x210/0x210 [ 992.663067] ? selinux_file_mprotect+0x620/0x620 [ 992.663095] ? iterate_fd+0x360/0x360 [ 992.668467] task_struct 2283KB 2295KB [ 992.672470] ? nsecs_to_jiffies+0x30/0x30 [ 992.672494] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 992.672511] ? security_file_ioctl+0x8d/0xc0 [ 992.672529] ksys_ioctl+0xab/0xd0 [ 992.677906] cred_jar 286KB 608KB [ 992.681813] __x64_sys_ioctl+0x73/0xb0 [ 992.681831] do_syscall_64+0xfd/0x620 [ 992.681849] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 992.681867] RIP: 0033:0x459829 [ 992.687273] anon_vma_chain 1819KB 3465KB [ 992.691786] Code: Bad RIP value. [ 992.691795] RSP: 002b:00007fa015632c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 992.691809] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 992.691817] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 992.691825] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 992.691849] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156336d4 [ 992.697226] anon_vma 174KB 573KB [ 992.701719] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 992.831119] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 992.850153] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 992.859677] pid 49KB 200KB [ 992.865116] Acpi-Operand 156KB 190KB [ 992.871194] Acpi-ParseExt 8KB 11KB [ 992.879926] Acpi-Parse 41KB 47KB [ 992.886033] Acpi-State 52KB 63KB [ 992.891492] Acpi-Namespace 20KB 23KB [ 992.896880] numa_policy 0KB 3KB [ 992.901587] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 992.902465] debug_objects_cache 1245KB 1285KB [ 992.914195] trace_event_file 263KB 266KB [ 992.919679] ftrace_event_field 382KB 385KB [ 992.925151] pool_workqueue 112KB 132KB [ 992.930651] task_group 5KB 7KB [ 992.936034] page->ptl 632KB 1612KB [ 992.941533] kmalloc-2097152 2050KB 2050KB [ 992.946931] kmalloc-524288 2056KB 2056KB [ 992.952429] kmalloc-262144 1290KB 1290KB [ 992.957816] kmalloc-131072 650KB 650KB [ 992.963272] kmalloc-65536 46266KB 46398KB [ 992.968655] kmalloc-32768 2904KB 3036KB [ 992.974150] kmalloc-16384 841KB 957KB [ 992.979627] kmalloc-8192 4116KB 4158KB [ 992.985015] kmalloc-4096 34225KB 34263KB [ 992.989573] warn_alloc_show_mem: 3 callbacks suppressed [ 992.989578] Mem-Info: [ 992.990504] kmalloc-2048 17505KB 18391KB [ 992.995799] active_anon:71294 inactive_anon:202 isolated_anon:0 [ 992.995799] active_file:551 inactive_file:2237 isolated_file:0 [ 992.995799] unevictable:0 dirty:0 writeback:0 unstable:0 [ 992.995799] slab_reclaimable:12411 slab_unreclaimable:107589 [ 992.995799] mapped:54249 shmem:252 pagetables:863 bounce:0 [ 992.995799] free:94229 free_pcp:1255 free_cma:0 [ 992.998194] kmalloc-1024 14251KB 16175KB [ 993.027322] 8021q: adding VLAN 0 to HW filter on device bond0 [ 993.037089] kmalloc-512 11200KB 12678KB [ 993.037102] kmalloc-256 4914KB 5550KB [ 993.037113] kmalloc-128 1485KB 1578KB [ 993.037123] kmalloc-96 2334KB 2568KB [ 993.037132] kmalloc-64 3266KB 3496KB [ 993.037141] kmalloc-32 3406KB 3724KB [ 993.037151] kmalloc-192 3149KB 3396KB [ 993.037161] kmem_cache 248KB 255KB [ 993.037174] Out of memory: Kill process 7947 (syz-fuzzer) score 41 or sacrifice child [ 993.037252] Killed process 14456 (syz-executor.2) total-vm:72452kB, anon-rss:60kB, file-rss:0kB, shmem-rss:0kB [ 993.054831] Node 0 active_anon:283892kB inactive_anon:804kB active_file:956kB inactive_file:6736kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:110344kB dirty:0kB writeback:0kB shmem:1004kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 993.176071] Node 1 active_anon:1284kB inactive_anon:4kB active_file:1248kB inactive_file:2412kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:72652kB dirty:0kB writeback:0kB shmem:4kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 993.259548] Node 0 DMA free:10404kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 993.319653] lowmem_reserve[]: 0 2555 2557 2557 [ 993.324320] Node 0 DMA32 free:134576kB min:36248kB low:45308kB high:54368kB active_anon:281844kB inactive_anon:804kB active_file:856kB inactive_file:7084kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6720kB pagetables:2768kB bounce:0kB free_pcp:2756kB local_pcp:1364kB free_cma:0kB [ 993.366653] lowmem_reserve[]: 0 0 2 2 [ 993.370863] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 993.409642] lowmem_reserve[]: 0 0 0 0 [ 993.413530] Node 1 Normal free:325504kB min:53608kB low:67008kB high:80408kB active_anon:1284kB inactive_anon:4kB active_file:1248kB inactive_file:2412kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:448kB pagetables:684kB bounce:0kB free_pcp:2660kB local_pcp:1324kB free_cma:0kB [ 993.459684] lowmem_reserve[]: 0 0 0 0 [ 993.463562] Node 0 DMA: 92*4kB (UE) 34*8kB (UE) 24*16kB (UE) 6*32kB (UE) 2*64kB (UE) 5*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10432kB [ 993.484100] Node 0 DMA32: 22457*4kB (UMEH) 4198*8kB (UMEH) 1208*16kB (UMEH) 648*32kB (UME) 0*64kB 1*128kB (H) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 163604kB [ 993.514079] syz-executor.5: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 993.535539] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 993.539695] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 993.569581] CPU: 0 PID: 14421 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 993.569595] Node 1 [ 993.576620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 993.576632] Call Trace: [ 993.578880] Normal: [ 993.588246] dump_stack+0x172/0x1f0 [ 993.588266] warn_alloc.cold+0x7b/0x173 [ 993.588285] ? zone_watermark_ok_safe+0x260/0x260 [ 993.588305] ? try_to_compact_pages+0x44/0xae0 [ 993.610215] __alloc_pages_slowpath+0x220e/0x2870 [ 993.615101] ? warn_alloc+0x110/0x110 [ 993.618238] 29787*4kB [ 993.618917] ? __lock_is_held+0xb6/0x140 [ 993.618928] (UME) [ 993.621430] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 993.621444] ? should_fail+0x14d/0x85c [ 993.621466] ? __isolate_free_page+0x4c0/0x4c0 [ 993.621484] ? __might_sleep+0x95/0x190 [ 993.625543] 10563*8kB [ 993.629229] __alloc_pages_nodemask+0x617/0x750 [ 993.642425] syz-executor.4: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 993.648430] ? __alloc_pages_slowpath+0x2870/0x2870 [ 993.654763] syz-executor.4 cpuset= [ 993.654904] ? find_held_lock+0x35/0x130 [ 993.659584] syz4 [ 993.671261] ? wait_for_completion+0x440/0x440 [ 993.676311] (U) [ 993.679811] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 993.679835] alloc_pages_current+0x107/0x210 [ 993.679856] ion_page_pool_alloc+0x137/0x1d0 [ 993.683901] 4200*16kB [ 993.685876] ion_system_heap_allocate+0x154/0xa90 [ 993.690469] (UME) [ 993.692418] ? ion_system_heap_free+0x250/0x250 [ 993.697932] 1524*32kB [ 993.702345] ion_alloc+0x475/0x900 [ 993.702369] ? ion_dma_buf_release+0x50/0x50 [ 993.702395] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 993.706804] mems_allowed=0-1 [ 993.709285] ? _copy_from_user+0xdd/0x150 [ 993.709305] ion_ioctl+0x17b/0x329 [ 993.719494] (UME) [ 993.720955] ? ion_alloc.cold+0x28/0x28 [ 993.723430] 0*64kB [ 993.726973] ? __might_sleep+0x95/0x190 [ 993.749509] 0*128kB [ 993.750389] ? ion_alloc.cold+0x28/0x28 [ 993.754357] 0*256kB [ 993.756592] do_vfs_ioctl+0xd5f/0x1380 [ 993.769502] 0*512kB 0*1024kB [ 993.773026] ? selinux_file_ioctl+0x46f/0x5e0 [ 993.773042] ? selinux_file_ioctl+0x125/0x5e0 [ 993.776138] 0*2048kB [ 993.780627] ? ioctl_preallocate+0x210/0x210 [ 993.780642] ? selinux_file_mprotect+0x620/0x620 [ 993.780665] ? iterate_fd+0x360/0x360 [ 993.780684] ? nsecs_to_jiffies+0x30/0x30 [ 993.799503] 0*4096kB [ 993.800504] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 993.804630] = 319620kB [ 993.807047] ? security_file_ioctl+0x8d/0xc0 [ 993.819460] ksys_ioctl+0xab/0xd0 [ 993.822926] __x64_sys_ioctl+0x73/0xb0 [ 993.826821] do_syscall_64+0xfd/0x620 [ 993.829508] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 993.830633] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 993.845444] RIP: 0033:0x459829 [ 993.848651] Code: Bad RIP value. [ 993.849518] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 993.852022] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 993.868331] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 993.869524] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 993.875610] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 993.891730] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 993.899016] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 993.899534] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 993.906307] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 994.029630] CPU: 0 PID: 14422 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 994.036696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 994.036885] 2922 total pagecache pages [ 994.046061] Call Trace: [ 994.046086] dump_stack+0x172/0x1f0 [ 994.046105] warn_alloc.cold+0x7b/0x173 [ 994.046123] ? zone_watermark_ok_safe+0x260/0x260 [ 994.046145] ? try_to_compact_pages+0x44/0xae0 [ 994.046177] __alloc_pages_slowpath+0x220e/0x2870 [ 994.046215] ? warn_alloc+0x110/0x110 [ 994.046232] ? __lock_is_held+0xb6/0x140 [ 994.046251] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 994.046265] ? should_fail+0x14d/0x85c [ 994.046285] ? __isolate_free_page+0x4c0/0x4c0 [ 994.052795] ? __might_sleep+0x95/0x190 [ 994.060381] __alloc_pages_nodemask+0x617/0x750 [ 994.060405] ? __alloc_pages_slowpath+0x2870/0x2870 [ 994.060427] ? find_held_lock+0x35/0x130 [ 994.069845] ? wait_for_completion+0x440/0x440 [ 994.069864] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 994.069893] alloc_pages_current+0x107/0x210 [ 994.079509] 0 pages in swap cache [ 994.082569] ion_page_pool_alloc+0x137/0x1d0 [ 994.088093] Swap cache stats: add 0, delete 0, find 0/0 [ 994.091977] ion_system_heap_allocate+0x154/0xa90 [ 994.091997] ? ion_system_heap_free+0x250/0x250 [ 994.092027] ion_alloc+0x475/0x900 [ 994.110316] Free swap = 0kB [ 994.114291] ? ion_dma_buf_release+0x50/0x50 [ 994.118856] Total swap = 0kB [ 994.124410] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 994.124425] ? _copy_from_user+0xdd/0x150 [ 994.124444] ion_ioctl+0x17b/0x329 [ 994.124463] ? ion_alloc.cold+0x28/0x28 [ 994.128860] 1965979 pages RAM [ 994.132322] ? __might_sleep+0x95/0x190 [ 994.132339] ? ion_alloc.cold+0x28/0x28 [ 994.132356] do_vfs_ioctl+0xd5f/0x1380 [ 994.132374] ? selinux_file_ioctl+0x46f/0x5e0 [ 994.136787] 0 pages HighMem/MovableOnly [ 994.142150] ? selinux_file_ioctl+0x125/0x5e0 [ 994.142165] ? ioctl_preallocate+0x210/0x210 [ 994.142177] ? selinux_file_mprotect+0x620/0x620 [ 994.142199] ? iterate_fd+0x360/0x360 [ 994.147029] 338856 pages reserved [ 994.151699] ? nsecs_to_jiffies+0x30/0x30 [ 994.151722] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 994.151739] ? security_file_ioctl+0x8d/0xc0 [ 994.151757] ksys_ioctl+0xab/0xd0 [ 994.155283] 0 pages cma reserved [ 994.158301] __x64_sys_ioctl+0x73/0xb0 [ 994.158317] do_syscall_64+0xfd/0x620 [ 994.158342] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 994.260818] RIP: 0033:0x459829 [ 994.264029] Code: Bad RIP value. [ 994.267395] RSP: 002b:00007fa015674c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 994.275112] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 994.282414] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 994.289694] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 994.296971] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156756d4 [ 994.304246] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 994.323779] warn_alloc_show_mem: 1 callbacks suppressed 04:55:05 executing program 1: dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010502000270f7f8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x9, @remote}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x0, 0x8, @mcast1}, @in6={0xa, 0x4e21, 0x0, @remote}, @in={0x2, 0x4e23, @empty}], 0x74) 04:55:05 executing program 0: socket$alg(0x26, 0x5, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14bc420000000056b500002e900800000000080008000100000007e10400ac14341b080003000800e80f01"], 0x1}}, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000280)='y\x00', 0x2, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0xaaaaaaaaaaaace6, 0x0, 0x0, 0xeb) ioctl$KVM_RUN(r3, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000000)={0x2, r2, 0x1}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 994.323785] Mem-Info: [ 994.353259] active_anon:71269 inactive_anon:202 isolated_anon:24 [ 994.353259] active_file:1070 inactive_file:2255 isolated_file:14 [ 994.353259] unevictable:0 dirty:0 writeback:0 unstable:0 [ 994.353259] slab_reclaimable:12386 slab_unreclaimable:107474 [ 994.353259] mapped:46049 shmem:252 pagetables:863 bounce:0 [ 994.353259] free:155101 free_pcp:769 free_cma:0 [ 994.423583] Node 0 active_anon:283792kB inactive_anon:804kB active_file:3256kB inactive_file:8376kB unevictable:0kB isolated(anon):96kB isolated(file):56kB mapped:112544kB dirty:0kB writeback:0kB shmem:1004kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 994.457318] Node 1 active_anon:1244kB inactive_anon:4kB active_file:1404kB inactive_file:1168kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:72012kB dirty:0kB writeback:4kB shmem:4kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 994.508730] Node 0 DMA free:10368kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 04:55:06 executing program 3: r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ion\x00', 0xfc, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$PIO_FONT(r1, 0x4b61, &(0x7f00000000c0)) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x7ff, &(0x7f0000000180)="11dca50d5e0bcfe47bf070") ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1, 0x1000000000}) r2 = geteuid() r3 = getgid() write$FUSE_ATTR(r1, &(0x7f0000000100)={0x78, 0x0, 0x5, {0xe0, 0x5, 0x0, {0x0, 0x1f, 0x200, 0xe1b, 0x4038, 0x2, 0x1, 0x9, 0x40, 0xb7, 0x0, r2, r3, 0x0, 0xa12c}}}, 0x78) [ 994.642877] lowmem_reserve[]: 0 2555 2557 2557 [ 994.647581] Node 0 DMA32 free:264400kB min:36248kB low:45308kB high:54368kB active_anon:282120kB inactive_anon:796kB active_file:3616kB inactive_file:14008kB unevictable:0kB writepending:88kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6848kB pagetables:2876kB bounce:0kB free_pcp:2228kB local_pcp:1432kB free_cma:0kB [ 994.779112] lowmem_reserve[]: 0 0 2 2 [ 994.785220] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 994.816909] lowmem_reserve[]: 0 0 0 0 04:55:06 executing program 3: r0 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x0, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) r1 = openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000000)={0x80000001, 0x1, 0x10000}) [ 994.852079] Node 1 Normal free:428932kB min:53608kB low:67008kB high:80408kB active_anon:1184kB inactive_anon:4kB active_file:1624kB inactive_file:948kB unevictable:0kB writepending:4kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:416kB pagetables:500kB bounce:0kB free_pcp:1520kB local_pcp:1488kB free_cma:0kB [ 994.926980] lowmem_reserve[]: 0 0 0 0 [ 994.968907] Node 0 DMA: 92*4kB (UE) 34*8kB (UE) 24*16kB (UE) 6*32kB (UE) 1*64kB (E) 5*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10368kB [ 995.018973] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 995.039630] Node 0 DMA32: 28105*4kB (UMEH) 9403*8kB (UMEH) 3604*16kB (UMEH) 895*32kB (UME) 0*64kB 1*128kB (H) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 274076kB [ 995.048992] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 995.070616] CPU: 1 PID: 14486 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 995.075080] Node 0 [ 995.077668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 995.077675] Call Trace: [ 995.077699] dump_stack+0x172/0x1f0 [ 995.077720] warn_alloc.cold+0x7b/0x173 [ 995.090182] Normal: [ 995.091937] ? zone_watermark_ok_safe+0x260/0x260 [ 995.091955] ? compaction_deferred+0x16a/0x3b0 [ 995.091975] ? try_to_compact_pages+0x44/0xae0 [ 995.106917] 0*4kB [ 995.111317] __alloc_pages_slowpath+0x220e/0x2870 [ 995.111354] ? warn_alloc+0x110/0x110 [ 995.111368] ? __lock_is_held+0xb6/0x140 [ 995.111399] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 995.136348] 0*8kB [ 995.136366] ? should_fail+0x14d/0x85c [ 995.136397] ? __isolate_free_page+0x4c0/0x4c0 [ 995.143217] 0*16kB [ 995.147004] ? __might_sleep+0x95/0x190 [ 995.147028] __alloc_pages_nodemask+0x617/0x750 [ 995.147050] ? __alloc_pages_slowpath+0x2870/0x2870 [ 995.158331] 0*32kB [ 995.162946] ? wait_for_completion+0x440/0x440 [ 995.162963] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 995.162984] alloc_pages_current+0x107/0x210 [ 995.163003] ion_page_pool_alloc+0x137/0x1d0 [ 995.163019] ion_system_heap_allocate+0x154/0xa90 [ 995.163042] ? ion_system_heap_free+0x250/0x250 [ 995.181932] 0*64kB [ 995.184215] ion_alloc+0x29b/0x900 [ 995.184240] ? ion_dma_buf_release+0x50/0x50 [ 995.203946] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 995.204898] 0*128kB [ 995.209497] ? _copy_from_user+0xdd/0x150 [ 995.209520] ion_ioctl+0x17b/0x329 [ 995.209538] ? ion_alloc.cold+0x28/0x28 [ 995.209556] ? __might_sleep+0x95/0x190 [ 995.209574] ? ion_alloc.cold+0x28/0x28 [ 995.209592] do_vfs_ioctl+0xd5f/0x1380 [ 995.222015] 0*256kB [ 995.223552] ? selinux_file_ioctl+0x46f/0x5e0 [ 995.223568] ? selinux_file_ioctl+0x125/0x5e0 [ 995.223591] ? ioctl_preallocate+0x210/0x210 [ 995.231034] 0*512kB [ 995.231538] ? selinux_file_mprotect+0x620/0x620 [ 995.244503] 0*1024kB [ 995.246755] ? iterate_fd+0x360/0x360 [ 995.246776] ? nsecs_to_jiffies+0x30/0x30 [ 995.266974] 0*2048kB [ 995.268597] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 995.268618] ? security_file_ioctl+0x8d/0xc0 [ 995.278981] 0*4096kB [ 995.280976] ksys_ioctl+0xab/0xd0 [ 995.280996] __x64_sys_ioctl+0x73/0xb0 [ 995.281017] do_syscall_64+0xfd/0x620 [ 995.281037] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 995.281049] RIP: 0033:0x459829 [ 995.281071] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 995.293755] = 0kB [ 995.294590] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 995.294607] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 995.294622] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 995.313256] Node 1 [ 995.321893] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 995.321903] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 995.321912] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 995.371100] Normal: 43638*4kB (UME) 12722*8kB (U) 5095*16kB (UME) 1826*32kB (UME) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 416280kB [ 995.375893] Mem-Info: [ 995.385345] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 995.389760] active_anon:71388 inactive_anon:200 isolated_anon:0 [ 995.389760] active_file:1608 inactive_file:3824 isolated_file:0 [ 995.389760] unevictable:0 dirty:23 writeback:0 unstable:0 [ 995.389760] slab_reclaimable:12391 slab_unreclaimable:108520 [ 995.389760] mapped:48164 shmem:252 pagetables:844 bounce:0 [ 995.389760] free:174856 free_pcp:209 free_cma:0 [ 995.396549] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 995.438770] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 995.447902] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 995.468907] Node 0 active_anon:284324kB inactive_anon:808kB active_file:5068kB inactive_file:14648kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:120956kB dirty:196kB writeback:0kB shmem:1008kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 995.470074] 5712 total pagecache pages [ 995.501488] 0 pages in swap cache [ 995.502967] Node 1 active_anon:1048kB inactive_anon:0kB active_file:1596kB inactive_file:496kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:71572kB dirty:4kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 995.505032] Swap cache stats: add 0, delete 0, find 0/0 [ 995.537232] Free swap = 0kB [ 995.537994] Node 0 [ 995.540429] Total swap = 0kB [ 995.540484] DMA free:10368kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 995.542759] 1965979 pages RAM [ 995.545837] lowmem_reserve[]: [ 995.571789] 0 pages HighMem/MovableOnly [ 995.571796] 338856 pages reserved [ 995.571802] 0 pages cma reserved [ 995.590261] device bridge_slave_1 left promiscuous mode [ 995.595789] bridge0: port 2(bridge_slave_1) entered disabled state [ 995.611077] 0 2555 2557 2557 [ 995.614256] Node 0 DMA32 free:273944kB min:36248kB low:45308kB high:54368kB active_anon:282076kB inactive_anon:808kB active_file:5068kB inactive_file:14648kB unevictable:0kB writepending:196kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6784kB pagetables:2872kB bounce:0kB free_pcp:1560kB local_pcp:1260kB free_cma:0kB [ 995.650696] lowmem_reserve[]: 0 0 2 2 [ 995.654587] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 995.690527] device bridge_slave_0 left promiscuous mode [ 995.696110] bridge0: port 1(bridge_slave_0) entered disabled state [ 995.702858] lowmem_reserve[]: 0 0 0 0 [ 995.706718] Node 1 Normal free:425080kB min:53608kB low:67008kB high:80408kB active_anon:1048kB inactive_anon:0kB active_file:1596kB inactive_file:496kB unevictable:0kB writepending:4kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:416kB pagetables:500kB bounce:0kB free_pcp:1552kB local_pcp:1360kB free_cma:0kB [ 995.764193] lowmem_reserve[]: 0 0 0 0 [ 995.768087] Node 0 DMA: 92*4kB (UE) 34*8kB (UE) 24*16kB (UE) 6*32kB (UE) 1*64kB (E) 5*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10368kB [ 995.815871] Node 0 DMA32: 28380*4kB (UMEH) 9378*8kB (UMEH) 3607*16kB (UMEH) 897*32kB (UME) 1*64kB (U) 1*128kB (H) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 275152kB [ 995.846944] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 995.863078] device hsr_slave_1 left promiscuous mode [ 995.863859] Node 1 Normal: 51223*4kB (UME) 13727*8kB (U) 5349*16kB (UME) 1854*32kB (UME) 4*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 459876kB [ 995.893560] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 995.906654] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 995.917516] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 995.932596] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 995.943401] 5786 total pagecache pages [ 995.947407] 0 pages in swap cache [ 995.951109] Swap cache stats: add 0, delete 0, find 0/0 [ 995.956569] Free swap = 0kB [ 995.959767] Total swap = 0kB [ 995.962890] 1965979 pages RAM [ 995.966087] 0 pages HighMem/MovableOnly [ 995.970195] 338856 pages reserved [ 995.973743] 0 pages cma reserved [ 995.983940] device hsr_slave_0 left promiscuous mode [ 996.045289] team0 (unregistering): Port device team_slave_1 removed [ 996.080157] team0 (unregistering): Port device team_slave_0 removed [ 996.127955] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 996.290893] bond0 (unregistering): Released all slaves [ 996.800794] IPVS: ftp: loaded support on port[0] = 21 [ 997.081375] oom_reaper: reaped process 14486 (syz-executor.3), now anon-rss:0kB, file-rss:34836kB, shmem-rss:0kB [ 997.382137] rs:main Q:Reg invoked oom-killer: gfp_mask=0x6201ca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE), nodemask=(null), order=0, oom_score_adj=0 [ 997.429445] rs:main Q:Reg cpuset=/ mems_allowed=0-1 [ 997.438140] CPU: 1 PID: 7799 Comm: rs:main Q:Reg Not tainted 4.19.63 #37 [ 997.444991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 997.454346] Call Trace: [ 997.456953] dump_stack+0x172/0x1f0 [ 997.460601] dump_header+0x15e/0xa55 [ 997.464338] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 997.469451] ? ___ratelimit+0x60/0x595 [ 997.473354] ? do_raw_spin_unlock+0x57/0x270 [ 997.477787] oom_kill_process.cold+0x10/0x6ef [ 997.482294] ? lock_downgrade+0x810/0x810 [ 997.486461] ? kasan_check_read+0x11/0x20 [ 997.490628] out_of_memory+0x936/0x12d0 [ 997.494627] ? oom_killer_disable+0x280/0x280 [ 997.499136] ? mutex_trylock+0x18e/0x1e0 [ 997.503212] ? __alloc_pages_slowpath+0xcc2/0x2870 [ 997.508160] __alloc_pages_slowpath+0x20af/0x2870 [ 997.513038] ? warn_alloc+0x110/0x110 [ 997.516850] ? __lock_is_held+0xb6/0x140 [ 997.520928] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 997.526472] ? should_fail+0x14d/0x85c [ 997.530471] ? __might_sleep+0x95/0x190 [ 997.534469] __alloc_pages_nodemask+0x617/0x750 [ 997.539156] ? __alloc_pages_slowpath+0x2870/0x2870 [ 997.544191] ? find_get_entry+0x3e8/0x820 [ 997.548351] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 997.553912] alloc_pages_current+0x107/0x210 [ 997.558339] __page_cache_alloc+0x2bd/0x450 [ 997.562672] ? mark_held_locks+0x100/0x100 [ 997.566922] pagecache_get_page+0x231/0xa40 [ 997.571266] grab_cache_page_write_begin+0x7b/0xb0 [ 997.576243] ext4_da_write_begin+0x2d7/0xec0 [ 997.580673] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 997.586226] ? ext4_write_begin+0x1470/0x1470 [ 997.590730] ? copy_page_from_iter+0x7f0/0x7f0 [ 997.595596] generic_perform_write+0x22a/0x520 [ 997.600198] ? page_endio+0x780/0x780 [ 997.604016] ? current_time+0x140/0x140 [ 997.608008] ? lock_acquire+0x16f/0x3f0 [ 997.611997] ? ext4_file_write_iter+0x23f/0x1060 [ 997.616768] __generic_file_write_iter+0x25e/0x630 [ 997.621718] ext4_file_write_iter+0x32b/0x1060 [ 997.626306] ? mark_held_locks+0x100/0x100 [ 997.631394] ? dput+0x542/0x670 [ 997.634688] ? xfs_trans_init+0x430/0x6d0 [ 997.638858] ? ext4_file_mmap+0x410/0x410 [ 997.647976] ? mark_held_locks+0x100/0x100 [ 997.652228] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 997.657778] ? iov_iter_init+0xc6/0x1f0 [ 997.661770] __vfs_write+0x587/0x810 [ 997.666109] ? kernel_read+0x120/0x120 [ 997.670033] ? rcu_read_lock_sched_held+0x110/0x130 [ 997.675062] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 997.679830] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 997.685383] ? __sb_start_write+0x1a9/0x360 [ 997.689727] vfs_write+0x20c/0x560 [ 997.693288] ksys_write+0x14f/0x2d0 [ 997.696933] ? __ia32_sys_read+0xb0/0xb0 [ 997.701014] ? do_syscall_64+0x26/0x620 [ 997.705027] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 997.710408] ? do_syscall_64+0x26/0x620 [ 997.714409] __x64_sys_write+0x73/0xb0 [ 997.718314] do_syscall_64+0xfd/0x620 [ 997.722132] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 997.727331] RIP: 0033:0x7f334cd9a19d [ 997.731067] Code: Bad RIP value. [ 997.734440] RSP: 002b:00007f334b33b000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 997.743672] RAX: ffffffffffffffda RBX: 0000000000000096 RCX: 00007f334cd9a19d [ 997.751797] RDX: 0000000000000096 RSI: 0000000000b7bce0 RDI: 0000000000000006 [ 997.759075] RBP: 0000000000b7bce0 R08: 6c656e72656b2072 R09: 37393920205b203a [ 997.766350] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 997.773636] R13: 00007f334b33b480 R14: 0000000000000001 R15: 0000000000b7bae0 [ 997.819570] syz-executor.3: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 997.819621] syz-executor.5: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 997.853030] syz-executor.5 cpuset=syz5 mems_allowed=0-1 [ 997.858536] CPU: 0 PID: 14421 Comm: syz-executor.5 Not tainted 4.19.63 #37 [ 997.865565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 997.874927] Call Trace: [ 997.877530] dump_stack+0x172/0x1f0 [ 997.879522] syz-executor.3 cpuset=syz3 [ 997.881170] warn_alloc.cold+0x7b/0x173 [ 997.881190] ? zone_watermark_ok_safe+0x260/0x260 [ 997.885075] mems_allowed=0-1 [ 997.889069] __alloc_pages_slowpath+0x220e/0x2870 [ 997.901853] ? warn_alloc+0x110/0x110 [ 997.905664] ? __lock_is_held+0xb6/0x140 [ 997.909741] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 997.915282] ? should_fail+0x14d/0x85c [ 997.919187] ? __might_sleep+0x95/0x190 [ 997.923198] __alloc_pages_nodemask+0x617/0x750 [ 997.927880] ? __alloc_pages_slowpath+0x2870/0x2870 [ 997.932923] ? wait_for_completion+0x440/0x440 [ 997.937508] ? retint_kernel+0x2d/0x2d [ 997.941400] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 997.946966] alloc_pages_current+0x107/0x210 [ 997.951389] ion_page_pool_alloc+0x137/0x1d0 [ 997.955808] ion_system_heap_allocate+0x154/0xa90 [ 997.960680] ? ion_system_heap_free+0x250/0x250 [ 997.965374] ion_alloc+0x475/0x900 [ 997.968938] ? ion_dma_buf_release+0x50/0x50 [ 997.973374] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 997.978945] ? _copy_from_user+0xdd/0x150 [ 997.983113] ion_ioctl+0x17b/0x329 [ 997.986671] ? ion_alloc.cold+0x28/0x28 [ 997.990662] ? __might_sleep+0x95/0x190 [ 997.994651] ? ion_alloc.cold+0x28/0x28 [ 997.998640] do_vfs_ioctl+0xd5f/0x1380 [ 998.002546] ? selinux_file_ioctl+0x46f/0x5e0 [ 998.007059] ? selinux_file_ioctl+0x125/0x5e0 [ 998.011568] ? ioctl_preallocate+0x210/0x210 [ 998.015989] ? selinux_file_mprotect+0x620/0x620 [ 998.020771] ? iterate_fd+0x360/0x360 [ 998.024589] ? nsecs_to_jiffies+0x30/0x30 [ 998.028768] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 998.034322] ? security_file_ioctl+0x8d/0xc0 [ 998.038753] ksys_ioctl+0xab/0xd0 [ 998.042223] __x64_sys_ioctl+0x73/0xb0 [ 998.046126] do_syscall_64+0xfd/0x620 [ 998.049963] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 998.055168] RIP: 0033:0x459829 [ 998.058398] Code: Bad RIP value. [ 998.061786] RSP: 002b:00007f71a5b57c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 998.069511] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 998.076796] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 998.084079] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 998.091376] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f71a5b586d4 [ 998.098666] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 998.110620] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 998.115220] Mem-Info: [ 998.135246] active_anon:71247 inactive_anon:202 isolated_anon:0 [ 998.135246] active_file:9 inactive_file:9 isolated_file:0 [ 998.135246] unevictable:0 dirty:0 writeback:0 unstable:0 [ 998.135246] slab_reclaimable:12403 slab_unreclaimable:108390 [ 998.135246] mapped:52226 shmem:245 pagetables:863 bounce:0 [ 998.135246] free:13747 free_pcp:80 free_cma:0 [ 998.159544] syz-executor.4: page allocation failure: order:0, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 998.180661] Node 0 active_anon:283804kB inactive_anon:804kB active_file:28kB inactive_file:28kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:104456kB dirty:0kB writeback:0kB shmem:976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 998.201533] CPU: 1 PID: 14486 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 998.214631] Node 1 active_anon:1184kB inactive_anon:4kB active_file:8kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:104448kB dirty:0kB writeback:0kB shmem:4kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 998.215162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 998.215174] Call Trace: [ 998.249648] Node 0 [ 998.251151] dump_stack+0x172/0x1f0 [ 998.253758] DMA free:10312kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 998.255986] warn_alloc.cold+0x7b/0x173 [ 998.269753] lowmem_reserve[]: [ 998.285437] ? zone_watermark_ok_safe+0x260/0x260 [ 998.285481] __alloc_pages_slowpath+0x220e/0x2870 [ 998.285517] ? warn_alloc+0x110/0x110 [ 998.285533] ? __lock_is_held+0xb6/0x140 [ 998.285554] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 998.285573] ? should_fail+0x14d/0x85c [ 998.299590] syz-executor.4 cpuset= [ 998.302569] ? __might_sleep+0x95/0x190 [ 998.306450] syz4 [ 998.310540] __alloc_pages_nodemask+0x617/0x750 [ 998.321581] 0 [ 998.323633] ? __alloc_pages_slowpath+0x2870/0x2870 [ 998.327603] 2555 [ 998.329606] ? wait_for_completion+0x440/0x440 [ 998.329623] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 998.329644] alloc_pages_current+0x107/0x210 [ 998.329664] ion_page_pool_alloc+0x137/0x1d0 [ 998.329682] ion_system_heap_allocate+0x154/0xa90 [ 998.329702] ? ion_system_heap_free+0x250/0x250 [ 998.343328] 2557 [ 998.343416] ion_alloc+0x29b/0x900 [ 998.347996] 2557 [ 998.353708] ? ion_dma_buf_release+0x50/0x50 [ 998.353734] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 998.353750] ? _copy_from_user+0xdd/0x150 [ 998.353769] ion_ioctl+0x17b/0x329 [ 998.353788] ? ion_alloc.cold+0x28/0x28 [ 998.353811] ? __might_sleep+0x95/0x190 [ 998.362080] syz-executor.4 cpuset= [ 998.362659] ? ion_alloc.cold+0x28/0x28 [ 998.367503] syz4 [ 998.372197] do_vfs_ioctl+0xd5f/0x1380 [ 998.384433] ? selinux_file_ioctl+0x46f/0x5e0 [ 998.395002] mems_allowed=0-1 [ 998.397694] ? selinux_file_ioctl+0x125/0x5e0 [ 998.403558] Node 0 [ 998.405748] ? ioctl_preallocate+0x210/0x210 [ 998.409381] DMA32 free:17892kB min:36248kB low:45308kB high:54368kB active_anon:281756kB inactive_anon:804kB active_file:28kB inactive_file:28kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6688kB pagetables:2768kB bounce:0kB free_pcp:320kB local_pcp:72kB free_cma:0kB [ 998.413344] ? selinux_file_mprotect+0x620/0x620 [ 998.413366] ? iterate_fd+0x360/0x360 [ 998.413382] ? nsecs_to_jiffies+0x30/0x30 [ 998.413414] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 998.413432] ? security_file_ioctl+0x8d/0xc0 [ 998.413450] ksys_ioctl+0xab/0xd0 [ 998.419164] mems_allowed=0-1 [ 998.419362] __x64_sys_ioctl+0x73/0xb0 [ 998.433705] lowmem_reserve[]: [ 998.434011] do_syscall_64+0xfd/0x620 [ 998.438419] 0 [ 998.467908] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 998.467920] RIP: 0033:0x459829 [ 998.467945] Code: Bad RIP value. [ 998.467953] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 998.467968] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 998.467976] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 998.467984] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 998.467991] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 998.468000] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 998.569540] CPU: 0 PID: 14422 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 998.576842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 998.586234] Call Trace: [ 998.589014] dump_stack+0x172/0x1f0 [ 998.592679] warn_alloc.cold+0x7b/0x173 [ 998.596779] ? zone_watermark_ok_safe+0x260/0x260 [ 998.601681] __alloc_pages_slowpath+0x220e/0x2870 [ 998.606580] ? warn_alloc+0x110/0x110 [ 998.610411] ? __lock_is_held+0xb6/0x140 [ 998.614506] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 998.620403] ? should_fail+0x14d/0x85c [ 998.624327] ? __might_sleep+0x95/0x190 [ 998.628337] __alloc_pages_nodemask+0x617/0x750 [ 998.633049] ? __alloc_pages_slowpath+0x2870/0x2870 [ 998.638108] ? wait_for_completion+0x440/0x440 [ 998.642964] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 998.648560] alloc_pages_current+0x107/0x210 [ 998.653026] ion_page_pool_alloc+0x137/0x1d0 [ 998.657637] ion_system_heap_allocate+0x154/0xa90 [ 998.662614] ? ion_system_heap_free+0x250/0x250 [ 998.667358] ion_alloc+0x475/0x900 [ 998.670946] ? ion_dma_buf_release+0x50/0x50 [ 998.675579] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 998.681279] ? _copy_from_user+0xdd/0x150 [ 998.685469] ion_ioctl+0x17b/0x329 [ 998.689042] ? ion_alloc.cold+0x28/0x28 [ 998.693057] ? __might_sleep+0x95/0x190 [ 998.697251] ? ion_alloc.cold+0x28/0x28 [ 998.701677] do_vfs_ioctl+0xd5f/0x1380 [ 998.705601] ? selinux_file_ioctl+0x46f/0x5e0 [ 998.710132] ? selinux_file_ioctl+0x125/0x5e0 [ 998.714836] ? ioctl_preallocate+0x210/0x210 [ 998.719308] ? selinux_file_mprotect+0x620/0x620 [ 998.724266] ? iterate_fd+0x360/0x360 [ 998.728486] ? nsecs_to_jiffies+0x30/0x30 [ 998.732841] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 998.738673] ? security_file_ioctl+0x8d/0xc0 [ 998.743142] ksys_ioctl+0xab/0xd0 [ 998.746778] __x64_sys_ioctl+0x73/0xb0 [ 998.750721] do_syscall_64+0xfd/0x620 [ 998.754591] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 998.759908] RIP: 0033:0x459829 [ 998.763146] Code: Bad RIP value. [ 998.766536] RSP: 002b:00007fa015674c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 998.774286] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 998.784561] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 998.792053] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 998.799537] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156756d4 [ 998.806985] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 998.827628] 0 2 2 [ 998.833281] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 998.840457] CPU: 1 PID: 14441 Comm: syz-executor.4 Not tainted 4.19.63 #37 [ 998.866353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 998.874609] lowmem_reserve[]: [ 998.875873] Call Trace: [ 998.875893] 0 [ 998.879025] dump_stack+0x172/0x1f0 [ 998.887678] warn_alloc.cold+0x7b/0x173 [ 998.891705] ? zone_watermark_ok_safe+0x260/0x260 [ 998.896626] __alloc_pages_slowpath+0x220e/0x2870 [ 998.901551] ? warn_alloc+0x110/0x110 [ 998.902408] 0 [ 998.905401] ? __lock_is_held+0xb6/0x140 [ 998.905413] 0 [ 998.907238] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 998.916551] 0 [ 998.918693] ? should_fail+0x14d/0x85c [ 998.918717] ? __might_sleep+0x95/0x190 [ 998.923648] Node 1 [ 998.924893] __alloc_pages_nodemask+0x617/0x750 [ 998.928915] Normal free:26784kB min:53608kB low:67008kB high:80408kB active_anon:1184kB inactive_anon:4kB active_file:8kB inactive_file:8kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:448kB pagetables:684kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 998.931156] ? __alloc_pages_slowpath+0x2870/0x2870 [ 998.931179] ? wait_for_completion+0x440/0x440 [ 998.931190] ? retint_kernel+0x2d/0x2d [ 998.931205] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 998.931224] alloc_pages_current+0x107/0x210 [ 998.931243] ion_page_pool_alloc+0x137/0x1d0 [ 998.931257] ion_system_heap_allocate+0x154/0xa90 [ 998.931278] ? ion_system_heap_free+0x250/0x250 [ 998.931303] ion_alloc+0x475/0x900 [ 998.949550] lowmem_reserve[]: [ 998.964002] ? ion_dma_buf_release+0x50/0x50 [ 998.964026] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 998.964041] ? _copy_from_user+0xdd/0x150 [ 998.964058] ion_ioctl+0x17b/0x329 [ 998.964074] ? ion_alloc.cold+0x28/0x28 [ 998.964092] ? __might_sleep+0x95/0x190 [ 998.964109] ? ion_alloc.cold+0x28/0x28 [ 998.964127] do_vfs_ioctl+0xd5f/0x1380 [ 998.964147] ? selinux_file_ioctl+0x46f/0x5e0 [ 999.009592] 0 [ 999.013692] ? selinux_file_ioctl+0x125/0x5e0 [ 999.019246] 0 [ 999.023515] ? ioctl_preallocate+0x210/0x210 [ 999.023529] ? selinux_file_mprotect+0x620/0x620 [ 999.023547] ? iterate_fd+0x360/0x360 [ 999.023561] ? nsecs_to_jiffies+0x30/0x30 [ 999.023583] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 999.023597] ? security_file_ioctl+0x8d/0xc0 [ 999.023613] ksys_ioctl+0xab/0xd0 [ 999.023632] __x64_sys_ioctl+0x73/0xb0 [ 999.023651] do_syscall_64+0xfd/0x620 [ 999.023671] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 999.078234] 0 [ 999.079316] RIP: 0033:0x459829 [ 999.099534] Mem-Info: [ 999.100133] Code: Bad RIP value. [ 999.101978] active_anon:71247 inactive_anon:202 isolated_anon:0 [ 999.101978] active_file:19 inactive_file:0 isolated_file:0 [ 999.101978] unevictable:0 dirty:0 writeback:0 unstable:0 [ 999.101978] slab_reclaimable:12394 slab_unreclaimable:108374 [ 999.101978] mapped:52226 shmem:245 pagetables:863 bounce:0 [ 999.101978] free:24782 free_pcp:434 free_cma:0 [ 999.105152] RSP: 002b:00007fa015632c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 999.107607] Node 0 active_anon:283804kB inactive_anon:804kB active_file:68kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:104456kB dirty:0kB writeback:0kB shmem:976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 999.111145] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 999.111154] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 999.111161] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 999.111169] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa0156336d4 [ 999.111176] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 999.149346] 0 [ 999.154056] warn_alloc_show_mem: 1 callbacks suppressed [ 999.154061] Mem-Info: [ 999.229525] Node 0 DMA: 78*4kB (UE) 34*8kB (UE) 24*16kB (UE) 6*32kB (UE) 1*64kB (E) 5*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10312kB [ 999.253138] Node 1 active_anon:1184kB inactive_anon:4kB active_file:8kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:104448kB dirty:0kB writeback:0kB shmem:4kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 999.289601] Node 0 DMA32: 9529*4kB (UMEH) 2213*8kB (UMEH) 126*16kB (UMEH) 228*32kB (UME) 4*64kB (U) 1*128kB (H) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 65516kB [ 999.359529] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 999.379304] Node 0 DMA free:10312kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 999.406976] active_anon:71247 inactive_anon:202 isolated_anon:0 [ 999.406976] active_file:244 inactive_file:746 isolated_file:0 [ 999.406976] unevictable:0 dirty:0 writeback:0 unstable:0 [ 999.406976] slab_reclaimable:12394 slab_unreclaimable:108347 [ 999.406976] mapped:52851 shmem:245 pagetables:863 bounce:0 [ 999.406976] free:37911 free_pcp:1186 free_cma:0 [ 999.445828] Node 1 Normal: 4329*4kB (UME) 23*8kB (UM) 147*16kB (UME) 817*32kB (UME) 172*64kB (UM) 29*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 60716kB [ 999.468290] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 999.477396] lowmem_reserve[]: 0 2555 2557 2557 [ 999.487491] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 999.496472] Node 0 DMA32 free:79300kB min:36248kB low:45308kB high:54368kB active_anon:281764kB inactive_anon:804kB active_file:1036kB inactive_file:4304kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6720kB pagetables:2768kB bounce:0kB free_pcp:2752kB local_pcp:1420kB free_cma:0kB [ 999.530316] syz-executor.3: page allocation failure: order:4, mode:0x62c0c2(GFP_HIGHUSER|__GFP_COMP|__GFP_ZERO), nodemask=(null) [ 999.536402] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 999.558581] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 999.576009] lowmem_reserve[]: 0 0 2 2 [ 999.579551] Node 0 active_anon:283812kB inactive_anon:804kB active_file:1136kB inactive_file:5088kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:109464kB dirty:0kB writeback:0kB shmem:976kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 47104kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 999.580775] Node 0 [ 999.615533] syz-executor.3 cpuset=syz3 mems_allowed=0-1 [ 999.628875] chnl_net:caif_netlink_parms(): no params data found [ 999.635760] 1886 total pagecache pages [ 999.639936] 0 pages in swap cache [ 999.643740] Swap cache stats: add 0, delete 0, find 0/0 [ 999.649223] Free swap = 0kB [ 999.669555] CPU: 0 PID: 14486 Comm: syz-executor.3 Not tainted 4.19.63 #37 [ 999.676635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 999.676642] Call Trace: [ 999.676667] dump_stack+0x172/0x1f0 [ 999.676687] warn_alloc.cold+0x7b/0x173 [ 999.696414] ? zone_watermark_ok_safe+0x260/0x260 [ 999.701296] ? try_to_compact_pages+0x44/0xae0 [ 999.701331] __alloc_pages_slowpath+0x220e/0x2870 [ 999.701366] ? warn_alloc+0x110/0x110 [ 999.706202] Node 1 active_anon:1184kB inactive_anon:4kB active_file:8kB inactive_file:8kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:104448kB dirty:0kB writeback:0kB shmem:4kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 999.710853] ? __lock_is_held+0xb6/0x140 [ 999.710874] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 999.710894] ? should_fail+0x14d/0x85c [ 999.710915] ? __isolate_free_page+0x4c0/0x4c0 [ 999.710933] ? __might_sleep+0x95/0x190 [ 999.710954] __alloc_pages_nodemask+0x617/0x750 [ 999.742179] ? __alloc_pages_slowpath+0x2870/0x2870 [ 999.742204] ? wait_for_completion+0x440/0x440 [ 999.742219] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 999.742239] alloc_pages_current+0x107/0x210 [ 999.742257] ion_page_pool_alloc+0x137/0x1d0 [ 999.742276] ion_system_heap_allocate+0x154/0xa90 [ 999.746755] Node 0 [ 999.752162] ? ion_system_heap_free+0x250/0x250 [ 999.752187] ion_alloc+0x475/0x900 [ 999.752210] ? ion_dma_buf_release+0x50/0x50 [ 999.752235] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 999.752256] ? _copy_from_user+0xdd/0x150 [ 999.756377] DMA free:10312kB min:220kB low:272kB high:324kB active_anon:2048kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 999.760757] ion_ioctl+0x17b/0x329 [ 999.760777] ? ion_alloc.cold+0x28/0x28 [ 999.760795] ? __might_sleep+0x95/0x190 [ 999.760812] ? ion_alloc.cold+0x28/0x28 [ 999.760829] do_vfs_ioctl+0xd5f/0x1380 [ 999.760848] ? selinux_file_ioctl+0x46f/0x5e0 [ 999.765205] lowmem_reserve[]: [ 999.769650] ? selinux_file_ioctl+0x125/0x5e0 [ 999.769667] ? ioctl_preallocate+0x210/0x210 [ 999.769681] ? selinux_file_mprotect+0x620/0x620 [ 999.769702] ? iterate_fd+0x360/0x360 [ 999.769724] ? nsecs_to_jiffies+0x30/0x30 [ 999.779363] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 999.779383] ? security_file_ioctl+0x8d/0xc0 [ 999.779407] ksys_ioctl+0xab/0xd0 [ 999.785262] 0 [ 999.789402] __x64_sys_ioctl+0x73/0xb0 [ 999.789422] do_syscall_64+0xfd/0x620 [ 999.789442] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 999.798937] RIP: 0033:0x459829 [ 999.798963] Code: Bad RIP value. [ 999.798971] RSP: 002b:00007f8d57f8ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 999.805912] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459829 [ 999.805921] RDX: 0000000020000000 RSI: 00000000c0184900 RDI: 0000000000000003 [ 999.805930] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 999.805939] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8d57f8f6d4 [ 999.805954] R13: 00000000004c24f9 R14: 00000000004d5958 R15: 00000000ffffffff [ 999.809913] 2555 [ 999.819527] Total swap = 0kB [ 999.899543] 1965979 pages RAM [ 999.912752] 2557 [ 999.914103] 0 pages HighMem/MovableOnly [ 999.916427] Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 999.919752] 338856 pages reserved [ 999.929160] 2557 [ 999.932109] 0 pages cma reserved [ 999.936228] lowmem_reserve[]: [ 999.957425] 0 [ 999.969572] Node 0 [ 999.978845] 0 [ 999.989575] DMA32 free:78452kB min:36248kB low:45308kB high:54368kB active_anon:281764kB inactive_anon:804kB active_file:1036kB inactive_file:7040kB unevictable:0kB writepending:0kB present:3129332kB managed:2619972kB mlocked:0kB kernel_stack:6688kB pagetables:2768kB bounce:0kB free_pcp:2084kB local_pcp:500kB free_cma:0kB [ 999.998332] 0 [ 1000.079527] lowmem_reserve[]: 0 0 2 2 [ 1000.083418] Node 0 Normal free:0kB min:32kB low:40kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:2428kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1000.123447] syz-executor.2: page allocation failure: order:5, mode:0x484020(GFP_ATOMIC|__GFP_COMP), nodemask=(null) [ 1000.123463] lowmem_reserve[]: [ 1000.134765] syz-executor.2 cpuset=/ mems_allowed=0-1 [ 1000.139137] 0 [ 1000.143312] CPU: 0 PID: 14492 Comm: syz-executor.2 Not tainted 4.19.63 #37 [ 1000.143320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1000.143326] Call Trace: [ 1000.143347] dump_stack+0x172/0x1f0 [ 1000.143374] warn_alloc.cold+0x7b/0x173 [ 1000.145321] 0 [ 1000.152387] ? zone_watermark_ok_safe+0x260/0x260 [ 1000.152403] ? wakeup_kcompactd+0x21f/0x550 [ 1000.152419] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1000.152433] ? __cpuset_node_allowed+0x136/0x540 [ 1000.152457] ? __isolate_free_page+0x4c0/0x4c0 [ 1000.162027] 0 [ 1000.164643] ? wake_all_kswapds+0x14d/0x300 [ 1000.168267] 0 [ 1000.172357] __alloc_pages_slowpath+0x220e/0x2870 [ 1000.172393] ? warn_alloc+0x110/0x110 [ 1000.172414] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1000.172431] ? should_fail+0x14d/0x85c [ 1000.174423] 0 [ 1000.179121] ? __isolate_free_page+0x4c0/0x4c0 [ 1000.189092] __alloc_pages_nodemask+0x617/0x750 [ 1000.189118] ? __alloc_pages_slowpath+0x2870/0x2870 [ 1000.198520] cache_grow_begin+0x91/0x8c0 [ 1000.198541] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1000.200606] Node 1 [ 1000.204683] ? __cpuset_node_allowed+0x136/0x540 [ 1000.204707] fallback_alloc+0x1fd/0x2d0 [ 1000.206564] Node 1 [ 1000.211560] ____cache_alloc_node+0x1be/0x1e0 [ 1000.211579] __kmalloc+0x21a/0x750 [ 1000.211593] ? kmem_cache_alloc_trace+0x348/0x760 [ 1000.211606] ? queue_delayed_work_on+0x127/0x200 [ 1000.211631] ? batadv_hash_new+0xae/0x2a0 [ 1000.215776] Normal free:85064kB min:53608kB low:67008kB high:80408kB active_anon:1184kB inactive_anon:4kB active_file:8kB inactive_file:8kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:448kB pagetables:684kB bounce:0kB free_pcp:1376kB local_pcp:1376kB free_cma:0kB [ 1000.221005] batadv_hash_new+0xae/0x2a0 [ 1000.221027] batadv_dat_init+0x6a/0x100 [ 1000.221043] batadv_mesh_init+0x504/0x6c0 [ 1000.221060] batadv_softif_init_late+0xc0f/0xe90 [ 1000.221078] ? batadv_softif_destroy_vlan+0xf0/0xf0 [ 1000.225194] Normal free:85064kB min:53608kB low:67008kB high:80408kB active_anon:1184kB inactive_anon:4kB active_file:8kB inactive_file:8kB unevictable:0kB writepending:0kB present:3932160kB managed:3870184kB mlocked:0kB kernel_stack:448kB pagetables:684kB bounce:0kB free_pcp:1376kB local_pcp:1376kB free_cma:0kB [ 1000.226795] ? __dev_get_by_name+0x11c/0x160 [ 1000.226814] ? batadv_softif_destroy_vlan+0xf0/0xf0 [ 1000.226834] register_netdevice+0x2fd/0xff0 [ 1000.231707] lowmem_reserve[]: [ 1000.236118] ? alloc_netdev_mqs+0x994/0xd40 [ 1000.236143] ? netdev_change_features+0xb0/0xb0 [ 1000.241476] lowmem_reserve[]: [ 1000.245438] ? rtnl_create_link+0x148/0xa00 [ 1000.245454] ? netlink_ns_capable+0x26/0x30 [ 1000.245475] rtnl_newlink+0x140c/0x1610 [ 1000.251327] 0 [ 1000.253303] ? rtnl_link_unregister+0x250/0x250 [ 1000.253332] ? find_held_lock+0x35/0x130 [ 1000.258143] 0 [ 1000.262086] ? is_bpf_text_address+0xac/0x170 [ 1000.262109] ? __lock_acquire+0x6ee/0x49c0 [ 1000.262123] ? is_bpf_text_address+0xac/0x170 [ 1000.262151] ? mark_held_locks+0x100/0x100 [ 1000.264623] 0 [ 1000.268915] ? __lock_acquire+0x6ee/0x49c0 [ 1000.268928] ? __lock_acquire+0x6ee/0x49c0 [ 1000.268948] ? avc_has_perm_noaudit+0x38f/0x570 [ 1000.272786] 0 [ 1000.277365] ? __lock_acquire+0x6ee/0x49c0 [ 1000.277386] ? mark_held_locks+0x100/0x100 [ 1000.282659] 0 [ 1000.286578] ? mark_held_locks+0x100/0x100 [ 1000.286598] ? avc_has_perm_noaudit+0x3b6/0x570 [ 1000.314819] 0 [ 1000.318642] ? avc_has_extended_perms+0x10f0/0x10f0 [ 1000.318706] ? find_held_lock+0x35/0x130 [ 1000.327053] ? rtnetlink_rcv_msg+0x3d0/0xb00 [ 1000.327086] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1000.332140] Node 0 [ 1000.336910] ? rtnl_link_unregister+0x250/0x250 [ 1000.336930] rtnetlink_rcv_msg+0x463/0xb00 [ 1000.365557] 0 [ 1000.369664] ? rtnetlink_put_metrics+0x560/0x560 [ 1000.369689] ? netlink_deliver_tap+0x22d/0xc20 [ 1000.369707] ? find_held_lock+0x35/0x130 [ 1000.369728] netlink_rcv_skb+0x17d/0x460 [ 1000.375023] 0 [ 1000.379117] ? rtnetlink_put_metrics+0x560/0x560 [ 1000.379139] ? netlink_ack+0xb30/0xb30 [ 1000.386589] ? kasan_check_read+0x11/0x20 [ 1000.386617] ? netlink_deliver_tap+0x254/0xc20 [ 1000.391666] Node 0 [ 1000.394531] rtnetlink_rcv+0x1d/0x30 [ 1000.394550] netlink_unicast+0x537/0x720 [ 1000.399226] DMA: [ 1000.403513] ? netlink_attachskb+0x770/0x770 [ 1000.403535] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1000.403554] netlink_sendmsg+0x8ae/0xd70 [ 1000.403578] ? netlink_unicast+0x720/0x720 [ 1000.407817] DMA: [ 1000.409402] ? selinux_socket_sendmsg+0x36/0x40 [ 1000.409418] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1000.409437] ? security_socket_sendmsg+0x8d/0xc0 [ 1000.414431] 78*4kB [ 1000.418206] ? netlink_unicast+0x720/0x720 [ 1000.418225] sock_sendmsg+0xd7/0x130 [ 1000.418241] __sys_sendto+0x262/0x380 [ 1000.420596] 78*4kB [ 1000.424843] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1000.424860] ? __do_page_fault+0x676/0xe90 [ 1000.424898] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1000.429310] (UE) [ 1000.433778] ? up_read+0x1a/0x110 [ 1000.433793] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1000.433808] ? __do_page_fault+0x484/0xe90 [ 1000.433829] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1000.433847] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1000.438442] (UE) [ 1000.439925] ? do_syscall_64+0x26/0x620 [ 1000.439940] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1000.439958] __x64_sys_sendto+0xe1/0x1a0 [ 1000.439978] do_syscall_64+0xfd/0x620 [ 1000.439996] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1000.444462] 34*8kB [ 1000.448496] RIP: 0033:0x413673 [ 1000.453617] 34*8kB [ 1000.455188] Code: ff 0f 83 b0 19 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d 1d 2c 66 00 00 75 17 49 89 ca b8 2c 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 81 19 00 00 c3 48 83 ec 08 e8 87 fa ff ff [ 1000.455197] RSP: 002b:00007ffe27fc5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 1000.455218] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000413673 [ 1000.459675] (UE) [ 1000.463712] RDX: 000000000000003c RSI: 0000000000a70070 RDI: 0000000000000003 [ 1000.463722] RBP: 00007ffe27fc5178 R08: 00007ffe27fc5040 R09: 000000000000000c [ 1000.463729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 1000.463738] R13: 00000000004bea8a R14: 00007ffe27fc5170 R15: 00000000004bea83 [ 1000.596242] (UE) [ 1000.598503] 24*16kB [ 1000.600950] 24*16kB [ 1000.609538] (UE) [ 1000.649627] (UE) [ 1000.651129] 6*32kB [ 1000.655000] 6*32kB [ 1000.657097] (UE) [ 1000.671481] (UE) [ 1000.689554] 1*64kB [ 1000.764119] 1*64kB (E) 5*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10312kB [ 1000.804784] Node 0 DMA32: 9482*4kB (UMEH) 3121*8kB (UEH) 479*16kB (UEH) 234*32kB (UE) 6*64kB (U) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 78560kB [ 1000.837785] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1000.854005] Node 1 Normal: 13195*4kB (UME) 444*8kB (UM) 155*16kB (UE) 822*32kB (UME) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 85116kB [ 1000.868802] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1000.883144] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1000.893100] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1000.906326] (E) 5*128kB (UE) 3*256kB (UE) 1*512kB (E) 3*1024kB (UE) 2*2048kB (UM) 0*4096kB = 10312kB [ 1000.916932] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1000.931042] Node 0 DMA32: 9482*4kB (UMEH) 3121*8kB (UEH) 479*16kB (UEH) 234*32kB (UE) 6*64kB (U) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 78560kB [ 1000.949368] 2595 total pagecache pages [ 1000.955616] 0 pages in swap cache [ 1000.959103] Swap cache stats: add 0, delete 0, find 0/0 [ 1000.967705] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1000.987859] Free swap = 0kB [ 1000.991107] Total swap = 0kB [ 1000.994151] 1965979 pages RAM [ 1000.997268] 0 pages HighMem/MovableOnly [ 1001.006592] Node 1 Normal: 13195*4kB (UME) 444*8kB (UM) 155*16kB (UE) 822*32kB (UME) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 85116kB [ 1001.026141] 338856 pages reserved [ 1001.030031] 0 pages cma reserved [ 1001.044535] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1001.060798] ------------[ cut here ]------------ [ 1001.064681] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1001.065683] ODEBUG: assert_init not available (active state 0) object type: timer_list hint: (null) [ 1001.066019] WARNING: CPU: 1 PID: 14492 at lib/debugobjects.c:325 debug_print_object+0x168/0x250 [ 1001.089558] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1001.093442] Kernel panic - not syncing: panic_on_warn set ... [ 1001.093442] [ 1001.093459] CPU: 1 PID: 14492 Comm: syz-executor.2 Not tainted 4.19.63 #37 [ 1001.093466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1001.093472] Call Trace: [ 1001.093495] dump_stack+0x172/0x1f0 [ 1001.093515] panic+0x263/0x507 [ 1001.093529] ? __warn_printk+0xf3/0xf3 [ 1001.093550] ? debug_print_object+0x168/0x250 [ 1001.093571] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1001.125932] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 04:55:12 executing program 5: openat$ion(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ion\x00', 0x0, 0x0) [ 1001.126422] ? __warn.cold+0x5/0x4a [ 1001.130042] 3002 total pagecache pages [ 1001.132657] ? __warn+0xe8/0x1d0 [ 1001.132677] ? debug_print_object+0x168/0x250 [ 1001.132691] __warn.cold+0x20/0x4a [ 1001.132707] ? kasan_check_read+0x11/0x20 [ 1001.132721] ? debug_print_object+0x168/0x250 [ 1001.132740] report_bug+0x263/0x2b0 [ 1001.132760] do_error_trap+0x204/0x360 [ 1001.136997] 0 pages in swap cache [ 1001.139875] ? math_error+0x340/0x340 [ 1001.139891] ? vprintk_emit+0x1ab/0x690 [ 1001.139909] ? error_entry+0x76/0xd0 [ 1001.139926] ? trace_hardirqs_off_caller+0x65/0x220 [ 1001.139939] ? vprintk_default+0x28/0x30 [ 1001.139959] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1001.139979] do_invalid_op+0x1b/0x20 [ 1001.139991] invalid_op+0x14/0x20 [ 1001.140006] RIP: 0010:debug_print_object+0x168/0x250 [ 1001.140020] Code: dd 80 4e 82 87 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 b5 00 00 00 48 8b 14 dd 80 4e 82 87 48 c7 c7 c0 43 82 87 e8 16 22 19 fe <0f> 0b 83 05 6b b5 17 06 01 48 83 c4 20 5b 41 5c 41 5d 41 5e 5d c3 [ 1001.140028] RSP: 0018:ffff8881b1446c70 EFLAGS: 00010086 [ 1001.140041] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000000000 [ 1001.140050] RDX: 0000000000000000 RSI: ffffffff8155d556 RDI: ffffed1036288d80 [ 1001.140059] RBP: ffff8881b1446cb0 R08: ffff88803defa680 R09: ffffed1015d23ee3 [ 1001.140068] R10: ffffed1015d23ee2 R11: ffff8880ae91f717 R12: 0000000000000001 [ 1001.140077] R13: ffffffff887ac380 R14: ffffffff815b4ab0 R15: ffff8880484c6500 [ 1001.140091] ? __internal_add_timer+0x1f0/0x1f0 [ 1001.140109] ? vprintk_func+0x86/0x189 [ 1001.140132] debug_object_assert_init+0x23a/0x2f0 [ 1001.140150] ? depot_save_stack+0x1de/0x44f [ 1001.164833] Swap cache stats: add 0, delete 0, find 0/0 [ 1001.166343] ? debug_object_destroy+0x250/0x250 [ 1001.166357] ? __lock_acquire+0x6ee/0x49c0 [ 1001.166376] ? kasan_slab_free+0xe/0x10 [ 1001.166395] ? kfree+0xcf/0x220 [ 1001.166409] ? batadv_v_ogm_free+0x45/0xc0 [ 1001.166421] ? batadv_v_mesh_free+0x16/0x1a [ 1001.166442] del_timer+0x7c/0x120 [ 1001.166458] ? trigger_dyntick_cpu.isra.0+0x180/0x180 [ 1001.166474] ? __cancel_work_timer+0xc4/0x520 [ 1001.166488] ? trace_hardirqs_off+0x62/0x220 [ 1001.166504] try_to_grab_pending+0x2d7/0x710 [ 1001.166528] __cancel_work_timer+0xc4/0x520 [ 1001.189583] Free swap = 0kB [ 1001.190305] ? try_to_grab_pending+0x710/0x710 [ 1001.194196] Total swap = 0kB [ 1001.197668] ? lock_downgrade+0x810/0x810 [ 1001.224057] 1965979 pages RAM [ 1001.226998] ? kasan_check_read+0x11/0x20 [ 1001.264066] 0 pages HighMem/MovableOnly [ 1001.267536] ? batadv_tvlv_handler_get+0x1e3/0x2b0 [ 1001.289606] 338856 pages reserved [ 1001.289961] cancel_delayed_work_sync+0x1b/0x20 [ 1001.297241] 0 pages cma reserved [ 1001.302189] batadv_nc_mesh_free+0x46/0x11e [ 1001.302204] batadv_mesh_free+0x82/0x170 [ 1001.302218] batadv_mesh_init+0x5f0/0x6c0 [ 1001.302233] batadv_softif_init_late+0xc0f/0xe90 [ 1001.302249] ? batadv_softif_destroy_vlan+0xf0/0xf0 [ 1001.302263] ? __dev_get_by_name+0x11c/0x160 [ 1001.302279] ? batadv_softif_destroy_vlan+0xf0/0xf0 [ 1001.302297] register_netdevice+0x2fd/0xff0 [ 1001.302310] ? alloc_netdev_mqs+0x994/0xd40 [ 1001.302328] ? netdev_change_features+0xb0/0xb0 [ 1001.302346] ? rtnl_create_link+0x148/0xa00 [ 1001.353263] Unreclaimable slab info: [ 1001.354560] ? netlink_ns_capable+0x26/0x30 [ 1001.380723] Name Used Total [ 1001.381072] rtnl_newlink+0x140c/0x1610 [ 1001.384131] pid_2 40KB 160KB [ 1001.388268] ? rtnl_link_unregister+0x250/0x250 [ 1001.420505] batadv_tt_change_cache 7KB 15KB [ 1001.424347] ? find_held_lock+0x35/0x130 [ 1001.428499] batadv_tl_cache 9KB 20KB [ 1001.433370] ? is_bpf_text_address+0xac/0x170 [ 1001.433398] ? __lock_acquire+0x6ee/0x49c0 [ 1001.433410] ? is_bpf_text_address+0xac/0x170 [ 1001.433432] ? mark_held_locks+0x100/0x100 [ 1001.433446] ? __lock_acquire+0x6ee/0x49c0 [ 1001.433456] ? __lock_acquire+0x6ee/0x49c0 [ 1001.433474] ? avc_has_perm_noaudit+0x38f/0x570 [ 1001.433491] ? __lock_acquire+0x6ee/0x49c0 [ 1001.433505] ? mark_held_locks+0x100/0x100 [ 1001.433532] ? mark_held_locks+0x100/0x100 [ 1001.484035] TIPC 31KB 43KB [ 1001.484513] ? avc_has_perm_noaudit+0x3b6/0x570 [ 1001.504132] SCTPv6 30KB 55KB [ 1001.504484] ? avc_has_extended_perms+0x10f0/0x10f0 [ 1001.524060] DCCPv6 17KB 43KB [ 1001.528031] ? find_held_lock+0x35/0x130 [ 1001.559065] DCCP 23KB 41KB [ 1001.559761] ? rtnetlink_rcv_msg+0x3d0/0xb00 [ 1001.559791] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1001.559807] ? rtnl_link_unregister+0x250/0x250 [ 1001.559821] rtnetlink_rcv_msg+0x463/0xb00 [ 1001.559842] ? rtnetlink_put_metrics+0x560/0x560 [ 1001.559863] ? netlink_deliver_tap+0x22d/0xc20 [ 1001.559881] ? find_held_lock+0x35/0x130 [ 1001.559906] netlink_rcv_skb+0x17d/0x460 [ 1001.569618] bridge_fdb_cache 19KB 35KB [ 1001.570128] ? rtnetlink_put_metrics+0x560/0x560 [ 1001.575334] fib6_nodes 200KB 256KB [ 1001.580717] ? netlink_ack+0xb30/0xb30 [ 1001.580733] ? kasan_check_read+0x11/0x20 [ 1001.580752] ? netlink_deliver_tap+0x254/0xc20 [ 1001.580773] rtnetlink_rcv+0x1d/0x30 [ 1001.580788] netlink_unicast+0x537/0x720 [ 1001.580807] ? netlink_attachskb+0x770/0x770 [ 1001.580827] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1001.580847] netlink_sendmsg+0x8ae/0xd70 [ 1001.580868] ? netlink_unicast+0x720/0x720 [ 1001.609955] ip6_dst_cache 837KB 941KB [ 1001.611537] ? selinux_socket_sendmsg+0x36/0x40 [ 1001.615943] RAWv6 144KB 156KB [ 1001.620719] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1001.620736] ? security_socket_sendmsg+0x8d/0xc0 [ 1001.620753] ? netlink_unicast+0x720/0x720 [ 1001.620770] sock_sendmsg+0xd7/0x130 [ 1001.620785] __sys_sendto+0x262/0x380 [ 1001.620800] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1001.620815] ? __do_page_fault+0x676/0xe90 [ 1001.620844] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1001.620866] ? up_read+0x1a/0x110 [ 1001.620884] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1001.643951] UDPv6 3KB 3KB [ 1001.645126] ? __do_page_fault+0x484/0xe90 [ 1001.684420] TCPv6 29KB 35KB [ 1001.685294] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1001.689939] nf_conntrack 0KB 3KB [ 1001.695066] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1001.738544] sd_ext_cdb 0KB 7KB [ 1001.742576] ? do_syscall_64+0x26/0x620 [ 1001.742592] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1001.742609] __x64_sys_sendto+0xe1/0x1a0 [ 1001.742626] do_syscall_64+0xfd/0x620 [ 1001.742642] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1001.742652] RIP: 0033:0x413673 [ 1001.742667] Code: ff 0f 83 b0 19 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d 1d 2c 66 00 00 75 17 49 89 ca b8 2c 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 81 19 00 00 c3 48 83 ec 08 e8 87 fa ff ff [ 1001.742674] RSP: 002b:00007ffe27fc5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 1001.742689] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000413673 [ 1001.742696] RDX: 000000000000003c RSI: 0000000000a70070 RDI: 0000000000000003 [ 1001.742704] RBP: 00007ffe27fc5178 R08: 00007ffe27fc5040 R09: 000000000000000c [ 1001.742711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 1001.742719] R13: 00000000004bea8a R14: 00007ffe27fc5170 R15: 00000000004bea83 [ 1001.748027] Kernel Offset: disabled [ 1001.884251] Rebooting in 86400 seconds..