000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 434.917235][ T3429] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3426,uid=0 [ 434.932403][ T3429] Memory cgroup out of memory: Killed process 3426 (syz-executor.0) total-vm:52612kB, anon-rss:456kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000 [ 434.952527][ T3432] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 435.018909][ T3432] CPU: 0 PID: 3432 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 435.029066][ T3432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 435.039111][ T3432] Call Trace: [ 435.042400][ T3432] dump_stack+0x1d8/0x241 [ 435.046727][ T3432] ? panic+0x73e/0x73e [ 435.050782][ T3432] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 435.056570][ T3432] ? _raw_spin_lock+0xa3/0x1b0 [ 435.061303][ T3432] ? asan.module_dtor+0x20/0x20 [ 435.066123][ T3432] dump_header+0xdb/0x700 [ 435.070432][ T3432] oom_kill_process+0xf0/0x2d0 [ 435.075190][ T3432] out_of_memory+0x666/0x940 [ 435.079755][ T3432] ? unregister_oom_notifier+0x20/0x20 [ 435.085204][ T3432] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 435.091007][ T3432] memory_max_write+0x528/0x600 [ 435.095839][ T3432] ? memory_max_show+0xa0/0xa0 [ 435.100578][ T3432] ? memory_max_show+0xa0/0xa0 [ 435.105313][ T3432] cgroup_file_write+0x273/0x5c0 [ 435.110233][ T3432] ? cgroup_seqfile_stop+0xc0/0xc0 [ 435.115331][ T3432] ? kernfs_get+0x90/0x90 [ 435.119628][ T3432] ? cgroup_seqfile_stop+0xc0/0xc0 [ 435.124706][ T3432] kernfs_fop_write+0x2ec/0x3e0 [ 435.129527][ T3432] ? kernfs_fop_read+0x450/0x450 [ 435.134452][ T3432] __vfs_write+0x103/0x780 [ 435.138857][ T3432] ? __kernel_write+0x340/0x340 [ 435.143688][ T3432] ? check_preemption_disabled+0x9e/0x330 [ 435.149386][ T3432] ? __fget+0x40c/0x4a0 [ 435.153508][ T3432] ? debug_smp_processor_id+0x20/0x20 [ 435.158867][ T3432] ? selinux_file_permission+0x2c2/0x530 [ 435.164467][ T3432] vfs_write+0x210/0x4f0 [ 435.168678][ T3432] ksys_write+0x198/0x2c0 [ 435.172974][ T3432] ? __ia32_sys_read+0x80/0x80 [ 435.177705][ T3432] do_syscall_64+0xcb/0x1c0 [ 435.182195][ T3432] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 435.188506][ T3432] memory: usage 80kB, limit 0kB, failcnt 3052 [ 435.194612][ T3432] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 435.201577][ T3432] Memory cgroup stats for /syz0: [ 435.201642][ T3432] anon 106496 [ 435.201642][ T3432] file 0 [ 435.201642][ T3432] kernel_stack 0 [ 435.201642][ T3432] slab 0 [ 435.201642][ T3432] sock 0 [ 435.201642][ T3432] shmem 0 [ 435.201642][ T3432] file_mapped 0 [ 435.201642][ T3432] file_dirty 0 [ 435.201642][ T3432] file_writeback 0 [ 435.201642][ T3432] anon_thp 0 [ 435.201642][ T3432] inactive_anon 0 [ 435.201642][ T3432] active_anon 0 [ 435.201642][ T3432] inactive_file 0 [ 435.201642][ T3432] active_file 0 [ 435.201642][ T3432] unevictable 0 [ 435.201642][ T3432] slab_reclaimable 0 [ 435.201642][ T3432] slab_unreclaimable 0 [ 435.201642][ T3432] pgfault 72501 [ 435.201642][ T3432] pgmajfault 0 [ 435.201642][ T3432] workingset_refault 0 [ 435.201642][ T3432] workingset_activate 0 [ 435.201642][ T3432] workingset_nodereclaim 0 [ 435.201642][ T3432] pgrefill 1287 [ 435.201642][ T3432] pgscan 1123 [ 435.201642][ T3432] pgsteal 0 [ 435.201642][ T3432] pgactivate 1089 [ 435.201642][ T3432] pgdeactivate 1287 [ 435.297273][ T3432] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3407,uid=0 [ 435.314451][ T3432] Memory cgroup out of memory: Killed process 3407 (syz-executor.0) total-vm:48508kB, anon-rss:448kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:0 [ 435.332268][ T23] oom_reaper: reaped process 3407 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:48kB [ 435.333048][ T3433] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 435.353515][ T3433] CPU: 0 PID: 3433 Comm: syz-executor.1 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 435.363668][ T3433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 435.373705][ T3433] Call Trace: [ 435.376991][ T3433] dump_stack+0x1d8/0x241 [ 435.381293][ T3433] ? panic+0x73e/0x73e [ 435.385509][ T3433] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 435.391292][ T3433] ? _raw_spin_lock+0xa3/0x1b0 [ 435.396112][ T3433] ? asan.module_dtor+0x20/0x20 [ 435.401039][ T3433] dump_header+0xdb/0x700 [ 435.405344][ T3433] oom_kill_process+0xf0/0x2d0 [ 435.410091][ T3433] out_of_memory+0x666/0x940 [ 435.414678][ T3433] ? unregister_oom_notifier+0x20/0x20 09:25:01 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 435.420129][ T3433] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 435.425920][ T3433] memory_max_write+0x528/0x600 [ 435.430755][ T3433] ? memory_max_show+0xa0/0xa0 [ 435.435501][ T3433] ? memory_max_show+0xa0/0xa0 [ 435.440237][ T3433] cgroup_file_write+0x273/0x5c0 [ 435.445230][ T3433] ? cgroup_seqfile_stop+0xc0/0xc0 [ 435.450311][ T3433] ? kernfs_get+0x90/0x90 [ 435.454609][ T3433] ? cgroup_seqfile_stop+0xc0/0xc0 [ 435.459707][ T3433] kernfs_fop_write+0x2ec/0x3e0 [ 435.464529][ T3433] ? kernfs_fop_read+0x450/0x450 [ 435.469434][ T3433] __vfs_write+0x103/0x780 [ 435.473825][ T3433] ? errseq_sample+0x3b/0x60 [ 435.478383][ T3433] ? __kernel_write+0x340/0x340 [ 435.483202][ T3433] ? check_preemption_disabled+0x9e/0x330 [ 435.488889][ T3433] ? __fget+0x40c/0x4a0 [ 435.493013][ T3433] ? debug_smp_processor_id+0x20/0x20 [ 435.498351][ T3433] ? selinux_file_permission+0x2c2/0x530 [ 435.503949][ T3433] vfs_write+0x210/0x4f0 [ 435.508157][ T3433] ksys_write+0x198/0x2c0 [ 435.512454][ T3433] ? __ia32_sys_read+0x80/0x80 09:25:01 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r5, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) 09:25:01 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:01 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 435.517185][ T3433] do_syscall_64+0xcb/0x1c0 [ 435.521668][ T3433] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 435.534670][ T3433] memory: usage 48kB, limit 0kB, failcnt 3054 [ 435.540863][ T3433] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 435.547878][ T3433] Memory cgroup stats for /syz0: [ 435.547946][ T3433] anon 0 [ 435.547946][ T3433] file 0 [ 435.547946][ T3433] kernel_stack 0 [ 435.547946][ T3433] slab 0 [ 435.547946][ T3433] sock 0 [ 435.547946][ T3433] shmem 0 [ 435.547946][ T3433] file_mapped 0 [ 435.547946][ T3433] file_dirty 0 [ 435.547946][ T3433] file_writeback 0 [ 435.547946][ T3433] anon_thp 0 [ 435.547946][ T3433] inactive_anon 0 [ 435.547946][ T3433] active_anon 0 [ 435.547946][ T3433] inactive_file 0 [ 435.547946][ T3433] active_file 0 [ 435.547946][ T3433] unevictable 0 [ 435.547946][ T3433] slab_reclaimable 0 [ 435.547946][ T3433] slab_unreclaimable 0 [ 435.547946][ T3433] pgfault 72501 [ 435.547946][ T3433] pgmajfault 0 [ 435.547946][ T3433] workingset_refault 0 09:25:01 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 435.547946][ T3433] workingset_activate 0 [ 435.547946][ T3433] workingset_nodereclaim 0 [ 435.547946][ T3433] pgrefill 1287 [ 435.547946][ T3433] pgscan 1123 [ 435.547946][ T3433] pgsteal 0 [ 435.547946][ T3433] pgactivate 1089 [ 435.547946][ T3433] pgdeactivate 1287 [ 435.642797][ T3433] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3437,uid=0 09:25:01 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 435.689986][ T3450] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 435.741249][ T3450] CPU: 0 PID: 3450 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 435.751416][ T3450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 435.761454][ T3450] Call Trace: [ 435.764729][ T3450] dump_stack+0x1d8/0x241 [ 435.769028][ T3450] ? panic+0x73e/0x73e [ 435.773068][ T3450] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 435.778845][ T3450] ? preempt_schedule_common+0xb7/0xe0 [ 435.784272][ T3450] dump_header+0xdb/0x700 [ 435.788573][ T3450] out_of_memory+0x6d0/0x940 [ 435.793133][ T3450] ? unregister_oom_notifier+0x20/0x20 [ 435.798576][ T3450] memory_max_write+0x528/0x600 [ 435.803425][ T3450] ? memory_max_show+0xa0/0xa0 [ 435.808174][ T3450] ? memory_max_show+0xa0/0xa0 [ 435.812909][ T3450] cgroup_file_write+0x273/0x5c0 [ 435.817816][ T3450] ? cgroup_seqfile_stop+0xc0/0xc0 [ 435.822904][ T3450] ? kernfs_get+0x90/0x90 [ 435.827205][ T3450] ? cgroup_seqfile_stop+0xc0/0xc0 [ 435.832287][ T3450] kernfs_fop_write+0x2ec/0x3e0 [ 435.837108][ T3450] ? kernfs_fop_read+0x450/0x450 [ 435.842014][ T3450] __vfs_write+0x103/0x780 [ 435.846410][ T3450] ? __kernel_write+0x340/0x340 [ 435.851244][ T3450] ? check_preemption_disabled+0x9e/0x330 [ 435.856935][ T3450] ? __fget+0x40c/0x4a0 [ 435.861062][ T3450] ? debug_smp_processor_id+0x20/0x20 [ 435.866407][ T3450] ? selinux_file_permission+0x2c2/0x530 [ 435.872010][ T3450] vfs_write+0x210/0x4f0 [ 435.876223][ T3450] ksys_write+0x198/0x2c0 [ 435.880525][ T3450] ? __ia32_sys_read+0x80/0x80 [ 435.885258][ T3450] do_syscall_64+0xcb/0x1c0 [ 435.889733][ T3450] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 09:25:01 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 436.375019][ T7] device bridge_slave_1 left promiscuous mode [ 436.381772][ T7] bridge0: port 2(bridge_slave_1) entered disabled state 09:25:02 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) [ 436.460221][ T7] device bridge_slave_0 left promiscuous mode [ 436.485298][ T7] bridge0: port 1(bridge_slave_0) entered disabled state 09:25:02 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 436.596075][ T3450] memory: usage 48kB, limit 0kB, failcnt 3054 [ 436.625760][ T3450] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 436.661273][ T3450] Memory cgroup stats for /syz0: [ 436.661347][ T3450] anon 0 [ 436.661347][ T3450] file 0 [ 436.661347][ T3450] kernel_stack 0 [ 436.661347][ T3450] slab 0 [ 436.661347][ T3450] sock 0 [ 436.661347][ T3450] shmem 0 [ 436.661347][ T3450] file_mapped 0 [ 436.661347][ T3450] file_dirty 0 [ 436.661347][ T3450] file_writeback 0 [ 436.661347][ T3450] anon_thp 0 [ 436.661347][ T3450] inactive_anon 0 [ 436.661347][ T3450] active_anon 0 [ 436.661347][ T3450] inactive_file 0 [ 436.661347][ T3450] active_file 0 [ 436.661347][ T3450] unevictable 0 [ 436.661347][ T3450] slab_reclaimable 0 [ 436.661347][ T3450] slab_unreclaimable 0 [ 436.661347][ T3450] pgfault 72501 [ 436.661347][ T3450] pgmajfault 0 [ 436.661347][ T3450] workingset_refault 0 [ 436.661347][ T3450] workingset_activate 0 [ 436.661347][ T3450] workingset_nodereclaim 0 [ 436.661347][ T3450] pgrefill 1287 [ 436.661347][ T3450] pgscan 1123 [ 436.661347][ T3450] pgsteal 0 [ 436.661347][ T3450] pgactivate 1122 [ 436.661347][ T3450] pgdeactivate 1287 09:25:02 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r5, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) 09:25:02 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 436.965148][ T3450] Out of memory and no killable processes... [ 436.983674][ T3459] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 436.993937][ T3459] CPU: 1 PID: 3459 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 437.004165][ T3459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 437.014206][ T3459] Call Trace: [ 437.017490][ T3459] dump_stack+0x1d8/0x241 [ 437.021810][ T3459] ? panic+0x73e/0x73e [ 437.025865][ T3459] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 437.031656][ T3459] dump_header+0xdb/0x700 [ 437.035973][ T3459] out_of_memory+0x6d0/0x940 [ 437.040570][ T3459] ? unregister_oom_notifier+0x20/0x20 [ 437.046022][ T3459] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 437.051823][ T3459] memory_max_write+0x528/0x600 [ 437.056671][ T3459] ? memory_max_show+0xa0/0xa0 [ 437.061426][ T3459] ? memory_max_show+0xa0/0xa0 [ 437.066177][ T3459] cgroup_file_write+0x273/0x5c0 [ 437.071103][ T3459] ? cgroup_seqfile_stop+0xc0/0xc0 [ 437.076199][ T3459] ? kernfs_get+0x90/0x90 [ 437.080542][ T3459] ? cgroup_seqfile_stop+0xc0/0xc0 [ 437.085638][ T3459] kernfs_fop_write+0x2ec/0x3e0 [ 437.090479][ T3459] ? kernfs_fop_read+0x450/0x450 [ 437.095402][ T3459] __vfs_write+0x103/0x780 [ 437.099809][ T3459] ? __kernel_write+0x340/0x340 [ 437.104648][ T3459] ? check_preemption_disabled+0x9e/0x330 [ 437.110351][ T3459] ? __fget+0x40c/0x4a0 [ 437.114494][ T3459] ? debug_smp_processor_id+0x20/0x20 [ 437.119855][ T3459] ? selinux_file_permission+0x2c2/0x530 [ 437.125475][ T3459] vfs_write+0x210/0x4f0 [ 437.129703][ T3459] ksys_write+0x198/0x2c0 [ 437.134021][ T3459] ? __ia32_sys_read+0x80/0x80 [ 437.138771][ T3459] do_syscall_64+0xcb/0x1c0 [ 437.143264][ T3459] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 437.149241][ T3459] memory: usage 48kB, limit 0kB, failcnt 3054 [ 437.155308][ T3459] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 437.162136][ T3459] Memory cgroup stats for /syz0: [ 437.162214][ T3459] anon 0 [ 437.162214][ T3459] file 0 [ 437.162214][ T3459] kernel_stack 0 [ 437.162214][ T3459] slab 0 [ 437.162214][ T3459] sock 0 [ 437.162214][ T3459] shmem 0 [ 437.162214][ T3459] file_mapped 0 [ 437.162214][ T3459] file_dirty 0 [ 437.162214][ T3459] file_writeback 0 [ 437.162214][ T3459] anon_thp 0 [ 437.162214][ T3459] inactive_anon 0 [ 437.162214][ T3459] active_anon 0 [ 437.162214][ T3459] inactive_file 0 [ 437.162214][ T3459] active_file 0 [ 437.162214][ T3459] unevictable 0 09:25:02 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 437.162214][ T3459] slab_reclaimable 0 [ 437.162214][ T3459] slab_unreclaimable 0 [ 437.162214][ T3459] pgfault 72501 [ 437.162214][ T3459] pgmajfault 0 [ 437.162214][ T3459] workingset_refault 0 [ 437.162214][ T3459] workingset_activate 0 [ 437.162214][ T3459] workingset_nodereclaim 0 [ 437.162214][ T3459] pgrefill 1287 [ 437.162214][ T3459] pgscan 1123 [ 437.162214][ T3459] pgsteal 0 [ 437.162214][ T3459] pgactivate 1122 [ 437.162214][ T3459] pgdeactivate 1287 [ 437.257170][ T3459] Out of memory and no killable processes... [ 437.263171][ T3463] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 437.287296][ T3463] CPU: 1 PID: 3463 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 437.297445][ T3463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 437.307482][ T3463] Call Trace: [ 437.310767][ T3463] dump_stack+0x1d8/0x241 [ 437.315069][ T3463] ? panic+0x73e/0x73e [ 437.319110][ T3463] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 437.324886][ T3463] ? preempt_schedule_common+0xb7/0xe0 [ 437.330315][ T3463] dump_header+0xdb/0x700 [ 437.334617][ T3463] out_of_memory+0x6d0/0x940 [ 437.339181][ T3463] ? unregister_oom_notifier+0x20/0x20 [ 437.344611][ T3463] memory_max_write+0x528/0x600 [ 437.349440][ T3463] ? memory_max_show+0xa0/0xa0 [ 437.354177][ T3463] ? memory_max_show+0xa0/0xa0 [ 437.358912][ T3463] cgroup_file_write+0x273/0x5c0 [ 437.363820][ T3463] ? cgroup_seqfile_stop+0xc0/0xc0 [ 437.368988][ T3463] ? kernfs_get+0x90/0x90 [ 437.373290][ T3463] ? cgroup_seqfile_stop+0xc0/0xc0 [ 437.378391][ T3463] kernfs_fop_write+0x2ec/0x3e0 [ 437.383213][ T3463] ? kernfs_fop_read+0x450/0x450 [ 437.388124][ T3463] __vfs_write+0x103/0x780 [ 437.392514][ T3463] ? __kernel_write+0x340/0x340 [ 437.397333][ T3463] ? preempt_schedule_irq+0xef/0x140 [ 437.402588][ T3463] ? preempt_schedule_notrace+0x140/0x140 [ 437.408278][ T3463] ? check_preemption_disabled+0x9e/0x330 [ 437.413981][ T3463] ? __fget+0x40c/0x4a0 [ 437.418106][ T3463] ? debug_smp_processor_id+0x20/0x20 [ 437.423447][ T3463] ? selinux_file_permission+0x2c2/0x530 [ 437.429051][ T3463] vfs_write+0x210/0x4f0 [ 437.433265][ T3463] ksys_write+0x198/0x2c0 [ 437.437567][ T3463] ? __ia32_sys_read+0x80/0x80 [ 437.442302][ T3463] do_syscall_64+0xcb/0x1c0 [ 437.446779][ T3463] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 437.456426][ T3463] memory: usage 48kB, limit 0kB, failcnt 3054 [ 437.489676][ T3463] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 437.527693][ T3463] Memory cgroup stats for /syz0: [ 437.527768][ T3463] anon 0 [ 437.527768][ T3463] file 0 [ 437.527768][ T3463] kernel_stack 0 [ 437.527768][ T3463] slab 0 [ 437.527768][ T3463] sock 0 [ 437.527768][ T3463] shmem 0 [ 437.527768][ T3463] file_mapped 0 [ 437.527768][ T3463] file_dirty 0 [ 437.527768][ T3463] file_writeback 0 [ 437.527768][ T3463] anon_thp 0 [ 437.527768][ T3463] inactive_anon 0 [ 437.527768][ T3463] active_anon 0 [ 437.527768][ T3463] inactive_file 0 [ 437.527768][ T3463] active_file 0 [ 437.527768][ T3463] unevictable 0 [ 437.527768][ T3463] slab_reclaimable 0 [ 437.527768][ T3463] slab_unreclaimable 0 09:25:03 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) [ 437.527768][ T3463] pgfault 72501 [ 437.527768][ T3463] pgmajfault 0 [ 437.527768][ T3463] workingset_refault 0 [ 437.527768][ T3463] workingset_activate 0 [ 437.527768][ T3463] workingset_nodereclaim 0 [ 437.527768][ T3463] pgrefill 1287 [ 437.527768][ T3463] pgscan 1123 [ 437.527768][ T3463] pgsteal 0 [ 437.527768][ T3463] pgactivate 1122 [ 437.527768][ T3463] pgdeactivate 1287 [ 437.755338][ T3463] Out of memory and no killable processes... [ 437.769629][ T3471] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 437.783887][ T3471] CPU: 0 PID: 3471 Comm: syz-executor.1 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 437.794042][ T3471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 437.804090][ T3471] Call Trace: [ 437.807375][ T3471] dump_stack+0x1d8/0x241 [ 437.811702][ T3471] ? panic+0x73e/0x73e [ 437.815765][ T3471] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 437.821567][ T3471] ? preempt_schedule_common+0xb7/0xe0 [ 437.827107][ T3471] dump_header+0xdb/0x700 [ 437.831438][ T3471] out_of_memory+0x6d0/0x940 [ 437.836024][ T3471] ? unregister_oom_notifier+0x20/0x20 [ 437.841477][ T3471] memory_max_write+0x528/0x600 [ 437.846318][ T3471] ? memory_max_show+0xa0/0xa0 [ 437.851086][ T3471] ? memory_max_show+0xa0/0xa0 [ 437.855922][ T3471] cgroup_file_write+0x273/0x5c0 [ 437.860847][ T3471] ? cgroup_seqfile_stop+0xc0/0xc0 [ 437.865941][ T3471] ? kernfs_get+0x90/0x90 [ 437.870260][ T3471] ? cgroup_seqfile_stop+0xc0/0xc0 [ 437.875357][ T3471] kernfs_fop_write+0x2ec/0x3e0 [ 437.880196][ T3471] ? kernfs_fop_read+0x450/0x450 [ 437.885118][ T3471] __vfs_write+0x103/0x780 [ 437.889521][ T3471] ? __kernel_write+0x340/0x340 [ 437.894357][ T3471] ? check_preemption_disabled+0x9e/0x330 [ 437.900062][ T3471] ? __fget+0x40c/0x4a0 09:25:03 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 437.904199][ T3471] ? debug_smp_processor_id+0x20/0x20 [ 437.909554][ T3471] ? selinux_file_permission+0x2c2/0x530 [ 437.915170][ T3471] vfs_write+0x210/0x4f0 [ 437.919400][ T3471] ksys_write+0x198/0x2c0 [ 437.923714][ T3471] ? __ia32_sys_read+0x80/0x80 [ 437.928461][ T3471] do_syscall_64+0xcb/0x1c0 [ 437.932948][ T3471] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 09:25:03 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r5, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r4, 0x0, 0x0) [ 437.990630][ T3471] memory: usage 48kB, limit 0kB, failcnt 3054 [ 438.005525][ T3471] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 438.012648][ T3471] Memory cgroup stats for /syz0: [ 438.012735][ T3471] anon 0 [ 438.012735][ T3471] file 0 [ 438.012735][ T3471] kernel_stack 0 [ 438.012735][ T3471] slab 0 [ 438.012735][ T3471] sock 0 [ 438.012735][ T3471] shmem 0 [ 438.012735][ T3471] file_mapped 0 [ 438.012735][ T3471] file_dirty 0 [ 438.012735][ T3471] file_writeback 0 [ 438.012735][ T3471] anon_thp 0 [ 438.012735][ T3471] inactive_anon 0 [ 438.012735][ T3471] active_anon 0 [ 438.012735][ T3471] inactive_file 0 [ 438.012735][ T3471] active_file 0 [ 438.012735][ T3471] unevictable 0 [ 438.012735][ T3471] slab_reclaimable 0 [ 438.012735][ T3471] slab_unreclaimable 0 [ 438.012735][ T3471] pgfault 72501 [ 438.012735][ T3471] pgmajfault 0 [ 438.012735][ T3471] workingset_refault 0 [ 438.012735][ T3471] workingset_activate 0 09:25:03 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 438.012735][ T3471] workingset_nodereclaim 0 [ 438.012735][ T3471] pgrefill 1287 [ 438.012735][ T3471] pgscan 1123 [ 438.012735][ T3471] pgsteal 0 [ 438.012735][ T3471] pgactivate 1122 [ 438.012735][ T3471] pgdeactivate 1287 [ 438.158547][ T3471] Out of memory and no killable processes... [ 438.172525][ T3478] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 438.182710][ T3478] CPU: 0 PID: 3478 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 438.192841][ T3478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 438.202877][ T3478] Call Trace: [ 438.206160][ T3478] dump_stack+0x1d8/0x241 [ 438.210476][ T3478] ? panic+0x73e/0x73e [ 438.214528][ T3478] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 438.220322][ T3478] dump_header+0xdb/0x700 [ 438.224644][ T3478] out_of_memory+0x6d0/0x940 [ 438.229216][ T3478] ? unregister_oom_notifier+0x20/0x20 [ 438.234660][ T3478] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 438.240453][ T3478] memory_max_write+0x528/0x600 [ 438.245313][ T3478] ? memory_max_show+0xa0/0xa0 [ 438.250061][ T3478] ? memory_max_show+0xa0/0xa0 [ 438.254809][ T3478] cgroup_file_write+0x273/0x5c0 [ 438.259731][ T3478] ? cgroup_seqfile_stop+0xc0/0xc0 [ 438.264821][ T3478] ? kernfs_get+0x90/0x90 [ 438.269132][ T3478] ? cgroup_seqfile_stop+0xc0/0xc0 [ 438.274221][ T3478] kernfs_fop_write+0x2ec/0x3e0 [ 438.279053][ T3478] ? kernfs_fop_read+0x450/0x450 [ 438.283972][ T3478] __vfs_write+0x103/0x780 [ 438.288368][ T3478] ? __kernel_write+0x340/0x340 [ 438.293202][ T3478] ? check_preemption_disabled+0x9e/0x330 [ 438.298906][ T3478] ? __fget+0x40c/0x4a0 [ 438.303046][ T3478] ? debug_smp_processor_id+0x20/0x20 [ 438.308400][ T3478] ? selinux_file_permission+0x2c2/0x530 [ 438.314015][ T3478] vfs_write+0x210/0x4f0 [ 438.318238][ T3478] ksys_write+0x198/0x2c0 [ 438.322551][ T3478] ? __ia32_sys_read+0x80/0x80 [ 438.327299][ T3478] do_syscall_64+0xcb/0x1c0 [ 438.332426][ T3478] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 438.338764][ T3478] memory: usage 48kB, limit 0kB, failcnt 3054 [ 438.344851][ T3478] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 438.351679][ T3478] Memory cgroup stats for /syz0: [ 438.351754][ T3478] anon 0 [ 438.351754][ T3478] file 0 [ 438.351754][ T3478] kernel_stack 0 [ 438.351754][ T3478] slab 0 [ 438.351754][ T3478] sock 0 [ 438.351754][ T3478] shmem 0 [ 438.351754][ T3478] file_mapped 0 [ 438.351754][ T3478] file_dirty 0 [ 438.351754][ T3478] file_writeback 0 [ 438.351754][ T3478] anon_thp 0 [ 438.351754][ T3478] inactive_anon 0 [ 438.351754][ T3478] active_anon 0 [ 438.351754][ T3478] inactive_file 0 [ 438.351754][ T3478] active_file 0 [ 438.351754][ T3478] unevictable 0 [ 438.351754][ T3478] slab_reclaimable 0 [ 438.351754][ T3478] slab_unreclaimable 0 [ 438.351754][ T3478] pgfault 72501 09:25:04 executing program 1: syz_clone(0x320000, 0x0, 0x52, 0x0, 0x0, 0x0) 09:25:04 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) [ 438.351754][ T3478] pgmajfault 0 [ 438.351754][ T3478] workingset_refault 0 [ 438.351754][ T3478] workingset_activate 0 [ 438.351754][ T3478] workingset_nodereclaim 0 [ 438.351754][ T3478] pgrefill 1320 [ 438.351754][ T3478] pgscan 1123 [ 438.351754][ T3478] pgsteal 0 [ 438.351754][ T3478] pgactivate 1122 [ 438.351754][ T3478] pgdeactivate 1320 [ 438.446543][ T3478] Out of memory and no killable processes... [ 438.453098][ T3485] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 438.486319][ T3485] CPU: 1 PID: 3485 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 438.496474][ T3485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 438.506507][ T3485] Call Trace: [ 438.509786][ T3485] dump_stack+0x1d8/0x241 [ 438.514091][ T3485] ? panic+0x73e/0x73e [ 438.518129][ T3485] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 438.523907][ T3485] ? preempt_schedule_common+0xb7/0xe0 [ 438.529340][ T3485] dump_header+0xdb/0x700 [ 438.533644][ T3485] out_of_memory+0x6d0/0x940 [ 438.538207][ T3485] ? unregister_oom_notifier+0x20/0x20 [ 438.543640][ T3485] memory_max_write+0x528/0x600 [ 438.548467][ T3485] ? memory_max_show+0xa0/0xa0 [ 438.553203][ T3485] ? memory_max_show+0xa0/0xa0 [ 438.557955][ T3485] cgroup_file_write+0x273/0x5c0 [ 438.562868][ T3485] ? cgroup_seqfile_stop+0xc0/0xc0 [ 438.568038][ T3485] ? kernfs_get+0x90/0x90 [ 438.572340][ T3485] ? cgroup_seqfile_stop+0xc0/0xc0 [ 438.577424][ T3485] kernfs_fop_write+0x2ec/0x3e0 [ 438.582248][ T3485] ? kernfs_fop_read+0x450/0x450 [ 438.587160][ T3485] __vfs_write+0x103/0x780 [ 438.591569][ T3485] ? __kernel_write+0x340/0x340 [ 438.596412][ T3485] ? check_preemption_disabled+0x9e/0x330 [ 438.602105][ T3485] ? __fget+0x40c/0x4a0 [ 438.606233][ T3485] ? debug_smp_processor_id+0x20/0x20 [ 438.611661][ T3485] ? selinux_file_permission+0x2c2/0x530 [ 438.617272][ T3485] vfs_write+0x210/0x4f0 [ 438.621489][ T3485] ksys_write+0x198/0x2c0 [ 438.625795][ T3485] ? __ia32_sys_read+0x80/0x80 [ 438.630534][ T3485] do_syscall_64+0xcb/0x1c0 [ 438.635011][ T3485] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 438.851935][ T3485] memory: usage 48kB, limit 0kB, failcnt 3054 [ 438.870960][ T3485] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 438.888760][ T3485] Memory cgroup stats for /syz0: [ 438.888834][ T3485] anon 0 [ 438.888834][ T3485] file 0 [ 438.888834][ T3485] kernel_stack 0 [ 438.888834][ T3485] slab 0 [ 438.888834][ T3485] sock 0 [ 438.888834][ T3485] shmem 0 [ 438.888834][ T3485] file_mapped 0 [ 438.888834][ T3485] file_dirty 0 [ 438.888834][ T3485] file_writeback 0 [ 438.888834][ T3485] anon_thp 0 [ 438.888834][ T3485] inactive_anon 0 [ 438.888834][ T3485] active_anon 0 [ 438.888834][ T3485] inactive_file 0 [ 438.888834][ T3485] active_file 0 [ 438.888834][ T3485] unevictable 0 [ 438.888834][ T3485] slab_reclaimable 0 [ 438.888834][ T3485] slab_unreclaimable 0 [ 438.888834][ T3485] pgfault 72501 [ 438.888834][ T3485] pgmajfault 0 [ 438.888834][ T3485] workingset_refault 0 [ 438.888834][ T3485] workingset_activate 0 [ 438.888834][ T3485] workingset_nodereclaim 0 [ 438.888834][ T3485] pgrefill 1320 [ 438.888834][ T3485] pgscan 1123 [ 438.888834][ T3485] pgsteal 0 [ 438.888834][ T3485] pgactivate 1122 [ 438.888834][ T3485] pgdeactivate 1320 [ 438.917562][ T3498] bridge0: port 1(bridge_slave_0) entered blocking state [ 438.986796][ T3485] Out of memory and no killable processes... [ 439.000391][ T3498] bridge0: port 1(bridge_slave_0) entered disabled state [ 439.016264][ T3498] device bridge_slave_0 entered promiscuous mode [ 439.022482][ T3497] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 439.032773][ T3497] CPU: 1 PID: 3497 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 439.041487][ T3498] bridge0: port 2(bridge_slave_1) entered blocking state [ 439.042985][ T3497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 439.042989][ T3497] Call Trace: [ 439.043005][ T3497] dump_stack+0x1d8/0x241 [ 439.043020][ T3497] ? panic+0x73e/0x73e [ 439.059241][ T3498] bridge0: port 2(bridge_slave_1) entered disabled state [ 439.060224][ T3497] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 439.060241][ T3497] dump_header+0xdb/0x700 [ 439.069154][ T3498] device bridge_slave_1 entered promiscuous mode [ 439.071843][ T3497] out_of_memory+0x6d0/0x940 [ 439.071857][ T3497] ? unregister_oom_notifier+0x20/0x20 [ 439.105219][ T3497] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 439.111365][ T3497] memory_max_write+0x528/0x600 [ 439.116209][ T3497] ? memory_max_show+0xa0/0xa0 [ 439.120970][ T3497] ? memory_max_show+0xa0/0xa0 [ 439.125724][ T3497] cgroup_file_write+0x273/0x5c0 [ 439.130654][ T3497] ? cgroup_seqfile_stop+0xc0/0xc0 [ 439.135754][ T3497] ? kernfs_get+0x90/0x90 [ 439.140077][ T3497] ? cgroup_seqfile_stop+0xc0/0xc0 [ 439.145175][ T3497] kernfs_fop_write+0x2ec/0x3e0 [ 439.150016][ T3497] ? kernfs_fop_read+0x450/0x450 [ 439.154943][ T3497] __vfs_write+0x103/0x780 [ 439.156989][ T3498] bridge0: port 2(bridge_slave_1) entered blocking state [ 439.159352][ T3497] ? __kernel_write+0x340/0x340 [ 439.159368][ T3497] ? check_preemption_disabled+0x9e/0x330 [ 439.166392][ T3498] bridge0: port 2(bridge_slave_1) entered forwarding state [ 439.171185][ T3497] ? __fget+0x40c/0x4a0 [ 439.176980][ T3498] bridge0: port 1(bridge_slave_0) entered blocking state [ 439.184029][ T3497] ? debug_smp_processor_id+0x20/0x20 [ 439.188162][ T3498] bridge0: port 1(bridge_slave_0) entered forwarding state [ 439.195160][ T3497] ? selinux_file_permission+0x2c2/0x530 [ 439.195176][ T3497] vfs_write+0x210/0x4f0 [ 439.217598][ T3497] ksys_write+0x198/0x2c0 [ 439.221974][ T3497] ? __ia32_sys_read+0x80/0x80 [ 439.226733][ T3497] do_syscall_64+0xcb/0x1c0 [ 439.231240][ T3497] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 439.237204][ T3497] memory: usage 48kB, limit 0kB, failcnt 3054 [ 439.243277][ T3497] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 439.250250][ T3497] Memory cgroup stats for /syz0: [ 439.250323][ T3497] anon 0 [ 439.250323][ T3497] file 0 [ 439.250323][ T3497] kernel_stack 0 [ 439.250323][ T3497] slab 0 [ 439.250323][ T3497] sock 0 [ 439.250323][ T3497] shmem 0 [ 439.250323][ T3497] file_mapped 0 [ 439.250323][ T3497] file_dirty 0 [ 439.250323][ T3497] file_writeback 0 [ 439.250323][ T3497] anon_thp 0 [ 439.250323][ T3497] inactive_anon 0 [ 439.250323][ T3497] active_anon 0 [ 439.250323][ T3497] inactive_file 0 [ 439.250323][ T3497] active_file 0 [ 439.250323][ T3497] unevictable 0 [ 439.250323][ T3497] slab_reclaimable 0 [ 439.250323][ T3497] slab_unreclaimable 0 [ 439.250323][ T3497] pgfault 72501 [ 439.250323][ T3497] pgmajfault 0 [ 439.250323][ T3497] workingset_refault 0 [ 439.250323][ T3497] workingset_activate 0 [ 439.250323][ T3497] workingset_nodereclaim 0 [ 439.250323][ T3497] pgrefill 1320 [ 439.250323][ T3497] pgscan 1123 [ 439.250323][ T3497] pgsteal 0 [ 439.250323][ T3497] pgactivate 1122 [ 439.250323][ T3497] pgdeactivate 1320 [ 439.345241][ T3497] Out of memory and no killable processes... [ 439.345299][ T340] bridge0: port 1(bridge_slave_0) entered disabled state [ 439.361356][ T340] bridge0: port 2(bridge_slave_1) entered disabled state [ 439.369178][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 439.376606][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 439.391525][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 439.399814][ T340] bridge0: port 1(bridge_slave_0) entered blocking state [ 439.406836][ T340] bridge0: port 1(bridge_slave_0) entered forwarding state [ 439.414260][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 439.422575][ T340] bridge0: port 2(bridge_slave_1) entered blocking state [ 439.429601][ T340] bridge0: port 2(bridge_slave_1) entered forwarding state [ 439.436960][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 439.447857][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 439.463549][ T3130] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 439.475757][ T3130] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 439.486981][ T118] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 439.498944][ T3130] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 439.510242][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 09:25:05 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:05 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0xa, [@int={0x9, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2e}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, &(0x7f0000000180)=""/189, 0x32, 0xbd, 0x1}, 0x20) 09:25:05 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r5, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r4, 0x0, 0x0) 09:25:05 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:05 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:05 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:05 executing program 1: bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000040), 0xfffffffffffffdf0) 09:25:05 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) ioctl$TUNGETFEATURES(r0, 0x4b47, 0x0) 09:25:05 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000040)={'sit0\x00', 0x400}) 09:25:06 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmsg$inet(r0, 0x0, 0x0) 09:25:06 executing program 1: openat$tun(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) ioctl$TUNGETFEATURES(0xffffffffffffffff, 0x4b47, 0x0) socketpair(0x11, 0x2, 0x20, &(0x7f0000000040)) [ 440.567001][ T3528] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 440.577186][ T3528] CPU: 1 PID: 3528 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 440.587316][ T3528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 440.597792][ T3528] Call Trace: [ 440.601070][ T3528] dump_stack+0x1d8/0x241 [ 440.605386][ T3528] ? panic+0x73e/0x73e [ 440.609440][ T3528] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 440.615228][ T3528] ? _raw_spin_lock+0xa3/0x1b0 [ 440.619973][ T3528] ? asan.module_dtor+0x20/0x20 [ 440.624804][ T3528] dump_header+0xdb/0x700 [ 440.629118][ T3528] oom_kill_process+0xf0/0x2d0 [ 440.633860][ T3528] out_of_memory+0x666/0x940 [ 440.638433][ T3528] ? unregister_oom_notifier+0x20/0x20 [ 440.643872][ T3528] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 440.649745][ T3528] memory_max_write+0x528/0x600 [ 440.654584][ T3528] ? memory_max_show+0xa0/0xa0 [ 440.659337][ T3528] ? memory_max_show+0xa0/0xa0 [ 440.664174][ T3528] cgroup_file_write+0x273/0x5c0 [ 440.669106][ T3528] ? cgroup_seqfile_stop+0xc0/0xc0 [ 440.674303][ T3528] ? kernfs_get+0x90/0x90 [ 440.678627][ T3528] ? cgroup_seqfile_stop+0xc0/0xc0 [ 440.683728][ T3528] kernfs_fop_write+0x2ec/0x3e0 [ 440.688574][ T3528] ? kernfs_fop_read+0x450/0x450 [ 440.693504][ T3528] __vfs_write+0x103/0x780 [ 440.697908][ T3528] ? __kernel_write+0x340/0x340 [ 440.702748][ T3528] ? check_preemption_disabled+0x9e/0x330 [ 440.708453][ T3528] ? __fget+0x40c/0x4a0 09:25:06 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000002300)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x0, @private}, 0x10, 0x0}, 0xc801) [ 440.712599][ T3528] ? debug_smp_processor_id+0x20/0x20 [ 440.717960][ T3528] ? selinux_file_permission+0x2c2/0x530 [ 440.723592][ T3528] vfs_write+0x210/0x4f0 [ 440.727824][ T3528] ksys_write+0x198/0x2c0 [ 440.732137][ T3528] ? __ia32_sys_read+0x80/0x80 [ 440.736936][ T3528] do_syscall_64+0xcb/0x1c0 [ 440.741430][ T3528] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 440.747572][ T3528] memory: usage 4296kB, limit 0kB, failcnt 3070 [ 440.753866][ T3528] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 440.760750][ T3528] Memory cgroup stats for /syz0: [ 440.760817][ T3528] anon 4272128 [ 440.760817][ T3528] file 0 [ 440.760817][ T3528] kernel_stack 0 [ 440.760817][ T3528] slab 0 [ 440.760817][ T3528] sock 0 [ 440.760817][ T3528] shmem 0 [ 440.760817][ T3528] file_mapped 0 [ 440.760817][ T3528] file_dirty 0 [ 440.760817][ T3528] file_writeback 0 [ 440.760817][ T3528] anon_thp 0 [ 440.760817][ T3528] inactive_anon 0 [ 440.760817][ T3528] active_anon 4325376 [ 440.760817][ T3528] inactive_file 0 [ 440.760817][ T3528] active_file 0 [ 440.760817][ T3528] unevictable 0 [ 440.760817][ T3528] slab_reclaimable 0 [ 440.760817][ T3528] slab_unreclaimable 0 [ 440.760817][ T3528] pgfault 76725 [ 440.760817][ T3528] pgmajfault 0 [ 440.760817][ T3528] workingset_refault 0 [ 440.760817][ T3528] workingset_activate 0 [ 440.760817][ T3528] workingset_nodereclaim 0 [ 440.760817][ T3528] pgrefill 1320 [ 440.760817][ T3528] pgscan 1123 [ 440.760817][ T3528] pgsteal 0 [ 440.760817][ T3528] pgactivate 1122 [ 440.760817][ T3528] pgdeactivate 1320 [ 440.857486][ T3528] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3516,uid=0 [ 440.872860][ T3528] Memory cgroup out of memory: Killed process 3516 (syz-executor.0) total-vm:52744kB, anon-rss:4544kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:100kB oom_score_adj:1000 [ 440.909119][ T23] oom_reaper: reaped process 3516 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 441.316588][ T3537] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 441.351886][ T3537] CPU: 0 PID: 3537 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 441.362030][ T3537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 441.372058][ T3537] Call Trace: [ 441.375320][ T3537] dump_stack+0x1d8/0x241 [ 441.379636][ T3537] ? panic+0x73e/0x73e [ 441.383676][ T3537] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 441.389451][ T3537] ? _raw_spin_lock+0xa3/0x1b0 [ 441.394185][ T3537] ? asan.module_dtor+0x20/0x20 [ 441.399024][ T3537] dump_header+0xdb/0x700 [ 441.403349][ T3537] oom_kill_process+0xf0/0x2d0 [ 441.408088][ T3537] out_of_memory+0x666/0x940 [ 441.412647][ T3537] ? unregister_oom_notifier+0x20/0x20 [ 441.418084][ T3537] memory_max_write+0x528/0x600 [ 441.422906][ T3537] ? memory_max_show+0xa0/0xa0 [ 441.427644][ T3537] ? memory_max_show+0xa0/0xa0 [ 441.432393][ T3537] cgroup_file_write+0x273/0x5c0 [ 441.437301][ T3537] ? cgroup_seqfile_stop+0xc0/0xc0 [ 441.442384][ T3537] ? kernfs_get+0x90/0x90 [ 441.446681][ T3537] ? cgroup_seqfile_stop+0xc0/0xc0 [ 441.451775][ T3537] kernfs_fop_write+0x2ec/0x3e0 [ 441.456609][ T3537] ? kernfs_fop_read+0x450/0x450 [ 441.461515][ T3537] __vfs_write+0x103/0x780 [ 441.465901][ T3537] ? __kernel_write+0x340/0x340 [ 441.470724][ T3537] ? check_preemption_disabled+0x9e/0x330 [ 441.476413][ T3537] ? __fget+0x40c/0x4a0 [ 441.480547][ T3537] ? debug_smp_processor_id+0x20/0x20 [ 441.485887][ T3537] ? selinux_file_permission+0x2c2/0x530 [ 441.491489][ T3537] vfs_write+0x210/0x4f0 [ 441.495703][ T3537] ksys_write+0x198/0x2c0 [ 441.500001][ T3537] ? __ia32_sys_read+0x80/0x80 [ 441.504736][ T3537] do_syscall_64+0xcb/0x1c0 [ 441.509225][ T3537] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 441.519487][ T3537] memory: usage 88kB, limit 0kB, failcnt 3076 [ 441.526304][ T3537] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 441.533177][ T3537] Memory cgroup stats for /syz0: [ 441.533252][ T3537] anon 143360 [ 441.533252][ T3537] file 0 [ 441.533252][ T3537] kernel_stack 0 [ 441.533252][ T3537] slab 0 [ 441.533252][ T3537] sock 0 [ 441.533252][ T3537] shmem 0 [ 441.533252][ T3537] file_mapped 0 [ 441.533252][ T3537] file_dirty 0 [ 441.533252][ T3537] file_writeback 0 [ 441.533252][ T3537] anon_thp 0 [ 441.533252][ T3537] inactive_anon 0 [ 441.533252][ T3537] active_anon 135168 [ 441.533252][ T3537] inactive_file 0 [ 441.533252][ T3537] active_file 0 [ 441.533252][ T3537] unevictable 0 [ 441.533252][ T3537] slab_reclaimable 0 [ 441.533252][ T3537] slab_unreclaimable 0 [ 441.533252][ T3537] pgfault 76758 [ 441.533252][ T3537] pgmajfault 0 [ 441.533252][ T3537] workingset_refault 0 [ 441.533252][ T3537] workingset_activate 0 [ 441.533252][ T3537] workingset_nodereclaim 0 [ 441.533252][ T3537] pgrefill 1320 [ 441.533252][ T3537] pgscan 1123 [ 441.533252][ T3537] pgsteal 0 [ 441.533252][ T3537] pgactivate 1122 [ 441.533252][ T3537] pgdeactivate 1320 [ 441.647322][ T3537] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3498,uid=0 09:25:07 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:07 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:07 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x5421, 0x0) 09:25:07 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:07 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:07 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r5, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r4, 0x0, 0x0) [ 441.662727][ T3537] Memory cgroup out of memory: Killed process 3498 (syz-executor.0) total-vm:48508kB, anon-rss:444kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:0 09:25:07 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:07 executing program 1: bpf$BPF_PROG_QUERY(0x9, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0xd, 0x0, 0x0}, 0x20) 09:25:07 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000000)=@framed={{}, [@call]}, &(0x7f0000000040)='syzkaller\x00', 0x2, 0xed, &(0x7f0000000080)=""/237, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 09:25:07 executing program 1: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000b80)={0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000001840)={&(0x7f0000000080)={0x2, 0x0, @private}, 0x10, &(0x7f0000001580)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0) [ 441.736168][ T3498] syz-executor.0 (3498) used greatest stack depth: 20824 bytes left [ 441.892695][ T3553] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 441.902893][ T3553] CPU: 1 PID: 3553 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 441.913025][ T3553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 441.923063][ T3553] Call Trace: [ 441.926345][ T3553] dump_stack+0x1d8/0x241 [ 441.930664][ T3553] ? panic+0x73e/0x73e [ 441.934722][ T3553] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 441.940517][ T3553] dump_header+0xdb/0x700 [ 441.944839][ T3553] out_of_memory+0x6d0/0x940 [ 441.949414][ T3553] ? unregister_oom_notifier+0x20/0x20 [ 441.954868][ T3553] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 441.960663][ T3553] memory_max_write+0x528/0x600 [ 441.965502][ T3553] ? memory_max_show+0xa0/0xa0 [ 441.970259][ T3553] ? memory_max_show+0xa0/0xa0 [ 441.975026][ T3553] cgroup_file_write+0x273/0x5c0 [ 441.979952][ T3553] ? cgroup_seqfile_stop+0xc0/0xc0 [ 441.985050][ T3553] ? kernfs_get+0x90/0x90 09:25:07 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000008c0)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x4}}, @var={0xc}]}}, &(0x7f0000000800)=""/177, 0x42, 0xb1, 0x1}, 0x20) [ 441.989370][ T3553] ? cgroup_seqfile_stop+0xc0/0xc0 [ 441.994466][ T3553] kernfs_fop_write+0x2ec/0x3e0 [ 441.999307][ T3553] ? kernfs_fop_read+0x450/0x450 [ 442.004228][ T3553] __vfs_write+0x103/0x780 [ 442.008636][ T3553] ? __kernel_write+0x340/0x340 [ 442.013472][ T3553] ? check_preemption_disabled+0x9e/0x330 [ 442.019178][ T3553] ? __fget+0x40c/0x4a0 [ 442.023324][ T3553] ? debug_smp_processor_id+0x20/0x20 [ 442.028687][ T3553] ? selinux_file_permission+0x2c2/0x530 [ 442.034320][ T3553] vfs_write+0x210/0x4f0 [ 442.038555][ T3553] ksys_write+0x198/0x2c0 09:25:07 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000008c0)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x4}}, @var={0xc}]}}, &(0x7f0000000800)=""/177, 0x42, 0xb1, 0x1}, 0x20) [ 442.042875][ T3553] ? __ia32_sys_read+0x80/0x80 [ 442.047626][ T3553] do_syscall_64+0xcb/0x1c0 [ 442.052127][ T3553] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 442.058099][ T3553] memory: usage 48kB, limit 0kB, failcnt 3076 [ 442.064165][ T3553] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 442.071014][ T3553] Memory cgroup stats for /syz0: [ 442.071089][ T3553] anon 143360 [ 442.071089][ T3553] file 0 [ 442.071089][ T3553] kernel_stack 0 [ 442.071089][ T3553] slab 0 [ 442.071089][ T3553] sock 0 [ 442.071089][ T3553] shmem 0 [ 442.071089][ T3553] file_mapped 0 [ 442.071089][ T3553] file_dirty 0 [ 442.071089][ T3553] file_writeback 0 [ 442.071089][ T3553] anon_thp 0 [ 442.071089][ T3553] inactive_anon 0 [ 442.071089][ T3553] active_anon 135168 [ 442.071089][ T3553] inactive_file 0 [ 442.071089][ T3553] active_file 0 [ 442.071089][ T3553] unevictable 0 [ 442.071089][ T3553] slab_reclaimable 0 [ 442.071089][ T3553] slab_unreclaimable 0 [ 442.071089][ T3553] pgfault 76758 [ 442.071089][ T3553] pgmajfault 0 [ 442.071089][ T3553] workingset_refault 0 [ 442.071089][ T3553] workingset_activate 0 [ 442.071089][ T3553] workingset_nodereclaim 0 [ 442.071089][ T3553] pgrefill 1320 [ 442.071089][ T3553] pgscan 1123 [ 442.071089][ T3553] pgsteal 0 [ 442.071089][ T3553] pgactivate 1122 [ 442.071089][ T3553] pgdeactivate 1320 [ 442.166716][ T3553] Out of memory and no killable processes... [ 442.172720][ T3557] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 442.182929][ T3557] CPU: 0 PID: 3557 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 442.193059][ T3557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 442.203104][ T3557] Call Trace: [ 442.206394][ T3557] dump_stack+0x1d8/0x241 [ 442.210712][ T3557] ? panic+0x73e/0x73e [ 442.214772][ T3557] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 442.220566][ T3557] dump_header+0xdb/0x700 [ 442.224889][ T3557] out_of_memory+0x6d0/0x940 [ 442.229557][ T3557] ? unregister_oom_notifier+0x20/0x20 [ 442.235002][ T3557] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 442.240795][ T3557] memory_max_write+0x528/0x600 [ 442.245635][ T3557] ? memory_max_show+0xa0/0xa0 [ 442.250388][ T3557] ? memory_max_show+0xa0/0xa0 [ 442.255214][ T3557] cgroup_file_write+0x273/0x5c0 [ 442.260141][ T3557] ? cgroup_seqfile_stop+0xc0/0xc0 [ 442.265236][ T3557] ? kernfs_get+0x90/0x90 [ 442.269549][ T3557] ? cgroup_seqfile_stop+0xc0/0xc0 [ 442.274645][ T3557] kernfs_fop_write+0x2ec/0x3e0 [ 442.279658][ T3557] ? kernfs_fop_read+0x450/0x450 [ 442.284583][ T3557] __vfs_write+0x103/0x780 [ 442.289001][ T3557] ? __kernel_write+0x340/0x340 [ 442.293930][ T3557] ? check_preemption_disabled+0x9e/0x330 [ 442.299636][ T3557] ? __fget+0x40c/0x4a0 [ 442.303778][ T3557] ? debug_smp_processor_id+0x20/0x20 [ 442.309136][ T3557] ? selinux_file_permission+0x2c2/0x530 [ 442.314811][ T3557] vfs_write+0x210/0x4f0 [ 442.319041][ T3557] ksys_write+0x198/0x2c0 [ 442.323357][ T3557] ? __ia32_sys_read+0x80/0x80 [ 442.328108][ T3557] do_syscall_64+0xcb/0x1c0 [ 442.332600][ T3557] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 442.338695][ T3557] memory: usage 48kB, limit 0kB, failcnt 3076 [ 442.344749][ T3557] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 442.351620][ T3557] Memory cgroup stats for /syz0: [ 442.351689][ T3557] anon 143360 [ 442.351689][ T3557] file 0 [ 442.351689][ T3557] kernel_stack 0 [ 442.351689][ T3557] slab 0 [ 442.351689][ T3557] sock 0 [ 442.351689][ T3557] shmem 0 [ 442.351689][ T3557] file_mapped 0 [ 442.351689][ T3557] file_dirty 0 [ 442.351689][ T3557] file_writeback 0 [ 442.351689][ T3557] anon_thp 0 [ 442.351689][ T3557] inactive_anon 0 [ 442.351689][ T3557] active_anon 135168 [ 442.351689][ T3557] inactive_file 0 [ 442.351689][ T3557] active_file 0 [ 442.351689][ T3557] unevictable 0 [ 442.351689][ T3557] slab_reclaimable 0 [ 442.351689][ T3557] slab_unreclaimable 0 [ 442.351689][ T3557] pgfault 76758 [ 442.351689][ T3557] pgmajfault 0 [ 442.351689][ T3557] workingset_refault 0 [ 442.351689][ T3557] workingset_activate 0 [ 442.351689][ T3557] workingset_nodereclaim 0 [ 442.351689][ T3557] pgrefill 1320 [ 442.351689][ T3557] pgscan 1123 [ 442.351689][ T3557] pgsteal 0 [ 442.351689][ T3557] pgactivate 1122 [ 442.351689][ T3557] pgdeactivate 1320 [ 442.447846][ T3557] Out of memory and no killable processes... [ 442.453850][ T3563] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 442.492508][ T3563] CPU: 0 PID: 3563 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 442.502760][ T3563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 442.512806][ T3563] Call Trace: [ 442.516096][ T3563] dump_stack+0x1d8/0x241 [ 442.520415][ T3563] ? panic+0x73e/0x73e [ 442.524485][ T3563] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 442.530461][ T3563] dump_header+0xdb/0x700 [ 442.534790][ T3563] out_of_memory+0x6d0/0x940 [ 442.539372][ T3563] ? unregister_oom_notifier+0x20/0x20 [ 442.544820][ T3563] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 442.550621][ T3563] memory_max_write+0x528/0x600 [ 442.555468][ T3563] ? memory_max_show+0xa0/0xa0 [ 442.560219][ T3563] ? memory_max_show+0xa0/0xa0 [ 442.565007][ T3563] cgroup_file_write+0x273/0x5c0 [ 442.569939][ T3563] ? cgroup_seqfile_stop+0xc0/0xc0 [ 442.575039][ T3563] ? kernfs_get+0x90/0x90 [ 442.579358][ T3563] ? cgroup_seqfile_stop+0xc0/0xc0 [ 442.584454][ T3563] kernfs_fop_write+0x2ec/0x3e0 [ 442.589311][ T3563] ? kernfs_fop_read+0x450/0x450 [ 442.594240][ T3563] __vfs_write+0x103/0x780 [ 442.598647][ T3563] ? __kernel_write+0x340/0x340 [ 442.603484][ T3563] ? check_preemption_disabled+0x9e/0x330 [ 442.609190][ T3563] ? __fget+0x40c/0x4a0 [ 442.613338][ T3563] ? debug_smp_processor_id+0x20/0x20 [ 442.618694][ T3563] ? selinux_file_permission+0x2c2/0x530 [ 442.624310][ T3563] vfs_write+0x210/0x4f0 [ 442.628538][ T3563] ksys_write+0x198/0x2c0 [ 442.632853][ T3563] ? __ia32_sys_read+0x80/0x80 [ 442.637603][ T3563] do_syscall_64+0xcb/0x1c0 [ 442.642093][ T3563] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 442.812102][ T3563] memory: usage 48kB, limit 0kB, failcnt 3076 [ 442.831146][ T3563] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 442.838116][ T3563] Memory cgroup stats for /syz0: [ 442.838183][ T3563] anon 143360 [ 442.838183][ T3563] file 0 [ 442.838183][ T3563] kernel_stack 0 [ 442.838183][ T3563] slab 0 [ 442.838183][ T3563] sock 0 [ 442.838183][ T3563] shmem 0 [ 442.838183][ T3563] file_mapped 0 [ 442.838183][ T3563] file_dirty 0 [ 442.838183][ T3563] file_writeback 0 [ 442.838183][ T3563] anon_thp 0 [ 442.838183][ T3563] inactive_anon 0 [ 442.838183][ T3563] active_anon 135168 [ 442.838183][ T3563] inactive_file 0 [ 442.838183][ T3563] active_file 0 [ 442.838183][ T3563] unevictable 0 [ 442.838183][ T3563] slab_reclaimable 0 [ 442.838183][ T3563] slab_unreclaimable 0 [ 442.838183][ T3563] pgfault 76758 [ 442.838183][ T3563] pgmajfault 0 [ 442.838183][ T3563] workingset_refault 0 [ 442.838183][ T3563] workingset_activate 0 09:25:08 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:08 executing program 1: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x42081, 0x0) 09:25:08 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:08 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:08 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) r4 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:25:08 executing program 1: openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0x46d41, 0x16c) [ 442.838183][ T3563] workingset_nodereclaim 0 [ 442.838183][ T3563] pgrefill 1320 [ 442.838183][ T3563] pgscan 1123 [ 442.838183][ T3563] pgsteal 0 [ 442.838183][ T3563] pgactivate 1122 [ 442.838183][ T3563] pgdeactivate 1320 [ 442.934128][ T3563] Out of memory and no killable processes... [ 443.121483][ T3581] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 443.131669][ T3581] CPU: 1 PID: 3581 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 443.141796][ T3581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 443.151937][ T3581] Call Trace: [ 443.155213][ T3581] dump_stack+0x1d8/0x241 [ 443.159523][ T3581] ? panic+0x73e/0x73e [ 443.163564][ T3581] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 443.169345][ T3581] dump_header+0xdb/0x700 [ 443.173650][ T3581] out_of_memory+0x6d0/0x940 [ 443.178217][ T3581] ? unregister_oom_notifier+0x20/0x20 [ 443.183646][ T3581] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 443.189697][ T3581] memory_max_write+0x528/0x600 [ 443.194540][ T3581] ? memory_max_show+0xa0/0xa0 [ 443.199285][ T3581] ? memory_max_show+0xa0/0xa0 [ 443.204060][ T3581] cgroup_file_write+0x273/0x5c0 [ 443.208989][ T3581] ? cgroup_seqfile_stop+0xc0/0xc0 [ 443.214206][ T3581] ? kernfs_get+0x90/0x90 [ 443.218534][ T3581] ? cgroup_seqfile_stop+0xc0/0xc0 [ 443.223625][ T3581] kernfs_fop_write+0x2ec/0x3e0 [ 443.228473][ T3581] ? kernfs_fop_read+0x450/0x450 [ 443.233388][ T3581] __vfs_write+0x103/0x780 [ 443.237783][ T3581] ? __kernel_write+0x340/0x340 [ 443.242608][ T3581] ? check_preemption_disabled+0x9e/0x330 [ 443.248317][ T3581] ? __fget+0x40c/0x4a0 [ 443.252563][ T3581] ? debug_smp_processor_id+0x20/0x20 [ 443.257916][ T3581] ? selinux_file_permission+0x2c2/0x530 [ 443.263546][ T3581] vfs_write+0x210/0x4f0 [ 443.267772][ T3581] ksys_write+0x198/0x2c0 [ 443.272076][ T3581] ? __ia32_sys_read+0x80/0x80 [ 443.276811][ T3581] do_syscall_64+0xcb/0x1c0 [ 443.281296][ T3581] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 443.287335][ T3581] memory: usage 48kB, limit 0kB, failcnt 3076 [ 443.293400][ T3581] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 443.300248][ T3581] Memory cgroup stats for /syz0: [ 443.300326][ T3581] anon 143360 [ 443.300326][ T3581] file 0 [ 443.300326][ T3581] kernel_stack 0 [ 443.300326][ T3581] slab 0 [ 443.300326][ T3581] sock 0 [ 443.300326][ T3581] shmem 0 [ 443.300326][ T3581] file_mapped 0 [ 443.300326][ T3581] file_dirty 0 [ 443.300326][ T3581] file_writeback 0 [ 443.300326][ T3581] anon_thp 0 [ 443.300326][ T3581] inactive_anon 0 [ 443.300326][ T3581] active_anon 135168 [ 443.300326][ T3581] inactive_file 0 [ 443.300326][ T3581] active_file 0 [ 443.300326][ T3581] unevictable 0 [ 443.300326][ T3581] slab_reclaimable 0 [ 443.300326][ T3581] slab_unreclaimable 0 [ 443.300326][ T3581] pgfault 76758 [ 443.300326][ T3581] pgmajfault 0 [ 443.300326][ T3581] workingset_refault 0 [ 443.300326][ T3581] workingset_activate 0 [ 443.300326][ T3581] workingset_nodereclaim 0 [ 443.300326][ T3581] pgrefill 1353 [ 443.300326][ T3581] pgscan 1123 [ 443.300326][ T3581] pgsteal 0 [ 443.300326][ T3581] pgactivate 1122 [ 443.300326][ T3581] pgdeactivate 1353 [ 443.397537][ T3581] Out of memory and no killable processes... [ 443.409201][ T3578] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 443.419397][ T3578] CPU: 1 PID: 3578 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 443.429529][ T3578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 443.439568][ T3578] Call Trace: [ 443.442849][ T3578] dump_stack+0x1d8/0x241 [ 443.447170][ T3578] ? panic+0x73e/0x73e [ 443.451225][ T3578] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 443.457026][ T3578] ? _raw_spin_lock_irqsave+0xf8/0x210 [ 443.462472][ T3578] dump_header+0xdb/0x700 [ 443.466785][ T3578] out_of_memory+0x6d0/0x940 [ 443.471366][ T3578] ? unregister_oom_notifier+0x20/0x20 [ 443.476816][ T3578] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 443.482606][ T3578] memory_max_write+0x528/0x600 [ 443.487443][ T3578] ? memory_max_show+0xa0/0xa0 [ 443.492194][ T3578] ? memory_max_show+0xa0/0xa0 [ 443.496942][ T3578] cgroup_file_write+0x273/0x5c0 [ 443.501902][ T3578] ? cgroup_seqfile_stop+0xc0/0xc0 [ 443.506994][ T3578] ? kernfs_get+0x90/0x90 [ 443.511305][ T3578] ? cgroup_seqfile_stop+0xc0/0xc0 [ 443.516398][ T3578] kernfs_fop_write+0x2ec/0x3e0 [ 443.521231][ T3578] ? kernfs_fop_read+0x450/0x450 [ 443.526147][ T3578] __vfs_write+0x103/0x780 [ 443.530546][ T3578] ? __kernel_write+0x340/0x340 [ 443.535381][ T3578] ? check_preemption_disabled+0x9e/0x330 [ 443.541080][ T3578] ? __fget+0x40c/0x4a0 [ 443.545225][ T3578] ? debug_smp_processor_id+0x20/0x20 [ 443.550581][ T3578] ? selinux_file_permission+0x2c2/0x530 [ 443.556194][ T3578] vfs_write+0x210/0x4f0 [ 443.560418][ T3578] ksys_write+0x198/0x2c0 [ 443.564741][ T3578] ? __ia32_sys_read+0x80/0x80 [ 443.569486][ T3578] do_syscall_64+0xcb/0x1c0 [ 443.573974][ T3578] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 443.579934][ T3578] memory: usage 48kB, limit 0kB, failcnt 3076 [ 443.586282][ T3578] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 443.593111][ T3578] Memory cgroup stats for /syz0: [ 443.593184][ T3578] anon 143360 [ 443.593184][ T3578] file 0 [ 443.593184][ T3578] kernel_stack 0 [ 443.593184][ T3578] slab 0 [ 443.593184][ T3578] sock 0 [ 443.593184][ T3578] shmem 0 [ 443.593184][ T3578] file_mapped 0 [ 443.593184][ T3578] file_dirty 0 [ 443.593184][ T3578] file_writeback 0 [ 443.593184][ T3578] anon_thp 0 [ 443.593184][ T3578] inactive_anon 0 [ 443.593184][ T3578] active_anon 135168 [ 443.593184][ T3578] inactive_file 0 [ 443.593184][ T3578] active_file 0 [ 443.593184][ T3578] unevictable 0 [ 443.593184][ T3578] slab_reclaimable 0 [ 443.593184][ T3578] slab_unreclaimable 0 [ 443.593184][ T3578] pgfault 76758 [ 443.593184][ T3578] pgmajfault 0 [ 443.593184][ T3578] workingset_refault 0 [ 443.593184][ T3578] workingset_activate 0 [ 443.593184][ T3578] workingset_nodereclaim 0 [ 443.593184][ T3578] pgrefill 1353 [ 443.593184][ T3578] pgscan 1156 [ 443.593184][ T3578] pgsteal 0 [ 443.593184][ T3578] pgactivate 1155 [ 443.593184][ T3578] pgdeactivate 1353 [ 443.689017][ T3578] Out of memory and no killable processes... [ 443.695131][ T3585] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 443.713766][ T3585] CPU: 0 PID: 3585 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 443.723907][ T3585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 443.733943][ T3585] Call Trace: [ 443.737215][ T3585] dump_stack+0x1d8/0x241 [ 443.741518][ T3585] ? panic+0x73e/0x73e [ 443.745560][ T3585] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 443.751337][ T3585] dump_header+0xdb/0x700 [ 443.755639][ T3585] out_of_memory+0x6d0/0x940 [ 443.760203][ T3585] ? unregister_oom_notifier+0x20/0x20 [ 443.765635][ T3585] memory_max_write+0x528/0x600 [ 443.770475][ T3585] ? memory_max_show+0xa0/0xa0 [ 443.775212][ T3585] ? memory_max_show+0xa0/0xa0 [ 443.779954][ T3585] cgroup_file_write+0x273/0x5c0 [ 443.784866][ T3585] ? cgroup_seqfile_stop+0xc0/0xc0 [ 443.789949][ T3585] ? kernfs_get+0x90/0x90 [ 443.794336][ T3585] ? cgroup_seqfile_stop+0xc0/0xc0 [ 443.799420][ T3585] kernfs_fop_write+0x2ec/0x3e0 [ 443.804240][ T3585] ? kernfs_fop_read+0x450/0x450 [ 443.809148][ T3585] __vfs_write+0x103/0x780 [ 443.813537][ T3585] ? __kernel_write+0x340/0x340 [ 443.818707][ T3585] ? check_preemption_disabled+0x9e/0x330 [ 443.824399][ T3585] ? __fget+0x40c/0x4a0 [ 443.828525][ T3585] ? debug_smp_processor_id+0x20/0x20 [ 443.833871][ T3585] ? selinux_file_permission+0x2c2/0x530 [ 443.839481][ T3585] vfs_write+0x210/0x4f0 [ 443.843694][ T3585] ksys_write+0x198/0x2c0 [ 443.847996][ T3585] ? __ia32_sys_read+0x80/0x80 [ 443.852734][ T3585] do_syscall_64+0xcb/0x1c0 [ 443.857212][ T3585] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 443.891544][ T3585] memory: usage 48kB, limit 0kB, failcnt 3076 [ 443.928856][ T3585] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 443.945646][ T3585] Memory cgroup stats for /syz0: [ 443.945737][ T3585] anon 143360 [ 443.945737][ T3585] file 0 [ 443.945737][ T3585] kernel_stack 0 [ 443.945737][ T3585] slab 0 [ 443.945737][ T3585] sock 0 [ 443.945737][ T3585] shmem 0 [ 443.945737][ T3585] file_mapped 0 [ 443.945737][ T3585] file_dirty 0 [ 443.945737][ T3585] file_writeback 0 [ 443.945737][ T3585] anon_thp 0 [ 443.945737][ T3585] inactive_anon 0 [ 443.945737][ T3585] active_anon 135168 [ 443.945737][ T3585] inactive_file 0 [ 443.945737][ T3585] active_file 0 [ 443.945737][ T3585] unevictable 0 [ 443.945737][ T3585] slab_reclaimable 0 [ 443.945737][ T3585] slab_unreclaimable 0 [ 443.945737][ T3585] pgfault 76758 [ 443.945737][ T3585] pgmajfault 0 [ 443.945737][ T3585] workingset_refault 0 [ 443.945737][ T3585] workingset_activate 0 [ 443.945737][ T3585] workingset_nodereclaim 0 [ 443.945737][ T3585] pgrefill 1353 [ 443.945737][ T3585] pgscan 1156 [ 443.945737][ T3585] pgsteal 0 [ 443.945737][ T3585] pgactivate 1155 [ 443.945737][ T3585] pgdeactivate 1353 [ 444.055162][ T7] device bridge_slave_1 left promiscuous mode [ 444.061325][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 444.069147][ T7] device bridge_slave_0 left promiscuous mode [ 444.074401][ T3585] Out of memory and no killable processes... [ 444.084871][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 444.201164][ T3587] bridge0: port 1(bridge_slave_0) entered blocking state [ 444.208321][ T3587] bridge0: port 1(bridge_slave_0) entered disabled state [ 444.215885][ T3587] device bridge_slave_0 entered promiscuous mode [ 444.222658][ T3587] bridge0: port 2(bridge_slave_1) entered blocking state [ 444.229878][ T3587] bridge0: port 2(bridge_slave_1) entered disabled state [ 444.238013][ T3587] device bridge_slave_1 entered promiscuous mode [ 444.276839][ T3587] bridge0: port 2(bridge_slave_1) entered blocking state [ 444.283858][ T3587] bridge0: port 2(bridge_slave_1) entered forwarding state [ 444.291142][ T3587] bridge0: port 1(bridge_slave_0) entered blocking state [ 444.298155][ T3587] bridge0: port 1(bridge_slave_0) entered forwarding state [ 444.318197][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 444.325867][ T340] bridge0: port 1(bridge_slave_0) entered disabled state [ 444.333039][ T340] bridge0: port 2(bridge_slave_1) entered disabled state [ 444.355978][ T1928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 444.364315][ T1928] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 444.372970][ T1928] bridge0: port 1(bridge_slave_0) entered blocking state [ 444.380043][ T1928] bridge0: port 1(bridge_slave_0) entered forwarding state [ 444.387598][ T1928] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 444.395838][ T1928] bridge0: port 2(bridge_slave_1) entered blocking state [ 444.402835][ T1928] bridge0: port 2(bridge_slave_1) entered forwarding state [ 444.410202][ T1928] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 444.418148][ T1928] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 444.428243][ T977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 444.444964][ T977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 444.453243][ T977] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 444.461743][ T977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready 09:25:10 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:10 executing program 1: openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x339002, 0x0) 09:25:10 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r3 = openat$cgroup(r1, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r4 = openat$cgroup_int(r3, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r5, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r4, 0x0, 0x0) 09:25:10 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:10 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) r4 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:25:10 executing program 1: setresuid(0x0, 0xee00, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000002200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 09:25:10 executing program 1: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x204000, 0x0) [ 445.349947][ T3605] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 445.360148][ T3605] CPU: 0 PID: 3605 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 445.370287][ T3605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 445.380354][ T3605] Call Trace: [ 445.383646][ T3605] dump_stack+0x1d8/0x241 [ 445.388076][ T3605] ? panic+0x73e/0x73e [ 445.392139][ T3605] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 445.397941][ T3605] ? _raw_spin_lock+0xa3/0x1b0 [ 445.402699][ T3605] ? asan.module_dtor+0x20/0x20 [ 445.407536][ T3605] dump_header+0xdb/0x700 [ 445.411851][ T3605] oom_kill_process+0xf0/0x2d0 [ 445.416710][ T3605] out_of_memory+0x666/0x940 [ 445.421290][ T3605] ? unregister_oom_notifier+0x20/0x20 [ 445.426734][ T3605] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 445.432524][ T3605] memory_max_write+0x528/0x600 [ 445.437617][ T3605] ? memory_max_show+0xa0/0xa0 [ 445.442364][ T3605] ? memory_max_show+0xa0/0xa0 [ 445.447120][ T3605] cgroup_file_write+0x273/0x5c0 [ 445.452040][ T3605] ? cgroup_seqfile_stop+0xc0/0xc0 [ 445.457136][ T3605] ? kernfs_get+0x90/0x90 [ 445.461541][ T3605] ? cgroup_seqfile_stop+0xc0/0xc0 [ 445.466630][ T3605] kernfs_fop_write+0x2ec/0x3e0 [ 445.471463][ T3605] ? kernfs_fop_read+0x450/0x450 [ 445.476381][ T3605] __vfs_write+0x103/0x780 [ 445.480781][ T3605] ? __kernel_write+0x340/0x340 [ 445.485638][ T3605] ? check_preemption_disabled+0x9e/0x330 [ 445.491431][ T3605] ? __fget+0x40c/0x4a0 09:25:11 executing program 1: open$dir(&(0x7f0000000040)='./file0\x00', 0xcc1, 0xa1) 09:25:11 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x16, 0x0, 0x5, 0x20000000, 0x240}, 0x48) [ 445.495570][ T3605] ? debug_smp_processor_id+0x20/0x20 [ 445.500939][ T3605] ? selinux_file_permission+0x2c2/0x530 [ 445.506735][ T3605] vfs_write+0x210/0x4f0 [ 445.510974][ T3605] ksys_write+0x198/0x2c0 [ 445.515300][ T3605] ? __ia32_sys_read+0x80/0x80 [ 445.520060][ T3605] do_syscall_64+0xcb/0x1c0 [ 445.524557][ T3605] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 445.531732][ T3605] memory: usage 188kB, limit 0kB, failcnt 3076 [ 445.537915][ T3605] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 445.544748][ T3605] Memory cgroup stats for /syz0: 09:25:11 executing program 1: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8903, &(0x7f0000000080)={'wg0\x00'}) [ 445.544929][ T3605] anon 147456 [ 445.544929][ T3605] file 0 [ 445.544929][ T3605] kernel_stack 0 [ 445.544929][ T3605] slab 0 [ 445.544929][ T3605] sock 0 [ 445.544929][ T3605] shmem 0 [ 445.544929][ T3605] file_mapped 0 [ 445.544929][ T3605] file_dirty 0 [ 445.544929][ T3605] file_writeback 0 [ 445.544929][ T3605] anon_thp 0 [ 445.544929][ T3605] inactive_anon 0 [ 445.544929][ T3605] active_anon 135168 [ 445.544929][ T3605] inactive_file 0 [ 445.544929][ T3605] active_file 0 [ 445.544929][ T3605] unevictable 0 09:25:11 executing program 1: unshare(0x600) bind$tipc(0xffffffffffffffff, 0x0, 0x0) [ 445.544929][ T3605] slab_reclaimable 0 [ 445.544929][ T3605] slab_unreclaimable 0 [ 445.544929][ T3605] pgfault 78936 [ 445.544929][ T3605] pgmajfault 0 [ 445.544929][ T3605] workingset_refault 0 [ 445.544929][ T3605] workingset_activate 0 [ 445.544929][ T3605] workingset_nodereclaim 0 [ 445.544929][ T3605] pgrefill 1353 [ 445.544929][ T3605] pgscan 1156 [ 445.544929][ T3605] pgsteal 0 [ 445.544929][ T3605] pgactivate 1155 [ 445.544929][ T3605] pgdeactivate 1353 [ 445.640712][ T3605] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3600,uid=0 [ 445.655983][ T3605] Memory cgroup out of memory: Killed process 3600 (syz-executor.0) total-vm:52612kB, anon-rss:456kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:100kB oom_score_adj:1000 [ 445.683670][ T23] oom_reaper: reaped process 3600 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:4kB [ 445.768193][ T3609] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 445.778365][ T3609] CPU: 1 PID: 3609 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 445.788492][ T3609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 445.798527][ T3609] Call Trace: [ 445.801805][ T3609] dump_stack+0x1d8/0x241 [ 445.806155][ T3609] ? panic+0x73e/0x73e [ 445.810204][ T3609] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 445.815989][ T3609] ? _raw_spin_lock+0xa3/0x1b0 [ 445.820735][ T3609] ? asan.module_dtor+0x20/0x20 [ 445.825569][ T3609] dump_header+0xdb/0x700 [ 445.829900][ T3609] oom_kill_process+0xf0/0x2d0 [ 445.834646][ T3609] out_of_memory+0x666/0x940 [ 445.839229][ T3609] ? unregister_oom_notifier+0x20/0x20 [ 445.844673][ T3609] memory_max_write+0x528/0x600 [ 445.849507][ T3609] ? memory_max_show+0xa0/0xa0 [ 445.854255][ T3609] ? memory_max_show+0xa0/0xa0 [ 445.859352][ T3609] cgroup_file_write+0x273/0x5c0 [ 445.864277][ T3609] ? cgroup_seqfile_stop+0xc0/0xc0 [ 445.869374][ T3609] ? kernfs_get+0x90/0x90 [ 445.873691][ T3609] ? cgroup_seqfile_stop+0xc0/0xc0 [ 445.878788][ T3609] kernfs_fop_write+0x2ec/0x3e0 [ 445.883633][ T3609] ? kernfs_fop_read+0x450/0x450 [ 445.888553][ T3609] __vfs_write+0x103/0x780 [ 445.892950][ T3609] ? __kernel_write+0x340/0x340 [ 445.897785][ T3609] ? check_preemption_disabled+0x9e/0x330 [ 445.903484][ T3609] ? __fget+0x40c/0x4a0 [ 445.907629][ T3609] ? debug_smp_processor_id+0x20/0x20 [ 445.912995][ T3609] ? selinux_file_permission+0x2c2/0x530 09:25:11 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 445.918623][ T3609] vfs_write+0x210/0x4f0 [ 445.922857][ T3609] ksys_write+0x198/0x2c0 [ 445.927174][ T3609] ? __ia32_sys_read+0x80/0x80 [ 445.931928][ T3609] do_syscall_64+0xcb/0x1c0 [ 445.936425][ T3609] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 445.942456][ T3609] memory: usage 88kB, limit 0kB, failcnt 3089 [ 445.948799][ T3609] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 445.955656][ T3609] Memory cgroup stats for /syz0: [ 445.955729][ T3609] anon 147456 [ 445.955729][ T3609] file 0 [ 445.955729][ T3609] kernel_stack 0 [ 445.955729][ T3609] slab 0 [ 445.955729][ T3609] sock 0 [ 445.955729][ T3609] shmem 0 [ 445.955729][ T3609] file_mapped 0 [ 445.955729][ T3609] file_dirty 0 [ 445.955729][ T3609] file_writeback 0 [ 445.955729][ T3609] anon_thp 0 [ 445.955729][ T3609] inactive_anon 0 [ 445.955729][ T3609] active_anon 135168 [ 445.955729][ T3609] inactive_file 0 [ 445.955729][ T3609] active_file 0 [ 445.955729][ T3609] unevictable 0 [ 445.955729][ T3609] slab_reclaimable 0 [ 445.955729][ T3609] slab_unreclaimable 0 09:25:11 executing program 1: socketpair(0x1, 0x5, 0x0, &(0x7f0000001600)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x0) [ 445.955729][ T3609] pgfault 78936 [ 445.955729][ T3609] pgmajfault 0 [ 445.955729][ T3609] workingset_refault 0 [ 445.955729][ T3609] workingset_activate 0 [ 445.955729][ T3609] workingset_nodereclaim 0 [ 445.955729][ T3609] pgrefill 1353 [ 445.955729][ T3609] pgscan 1156 [ 445.955729][ T3609] pgsteal 0 [ 445.955729][ T3609] pgactivate 1155 [ 445.955729][ T3609] pgdeactivate 1353 [ 446.051779][ T3609] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3587,uid=0 [ 446.067467][ T3609] Memory cgroup out of memory: Killed process 3587 (syz-executor.0) total-vm:48508kB, anon-rss:444kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:0 [ 446.086829][ T23] oom_reaper: reaped process 3587 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:48kB [ 446.099232][ T3605] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 446.109402][ T3605] CPU: 0 PID: 3605 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 446.119532][ T3605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 446.129578][ T3605] Call Trace: [ 446.132859][ T3605] dump_stack+0x1d8/0x241 [ 446.137179][ T3605] ? panic+0x73e/0x73e [ 446.141235][ T3605] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 446.147026][ T3605] ? _raw_spin_lock+0xa3/0x1b0 [ 446.151771][ T3605] ? asan.module_dtor+0x20/0x20 [ 446.156607][ T3605] dump_header+0xdb/0x700 [ 446.160924][ T3605] oom_kill_process+0xf0/0x2d0 [ 446.165674][ T3605] out_of_memory+0x666/0x940 [ 446.170249][ T3605] ? unregister_oom_notifier+0x20/0x20 [ 446.175696][ T3605] memory_max_write+0x528/0x600 [ 446.180540][ T3605] ? memory_max_show+0xa0/0xa0 [ 446.185297][ T3605] ? memory_max_show+0xa0/0xa0 [ 446.190054][ T3605] cgroup_file_write+0x273/0x5c0 [ 446.195029][ T3605] ? cgroup_seqfile_stop+0xc0/0xc0 [ 446.200132][ T3605] ? kernfs_get+0x90/0x90 [ 446.204456][ T3605] ? cgroup_seqfile_stop+0xc0/0xc0 [ 446.209555][ T3605] kernfs_fop_write+0x2ec/0x3e0 [ 446.214395][ T3605] ? kernfs_fop_read+0x450/0x450 [ 446.219329][ T3605] __vfs_write+0x103/0x780 [ 446.223739][ T3605] ? __kernel_write+0x340/0x340 [ 446.228580][ T3605] ? check_preemption_disabled+0x9e/0x330 [ 446.234284][ T3605] ? __fget+0x40c/0x4a0 [ 446.238423][ T3605] ? debug_smp_processor_id+0x20/0x20 [ 446.243775][ T3605] ? selinux_file_permission+0x2c2/0x530 [ 446.249392][ T3605] vfs_write+0x210/0x4f0 [ 446.253618][ T3605] ksys_write+0x198/0x2c0 [ 446.257941][ T3605] ? __ia32_sys_read+0x80/0x80 [ 446.262697][ T3605] do_syscall_64+0xcb/0x1c0 [ 446.267192][ T3605] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 446.273485][ T3605] memory: usage 84kB, limit 0kB, failcnt 3106 [ 446.279560][ T3605] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 446.286415][ T3605] Memory cgroup stats for /syz0: [ 446.286487][ T3605] anon 147456 [ 446.286487][ T3605] file 0 [ 446.286487][ T3605] kernel_stack 0 [ 446.286487][ T3605] slab 0 [ 446.286487][ T3605] sock 0 [ 446.286487][ T3605] shmem 0 [ 446.286487][ T3605] file_mapped 0 [ 446.286487][ T3605] file_dirty 0 [ 446.286487][ T3605] file_writeback 0 [ 446.286487][ T3605] anon_thp 0 [ 446.286487][ T3605] inactive_anon 0 [ 446.286487][ T3605] active_anon 135168 [ 446.286487][ T3605] inactive_file 0 [ 446.286487][ T3605] active_file 0 [ 446.286487][ T3605] unevictable 0 [ 446.286487][ T3605] slab_reclaimable 0 [ 446.286487][ T3605] slab_unreclaimable 0 [ 446.286487][ T3605] pgfault 78969 [ 446.286487][ T3605] pgmajfault 0 [ 446.286487][ T3605] workingset_refault 0 [ 446.286487][ T3605] workingset_activate 0 [ 446.286487][ T3605] workingset_nodereclaim 0 [ 446.286487][ T3605] pgrefill 1353 09:25:11 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r3 = openat$cgroup(r1, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r4 = openat$cgroup_int(r3, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r5, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r4, 0x0, 0x0) 09:25:11 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x18, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0x4}]}, 0x18}}, 0x0) 09:25:11 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:11 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) r4 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:25:11 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:12 executing program 1: unshare(0x2000200) unshare(0x20000000) [ 446.286487][ T3605] pgscan 1189 [ 446.286487][ T3605] pgsteal 0 [ 446.286487][ T3605] pgactivate 1188 [ 446.286487][ T3605] pgdeactivate 1353 [ 446.383427][ T3605] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3625,uid=0 09:25:12 executing program 1: unshare(0x600) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000001800), 0xe08102, 0x0) read$FUSE(r0, 0x0, 0x0) 09:25:12 executing program 1: openat$vcsu(0xffffffffffffff9c, &(0x7f0000000ac0), 0x200000, 0x0) 09:25:12 executing program 1: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000), 0x10) bind$tipc(r0, 0x0, 0x0) [ 446.429746][ T3634] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 446.440268][ T3634] CPU: 0 PID: 3634 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 446.450405][ T3634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 446.460447][ T3634] Call Trace: [ 446.463731][ T3634] dump_stack+0x1d8/0x241 [ 446.468055][ T3634] ? panic+0x73e/0x73e [ 446.472117][ T3634] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 446.477916][ T3634] dump_header+0xdb/0x700 [ 446.482240][ T3634] out_of_memory+0x6d0/0x940 [ 446.486823][ T3634] ? unregister_oom_notifier+0x20/0x20 [ 446.488769][ T22] audit: type=1400 audit(1675589112.060:170): avc: denied { bind } for pid=3644 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 446.492270][ T3634] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 446.492281][ T3634] memory_max_write+0x528/0x600 [ 446.492295][ T3634] ? memory_max_show+0xa0/0xa0 [ 446.527348][ T3634] ? memory_max_show+0xa0/0xa0 [ 446.532098][ T3634] cgroup_file_write+0x273/0x5c0 [ 446.537021][ T3634] ? cgroup_seqfile_stop+0xc0/0xc0 [ 446.542114][ T3634] ? kernfs_get+0x90/0x90 [ 446.546425][ T3634] ? cgroup_seqfile_stop+0xc0/0xc0 [ 446.551516][ T3634] kernfs_fop_write+0x2ec/0x3e0 [ 446.556350][ T3634] ? kernfs_fop_read+0x450/0x450 [ 446.561270][ T3634] __vfs_write+0x103/0x780 [ 446.565667][ T3634] ? __kernel_write+0x340/0x340 [ 446.570499][ T3634] ? check_preemption_disabled+0x9e/0x330 [ 446.576200][ T3634] ? __fget+0x40c/0x4a0 09:25:12 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100100000000000000001000000000000000141000000180017"], 0x34}}, 0x0) [ 446.580334][ T3634] ? debug_smp_processor_id+0x20/0x20 [ 446.585687][ T3634] ? selinux_file_permission+0x2c2/0x530 [ 446.591305][ T3634] vfs_write+0x210/0x4f0 [ 446.595529][ T3634] ksys_write+0x198/0x2c0 [ 446.599840][ T3634] ? __ia32_sys_read+0x80/0x80 [ 446.604596][ T3634] do_syscall_64+0xcb/0x1c0 [ 446.609085][ T3634] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 446.615549][ T3634] memory: usage 48kB, limit 0kB, failcnt 3107 [ 446.621633][ T3634] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 446.628943][ T3634] Memory cgroup stats for /syz0: [ 446.629015][ T3634] anon 147456 [ 446.629015][ T3634] file 0 [ 446.629015][ T3634] kernel_stack 0 [ 446.629015][ T3634] slab 0 [ 446.629015][ T3634] sock 0 [ 446.629015][ T3634] shmem 0 [ 446.629015][ T3634] file_mapped 0 [ 446.629015][ T3634] file_dirty 0 [ 446.629015][ T3634] file_writeback 0 [ 446.629015][ T3634] anon_thp 0 [ 446.629015][ T3634] inactive_anon 0 [ 446.629015][ T3634] active_anon 135168 [ 446.629015][ T3634] inactive_file 0 [ 446.629015][ T3634] active_file 0 09:25:12 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:12 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="016b00000000ffec000013"], 0x14}}, 0x0) [ 446.629015][ T3634] unevictable 0 [ 446.629015][ T3634] slab_reclaimable 0 [ 446.629015][ T3634] slab_unreclaimable 0 [ 446.629015][ T3634] pgfault 78969 [ 446.629015][ T3634] pgmajfault 0 [ 446.629015][ T3634] workingset_refault 0 [ 446.629015][ T3634] workingset_activate 0 [ 446.629015][ T3634] workingset_nodereclaim 0 [ 446.629015][ T3634] pgrefill 1353 [ 446.629015][ T3634] pgscan 1189 [ 446.629015][ T3634] pgsteal 0 [ 446.629015][ T3634] pgactivate 1188 [ 446.629015][ T3634] pgdeactivate 1353 [ 446.724649][ T3634] Out of memory and no killable processes... [ 446.730692][ T3646] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 446.740901][ T3646] CPU: 1 PID: 3646 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 446.751035][ T3646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 446.761079][ T3646] Call Trace: [ 446.764361][ T3646] dump_stack+0x1d8/0x241 [ 446.768685][ T3646] ? panic+0x73e/0x73e [ 446.772752][ T3646] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 446.778548][ T3646] dump_header+0xdb/0x700 [ 446.782866][ T3646] out_of_memory+0x6d0/0x940 [ 446.787440][ T3646] ? unregister_oom_notifier+0x20/0x20 [ 446.792881][ T3646] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 446.798667][ T3646] memory_max_write+0x528/0x600 [ 446.803519][ T3646] ? memory_max_show+0xa0/0xa0 [ 446.808355][ T3646] ? memory_max_show+0xa0/0xa0 [ 446.813099][ T3646] cgroup_file_write+0x273/0x5c0 [ 446.818224][ T3646] ? cgroup_seqfile_stop+0xc0/0xc0 [ 446.823318][ T3646] ? kernfs_get+0x90/0x90 [ 446.827634][ T3646] ? cgroup_seqfile_stop+0xc0/0xc0 [ 446.832816][ T3646] kernfs_fop_write+0x2ec/0x3e0 [ 446.837653][ T3646] ? kernfs_fop_read+0x450/0x450 [ 446.842573][ T3646] __vfs_write+0x103/0x780 [ 446.846973][ T3646] ? __kernel_write+0x340/0x340 [ 446.851836][ T3646] ? check_preemption_disabled+0x9e/0x330 [ 446.857533][ T3646] ? __fget+0x40c/0x4a0 [ 446.861677][ T3646] ? debug_smp_processor_id+0x20/0x20 [ 446.867029][ T3646] ? selinux_file_permission+0x2c2/0x530 [ 446.872647][ T3646] vfs_write+0x210/0x4f0 [ 446.876869][ T3646] ksys_write+0x198/0x2c0 09:25:12 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r3 = openat$cgroup(r1, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r4 = openat$cgroup_int(r3, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r5, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r4, 0x0, 0x0) [ 446.881185][ T3646] ? __ia32_sys_read+0x80/0x80 [ 446.885932][ T3646] do_syscall_64+0xcb/0x1c0 [ 446.890419][ T3646] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 446.896493][ T3646] memory: usage 48kB, limit 0kB, failcnt 3107 [ 446.902547][ T3646] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 446.909775][ T3646] Memory cgroup stats for /syz0: [ 446.909848][ T3646] anon 147456 [ 446.909848][ T3646] file 0 [ 446.909848][ T3646] kernel_stack 0 [ 446.909848][ T3646] slab 0 [ 446.909848][ T3646] sock 0 [ 446.909848][ T3646] shmem 0 09:25:12 executing program 1: syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000280)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x20, 0x1b96, 0x4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, {0x9}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x3}}}}}]}}]}}, &(0x7f00000005c0)={0x0, 0x0, 0x42, &(0x7f0000000300)={0x5, 0xf, 0x42, 0x4, [@ss_cap={0xa}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "c9bc4d2bb2552598d648471a68c11749"}, @ssp_cap={0x14, 0x10, 0xa, 0x0, 0x2, 0x0, 0x0, 0x0, [0x0, 0x0]}, @wireless={0xb}]}}) [ 446.909848][ T3646] file_mapped 0 [ 446.909848][ T3646] file_dirty 0 [ 446.909848][ T3646] file_writeback 0 [ 446.909848][ T3646] anon_thp 0 [ 446.909848][ T3646] inactive_anon 0 [ 446.909848][ T3646] active_anon 135168 [ 446.909848][ T3646] inactive_file 0 [ 446.909848][ T3646] active_file 0 [ 446.909848][ T3646] unevictable 0 [ 446.909848][ T3646] slab_reclaimable 0 [ 446.909848][ T3646] slab_unreclaimable 0 [ 446.909848][ T3646] pgfault 78969 [ 446.909848][ T3646] pgmajfault 0 [ 446.909848][ T3646] workingset_refault 0 [ 446.909848][ T3646] workingset_activate 0 [ 446.909848][ T3646] workingset_nodereclaim 0 [ 446.909848][ T3646] pgrefill 1353 [ 446.909848][ T3646] pgscan 1189 [ 446.909848][ T3646] pgsteal 0 [ 446.909848][ T3646] pgactivate 1188 [ 446.909848][ T3646] pgdeactivate 1353 [ 447.005818][ T3646] Out of memory and no killable processes... [ 447.011855][ T3652] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 447.029262][ T3652] CPU: 1 PID: 3652 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 447.039418][ T3652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 447.049550][ T3652] Call Trace: [ 447.052833][ T3652] dump_stack+0x1d8/0x241 [ 447.057225][ T3652] ? panic+0x73e/0x73e [ 447.061265][ T3652] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 447.067044][ T3652] dump_header+0xdb/0x700 [ 447.071349][ T3652] out_of_memory+0x6d0/0x940 [ 447.075912][ T3652] ? unregister_oom_notifier+0x20/0x20 [ 447.081365][ T3652] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 447.087143][ T3652] memory_max_write+0x528/0x600 [ 447.091966][ T3652] ? memory_max_show+0xa0/0xa0 [ 447.096702][ T3652] ? memory_max_show+0xa0/0xa0 [ 447.101445][ T3652] cgroup_file_write+0x273/0x5c0 [ 447.106357][ T3652] ? cgroup_seqfile_stop+0xc0/0xc0 [ 447.111441][ T3652] ? kernfs_get+0x90/0x90 [ 447.115744][ T3652] ? cgroup_seqfile_stop+0xc0/0xc0 [ 447.120831][ T3652] kernfs_fop_write+0x2ec/0x3e0 [ 447.125655][ T3652] ? kernfs_fop_read+0x450/0x450 [ 447.130581][ T3652] __vfs_write+0x103/0x780 [ 447.134971][ T3652] ? __kernel_write+0x340/0x340 [ 447.139791][ T3652] ? check_preemption_disabled+0x9e/0x330 [ 447.145481][ T3652] ? __fget+0x40c/0x4a0 [ 447.149612][ T3652] ? debug_smp_processor_id+0x20/0x20 [ 447.154957][ T3652] ? selinux_file_permission+0x2c2/0x530 [ 447.160562][ T3652] vfs_write+0x210/0x4f0 [ 447.164780][ T3652] ksys_write+0x198/0x2c0 [ 447.169082][ T3652] ? __ia32_sys_read+0x80/0x80 [ 447.173821][ T3652] do_syscall_64+0xcb/0x1c0 [ 447.178302][ T3652] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 09:25:12 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 447.344854][ T3130] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 447.364521][ T3652] memory: usage 48kB, limit 0kB, failcnt 3107 [ 447.370724][ T3652] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 447.377856][ T3652] Memory cgroup stats for /syz0: [ 447.377930][ T3652] anon 147456 [ 447.377930][ T3652] file 0 [ 447.377930][ T3652] kernel_stack 0 [ 447.377930][ T3652] slab 0 [ 447.377930][ T3652] sock 0 [ 447.377930][ T3652] shmem 0 [ 447.377930][ T3652] file_mapped 0 [ 447.377930][ T3652] file_dirty 0 [ 447.377930][ T3652] file_writeback 0 [ 447.377930][ T3652] anon_thp 0 [ 447.377930][ T3652] inactive_anon 0 [ 447.377930][ T3652] active_anon 135168 [ 447.377930][ T3652] inactive_file 0 [ 447.377930][ T3652] active_file 0 [ 447.377930][ T3652] unevictable 0 [ 447.377930][ T3652] slab_reclaimable 0 [ 447.377930][ T3652] slab_unreclaimable 0 [ 447.377930][ T3652] pgfault 78969 [ 447.377930][ T3652] pgmajfault 0 09:25:13 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) [ 447.377930][ T3652] workingset_refault 0 [ 447.377930][ T3652] workingset_activate 0 [ 447.377930][ T3652] workingset_nodereclaim 0 [ 447.377930][ T3652] pgrefill 1386 [ 447.377930][ T3652] pgscan 1189 [ 447.377930][ T3652] pgsteal 0 [ 447.377930][ T3652] pgactivate 1188 [ 447.377930][ T3652] pgdeactivate 1386 [ 447.476791][ T3652] Out of memory and no killable processes... 09:25:13 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:13 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 447.486727][ T3659] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 447.496927][ T3659] CPU: 1 PID: 3659 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 447.507065][ T3659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 447.517113][ T3659] Call Trace: [ 447.520392][ T3659] dump_stack+0x1d8/0x241 [ 447.524713][ T3659] ? panic+0x73e/0x73e [ 447.528778][ T3659] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 447.534576][ T3659] dump_header+0xdb/0x700 [ 447.538900][ T3659] out_of_memory+0x6d0/0x940 [ 447.543489][ T3659] ? unregister_oom_notifier+0x20/0x20 [ 447.548941][ T3659] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 447.554748][ T3659] memory_max_write+0x528/0x600 [ 447.559619][ T3659] ? memory_max_show+0xa0/0xa0 [ 447.564374][ T3659] ? memory_max_show+0xa0/0xa0 [ 447.569911][ T3659] cgroup_file_write+0x273/0x5c0 [ 447.574836][ T3659] ? cgroup_seqfile_stop+0xc0/0xc0 [ 447.579932][ T3659] ? kernfs_get+0x90/0x90 [ 447.584265][ T3659] ? cgroup_seqfile_stop+0xc0/0xc0 [ 447.589462][ T3659] kernfs_fop_write+0x2ec/0x3e0 [ 447.594305][ T3659] ? kernfs_fop_read+0x450/0x450 [ 447.599237][ T3659] __vfs_write+0x103/0x780 [ 447.603668][ T3659] ? __kernel_write+0x340/0x340 [ 447.608514][ T3659] ? check_preemption_disabled+0x9e/0x330 [ 447.614219][ T3659] ? __fget+0x40c/0x4a0 [ 447.618361][ T3659] ? debug_smp_processor_id+0x20/0x20 [ 447.623719][ T3659] ? selinux_file_permission+0x2c2/0x530 [ 447.629337][ T3659] vfs_write+0x210/0x4f0 [ 447.633569][ T3659] ksys_write+0x198/0x2c0 [ 447.637886][ T3659] ? __ia32_sys_read+0x80/0x80 [ 447.642724][ T3659] do_syscall_64+0xcb/0x1c0 [ 447.647217][ T3659] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 447.653184][ T3659] memory: usage 48kB, limit 0kB, failcnt 3107 [ 447.659262][ T3659] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 447.666220][ T3659] Memory cgroup stats for /syz0: [ 447.666288][ T3659] anon 147456 [ 447.666288][ T3659] file 0 [ 447.666288][ T3659] kernel_stack 0 [ 447.666288][ T3659] slab 0 [ 447.666288][ T3659] sock 0 [ 447.666288][ T3659] shmem 0 [ 447.666288][ T3659] file_mapped 0 [ 447.666288][ T3659] file_dirty 0 [ 447.666288][ T3659] file_writeback 0 [ 447.666288][ T3659] anon_thp 0 [ 447.666288][ T3659] inactive_anon 0 [ 447.666288][ T3659] active_anon 135168 [ 447.666288][ T3659] inactive_file 0 [ 447.666288][ T3659] active_file 0 [ 447.666288][ T3659] unevictable 0 [ 447.666288][ T3659] slab_reclaimable 0 [ 447.666288][ T3659] slab_unreclaimable 0 [ 447.666288][ T3659] pgfault 78969 [ 447.666288][ T3659] pgmajfault 0 [ 447.666288][ T3659] workingset_refault 0 [ 447.666288][ T3659] workingset_activate 0 [ 447.666288][ T3659] workingset_nodereclaim 0 [ 447.666288][ T3659] pgrefill 1386 [ 447.666288][ T3659] pgscan 1189 [ 447.666288][ T3659] pgsteal 0 [ 447.666288][ T3659] pgactivate 1188 [ 447.666288][ T3659] pgdeactivate 1386 [ 447.762043][ T3659] Out of memory and no killable processes... [ 447.768079][ T3662] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 447.778303][ T3662] CPU: 0 PID: 3662 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 447.788439][ T3662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 447.798487][ T3662] Call Trace: [ 447.801780][ T3662] dump_stack+0x1d8/0x241 [ 447.806127][ T3662] ? panic+0x73e/0x73e [ 447.810183][ T3662] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 447.815978][ T3662] dump_header+0xdb/0x700 [ 447.820305][ T3662] out_of_memory+0x6d0/0x940 [ 447.824885][ T3662] ? unregister_oom_notifier+0x20/0x20 [ 447.830330][ T3662] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 447.836125][ T3662] memory_max_write+0x528/0x600 [ 447.840965][ T3662] ? memory_max_show+0xa0/0xa0 09:25:13 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) [ 447.845719][ T3662] ? memory_max_show+0xa0/0xa0 [ 447.850473][ T3662] cgroup_file_write+0x273/0x5c0 [ 447.855401][ T3662] ? cgroup_seqfile_stop+0xc0/0xc0 [ 447.860502][ T3662] ? kernfs_get+0x90/0x90 [ 447.864818][ T3662] ? cgroup_seqfile_stop+0xc0/0xc0 [ 447.869913][ T3662] kernfs_fop_write+0x2ec/0x3e0 [ 447.874751][ T3662] ? kernfs_fop_read+0x450/0x450 [ 447.879807][ T3662] __vfs_write+0x103/0x780 [ 447.884213][ T3662] ? __kernel_write+0x340/0x340 [ 447.889050][ T3662] ? check_preemption_disabled+0x9e/0x330 [ 447.894751][ T3662] ? __fget+0x40c/0x4a0 [ 447.898979][ T3662] ? debug_smp_processor_id+0x20/0x20 [ 447.904340][ T3662] ? selinux_file_permission+0x2c2/0x530 [ 447.909958][ T3662] vfs_write+0x210/0x4f0 [ 447.914534][ T3662] ksys_write+0x198/0x2c0 [ 447.918850][ T3662] ? __ia32_sys_read+0x80/0x80 [ 447.923599][ T3662] do_syscall_64+0xcb/0x1c0 [ 447.928404][ T3662] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 447.934713][ T3662] memory: usage 48kB, limit 0kB, failcnt 3107 [ 447.940794][ T3662] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 447.947750][ T3662] Memory cgroup stats for /syz0: [ 447.947816][ T3662] anon 147456 [ 447.947816][ T3662] file 0 [ 447.947816][ T3662] kernel_stack 0 [ 447.947816][ T3662] slab 0 [ 447.947816][ T3662] sock 0 [ 447.947816][ T3662] shmem 0 [ 447.947816][ T3662] file_mapped 0 [ 447.947816][ T3662] file_dirty 0 [ 447.947816][ T3662] file_writeback 0 [ 447.947816][ T3662] anon_thp 0 [ 447.947816][ T3662] inactive_anon 0 [ 447.947816][ T3662] active_anon 135168 [ 447.947816][ T3662] inactive_file 0 [ 447.947816][ T3662] active_file 0 [ 447.947816][ T3662] unevictable 0 [ 447.947816][ T3662] slab_reclaimable 0 [ 447.947816][ T3662] slab_unreclaimable 0 [ 447.947816][ T3662] pgfault 78969 [ 447.947816][ T3662] pgmajfault 0 [ 447.947816][ T3662] workingset_refault 0 [ 447.947816][ T3662] workingset_activate 0 [ 447.947816][ T3662] workingset_nodereclaim 0 [ 447.947816][ T3662] pgrefill 1386 [ 447.947816][ T3662] pgscan 1189 [ 447.947816][ T3662] pgsteal 0 [ 447.947816][ T3662] pgactivate 1188 [ 447.947816][ T3662] pgdeactivate 1386 [ 448.043651][ T3662] Out of memory and no killable processes... [ 448.049806][ T3666] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 448.060048][ T3666] CPU: 0 PID: 3666 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 448.070180][ T3666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 448.080218][ T3666] Call Trace: [ 448.083531][ T3666] dump_stack+0x1d8/0x241 [ 448.087852][ T3666] ? panic+0x73e/0x73e [ 448.091902][ T3666] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 448.097684][ T3666] ? preempt_schedule_common+0xb7/0xe0 [ 448.103114][ T3666] dump_header+0xdb/0x700 [ 448.107421][ T3666] out_of_memory+0x6d0/0x940 [ 448.111982][ T3666] ? unregister_oom_notifier+0x20/0x20 [ 448.117418][ T3666] memory_max_write+0x528/0x600 [ 448.122253][ T3666] ? memory_max_show+0xa0/0xa0 [ 448.126988][ T3666] ? memory_max_show+0xa0/0xa0 [ 448.131742][ T3666] cgroup_file_write+0x273/0x5c0 [ 448.136670][ T3666] ? cgroup_seqfile_stop+0xc0/0xc0 [ 448.141768][ T3666] ? kernfs_get+0x90/0x90 [ 448.146076][ T3666] ? cgroup_seqfile_stop+0xc0/0xc0 [ 448.151183][ T3666] kernfs_fop_write+0x2ec/0x3e0 [ 448.156027][ T3666] ? kernfs_fop_read+0x450/0x450 [ 448.160952][ T3666] __vfs_write+0x103/0x780 [ 448.165346][ T3666] ? __kernel_write+0x340/0x340 [ 448.170193][ T3666] ? check_preemption_disabled+0x9e/0x330 [ 448.175907][ T3666] ? __fget+0x40c/0x4a0 [ 448.180034][ T3666] ? debug_smp_processor_id+0x20/0x20 [ 448.185457][ T3666] ? selinux_file_permission+0x2c2/0x530 [ 448.191099][ T3666] vfs_write+0x210/0x4f0 [ 448.195333][ T3666] ksys_write+0x198/0x2c0 [ 448.199653][ T3666] ? __ia32_sys_read+0x80/0x80 [ 448.204400][ T3666] do_syscall_64+0xcb/0x1c0 [ 448.208883][ T3666] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 448.216781][ T3130] usb 2-1: Using ep0 maxpacket: 32 [ 448.233315][ T3666] memory: usage 48kB, limit 0kB, failcnt 3107 [ 448.264926][ T3666] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 448.293711][ T3666] Memory cgroup stats for /syz0: [ 448.293783][ T3666] anon 147456 [ 448.293783][ T3666] file 0 [ 448.293783][ T3666] kernel_stack 0 [ 448.293783][ T3666] slab 0 [ 448.293783][ T3666] sock 0 [ 448.293783][ T3666] shmem 0 [ 448.293783][ T3666] file_mapped 0 [ 448.293783][ T3666] file_dirty 0 [ 448.293783][ T3666] file_writeback 0 [ 448.293783][ T3666] anon_thp 0 [ 448.293783][ T3666] inactive_anon 0 [ 448.293783][ T3666] active_anon 135168 [ 448.293783][ T3666] inactive_file 0 [ 448.293783][ T3666] active_file 0 [ 448.293783][ T3666] unevictable 0 [ 448.293783][ T3666] slab_reclaimable 0 [ 448.293783][ T3666] slab_unreclaimable 0 [ 448.293783][ T3666] pgfault 78969 [ 448.293783][ T3666] pgmajfault 0 [ 448.293783][ T3666] workingset_refault 0 09:25:13 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 448.293783][ T3666] workingset_activate 0 [ 448.293783][ T3666] workingset_nodereclaim 0 [ 448.293783][ T3666] pgrefill 1386 [ 448.293783][ T3666] pgscan 1189 [ 448.293783][ T3666] pgsteal 0 [ 448.293783][ T3666] pgactivate 1188 [ 448.293783][ T3666] pgdeactivate 1386 [ 448.524917][ T3130] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 448.684915][ T3130] usb 2-1: New USB device found, idVendor=1b96, idProduct=0004, bcdDevice= 0.40 [ 448.685046][ T7] device bridge_slave_1 left promiscuous mode [ 448.710689][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 448.715639][ T3130] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 448.730069][ T7] device bridge_slave_0 left promiscuous mode [ 448.749266][ T3130] usb 2-1: Product: syz [ 448.762429][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 448.764293][ T3130] usb 2-1: Manufacturer: syz [ 448.789379][ T3130] usb 2-1: SerialNumber: syz [ 448.823102][ T3666] Out of memory and no killable processes... [ 448.835700][ T3680] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 448.845933][ T3680] CPU: 0 PID: 3680 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 448.856063][ T3680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 448.866109][ T3680] Call Trace: [ 448.869396][ T3680] dump_stack+0x1d8/0x241 [ 448.873724][ T3680] ? panic+0x73e/0x73e [ 448.877790][ T3680] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 448.883590][ T3680] dump_header+0xdb/0x700 [ 448.887911][ T3680] out_of_memory+0x6d0/0x940 [ 448.892496][ T3680] ? unregister_oom_notifier+0x20/0x20 [ 448.897948][ T3680] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 448.903750][ T3680] memory_max_write+0x528/0x600 [ 448.908599][ T3680] ? memory_max_show+0xa0/0xa0 [ 448.913362][ T3680] ? memory_max_show+0xa0/0xa0 [ 448.918116][ T3680] cgroup_file_write+0x273/0x5c0 09:25:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) [ 448.923049][ T3680] ? cgroup_seqfile_stop+0xc0/0xc0 [ 448.928151][ T3680] ? kernfs_get+0x90/0x90 [ 448.932477][ T3680] ? cgroup_seqfile_stop+0xc0/0xc0 [ 448.937577][ T3680] kernfs_fop_write+0x2ec/0x3e0 [ 448.942423][ T3680] ? kernfs_fop_read+0x450/0x450 [ 448.947358][ T3680] __vfs_write+0x103/0x780 [ 448.951770][ T3680] ? __kernel_write+0x340/0x340 [ 448.956614][ T3680] ? check_preemption_disabled+0x9e/0x330 [ 448.962324][ T3680] ? __fget+0x40c/0x4a0 [ 448.966471][ T3680] ? debug_smp_processor_id+0x20/0x20 [ 448.971835][ T3680] ? selinux_file_permission+0x2c2/0x530 [ 448.977463][ T3680] vfs_write+0x210/0x4f0 [ 448.981708][ T3680] ksys_write+0x198/0x2c0 [ 448.986033][ T3680] ? __ia32_sys_read+0x80/0x80 [ 448.990790][ T3680] do_syscall_64+0xcb/0x1c0 [ 448.995288][ T3680] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 449.001264][ T3680] memory: usage 48kB, limit 0kB, failcnt 3107 [ 449.007352][ T3680] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 449.014179][ T3680] Memory cgroup stats for /syz0: [ 449.014247][ T3680] anon 147456 09:25:14 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 449.014247][ T3680] file 0 [ 449.014247][ T3680] kernel_stack 0 [ 449.014247][ T3680] slab 0 [ 449.014247][ T3680] sock 0 [ 449.014247][ T3680] shmem 0 [ 449.014247][ T3680] file_mapped 0 [ 449.014247][ T3680] file_dirty 0 [ 449.014247][ T3680] file_writeback 0 [ 449.014247][ T3680] anon_thp 0 [ 449.014247][ T3680] inactive_anon 0 [ 449.014247][ T3680] active_anon 135168 [ 449.014247][ T3680] inactive_file 0 [ 449.014247][ T3680] active_file 0 [ 449.014247][ T3680] unevictable 0 [ 449.014247][ T3680] slab_reclaimable 0 [ 449.014247][ T3680] slab_unreclaimable 0 [ 449.014247][ T3680] pgfault 78969 [ 449.014247][ T3680] pgmajfault 0 [ 449.014247][ T3680] workingset_refault 0 [ 449.014247][ T3680] workingset_activate 0 [ 449.014247][ T3680] workingset_nodereclaim 0 [ 449.014247][ T3680] pgrefill 1419 [ 449.014247][ T3680] pgscan 1189 [ 449.014247][ T3680] pgsteal 0 [ 449.014247][ T3680] pgactivate 1188 [ 449.014247][ T3680] pgdeactivate 1419 [ 449.110107][ T3680] Out of memory and no killable processes... 09:25:14 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) [ 449.156126][ T3685] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 449.174511][ T3685] CPU: 0 PID: 3685 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 449.184706][ T3685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 449.194747][ T3685] Call Trace: [ 449.198027][ T3685] dump_stack+0x1d8/0x241 [ 449.202349][ T3685] ? panic+0x73e/0x73e [ 449.206412][ T3685] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 449.212198][ T3685] ? preempt_schedule_common+0xb7/0xe0 [ 449.217631][ T3685] dump_header+0xdb/0x700 [ 449.221933][ T3685] out_of_memory+0x6d0/0x940 [ 449.226498][ T3685] ? unregister_oom_notifier+0x20/0x20 [ 449.231928][ T3685] memory_max_write+0x528/0x600 [ 449.236756][ T3685] ? memory_max_show+0xa0/0xa0 [ 449.241496][ T3685] ? memory_max_show+0xa0/0xa0 [ 449.246237][ T3685] cgroup_file_write+0x273/0x5c0 [ 449.251149][ T3685] ? cgroup_seqfile_stop+0xc0/0xc0 [ 449.256233][ T3685] ? kernfs_get+0x90/0x90 [ 449.260533][ T3685] ? cgroup_seqfile_stop+0xc0/0xc0 [ 449.265613][ T3685] kernfs_fop_write+0x2ec/0x3e0 [ 449.270436][ T3685] ? kernfs_fop_read+0x450/0x450 [ 449.275518][ T3685] __vfs_write+0x103/0x780 [ 449.279908][ T3685] ? __kernel_write+0x340/0x340 [ 449.284734][ T3685] ? check_preemption_disabled+0x9e/0x330 [ 449.290425][ T3685] ? __fget+0x40c/0x4a0 [ 449.294551][ T3685] ? debug_smp_processor_id+0x20/0x20 [ 449.299898][ T3685] ? selinux_file_permission+0x2c2/0x530 09:25:14 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 449.305513][ T3685] vfs_write+0x210/0x4f0 [ 449.309730][ T3685] ksys_write+0x198/0x2c0 [ 449.314030][ T3685] ? __ia32_sys_read+0x80/0x80 [ 449.318940][ T3685] do_syscall_64+0xcb/0x1c0 [ 449.323425][ T3685] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 449.332979][ T3685] memory: usage 48kB, limit 0kB, failcnt 3107 [ 449.339194][ T3685] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 449.346368][ T3130] usbhid 2-1:1.0: can't add hid device: -22 [ 449.353131][ T3130] usbhid: probe of 2-1:1.0 failed with error -22 [ 449.360437][ T3685] Memory cgroup stats for /syz0: [ 449.360509][ T3685] anon 147456 [ 449.360509][ T3685] file 0 [ 449.360509][ T3685] kernel_stack 0 [ 449.360509][ T3685] slab 0 [ 449.360509][ T3685] sock 0 [ 449.360509][ T3685] shmem 0 [ 449.360509][ T3685] file_mapped 0 [ 449.360509][ T3685] file_dirty 0 [ 449.360509][ T3685] file_writeback 0 [ 449.360509][ T3685] anon_thp 0 [ 449.360509][ T3685] inactive_anon 0 [ 449.360509][ T3685] active_anon 135168 [ 449.360509][ T3685] inactive_file 0 [ 449.360509][ T3685] active_file 0 [ 449.360509][ T3685] unevictable 0 [ 449.360509][ T3685] slab_reclaimable 0 [ 449.360509][ T3685] slab_unreclaimable 0 [ 449.360509][ T3685] pgfault 78969 [ 449.360509][ T3685] pgmajfault 0 [ 449.360509][ T3685] workingset_refault 0 [ 449.360509][ T3685] workingset_activate 0 [ 449.360509][ T3685] workingset_nodereclaim 0 [ 449.360509][ T3685] pgrefill 1419 [ 449.360509][ T3685] pgscan 1189 [ 449.360509][ T3685] pgsteal 0 [ 449.360509][ T3685] pgactivate 1188 [ 449.360509][ T3685] pgdeactivate 1419 [ 449.465933][ T3130] usb 2-1: USB disconnect, device number 5 [ 449.485731][ T3685] Out of memory and no killable processes... [ 449.491853][ T3692] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 449.523947][ T3692] CPU: 1 PID: 3692 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 449.534185][ T3692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 449.544229][ T3692] Call Trace: [ 449.547509][ T3692] dump_stack+0x1d8/0x241 [ 449.551825][ T3692] ? panic+0x73e/0x73e [ 449.555881][ T3692] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 449.561675][ T3692] ? preempt_schedule_common+0xb7/0xe0 [ 449.567118][ T3692] dump_header+0xdb/0x700 [ 449.571608][ T3692] out_of_memory+0x6d0/0x940 [ 449.576187][ T3692] ? unregister_oom_notifier+0x20/0x20 [ 449.581633][ T3692] memory_max_write+0x528/0x600 [ 449.586472][ T3692] ? memory_max_show+0xa0/0xa0 [ 449.591225][ T3692] ? memory_max_show+0xa0/0xa0 [ 449.595973][ T3692] cgroup_file_write+0x273/0x5c0 [ 449.600906][ T3692] ? cgroup_seqfile_stop+0xc0/0xc0 [ 449.606001][ T3692] ? kernfs_get+0x90/0x90 [ 449.610323][ T3692] ? cgroup_seqfile_stop+0xc0/0xc0 [ 449.615417][ T3692] kernfs_fop_write+0x2ec/0x3e0 [ 449.620251][ T3692] ? kernfs_fop_read+0x450/0x450 [ 449.625180][ T3692] __vfs_write+0x103/0x780 [ 449.629587][ T3692] ? __kernel_write+0x340/0x340 [ 449.634425][ T3692] ? check_preemption_disabled+0x9e/0x330 [ 449.640128][ T3692] ? __fget+0x40c/0x4a0 [ 449.644277][ T3692] ? debug_smp_processor_id+0x20/0x20 [ 449.649636][ T3692] ? selinux_file_permission+0x2c2/0x530 [ 449.655256][ T3692] vfs_write+0x210/0x4f0 [ 449.659490][ T3692] ksys_write+0x198/0x2c0 [ 449.663804][ T3692] ? __ia32_sys_read+0x80/0x80 [ 449.668550][ T3692] do_syscall_64+0xcb/0x1c0 [ 449.673037][ T3692] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 09:25:15 executing program 1: r0 = socket(0xa, 0x3, 0x7) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0}}, 0x0) 09:25:15 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) connect$unix(r2, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000004c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d7535f7866907dc6751dfb265a0e3ccae669e173a649c1cfd6587d452d46b7cc957d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe3e26e7a23129d6606fd28a69989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae89d24e1cebfba2f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70000000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbe43a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d62ad0a97aec773713a66b223fa8b148871c8d31d24291c25449f106b2009325fca34afbbec99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed200ada12f7a1525320e71666f472a97214d0b2874df30ed5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff08000000e1ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500"/608], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) getpgid(r0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r5, 0xae60, 0x0) ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f0000000240)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x9, 0x0, [{0x0, 0x0, 0xc9}, {}, {}, {0x0, 0x80}, {0x3}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x4}, {}, {}, {}, {}, {}, {}, {}, {0x5, 0x0, 0x0, '\x00', 0x2}, {}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x20}]}}) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) close(r5) r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, 0x0, 0x0) sendfile(0xffffffffffffffff, r6, 0x0, 0x11f06) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xf, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7}, [@btf_id={0x18, 0xb, 0x3, 0x0, 0x1}, @map_idx={0x18, 0x4, 0x5, 0x0, 0x9}, @map_fd={0x18, 0x5}, @map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000001}, @call={0x85, 0x0, 0x0, 0xba}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xa}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000100)='GPL\x00', 0x1, 0x22, &(0x7f00000007c0)=""/34, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000840)={0x4, 0xd, 0x1f, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000880)=[0xffffffffffffffff]}, 0x80) sendfile(0xffffffffffffffff, r7, 0x0, 0x1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) [ 449.798908][ T22] audit: type=1400 audit(1675589115.370:171): avc: denied { write } for pid=3697 comm="syz-executor.1" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 449.991376][ T3702] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 450.007659][ T22] audit: type=1400 audit(1675589115.560:172): avc: denied { ioctl } for pid=3699 comm="syz-executor.1" path="/dev/kvm" dev="devtmpfs" ino=9205 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 450.162899][ T3692] memory: usage 48kB, limit 0kB, failcnt 3107 [ 450.169036][ T3692] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 450.175898][ T3692] Memory cgroup stats for /syz0: [ 450.175969][ T3692] anon 147456 [ 450.175969][ T3692] file 0 [ 450.175969][ T3692] kernel_stack 0 [ 450.175969][ T3692] slab 0 [ 450.175969][ T3692] sock 0 [ 450.175969][ T3692] shmem 0 [ 450.175969][ T3692] file_mapped 0 [ 450.175969][ T3692] file_dirty 0 [ 450.175969][ T3692] file_writeback 0 [ 450.175969][ T3692] anon_thp 0 [ 450.175969][ T3692] inactive_anon 0 [ 450.175969][ T3692] active_anon 135168 [ 450.175969][ T3692] inactive_file 0 [ 450.175969][ T3692] active_file 0 [ 450.175969][ T3692] unevictable 0 [ 450.175969][ T3692] slab_reclaimable 0 [ 450.175969][ T3692] slab_unreclaimable 0 [ 450.175969][ T3692] pgfault 78969 [ 450.175969][ T3692] pgmajfault 0 [ 450.175969][ T3692] workingset_refault 0 [ 450.175969][ T3692] workingset_activate 0 [ 450.175969][ T3692] workingset_nodereclaim 0 [ 450.175969][ T3692] pgrefill 1419 [ 450.175969][ T3692] pgscan 1189 [ 450.175969][ T3692] pgsteal 0 [ 450.175969][ T3692] pgactivate 1188 [ 450.175969][ T3692] pgdeactivate 1419 09:25:15 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:25:15 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:25:16 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 450.406743][ T3692] Out of memory and no killable processes... [ 450.439827][ T3712] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 450.450172][ T3712] CPU: 1 PID: 3712 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 450.460482][ T3712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 450.470526][ T3712] Call Trace: [ 450.473815][ T3712] dump_stack+0x1d8/0x241 [ 450.478134][ T3712] ? panic+0x73e/0x73e [ 450.482191][ T3712] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 450.488289][ T3712] dump_header+0xdb/0x700 [ 450.492612][ T3712] out_of_memory+0x6d0/0x940 [ 450.497238][ T3712] ? unregister_oom_notifier+0x20/0x20 [ 450.502687][ T3712] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 450.508484][ T3712] memory_max_write+0x528/0x600 [ 450.513334][ T3712] ? memory_max_show+0xa0/0xa0 [ 450.518091][ T3712] ? memory_max_show+0xa0/0xa0 [ 450.522844][ T3712] cgroup_file_write+0x273/0x5c0 [ 450.527774][ T3712] ? cgroup_seqfile_stop+0xc0/0xc0 [ 450.532868][ T3712] ? kernfs_get+0x90/0x90 [ 450.537184][ T3712] ? cgroup_seqfile_stop+0xc0/0xc0 [ 450.542280][ T3712] kernfs_fop_write+0x2ec/0x3e0 [ 450.547114][ T3712] ? kernfs_fop_read+0x450/0x450 [ 450.552037][ T3712] __vfs_write+0x103/0x780 [ 450.556450][ T3712] ? __kernel_write+0x340/0x340 [ 450.561286][ T3712] ? check_preemption_disabled+0x9e/0x330 [ 450.566991][ T3712] ? __fget+0x40c/0x4a0 [ 450.571128][ T3712] ? debug_smp_processor_id+0x20/0x20 [ 450.576484][ T3712] ? selinux_file_permission+0x2c2/0x530 [ 450.582102][ T3712] vfs_write+0x210/0x4f0 [ 450.586332][ T3712] ksys_write+0x198/0x2c0 [ 450.590733][ T3712] ? __ia32_sys_read+0x80/0x80 [ 450.595482][ T3712] do_syscall_64+0xcb/0x1c0 [ 450.599971][ T3712] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 450.606600][ T3712] memory: usage 48kB, limit 0kB, failcnt 3107 [ 450.612662][ T3712] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 450.619599][ T3712] Memory cgroup stats for /syz0: [ 450.619677][ T3712] anon 147456 [ 450.619677][ T3712] file 0 [ 450.619677][ T3712] kernel_stack 0 [ 450.619677][ T3712] slab 0 [ 450.619677][ T3712] sock 0 [ 450.619677][ T3712] shmem 0 [ 450.619677][ T3712] file_mapped 0 [ 450.619677][ T3712] file_dirty 0 [ 450.619677][ T3712] file_writeback 0 [ 450.619677][ T3712] anon_thp 0 [ 450.619677][ T3712] inactive_anon 0 [ 450.619677][ T3712] active_anon 135168 [ 450.619677][ T3712] inactive_file 0 [ 450.619677][ T3712] active_file 0 [ 450.619677][ T3712] unevictable 0 [ 450.619677][ T3712] slab_reclaimable 0 [ 450.619677][ T3712] slab_unreclaimable 0 [ 450.619677][ T3712] pgfault 78969 [ 450.619677][ T3712] pgmajfault 0 [ 450.619677][ T3712] workingset_refault 0 [ 450.619677][ T3712] workingset_activate 0 [ 450.619677][ T3712] workingset_nodereclaim 0 [ 450.619677][ T3712] pgrefill 1419 [ 450.619677][ T3712] pgscan 1189 [ 450.619677][ T3712] pgsteal 0 [ 450.619677][ T3712] pgactivate 1188 [ 450.619677][ T3712] pgdeactivate 1419 [ 450.715346][ T3712] Out of memory and no killable processes... [ 450.722100][ T3714] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 450.807935][ T3714] CPU: 0 PID: 3714 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 450.818089][ T3714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 450.828139][ T3714] Call Trace: [ 450.831501][ T3714] dump_stack+0x1d8/0x241 [ 450.835803][ T3714] ? panic+0x73e/0x73e [ 450.839842][ T3714] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 450.845628][ T3714] dump_header+0xdb/0x700 [ 450.849931][ T3714] out_of_memory+0x6d0/0x940 [ 450.854493][ T3714] ? unregister_oom_notifier+0x20/0x20 [ 450.859959][ T3714] memory_max_write+0x528/0x600 [ 450.864782][ T3714] ? memory_max_show+0xa0/0xa0 [ 450.869520][ T3714] ? memory_max_show+0xa0/0xa0 [ 450.874255][ T3714] cgroup_file_write+0x273/0x5c0 [ 450.879165][ T3714] ? cgroup_seqfile_stop+0xc0/0xc0 [ 450.884247][ T3714] ? kernfs_get+0x90/0x90 [ 450.888555][ T3714] ? cgroup_seqfile_stop+0xc0/0xc0 [ 450.893639][ T3714] kernfs_fop_write+0x2ec/0x3e0 [ 450.898486][ T3714] ? kernfs_fop_read+0x450/0x450 [ 450.903398][ T3714] __vfs_write+0x103/0x780 [ 450.907785][ T3714] ? __kernel_write+0x340/0x340 [ 450.912608][ T3714] ? check_preemption_disabled+0x9e/0x330 [ 450.918302][ T3714] ? __fget+0x40c/0x4a0 [ 450.922454][ T3714] ? debug_smp_processor_id+0x20/0x20 [ 450.927797][ T3714] ? selinux_file_permission+0x2c2/0x530 [ 450.933403][ T3714] vfs_write+0x210/0x4f0 [ 450.937620][ T3714] ksys_write+0x198/0x2c0 [ 450.941941][ T3714] ? __ia32_sys_read+0x80/0x80 [ 450.946680][ T3714] do_syscall_64+0xcb/0x1c0 [ 450.951158][ T3714] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 451.013979][ T3714] memory: usage 48kB, limit 0kB, failcnt 3107 [ 451.026629][ T3714] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 451.028863][ T3710] bridge0: port 1(bridge_slave_0) entered blocking state [ 451.040662][ T3710] bridge0: port 1(bridge_slave_0) entered disabled state [ 451.041119][ T3714] Memory cgroup stats for /syz0: [ 451.041194][ T3714] anon 147456 [ 451.041194][ T3714] file 0 [ 451.041194][ T3714] kernel_stack 0 [ 451.041194][ T3714] slab 0 [ 451.041194][ T3714] sock 0 [ 451.041194][ T3714] shmem 0 [ 451.041194][ T3714] file_mapped 0 [ 451.041194][ T3714] file_dirty 0 [ 451.041194][ T3714] file_writeback 0 [ 451.041194][ T3714] anon_thp 0 [ 451.041194][ T3714] inactive_anon 0 [ 451.041194][ T3714] active_anon 135168 [ 451.041194][ T3714] inactive_file 0 [ 451.041194][ T3714] active_file 0 [ 451.041194][ T3714] unevictable 0 [ 451.041194][ T3714] slab_reclaimable 0 [ 451.041194][ T3714] slab_unreclaimable 0 [ 451.041194][ T3714] pgfault 78969 [ 451.041194][ T3714] pgmajfault 0 [ 451.041194][ T3714] workingset_refault 0 [ 451.041194][ T3714] workingset_activate 0 [ 451.041194][ T3714] workingset_nodereclaim 0 [ 451.041194][ T3714] pgrefill 1419 [ 451.041194][ T3714] pgscan 1189 [ 451.041194][ T3714] pgsteal 0 [ 451.041194][ T3714] pgactivate 1188 [ 451.041194][ T3714] pgdeactivate 1419 [ 451.048328][ T3710] device bridge_slave_0 entered promiscuous mode [ 451.060507][ T3714] Out of memory and no killable processes... [ 451.144500][ T3710] bridge0: port 2(bridge_slave_1) entered blocking state [ 451.163292][ T3710] bridge0: port 2(bridge_slave_1) entered disabled state [ 451.171668][ T3710] device bridge_slave_1 entered promiscuous mode [ 451.235569][ T3716] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 451.253047][ T3716] CPU: 1 PID: 3716 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 451.263216][ T3716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 451.273267][ T3716] Call Trace: [ 451.276547][ T3716] dump_stack+0x1d8/0x241 [ 451.280871][ T3716] ? panic+0x73e/0x73e [ 451.284931][ T3716] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 451.290724][ T3716] ? preempt_schedule_common+0xb7/0xe0 [ 451.296172][ T3716] dump_header+0xdb/0x700 [ 451.300494][ T3716] out_of_memory+0x6d0/0x940 [ 451.305081][ T3716] ? unregister_oom_notifier+0x20/0x20 [ 451.310539][ T3716] memory_max_write+0x528/0x600 [ 451.315383][ T3716] ? memory_max_show+0xa0/0xa0 [ 451.320142][ T3716] ? memory_max_show+0xa0/0xa0 [ 451.324899][ T3716] cgroup_file_write+0x273/0x5c0 [ 451.329821][ T3716] ? cgroup_seqfile_stop+0xc0/0xc0 [ 451.334916][ T3716] ? kernfs_get+0x90/0x90 [ 451.339233][ T3716] ? cgroup_seqfile_stop+0xc0/0xc0 [ 451.344322][ T3716] kernfs_fop_write+0x2ec/0x3e0 [ 451.349160][ T3716] ? kernfs_fop_read+0x450/0x450 [ 451.354088][ T3716] __vfs_write+0x103/0x780 [ 451.358492][ T3716] ? __kernel_write+0x340/0x340 [ 451.363336][ T3716] ? check_preemption_disabled+0x9e/0x330 [ 451.369059][ T3716] ? __fget+0x40c/0x4a0 [ 451.373210][ T3716] ? debug_smp_processor_id+0x20/0x20 [ 451.378925][ T3716] ? selinux_file_permission+0x2c2/0x530 [ 451.384209][ T3710] bridge0: port 2(bridge_slave_1) entered blocking state [ 451.384551][ T3716] vfs_write+0x210/0x4f0 [ 451.384568][ T3716] ksys_write+0x198/0x2c0 [ 451.391590][ T3710] bridge0: port 2(bridge_slave_1) entered forwarding state [ 451.395795][ T3716] ? __ia32_sys_read+0x80/0x80 [ 451.395805][ T3716] do_syscall_64+0xcb/0x1c0 [ 451.395821][ T3716] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 451.400197][ T3710] bridge0: port 1(bridge_slave_0) entered blocking state [ 451.408482][ T3716] memory: usage 48kB, limit 0kB, failcnt 3107 [ 451.412041][ T3710] bridge0: port 1(bridge_slave_0) entered forwarding state [ 451.443101][ T3716] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 451.449975][ T3716] Memory cgroup stats for /syz0: [ 451.450043][ T3716] anon 147456 [ 451.450043][ T3716] file 0 [ 451.450043][ T3716] kernel_stack 0 [ 451.450043][ T3716] slab 0 [ 451.450043][ T3716] sock 0 [ 451.450043][ T3716] shmem 0 [ 451.450043][ T3716] file_mapped 0 [ 451.450043][ T3716] file_dirty 0 [ 451.450043][ T3716] file_writeback 0 [ 451.450043][ T3716] anon_thp 0 [ 451.450043][ T3716] inactive_anon 0 [ 451.450043][ T3716] active_anon 135168 [ 451.450043][ T3716] inactive_file 0 [ 451.450043][ T3716] active_file 0 [ 451.450043][ T3716] unevictable 0 [ 451.450043][ T3716] slab_reclaimable 0 [ 451.450043][ T3716] slab_unreclaimable 0 [ 451.450043][ T3716] pgfault 78969 [ 451.450043][ T3716] pgmajfault 0 [ 451.450043][ T3716] workingset_refault 0 [ 451.450043][ T3716] workingset_activate 0 [ 451.450043][ T3716] workingset_nodereclaim 0 [ 451.450043][ T3716] pgrefill 1419 [ 451.450043][ T3716] pgscan 1189 [ 451.450043][ T3716] pgsteal 0 [ 451.450043][ T3716] pgactivate 1188 [ 451.450043][ T3716] pgdeactivate 1419 [ 451.545883][ T3716] Out of memory and no killable processes... [ 451.545962][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 451.560991][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 451.574173][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 451.582477][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 451.605890][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 451.614173][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 451.622491][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 451.630953][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 451.637978][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 451.646180][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 451.654290][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 451.661401][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 451.668797][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 451.676827][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 451.689495][ T118] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 451.704233][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 451.712700][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 09:25:18 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:18 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:18 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:18 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:25:18 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) connect$unix(r2, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000004c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d7535f7866907dc6751dfb265a0e3ccae669e173a649c1cfd6587d452d46b7cc957d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe3e26e7a23129d6606fd28a69989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae89d24e1cebfba2f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70000000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbe43a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d62ad0a97aec773713a66b223fa8b148871c8d31d24291c25449f106b2009325fca34afbbec99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed200ada12f7a1525320e71666f472a97214d0b2874df30ed5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff08000000e1ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500"/608], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) getpgid(r0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r5, 0xae60, 0x0) ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f0000000240)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x9, 0x0, [{0x0, 0x0, 0xc9}, {}, {}, {0x0, 0x80}, {0x3}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x4}, {}, {}, {}, {}, {}, {}, {}, {0x5, 0x0, 0x0, '\x00', 0x2}, {}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x20}]}}) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) close(r5) r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, 0x0, 0x0) sendfile(0xffffffffffffffff, r6, 0x0, 0x11f06) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xf, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7}, [@btf_id={0x18, 0xb, 0x3, 0x0, 0x1}, @map_idx={0x18, 0x4, 0x5, 0x0, 0x9}, @map_fd={0x18, 0x5}, @map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000001}, @call={0x85, 0x0, 0x0, 0xba}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xa}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000100)='GPL\x00', 0x1, 0x22, &(0x7f00000007c0)=""/34, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000840)={0x4, 0xd, 0x1f, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000880)=[0xffffffffffffffff]}, 0x80) sendfile(0xffffffffffffffff, r7, 0x0, 0x1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 09:25:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 452.591771][ T3729] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 452.602058][ T3729] CPU: 0 PID: 3729 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 452.612224][ T3729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 452.622280][ T3729] Call Trace: [ 452.625566][ T3729] dump_stack+0x1d8/0x241 [ 452.629957][ T3729] ? panic+0x73e/0x73e [ 452.633994][ T3729] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 452.639788][ T3729] ? _raw_spin_lock+0xa3/0x1b0 [ 452.644545][ T3729] ? asan.module_dtor+0x20/0x20 [ 452.649385][ T3729] dump_header+0xdb/0x700 [ 452.653703][ T3729] oom_kill_process+0xf0/0x2d0 [ 452.658458][ T3729] out_of_memory+0x666/0x940 [ 452.663039][ T3729] ? unregister_oom_notifier+0x20/0x20 [ 452.668489][ T3729] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 452.674291][ T3729] memory_max_write+0x528/0x600 [ 452.679133][ T3729] ? memory_max_show+0xa0/0xa0 [ 452.683881][ T3729] ? memory_max_show+0xa0/0xa0 [ 452.688661][ T3729] cgroup_file_write+0x273/0x5c0 [ 452.693582][ T3729] ? cgroup_seqfile_stop+0xc0/0xc0 [ 452.698759][ T3729] ? kernfs_get+0x90/0x90 [ 452.703075][ T3729] ? cgroup_seqfile_stop+0xc0/0xc0 [ 452.708169][ T3729] kernfs_fop_write+0x2ec/0x3e0 [ 452.713003][ T3729] ? kernfs_fop_read+0x450/0x450 [ 452.718016][ T3729] __vfs_write+0x103/0x780 [ 452.722418][ T3729] ? __kernel_write+0x340/0x340 [ 452.727250][ T3729] ? check_preemption_disabled+0x9e/0x330 [ 452.732951][ T3729] ? __fget+0x40c/0x4a0 [ 452.737097][ T3729] ? debug_smp_processor_id+0x20/0x20 [ 452.742449][ T3729] ? selinux_file_permission+0x2c2/0x530 [ 452.748065][ T3729] vfs_write+0x210/0x4f0 [ 452.752297][ T3729] ksys_write+0x198/0x2c0 [ 452.756609][ T3729] ? __ia32_sys_read+0x80/0x80 [ 452.761357][ T3729] do_syscall_64+0xcb/0x1c0 [ 452.765851][ T3729] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 452.772840][ T3729] memory: usage 136kB, limit 0kB, failcnt 3115 [ 452.779026][ T3729] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 452.785875][ T3729] Memory cgroup stats for /syz0: [ 452.786019][ T3729] anon 184320 [ 452.786019][ T3729] file 0 [ 452.786019][ T3729] kernel_stack 0 [ 452.786019][ T3729] slab 0 [ 452.786019][ T3729] sock 0 [ 452.786019][ T3729] shmem 0 [ 452.786019][ T3729] file_mapped 0 [ 452.786019][ T3729] file_dirty 0 [ 452.786019][ T3729] file_writeback 0 [ 452.786019][ T3729] anon_thp 0 [ 452.786019][ T3729] inactive_anon 0 [ 452.786019][ T3729] active_anon 135168 [ 452.786019][ T3729] inactive_file 0 [ 452.786019][ T3729] active_file 0 [ 452.786019][ T3729] unevictable 0 [ 452.786019][ T3729] slab_reclaimable 0 [ 452.786019][ T3729] slab_unreclaimable 0 [ 452.786019][ T3729] pgfault 81147 [ 452.786019][ T3729] pgmajfault 0 [ 452.786019][ T3729] workingset_refault 0 [ 452.786019][ T3729] workingset_activate 0 [ 452.786019][ T3729] workingset_nodereclaim 0 [ 452.786019][ T3729] pgrefill 1419 [ 452.786019][ T3729] pgscan 1189 [ 452.786019][ T3729] pgsteal 0 [ 452.786019][ T3729] pgactivate 1188 [ 452.786019][ T3729] pgdeactivate 1419 [ 452.882411][ T3729] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3725,uid=0 [ 452.897608][ T3729] Memory cgroup out of memory: Killed process 3725 (syz-executor.0) total-vm:52480kB, anon-rss:456kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:1000 [ 453.887866][ T23] oom_reaper: reaped process 3725 (syz-executor.0), now anon-rss:0kB, file-rss:13628kB, shmem-rss:0kB [ 453.924577][ T3729] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 09:25:19 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 453.934769][ T3729] CPU: 0 PID: 3729 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 453.944899][ T3729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 453.954939][ T3729] Call Trace: [ 453.958221][ T3729] dump_stack+0x1d8/0x241 [ 453.962542][ T3729] ? panic+0x73e/0x73e [ 453.966597][ T3729] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 453.972395][ T3729] ? _raw_spin_lock+0xa3/0x1b0 [ 453.977146][ T3729] ? asan.module_dtor+0x20/0x20 [ 453.981984][ T3729] dump_header+0xdb/0x700 [ 453.986303][ T3729] oom_kill_process+0xf0/0x2d0 [ 453.991061][ T3729] out_of_memory+0x666/0x940 [ 453.995647][ T3729] ? unregister_oom_notifier+0x20/0x20 [ 454.001095][ T3729] memory_max_write+0x528/0x600 [ 454.005927][ T3729] ? memory_max_show+0xa0/0xa0 [ 454.010664][ T3729] ? memory_max_show+0xa0/0xa0 [ 454.015402][ T3729] cgroup_file_write+0x273/0x5c0 [ 454.020368][ T3729] ? cgroup_seqfile_stop+0xc0/0xc0 [ 454.025453][ T3729] ? kernfs_get+0x90/0x90 [ 454.029772][ T3729] ? cgroup_seqfile_stop+0xc0/0xc0 [ 454.034858][ T3729] kernfs_fop_write+0x2ec/0x3e0 [ 454.039682][ T3729] ? kernfs_fop_read+0x450/0x450 [ 454.044590][ T3729] __vfs_write+0x103/0x780 [ 454.048978][ T3729] ? __kernel_write+0x340/0x340 [ 454.053804][ T3729] ? check_preemption_disabled+0x9e/0x330 [ 454.059495][ T3729] ? __fget+0x40c/0x4a0 [ 454.063624][ T3729] ? debug_smp_processor_id+0x20/0x20 [ 454.069078][ T3729] ? selinux_file_permission+0x2c2/0x530 [ 454.074690][ T3729] vfs_write+0x210/0x4f0 [ 454.078916][ T3729] ksys_write+0x198/0x2c0 [ 454.083233][ T3729] ? __ia32_sys_read+0x80/0x80 [ 454.087982][ T3729] do_syscall_64+0xcb/0x1c0 [ 454.092473][ T3729] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 454.099832][ T3729] memory: usage 84kB, limit 0kB, failcnt 3136 [ 454.105919][ T3729] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 454.112748][ T3729] Memory cgroup stats for /syz0: [ 454.112817][ T3729] anon 184320 [ 454.112817][ T3729] file 0 [ 454.112817][ T3729] kernel_stack 0 [ 454.112817][ T3729] slab 0 [ 454.112817][ T3729] sock 0 [ 454.112817][ T3729] shmem 0 [ 454.112817][ T3729] file_mapped 0 [ 454.112817][ T3729] file_dirty 0 [ 454.112817][ T3729] file_writeback 0 [ 454.112817][ T3729] anon_thp 0 [ 454.112817][ T3729] inactive_anon 0 [ 454.112817][ T3729] active_anon 135168 [ 454.112817][ T3729] inactive_file 0 [ 454.112817][ T3729] active_file 0 [ 454.112817][ T3729] unevictable 0 [ 454.112817][ T3729] slab_reclaimable 0 [ 454.112817][ T3729] slab_unreclaimable 0 [ 454.112817][ T3729] pgfault 81147 [ 454.112817][ T3729] pgmajfault 0 [ 454.112817][ T3729] workingset_refault 0 [ 454.112817][ T3729] workingset_activate 0 09:25:19 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) connect$unix(r2, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000004c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d7535f7866907dc6751dfb265a0e3ccae669e173a649c1cfd6587d452d46b7cc957d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe3e26e7a23129d6606fd28a69989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae89d24e1cebfba2f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70000000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbe43a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d62ad0a97aec773713a66b223fa8b148871c8d31d24291c25449f106b2009325fca34afbbec99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed200ada12f7a1525320e71666f472a97214d0b2874df30ed5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff08000000e1ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500"/608], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) getpgid(r0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r5, 0xae60, 0x0) ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f0000000240)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x9, 0x0, [{0x0, 0x0, 0xc9}, {}, {}, {0x0, 0x80}, {0x3}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x4}, {}, {}, {}, {}, {}, {}, {}, {0x5, 0x0, 0x0, '\x00', 0x2}, {}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x20}]}}) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) close(r5) r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, 0x0, 0x0) sendfile(0xffffffffffffffff, r6, 0x0, 0x11f06) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xf, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7}, [@btf_id={0x18, 0xb, 0x3, 0x0, 0x1}, @map_idx={0x18, 0x4, 0x5, 0x0, 0x9}, @map_fd={0x18, 0x5}, @map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000001}, @call={0x85, 0x0, 0x0, 0xba}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xa}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000100)='GPL\x00', 0x1, 0x22, &(0x7f00000007c0)=""/34, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000840)={0x4, 0xd, 0x1f, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000880)=[0xffffffffffffffff]}, 0x80) sendfile(0xffffffffffffffff, r7, 0x0, 0x1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) [ 454.112817][ T3729] workingset_nodereclaim 0 [ 454.112817][ T3729] pgrefill 1419 [ 454.112817][ T3729] pgscan 1222 [ 454.112817][ T3729] pgsteal 0 [ 454.112817][ T3729] pgactivate 1221 [ 454.112817][ T3729] pgdeactivate 1419 [ 454.208514][ T3729] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3710,uid=0 09:25:19 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 454.223695][ T3729] Memory cgroup out of memory: Killed process 3710 (syz-executor.0) total-vm:48508kB, anon-rss:444kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:80kB oom_score_adj:0 [ 454.241168][ T23] oom_reaper: reaped process 3710 (syz-executor.0), now anon-rss:0kB, file-rss:13444kB, shmem-rss:0kB [ 454.266754][ T3746] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 454.329552][ T3746] CPU: 1 PID: 3746 Comm: syz-executor.0 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 454.339966][ T3746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 454.350002][ T3746] Call Trace: [ 454.353282][ T3746] dump_stack+0x1d8/0x241 [ 454.357595][ T3746] ? panic+0x73e/0x73e [ 454.361640][ T3746] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 454.367427][ T3746] ? _raw_spin_lock+0xa3/0x1b0 [ 454.372170][ T3746] ? asan.module_dtor+0x20/0x20 [ 454.377001][ T3746] dump_header+0xdb/0x700 [ 454.381315][ T3746] oom_kill_process+0xf0/0x2d0 [ 454.386058][ T3746] out_of_memory+0x666/0x940 [ 454.390629][ T3746] ? unregister_oom_notifier+0x20/0x20 [ 454.396070][ T3746] ? _raw_spin_unlock+0x49/0x60 [ 454.400903][ T3746] mem_cgroup_oom+0x6d2/0x810 [ 454.405560][ T3746] ? drain_all_stock+0x5f0/0x5f0 [ 454.410481][ T3746] ? cgroup_file_notify+0x106/0x190 [ 454.415661][ T3746] try_charge+0xce7/0x11f0 [ 454.420058][ T3746] ? preempt_count_add+0x8d/0x180 [ 454.425067][ T3746] ? __memcg_kmem_charge_memcg+0x140/0x140 [ 454.430855][ T3746] ? __alloc_pages_nodemask+0x372/0x860 [ 454.436384][ T3746] ? get_mem_cgroup_from_mm+0x284/0x2d0 [ 454.441926][ T3746] mem_cgroup_try_charge+0xd5/0x2a0 [ 454.447104][ T3746] wp_page_copy+0x3c6/0x19a0 [ 454.451669][ T3746] ? zap_pte_range+0x1ce0/0x1ce0 [ 454.456589][ T3746] ? debug_smp_processor_id+0x20/0x20 [ 454.461930][ T3746] ? _raw_spin_unlock+0x49/0x60 [ 454.466750][ T3746] ? do_wp_page+0x535/0x8b0 [ 454.471232][ T3746] handle_mm_fault+0xe52/0x3bd0 [ 454.476072][ T3746] ? finish_fault+0x230/0x230 [ 454.480720][ T3746] ? down_read_trylock+0x17a/0x1d0 [ 454.485801][ T3746] ? vmacache_update+0x9f/0xf0 [ 454.490538][ T3746] do_user_addr_fault+0x4a4/0xb30 [ 454.495535][ T3746] page_fault+0x2f/0x40 [ 454.499662][ T3746] ? __task_pid_nr_ns+0x180/0x270 [ 454.504655][ T3746] ? __put_user_4+0x1c/0x30 [ 454.509129][ T3746] ? schedule_tail+0xa8/0xd0 [ 454.513692][ T3746] ? ret_from_fork+0x8/0x30 09:25:20 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 454.619218][ T3746] memory: usage 84kB, limit 0kB, failcnt 3137 [ 454.626424][ T3746] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 454.641749][ T3746] Memory cgroup stats for /syz0: [ 454.641822][ T3746] anon 184320 [ 454.641822][ T3746] file 0 [ 454.641822][ T3746] kernel_stack 0 [ 454.641822][ T3746] slab 0 [ 454.641822][ T3746] sock 0 [ 454.641822][ T3746] shmem 0 [ 454.641822][ T3746] file_mapped 0 [ 454.641822][ T3746] file_dirty 0 [ 454.641822][ T3746] file_writeback 0 [ 454.641822][ T3746] anon_thp 0 [ 454.641822][ T3746] inactive_anon 0 [ 454.641822][ T3746] active_anon 135168 [ 454.641822][ T3746] inactive_file 0 [ 454.641822][ T3746] active_file 0 [ 454.641822][ T3746] unevictable 0 [ 454.641822][ T3746] slab_reclaimable 0 [ 454.641822][ T3746] slab_unreclaimable 0 [ 454.641822][ T3746] pgfault 81147 [ 454.641822][ T3746] pgmajfault 0 [ 454.641822][ T3746] workingset_refault 0 [ 454.641822][ T3746] workingset_activate 0 09:25:20 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) [ 454.641822][ T3746] workingset_nodereclaim 0 [ 454.641822][ T3746] pgrefill 1452 [ 454.641822][ T3746] pgscan 1222 [ 454.641822][ T3746] pgsteal 0 [ 454.641822][ T3746] pgactivate 1221 [ 454.641822][ T3746] pgdeactivate 1452 [ 454.806150][ T3746] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3746,uid=0 [ 454.821362][ T3746] Memory cgroup out of memory: Killed process 3746 (syz-executor.0) total-vm:48508kB, anon-rss:456kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:0 09:25:20 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 454.862257][ T23] oom_reaper: reaped process 3746 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:0kB [ 454.907303][ T3752] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 454.917482][ T3752] CPU: 0 PID: 3752 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 454.927609][ T3752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 454.937649][ T3752] Call Trace: [ 454.941107][ T3752] dump_stack+0x1d8/0x241 [ 454.945429][ T3752] ? panic+0x73e/0x73e [ 454.949483][ T3752] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 454.955279][ T3752] dump_header+0xdb/0x700 [ 454.959599][ T3752] out_of_memory+0x6d0/0x940 [ 454.964178][ T3752] ? unregister_oom_notifier+0x20/0x20 [ 454.969629][ T3752] memory_max_write+0x528/0x600 [ 454.974565][ T3752] ? memory_max_show+0xa0/0xa0 [ 454.979323][ T3752] ? memory_max_show+0xa0/0xa0 [ 454.984072][ T3752] cgroup_file_write+0x273/0x5c0 [ 454.988997][ T3752] ? cgroup_seqfile_stop+0xc0/0xc0 [ 454.994099][ T3752] ? kernfs_get+0x90/0x90 [ 454.998425][ T3752] ? cgroup_seqfile_stop+0xc0/0xc0 [ 455.003608][ T3752] kernfs_fop_write+0x2ec/0x3e0 [ 455.008448][ T3752] ? kernfs_fop_read+0x450/0x450 [ 455.013378][ T3752] __vfs_write+0x103/0x780 [ 455.017787][ T3752] ? __kernel_write+0x340/0x340 [ 455.022630][ T3752] ? check_preemption_disabled+0x9e/0x330 [ 455.028343][ T3752] ? __fget+0x40c/0x4a0 [ 455.032513][ T3752] ? debug_smp_processor_id+0x20/0x20 [ 455.037881][ T3752] ? selinux_file_permission+0x2c2/0x530 [ 455.043512][ T3752] vfs_write+0x210/0x4f0 [ 455.047752][ T3752] ksys_write+0x198/0x2c0 [ 455.052076][ T3752] ? __ia32_sys_read+0x80/0x80 [ 455.056834][ T3752] do_syscall_64+0xcb/0x1c0 [ 455.061330][ T3752] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 455.067445][ T3752] memory: usage 48kB, limit 0kB, failcnt 3140 [ 455.073521][ T3752] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 455.080390][ T3752] Memory cgroup stats for /syz0: [ 455.080459][ T3752] anon 184320 [ 455.080459][ T3752] file 0 [ 455.080459][ T3752] kernel_stack 0 [ 455.080459][ T3752] slab 0 [ 455.080459][ T3752] sock 0 [ 455.080459][ T3752] shmem 0 [ 455.080459][ T3752] file_mapped 0 [ 455.080459][ T3752] file_dirty 0 [ 455.080459][ T3752] file_writeback 0 [ 455.080459][ T3752] anon_thp 0 [ 455.080459][ T3752] inactive_anon 0 [ 455.080459][ T3752] active_anon 135168 [ 455.080459][ T3752] inactive_file 0 [ 455.080459][ T3752] active_file 0 [ 455.080459][ T3752] unevictable 0 [ 455.080459][ T3752] slab_reclaimable 0 [ 455.080459][ T3752] slab_unreclaimable 0 [ 455.080459][ T3752] pgfault 81180 [ 455.080459][ T3752] pgmajfault 0 [ 455.080459][ T3752] workingset_refault 0 [ 455.080459][ T3752] workingset_activate 0 09:25:20 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r1 = getpgrp(r0) prlimit64(r1, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:25:20 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) connect$unix(r2, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000004c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d7535f7866907dc6751dfb265a0e3ccae669e173a649c1cfd6587d452d46b7cc957d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe3e26e7a23129d6606fd28a69989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae89d24e1cebfba2f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70000000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbe43a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d62ad0a97aec773713a66b223fa8b148871c8d31d24291c25449f106b2009325fca34afbbec99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed200ada12f7a1525320e71666f472a97214d0b2874df30ed5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff08000000e1ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500"/608], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) getpgid(r0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_GSI_ROUTING(r5, 0xae60, 0x0) ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f0000000240)={0x2, 0x0, @ioapic={0x0, 0x0, 0x0, 0x9, 0x0, [{0x0, 0x0, 0xc9}, {}, {}, {0x0, 0x80}, {0x3}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x4}, {}, {}, {}, {}, {}, {}, {}, {0x5, 0x0, 0x0, '\x00', 0x2}, {}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x20}]}}) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) close(r5) r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, 0x0, 0x0) sendfile(0xffffffffffffffff, r6, 0x0, 0x11f06) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xf, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7}, [@btf_id={0x18, 0xb, 0x3, 0x0, 0x1}, @map_idx={0x18, 0x4, 0x5, 0x0, 0x9}, @map_fd={0x18, 0x5}, @map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000001}, @call={0x85, 0x0, 0x0, 0xba}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xa}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000100)='GPL\x00', 0x1, 0x22, &(0x7f00000007c0)=""/34, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000840)={0x4, 0xd, 0x1f, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000880)=[0xffffffffffffffff]}, 0x80) sendfile(0xffffffffffffffff, r7, 0x0, 0x1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 09:25:20 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 455.080459][ T3752] workingset_nodereclaim 0 [ 455.080459][ T3752] pgrefill 1452 [ 455.080459][ T3752] pgscan 1222 [ 455.080459][ T3752] pgsteal 0 [ 455.080459][ T3752] pgactivate 1221 [ 455.080459][ T3752] pgdeactivate 1452 [ 455.176443][ T3752] Out of memory and no killable processes... [ 455.183584][ T3766] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 455.264319][ T3766] CPU: 0 PID: 3766 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 455.274479][ T3766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 455.284537][ T3766] Call Trace: [ 455.287815][ T3766] dump_stack+0x1d8/0x241 [ 455.292118][ T3766] ? panic+0x73e/0x73e [ 455.296167][ T3766] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 455.301979][ T3766] dump_header+0xdb/0x700 [ 455.306284][ T3766] out_of_memory+0x6d0/0x940 [ 455.310848][ T3766] ? unregister_oom_notifier+0x20/0x20 [ 455.316287][ T3766] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 455.322066][ T3766] memory_max_write+0x528/0x600 [ 455.326980][ T3766] ? memory_max_show+0xa0/0xa0 [ 455.331739][ T3766] ? memory_max_show+0xa0/0xa0 [ 455.336475][ T3766] cgroup_file_write+0x273/0x5c0 [ 455.341387][ T3766] ? cgroup_seqfile_stop+0xc0/0xc0 [ 455.346471][ T3766] ? kernfs_get+0x90/0x90 [ 455.350798][ T3766] ? cgroup_seqfile_stop+0xc0/0xc0 [ 455.355885][ T3766] kernfs_fop_write+0x2ec/0x3e0 [ 455.360719][ T3766] ? kernfs_fop_read+0x450/0x450 [ 455.365626][ T3766] __vfs_write+0x103/0x780 [ 455.370102][ T3766] ? __kernel_write+0x340/0x340 [ 455.374927][ T3766] ? check_preemption_disabled+0x9e/0x330 [ 455.380617][ T3766] ? __fget+0x40c/0x4a0 [ 455.384745][ T3766] ? debug_smp_processor_id+0x20/0x20 [ 455.390088][ T3766] ? selinux_file_permission+0x2c2/0x530 [ 455.395692][ T3766] vfs_write+0x210/0x4f0 [ 455.399927][ T3766] ksys_write+0x198/0x2c0 [ 455.404234][ T3766] ? __ia32_sys_read+0x80/0x80 [ 455.408978][ T3766] do_syscall_64+0xcb/0x1c0 09:25:21 executing program 0: setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r3 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(0xffffffffffffffff, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r5, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r6 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r6, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r2]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r3, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2, r1, r2]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 455.413457][ T3766] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 09:25:21 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 455.812029][ T3766] memory: usage 48kB, limit 0kB, failcnt 3140 [ 455.830485][ T3766] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 455.851713][ T3766] Memory cgroup stats for /syz0: [ 455.851794][ T3766] anon 184320 [ 455.851794][ T3766] file 0 [ 455.851794][ T3766] kernel_stack 0 [ 455.851794][ T3766] slab 0 [ 455.851794][ T3766] sock 0 [ 455.851794][ T3766] shmem 0 [ 455.851794][ T3766] file_mapped 0 [ 455.851794][ T3766] file_dirty 0 [ 455.851794][ T3766] file_writeback 0 [ 455.851794][ T3766] anon_thp 0 [ 455.851794][ T3766] inactive_anon 0 [ 455.851794][ T3766] active_anon 135168 [ 455.851794][ T3766] inactive_file 0 [ 455.851794][ T3766] active_file 0 [ 455.851794][ T3766] unevictable 0 [ 455.851794][ T3766] slab_reclaimable 0 [ 455.851794][ T3766] slab_unreclaimable 0 [ 455.851794][ T3766] pgfault 81180 [ 455.851794][ T3766] pgmajfault 0 [ 455.851794][ T3766] workingset_refault 0 [ 455.851794][ T3766] workingset_activate 0 [ 455.851794][ T3766] workingset_nodereclaim 0 [ 455.851794][ T3766] pgrefill 1452 [ 455.851794][ T3766] pgscan 1222 [ 455.851794][ T3766] pgsteal 0 [ 455.851794][ T3766] pgactivate 1221 [ 455.851794][ T3766] pgdeactivate 1452 09:25:21 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:21 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r1 = getpgrp(r0) prlimit64(r1, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:25:21 executing program 1: r0 = socket$tipc(0x1e, 0x5, 0x0) ioctl$HIDIOCGSTRING(r0, 0x5421, 0x0) [ 456.182796][ T3766] Out of memory and no killable processes... [ 456.215072][ T7] device bridge_slave_1 left promiscuous mode [ 456.223415][ T7] bridge0: port 2(bridge_slave_1) entered disabled state 09:25:21 executing program 1: unshare(0x600) read$FUSE(0xffffffffffffffff, 0x0, 0x0) [ 456.231407][ T3780] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 456.262923][ T3780] CPU: 0 PID: 3780 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 456.273099][ T3780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 456.283144][ T3780] Call Trace: [ 456.286425][ T3780] dump_stack+0x1d8/0x241 [ 456.290737][ T3780] ? panic+0x73e/0x73e [ 456.294786][ T3780] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 456.300567][ T3780] ? preempt_schedule_common+0xb7/0xe0 [ 456.306002][ T3780] dump_header+0xdb/0x700 [ 456.310310][ T3780] out_of_memory+0x6d0/0x940 [ 456.314876][ T3780] ? unregister_oom_notifier+0x20/0x20 [ 456.320308][ T3780] memory_max_write+0x528/0x600 [ 456.325133][ T3780] ? memory_max_show+0xa0/0xa0 [ 456.329961][ T3780] ? memory_max_show+0xa0/0xa0 [ 456.334700][ T3780] cgroup_file_write+0x273/0x5c0 [ 456.339615][ T3780] ? cgroup_seqfile_stop+0xc0/0xc0 [ 456.344718][ T3780] ? kernfs_get+0x90/0x90 [ 456.349024][ T3780] ? cgroup_seqfile_stop+0xc0/0xc0 [ 456.354142][ T3780] kernfs_fop_write+0x2ec/0x3e0 [ 456.358989][ T3780] ? kernfs_fop_read+0x450/0x450 [ 456.363920][ T3780] __vfs_write+0x103/0x780 [ 456.368320][ T3780] ? __kernel_write+0x340/0x340 [ 456.373156][ T3780] ? check_preemption_disabled+0x9e/0x330 [ 456.378881][ T3780] ? __fget+0x40c/0x4a0 09:25:22 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) [ 456.383028][ T3780] ? debug_smp_processor_id+0x20/0x20 [ 456.388381][ T3780] ? selinux_file_permission+0x2c2/0x530 [ 456.393998][ T3780] vfs_write+0x210/0x4f0 [ 456.398217][ T3780] ksys_write+0x198/0x2c0 [ 456.402522][ T3780] ? __ia32_sys_read+0x80/0x80 [ 456.407260][ T3780] do_syscall_64+0xcb/0x1c0 [ 456.411742][ T3780] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 456.426260][ T7] device bridge_slave_0 left promiscuous mode 09:25:22 executing program 1: unshare(0x4020400) unshare(0x20200) 09:25:22 executing program 1: syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/uts\x00') syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/uts\x00') [ 456.453465][ T7] bridge0: port 1(bridge_slave_0) entered disabled state 09:25:22 executing program 1: memfd_create(&(0x7f0000000580)='\xc9+$)&\x00', 0x6) 09:25:22 executing program 1: bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0), 0xfffffeec) 09:25:22 executing program 1: syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000140)={{0x12, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0) [ 456.915564][ T12] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 456.942498][ T3780] memory: usage 48kB, limit 0kB, failcnt 3140 [ 456.964132][ T3780] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 456.992515][ T3780] Memory cgroup stats for /syz0: [ 456.992592][ T3780] anon 184320 [ 456.992592][ T3780] file 0 [ 456.992592][ T3780] kernel_stack 0 [ 456.992592][ T3780] slab 0 [ 456.992592][ T3780] sock 0 [ 456.992592][ T3780] shmem 0 [ 456.992592][ T3780] file_mapped 0 [ 456.992592][ T3780] file_dirty 0 [ 456.992592][ T3780] file_writeback 0 [ 456.992592][ T3780] anon_thp 0 [ 456.992592][ T3780] inactive_anon 0 [ 456.992592][ T3780] active_anon 135168 [ 456.992592][ T3780] inactive_file 0 [ 456.992592][ T3780] active_file 0 [ 456.992592][ T3780] unevictable 0 [ 456.992592][ T3780] slab_reclaimable 0 [ 456.992592][ T3780] slab_unreclaimable 0 [ 456.992592][ T3780] pgfault 81180 [ 456.992592][ T3780] pgmajfault 0 [ 456.992592][ T3780] workingset_refault 0 [ 456.992592][ T3780] workingset_activate 0 [ 456.992592][ T3780] workingset_nodereclaim 0 [ 456.992592][ T3780] pgrefill 1452 [ 456.992592][ T3780] pgscan 1222 [ 456.992592][ T3780] pgsteal 0 [ 456.992592][ T3780] pgactivate 1221 [ 456.992592][ T3780] pgdeactivate 1452 [ 457.178436][ T3780] Out of memory and no killable processes... [ 457.218405][ T3800] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 457.232894][ T3800] CPU: 1 PID: 3800 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 457.243032][ T3800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 457.253070][ T3800] Call Trace: [ 457.256384][ T3800] dump_stack+0x1d8/0x241 [ 457.260697][ T3800] ? panic+0x73e/0x73e [ 457.264844][ T3800] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 457.270639][ T3800] ? preempt_schedule_common+0xb7/0xe0 [ 457.276087][ T3800] dump_header+0xdb/0x700 [ 457.280405][ T3800] out_of_memory+0x6d0/0x940 [ 457.284985][ T3800] ? unregister_oom_notifier+0x20/0x20 [ 457.290433][ T3800] memory_max_write+0x528/0x600 [ 457.295268][ T3800] ? memory_max_show+0xa0/0xa0 [ 457.300005][ T3800] ? memory_max_show+0xa0/0xa0 [ 457.304742][ T3800] cgroup_file_write+0x273/0x5c0 [ 457.309662][ T3800] ? cgroup_seqfile_stop+0xc0/0xc0 [ 457.314748][ T3800] ? kernfs_get+0x90/0x90 [ 457.319069][ T3800] ? cgroup_seqfile_stop+0xc0/0xc0 [ 457.324153][ T3800] kernfs_fop_write+0x2ec/0x3e0 [ 457.329068][ T3800] ? kernfs_fop_read+0x450/0x450 [ 457.333980][ T3800] __vfs_write+0x103/0x780 [ 457.338369][ T3800] ? __kernel_write+0x340/0x340 [ 457.343196][ T3800] ? check_preemption_disabled+0x9e/0x330 [ 457.348885][ T3800] ? __fget+0x40c/0x4a0 [ 457.353012][ T3800] ? debug_smp_processor_id+0x20/0x20 [ 457.358357][ T3800] ? selinux_file_permission+0x2c2/0x530 [ 457.364136][ T3800] vfs_write+0x210/0x4f0 [ 457.368352][ T3800] ksys_write+0x198/0x2c0 [ 457.372660][ T3800] ? __ia32_sys_read+0x80/0x80 [ 457.377396][ T3800] do_syscall_64+0xcb/0x1c0 [ 457.381872][ T3800] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 457.406705][ T3800] memory: usage 48kB, limit 0kB, failcnt 3140 [ 457.412781][ T3800] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 457.419681][ T3800] Memory cgroup stats for /syz0: [ 457.419834][ T3800] anon 184320 [ 457.419834][ T3800] file 0 [ 457.419834][ T3800] kernel_stack 0 [ 457.419834][ T3800] slab 0 [ 457.419834][ T3800] sock 0 [ 457.419834][ T3800] shmem 0 [ 457.419834][ T3800] file_mapped 0 [ 457.419834][ T3800] file_dirty 0 [ 457.419834][ T3800] file_writeback 0 [ 457.419834][ T3800] anon_thp 0 [ 457.419834][ T3800] inactive_anon 0 [ 457.419834][ T3800] active_anon 135168 [ 457.419834][ T3800] inactive_file 0 [ 457.419834][ T3800] active_file 0 [ 457.419834][ T3800] unevictable 0 [ 457.419834][ T3800] slab_reclaimable 0 [ 457.419834][ T3800] slab_unreclaimable 0 [ 457.419834][ T3800] pgfault 81180 [ 457.419834][ T3800] pgmajfault 0 [ 457.419834][ T3800] workingset_refault 0 [ 457.419834][ T3800] workingset_activate 0 [ 457.419834][ T3800] workingset_nodereclaim 0 [ 457.419834][ T3800] pgrefill 1452 [ 457.419834][ T3800] pgscan 1222 [ 457.419834][ T3800] pgsteal 0 [ 457.419834][ T3800] pgactivate 1221 [ 457.419834][ T3800] pgdeactivate 1452 [ 457.515808][ T12] usb 2-1: device descriptor read/64, error 18 [ 457.521981][ T3800] Out of memory and no killable processes... [ 457.904826][ T12] usb 2-1: device descriptor read/64, error 18 [ 458.174860][ T12] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 458.196065][ T3806] bridge0: port 1(bridge_slave_0) entered blocking state [ 458.203140][ T3806] bridge0: port 1(bridge_slave_0) entered disabled state [ 458.210656][ T3806] device bridge_slave_0 entered promiscuous mode [ 458.217742][ T3806] bridge0: port 2(bridge_slave_1) entered blocking state [ 458.225166][ T3806] bridge0: port 2(bridge_slave_1) entered disabled state [ 458.232672][ T3806] device bridge_slave_1 entered promiscuous mode [ 458.270770][ T3806] bridge0: port 2(bridge_slave_1) entered blocking state [ 458.277829][ T3806] bridge0: port 2(bridge_slave_1) entered forwarding state [ 458.285108][ T3806] bridge0: port 1(bridge_slave_0) entered blocking state [ 458.292137][ T3806] bridge0: port 1(bridge_slave_0) entered forwarding state [ 458.312049][ T1366] bridge0: port 1(bridge_slave_0) entered disabled state [ 458.319395][ T1366] bridge0: port 2(bridge_slave_1) entered disabled state [ 458.327043][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 458.334435][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 458.343944][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 458.352165][ T340] bridge0: port 1(bridge_slave_0) entered blocking state [ 458.359188][ T340] bridge0: port 1(bridge_slave_0) entered forwarding state [ 458.368290][ T118] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 458.376609][ T118] bridge0: port 2(bridge_slave_1) entered blocking state [ 458.383621][ T118] bridge0: port 2(bridge_slave_1) entered forwarding state [ 458.406148][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 458.414503][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 458.422424][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 458.430318][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 458.443003][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 458.454823][ T12] usb 2-1: device descriptor read/64, error 18 [ 458.455860][ T118] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 458.471936][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 458.844830][ T12] usb 2-1: device descriptor read/64, error 18 [ 458.965134][ T12] usb usb2-port1: attempt power cycle 09:25:24 executing program 0: setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r3 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(0xffffffffffffffff, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r5, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r6 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r6, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r2]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r3, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2, r1, r2]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:24 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:24 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r1 = getpgrp(r0) prlimit64(r1, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:25:24 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:24 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 459.354114][ T3821] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 459.364358][ T3821] CPU: 1 PID: 3821 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 459.374500][ T3821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 459.384710][ T3821] Call Trace: [ 459.387978][ T3821] dump_stack+0x1d8/0x241 [ 459.392282][ T3821] ? panic+0x73e/0x73e [ 459.396345][ T3821] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 459.402147][ T3821] ? _raw_spin_lock+0xa3/0x1b0 [ 459.406901][ T3821] ? asan.module_dtor+0x20/0x20 [ 459.411752][ T3821] dump_header+0xdb/0x700 [ 459.416068][ T3821] oom_kill_process+0xf0/0x2d0 [ 459.420813][ T3821] out_of_memory+0x666/0x940 [ 459.425388][ T3821] ? unregister_oom_notifier+0x20/0x20 [ 459.430829][ T3821] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 459.436622][ T3821] memory_max_write+0x528/0x600 [ 459.441465][ T3821] ? memory_max_show+0xa0/0xa0 [ 459.446212][ T3821] ? memory_max_show+0xa0/0xa0 [ 459.450958][ T3821] cgroup_file_write+0x273/0x5c0 [ 459.455883][ T3821] ? cgroup_seqfile_stop+0xc0/0xc0 [ 459.460972][ T3821] ? kernfs_get+0x90/0x90 [ 459.465284][ T3821] ? cgroup_seqfile_stop+0xc0/0xc0 [ 459.470378][ T3821] kernfs_fop_write+0x2ec/0x3e0 [ 459.475214][ T3821] ? kernfs_fop_read+0x450/0x450 [ 459.480136][ T3821] __vfs_write+0x103/0x780 [ 459.484622][ T3821] ? __kernel_write+0x340/0x340 [ 459.489466][ T3821] ? check_preemption_disabled+0x9e/0x330 [ 459.495168][ T3821] ? __fget+0x40c/0x4a0 [ 459.499310][ T3821] ? debug_smp_processor_id+0x20/0x20 [ 459.504664][ T3821] ? selinux_file_permission+0x2c2/0x530 [ 459.510290][ T3821] vfs_write+0x210/0x4f0 [ 459.514527][ T3821] ksys_write+0x198/0x2c0 [ 459.518850][ T3821] ? __ia32_sys_read+0x80/0x80 [ 459.523606][ T3821] do_syscall_64+0xcb/0x1c0 [ 459.528104][ T3821] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 459.534188][ T3821] memory: usage 112kB, limit 0kB, failcnt 3148 [ 459.534905][ T12] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 459.540715][ T3821] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 459.554832][ T3821] Memory cgroup stats for /syz0: [ 459.554909][ T3821] anon 102400 [ 459.554909][ T3821] file 0 [ 459.554909][ T3821] kernel_stack 0 [ 459.554909][ T3821] slab 0 [ 459.554909][ T3821] sock 0 [ 459.554909][ T3821] shmem 0 [ 459.554909][ T3821] file_mapped 0 [ 459.554909][ T3821] file_dirty 0 [ 459.554909][ T3821] file_writeback 0 [ 459.554909][ T3821] anon_thp 0 [ 459.554909][ T3821] inactive_anon 0 [ 459.554909][ T3821] active_anon 135168 [ 459.554909][ T3821] inactive_file 0 [ 459.554909][ T3821] active_file 0 [ 459.554909][ T3821] unevictable 0 [ 459.554909][ T3821] slab_reclaimable 0 [ 459.554909][ T3821] slab_unreclaimable 0 [ 459.554909][ T3821] pgfault 83292 [ 459.554909][ T3821] pgmajfault 0 [ 459.554909][ T3821] workingset_refault 0 [ 459.554909][ T3821] workingset_activate 0 [ 459.554909][ T3821] workingset_nodereclaim 0 [ 459.554909][ T3821] pgrefill 1452 [ 459.554909][ T3821] pgscan 1222 [ 459.554909][ T3821] pgsteal 0 [ 459.554909][ T3821] pgactivate 1221 [ 459.554909][ T3821] pgdeactivate 1452 [ 459.650767][ T3821] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3822,uid=0 [ 459.665917][ T3821] Memory cgroup out of memory: Killed process 3822 (syz-executor.0) total-vm:52348kB, anon-rss:452kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000 09:25:25 executing program 1: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000780)={0xaf1}) 09:25:25 executing program 1: request_key(&(0x7f0000000000)='rxrpc\x00', &(0x7f0000000040)={'syz', 0x2, 0x74}, 0x0, 0xfffffffffffffffe) [ 459.914853][ T22] audit: type=1400 audit(1675589125.440:173): avc: denied { read } for pid=3829 comm="syz-executor.1" name="uinput" dev="devtmpfs" ino=10171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 459.939063][ T23] oom_reaper: reaped process 3822 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:4kB 09:25:25 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:25 executing program 1: syz_open_dev$usbmon(&(0x7f0000000340), 0x6426, 0x12980) 09:25:25 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:25 executing program 0: setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r3 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(0xffffffffffffffff, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r5, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r6 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r6, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r2]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r3, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2, r1, r2]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 460.223194][ T12] usb 2-1: device not accepting address 8, error -71 [ 460.261973][ T3806] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 460.276069][ T22] audit: type=1400 audit(1675589125.440:174): avc: denied { open } for pid=3829 comm="syz-executor.1" path="/dev/uinput" dev="devtmpfs" ino=10171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 460.296431][ T3806] CPU: 0 PID: 3806 Comm: syz-executor.0 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 460.310141][ T3806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 460.317827][ T22] audit: type=1400 audit(1675589125.440:175): avc: denied { ioctl } for pid=3829 comm="syz-executor.1" path="/dev/uinput" dev="devtmpfs" ino=10171 ioctlcmd=0x5504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 460.320173][ T3806] Call Trace: [ 460.320188][ T3806] dump_stack+0x1d8/0x241 [ 460.320203][ T3806] ? panic+0x73e/0x73e [ 460.357321][ T3806] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 460.363567][ T3806] ? _raw_spin_lock+0xa3/0x1b0 [ 460.368332][ T3806] ? asan.module_dtor+0x20/0x20 [ 460.373168][ T3806] dump_header+0xdb/0x700 [ 460.377481][ T3806] oom_kill_process+0xf0/0x2d0 [ 460.382231][ T3806] out_of_memory+0x666/0x940 [ 460.386810][ T3806] ? unregister_oom_notifier+0x20/0x20 [ 460.392256][ T3806] ? _raw_spin_unlock+0x49/0x60 [ 460.397095][ T3806] mem_cgroup_oom+0x6d2/0x810 [ 460.401757][ T3806] ? drain_all_stock+0x5f0/0x5f0 [ 460.406682][ T3806] ? cgroup_file_notify+0x106/0x190 [ 460.411863][ T3806] try_charge+0xce7/0x11f0 [ 460.416261][ T3806] ? preempt_count_add+0x8d/0x180 [ 460.421274][ T3806] ? __memcg_kmem_charge_memcg+0x140/0x140 [ 460.427067][ T3806] ? __alloc_pages_nodemask+0x372/0x860 [ 460.432591][ T3806] ? get_mem_cgroup_from_mm+0x284/0x2d0 [ 460.438117][ T3806] ? find_first_bit+0xe4/0x100 [ 460.442862][ T3806] ? check_preemption_disabled+0x9e/0x330 [ 460.448566][ T3806] mem_cgroup_try_charge+0xd5/0x2a0 [ 460.453746][ T3806] wp_page_copy+0x3c6/0x19a0 [ 460.458315][ T3806] ? cpuacct_charge+0xe5/0x160 [ 460.463071][ T3806] ? zap_pte_range+0x1ce0/0x1ce0 [ 460.467989][ T3806] ? debug_smp_processor_id+0x20/0x20 [ 460.473344][ T3806] ? _raw_spin_unlock+0x49/0x60 [ 460.478174][ T3806] ? do_wp_page+0x535/0x8b0 [ 460.482660][ T3806] handle_mm_fault+0xe52/0x3bd0 [ 460.487507][ T3806] ? finish_fault+0x230/0x230 [ 460.492171][ T3806] ? __fsnotify_parent+0x310/0x310 [ 460.497295][ T3806] ? down_read_trylock+0x17a/0x1d0 [ 460.502565][ T3806] ? vmacache_update+0x9f/0xf0 [ 460.507314][ T3806] do_user_addr_fault+0x4a4/0xb30 [ 460.512350][ T3806] page_fault+0x2f/0x40 09:25:26 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x3}}, @var]}}, &(0x7f0000000140)=""/150, 0x42, 0x96, 0x1}, 0x20) [ 460.524127][ T3806] memory: usage 84kB, limit 0kB, failcnt 3165 [ 460.531549][ T3806] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 460.544254][ T3806] Memory cgroup stats for /syz0: [ 460.544326][ T3806] anon 102400 [ 460.544326][ T3806] file 0 [ 460.544326][ T3806] kernel_stack 0 [ 460.544326][ T3806] slab 0 [ 460.544326][ T3806] sock 0 [ 460.544326][ T3806] shmem 0 [ 460.544326][ T3806] file_mapped 0 [ 460.544326][ T3806] file_dirty 0 [ 460.544326][ T3806] file_writeback 0 [ 460.544326][ T3806] anon_thp 0 [ 460.544326][ T3806] inactive_anon 0 [ 460.544326][ T3806] active_anon 135168 [ 460.544326][ T3806] inactive_file 0 [ 460.544326][ T3806] active_file 0 [ 460.544326][ T3806] unevictable 0 [ 460.544326][ T3806] slab_reclaimable 0 [ 460.544326][ T3806] slab_unreclaimable 0 [ 460.544326][ T3806] pgfault 83325 [ 460.544326][ T3806] pgmajfault 0 [ 460.544326][ T3806] workingset_refault 0 [ 460.544326][ T3806] workingset_activate 0 [ 460.544326][ T3806] workingset_nodereclaim 0 [ 460.544326][ T3806] pgrefill 1485 09:25:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:26 executing program 1: add_key$keyring(&(0x7f0000000200), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) 09:25:26 executing program 1: request_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='/sys/kernekdamond_pid\x00', 0xfffffffffffffffe) 09:25:26 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x0, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 460.544326][ T3806] pgscan 1255 [ 460.544326][ T3806] pgsteal 0 [ 460.544326][ T3806] pgactivate 1254 [ 460.544326][ T3806] pgdeactivate 1485 [ 460.642144][ T3806] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3837,uid=0 [ 460.658669][ T3806] Memory cgroup out of memory: Killed process 3837 (syz-executor.0) total-vm:48508kB, anon-rss:452kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:76kB oom_score_adj:0 [ 460.675847][ T23] oom_reaper: reaped process 3837 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:0kB 09:25:26 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:26 executing program 1: request_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='/sys/kernekdamond_pid\x00', 0xfffffffffffffffe) 09:25:26 executing program 1: request_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='/sys/kernekdamond_pid\x00', 0xfffffffffffffffe) [ 461.099567][ T3842] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 461.109766][ T3842] CPU: 0 PID: 3842 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 461.119901][ T3842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 461.129945][ T3842] Call Trace: [ 461.133465][ T3842] dump_stack+0x1d8/0x241 [ 461.137784][ T3842] ? panic+0x73e/0x73e [ 461.141856][ T3842] ? nf_ct_l4proto_log_invalid+0x26c/0x26c 09:25:26 executing program 1: request_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='/sys/kernekdamond_pid\x00', 0xfffffffffffffffe) [ 461.147655][ T3842] ? _raw_spin_lock+0xa3/0x1b0 [ 461.152406][ T3842] ? asan.module_dtor+0x20/0x20 [ 461.157245][ T3842] dump_header+0xdb/0x700 [ 461.161561][ T3842] oom_kill_process+0xf0/0x2d0 [ 461.166313][ T3842] out_of_memory+0x666/0x940 [ 461.171007][ T3842] ? unregister_oom_notifier+0x20/0x20 [ 461.176461][ T3842] memory_max_write+0x528/0x600 [ 461.181303][ T3842] ? memory_max_show+0xa0/0xa0 [ 461.186064][ T3842] ? memory_max_show+0xa0/0xa0 [ 461.190826][ T3842] cgroup_file_write+0x273/0x5c0 [ 461.195757][ T3842] ? cgroup_seqfile_stop+0xc0/0xc0 [ 461.200857][ T3842] ? kernfs_get+0x90/0x90 [ 461.205269][ T3842] ? cgroup_seqfile_stop+0xc0/0xc0 [ 461.210372][ T3842] kernfs_fop_write+0x2ec/0x3e0 [ 461.215215][ T3842] ? kernfs_fop_read+0x450/0x450 [ 461.220145][ T3842] __vfs_write+0x103/0x780 [ 461.224553][ T3842] ? __kernel_write+0x340/0x340 [ 461.229406][ T3842] ? check_preemption_disabled+0x9e/0x330 [ 461.235119][ T3842] ? __fget+0x40c/0x4a0 [ 461.239280][ T3842] ? debug_smp_processor_id+0x20/0x20 [ 461.244644][ T3842] ? selinux_file_permission+0x2c2/0x530 [ 461.250273][ T3842] vfs_write+0x210/0x4f0 [ 461.254502][ T3842] ksys_write+0x198/0x2c0 [ 461.258821][ T3842] ? __ia32_sys_read+0x80/0x80 [ 461.263569][ T3842] do_syscall_64+0xcb/0x1c0 [ 461.268057][ T3842] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 461.273987][ T3842] memory: usage 84kB, limit 0kB, failcnt 3172 [ 461.280061][ T3842] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 461.286911][ T3842] Memory cgroup stats for /syz0: [ 461.286982][ T3842] anon 102400 [ 461.286982][ T3842] file 0 [ 461.286982][ T3842] kernel_stack 0 [ 461.286982][ T3842] slab 0 [ 461.286982][ T3842] sock 0 [ 461.286982][ T3842] shmem 0 [ 461.286982][ T3842] file_mapped 0 [ 461.286982][ T3842] file_dirty 0 [ 461.286982][ T3842] file_writeback 0 [ 461.286982][ T3842] anon_thp 0 [ 461.286982][ T3842] inactive_anon 0 [ 461.286982][ T3842] active_anon 135168 [ 461.286982][ T3842] inactive_file 0 [ 461.286982][ T3842] active_file 0 [ 461.286982][ T3842] unevictable 0 [ 461.286982][ T3842] slab_reclaimable 0 [ 461.286982][ T3842] slab_unreclaimable 0 [ 461.286982][ T3842] pgfault 83325 [ 461.286982][ T3842] pgmajfault 0 [ 461.286982][ T3842] workingset_refault 0 [ 461.286982][ T3842] workingset_activate 0 [ 461.286982][ T3842] workingset_nodereclaim 0 [ 461.286982][ T3842] pgrefill 1518 [ 461.286982][ T3842] pgscan 1288 [ 461.286982][ T3842] pgsteal 0 [ 461.286982][ T3842] pgactivate 1287 [ 461.286982][ T3842] pgdeactivate 1518 [ 461.382696][ T3842] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3806,uid=0 [ 461.397871][ T3842] Memory cgroup out of memory: Killed process 3806 (syz-executor.0) total-vm:48508kB, anon-rss:440kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:0 09:25:27 executing program 1: syz_open_dev$usbmon(&(0x7f0000000040), 0x6, 0x0) 09:25:27 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 461.490174][ T3867] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 461.500417][ T3867] CPU: 0 PID: 3867 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 461.510551][ T3867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 461.520591][ T3867] Call Trace: [ 461.523877][ T3867] dump_stack+0x1d8/0x241 [ 461.528201][ T3867] ? panic+0x73e/0x73e [ 461.532255][ T3867] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 461.535000][ T22] audit: type=1400 audit(1675589127.110:176): avc: denied { read } for pid=3868 comm="syz-executor.1" name="usbmon6" dev="devtmpfs" ino=10158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 461.538046][ T3867] dump_header+0xdb/0x700 [ 461.538057][ T3867] out_of_memory+0x6d0/0x940 [ 461.538071][ T3867] ? unregister_oom_notifier+0x20/0x20 [ 461.576043][ T3867] memory_max_write+0x528/0x600 [ 461.580892][ T3867] ? memory_max_show+0xa0/0xa0 [ 461.585654][ T3867] ? memory_max_show+0xa0/0xa0 [ 461.590410][ T3867] cgroup_file_write+0x273/0x5c0 [ 461.595334][ T3867] ? cgroup_seqfile_stop+0xc0/0xc0 [ 461.600433][ T3867] ? kernfs_get+0x90/0x90 [ 461.604747][ T3867] ? cgroup_seqfile_stop+0xc0/0xc0 [ 461.609843][ T3867] kernfs_fop_write+0x2ec/0x3e0 [ 461.614676][ T3867] ? kernfs_fop_read+0x450/0x450 [ 461.619632][ T3867] __vfs_write+0x103/0x780 [ 461.624036][ T3867] ? __kernel_write+0x340/0x340 [ 461.628891][ T3867] ? check_preemption_disabled+0x9e/0x330 [ 461.634612][ T3867] ? __fget+0x40c/0x4a0 [ 461.638752][ T3867] ? debug_smp_processor_id+0x20/0x20 [ 461.644190][ T3867] ? selinux_file_permission+0x2c2/0x530 [ 461.649823][ T3867] vfs_write+0x210/0x4f0 [ 461.654045][ T3867] ksys_write+0x198/0x2c0 [ 461.658354][ T3867] ? __ia32_sys_read+0x80/0x80 [ 461.663101][ T3867] do_syscall_64+0xcb/0x1c0 [ 461.667591][ T3867] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 461.673511][ T3867] memory: usage 48kB, limit 0kB, failcnt 3173 [ 461.679569][ T3867] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 461.686408][ T3867] Memory cgroup stats for /syz0: [ 461.686484][ T3867] anon 102400 [ 461.686484][ T3867] file 0 [ 461.686484][ T3867] kernel_stack 0 [ 461.686484][ T3867] slab 0 [ 461.686484][ T3867] sock 0 [ 461.686484][ T3867] shmem 0 [ 461.686484][ T3867] file_mapped 0 [ 461.686484][ T3867] file_dirty 0 [ 461.686484][ T3867] file_writeback 0 [ 461.686484][ T3867] anon_thp 0 [ 461.686484][ T3867] inactive_anon 0 [ 461.686484][ T3867] active_anon 135168 [ 461.686484][ T3867] inactive_file 0 [ 461.686484][ T3867] active_file 0 [ 461.686484][ T3867] unevictable 0 [ 461.686484][ T3867] slab_reclaimable 0 [ 461.686484][ T3867] slab_unreclaimable 0 [ 461.686484][ T3867] pgfault 83325 [ 461.686484][ T3867] pgmajfault 0 [ 461.686484][ T3867] workingset_refault 0 [ 461.686484][ T3867] workingset_activate 0 [ 461.686484][ T3867] workingset_nodereclaim 0 [ 461.686484][ T3867] pgrefill 1518 [ 461.686484][ T3867] pgscan 1288 [ 461.686484][ T3867] pgsteal 0 [ 461.686484][ T3867] pgactivate 1287 [ 461.686484][ T3867] pgdeactivate 1518 [ 461.770989][ T22] audit: type=1400 audit(1675589127.140:177): avc: denied { open } for pid=3868 comm="syz-executor.1" path="/dev/usbmon6" dev="devtmpfs" ino=10158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 461.782199][ T3867] Out of memory and no killable processes... [ 461.783996][ T3862] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 461.823001][ T3862] CPU: 0 PID: 3862 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 461.833231][ T3862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 461.843263][ T3862] Call Trace: [ 461.846529][ T3862] dump_stack+0x1d8/0x241 [ 461.850830][ T3862] ? panic+0x73e/0x73e [ 461.854871][ T3862] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 461.860733][ T3862] ? preempt_schedule_common+0xb7/0xe0 [ 461.866255][ T3862] dump_header+0xdb/0x700 [ 461.870561][ T3862] out_of_memory+0x6d0/0x940 [ 461.875130][ T3862] ? unregister_oom_notifier+0x20/0x20 [ 461.880656][ T3862] memory_max_write+0x528/0x600 [ 461.885477][ T3862] ? memory_max_show+0xa0/0xa0 [ 461.890213][ T3862] ? memory_max_show+0xa0/0xa0 [ 461.894951][ T3862] cgroup_file_write+0x273/0x5c0 [ 461.899877][ T3862] ? cgroup_seqfile_stop+0xc0/0xc0 [ 461.904960][ T3862] ? kernfs_get+0x90/0x90 [ 461.909264][ T3862] ? cgroup_seqfile_stop+0xc0/0xc0 [ 461.914347][ T3862] kernfs_fop_write+0x2ec/0x3e0 [ 461.919175][ T3862] ? kernfs_fop_read+0x450/0x450 [ 461.924096][ T3862] __vfs_write+0x103/0x780 [ 461.928484][ T3862] ? __kernel_write+0x340/0x340 [ 461.933305][ T3862] ? check_preemption_disabled+0x9e/0x330 [ 461.938992][ T3862] ? __fget+0x40c/0x4a0 [ 461.943133][ T3862] ? debug_smp_processor_id+0x20/0x20 [ 461.948476][ T3862] ? selinux_file_permission+0x2c2/0x530 [ 461.954087][ T3862] vfs_write+0x210/0x4f0 [ 461.958304][ T3862] ksys_write+0x198/0x2c0 [ 461.962618][ T3862] ? __ia32_sys_read+0x80/0x80 [ 461.967350][ T3862] do_syscall_64+0xcb/0x1c0 [ 461.971828][ T3862] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 461.993989][ T3862] memory: usage 48kB, limit 0kB, failcnt 3173 [ 462.001003][ T3862] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 462.008130][ T3862] Memory cgroup stats for /syz0: [ 462.008204][ T3862] anon 102400 [ 462.008204][ T3862] file 0 [ 462.008204][ T3862] kernel_stack 0 [ 462.008204][ T3862] slab 0 [ 462.008204][ T3862] sock 0 [ 462.008204][ T3862] shmem 0 [ 462.008204][ T3862] file_mapped 0 [ 462.008204][ T3862] file_dirty 0 [ 462.008204][ T3862] file_writeback 0 [ 462.008204][ T3862] anon_thp 0 [ 462.008204][ T3862] inactive_anon 0 [ 462.008204][ T3862] active_anon 135168 [ 462.008204][ T3862] inactive_file 0 [ 462.008204][ T3862] active_file 0 [ 462.008204][ T3862] unevictable 0 [ 462.008204][ T3862] slab_reclaimable 0 [ 462.008204][ T3862] slab_unreclaimable 0 [ 462.008204][ T3862] pgfault 83325 [ 462.008204][ T3862] pgmajfault 0 [ 462.008204][ T3862] workingset_refault 0 [ 462.008204][ T3862] workingset_activate 0 [ 462.008204][ T3862] workingset_nodereclaim 0 [ 462.008204][ T3862] pgrefill 1518 [ 462.008204][ T3862] pgscan 1288 09:25:27 executing program 0: r0 = socket$inet(0x2, 0x0, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:27 executing program 1: io_uring_setup(0x16ac, &(0x7f0000000000)={0x0, 0x0, 0x100}) 09:25:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:27 executing program 1: request_key(&(0x7f00000000c0)='.request_key_auth\x00', 0x0, 0x0, 0xfffffffffffffffe) [ 462.008204][ T3862] pgsteal 0 [ 462.008204][ T3862] pgactivate 1287 [ 462.008204][ T3862] pgdeactivate 1518 09:25:27 executing program 0: r0 = socket$inet(0x2, 0x0, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 462.139534][ T3862] Out of memory and no killable processes... [ 462.149677][ T3872] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 462.160133][ T3872] CPU: 0 PID: 3872 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 462.170270][ T3872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 462.180311][ T3872] Call Trace: [ 462.183595][ T3872] dump_stack+0x1d8/0x241 [ 462.187915][ T3872] ? panic+0x73e/0x73e [ 462.192154][ T3872] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 462.197951][ T3872] dump_header+0xdb/0x700 [ 462.202274][ T3872] out_of_memory+0x6d0/0x940 [ 462.206860][ T3872] ? unregister_oom_notifier+0x20/0x20 [ 462.212308][ T3872] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 462.218117][ T3872] memory_max_write+0x528/0x600 [ 462.222956][ T3872] ? memory_max_show+0xa0/0xa0 [ 462.227792][ T3872] ? memory_max_show+0xa0/0xa0 [ 462.232542][ T3872] cgroup_file_write+0x273/0x5c0 [ 462.237476][ T3872] ? cgroup_seqfile_stop+0xc0/0xc0 [ 462.242576][ T3872] ? kernfs_get+0x90/0x90 [ 462.246894][ T3872] ? cgroup_seqfile_stop+0xc0/0xc0 [ 462.251987][ T3872] kernfs_fop_write+0x2ec/0x3e0 [ 462.256833][ T3872] ? kernfs_fop_read+0x450/0x450 [ 462.261768][ T3872] __vfs_write+0x103/0x780 [ 462.266179][ T3872] ? __kernel_write+0x340/0x340 [ 462.271032][ T3872] ? check_preemption_disabled+0x9e/0x330 [ 462.276744][ T3872] ? __fget+0x40c/0x4a0 [ 462.280891][ T3872] ? debug_smp_processor_id+0x20/0x20 [ 462.286252][ T3872] ? selinux_file_permission+0x2c2/0x530 [ 462.291878][ T3872] vfs_write+0x210/0x4f0 [ 462.296113][ T3872] ksys_write+0x198/0x2c0 [ 462.300522][ T3872] ? __ia32_sys_read+0x80/0x80 [ 462.305295][ T3872] do_syscall_64+0xcb/0x1c0 [ 462.309877][ T3872] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 462.315804][ T3872] memory: usage 48kB, limit 0kB, failcnt 3173 [ 462.321855][ T3872] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 462.328776][ T3872] Memory cgroup stats for /syz0: [ 462.328849][ T3872] anon 102400 [ 462.328849][ T3872] file 0 [ 462.328849][ T3872] kernel_stack 0 [ 462.328849][ T3872] slab 0 [ 462.328849][ T3872] sock 0 [ 462.328849][ T3872] shmem 0 [ 462.328849][ T3872] file_mapped 0 [ 462.328849][ T3872] file_dirty 0 [ 462.328849][ T3872] file_writeback 0 [ 462.328849][ T3872] anon_thp 0 [ 462.328849][ T3872] inactive_anon 0 [ 462.328849][ T3872] active_anon 135168 [ 462.328849][ T3872] inactive_file 0 [ 462.328849][ T3872] active_file 0 [ 462.328849][ T3872] unevictable 0 [ 462.328849][ T3872] slab_reclaimable 0 [ 462.328849][ T3872] slab_unreclaimable 0 [ 462.328849][ T3872] pgfault 83325 [ 462.328849][ T3872] pgmajfault 0 [ 462.328849][ T3872] workingset_refault 0 [ 462.328849][ T3872] workingset_activate 0 [ 462.328849][ T3872] workingset_nodereclaim 0 [ 462.328849][ T3872] pgrefill 1518 [ 462.328849][ T3872] pgscan 1288 [ 462.328849][ T3872] pgsteal 0 [ 462.328849][ T3872] pgactivate 1287 [ 462.328849][ T3872] pgdeactivate 1518 [ 462.424860][ T3872] Out of memory and no killable processes... [ 462.472919][ T3881] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 462.504817][ T3881] CPU: 0 PID: 3881 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 462.514974][ T3881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 462.525010][ T3881] Call Trace: [ 462.528288][ T3881] dump_stack+0x1d8/0x241 [ 462.532593][ T3881] ? panic+0x73e/0x73e [ 462.536632][ T3881] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 462.542421][ T3881] ? preempt_schedule_common+0xb7/0xe0 [ 462.547854][ T3881] dump_header+0xdb/0x700 [ 462.552182][ T3881] out_of_memory+0x6d0/0x940 [ 462.556748][ T3881] ? unregister_oom_notifier+0x20/0x20 [ 462.562183][ T3881] memory_max_write+0x528/0x600 [ 462.567039][ T3881] ? memory_max_show+0xa0/0xa0 [ 462.571780][ T3881] ? memory_max_show+0xa0/0xa0 [ 462.576522][ T3881] cgroup_file_write+0x273/0x5c0 [ 462.581452][ T3881] ? cgroup_seqfile_stop+0xc0/0xc0 [ 462.586538][ T3881] ? kernfs_get+0x90/0x90 [ 462.590842][ T3881] ? cgroup_seqfile_stop+0xc0/0xc0 [ 462.595925][ T3881] kernfs_fop_write+0x2ec/0x3e0 [ 462.600749][ T3881] ? kernfs_fop_read+0x450/0x450 [ 462.605659][ T3881] __vfs_write+0x103/0x780 [ 462.610049][ T3881] ? __kernel_write+0x340/0x340 [ 462.614872][ T3881] ? check_preemption_disabled+0x9e/0x330 09:25:28 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:28 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:28 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array]}}, &(0x7f0000000140)=""/150, 0x32, 0x96, 0x1}, 0x20) 09:25:28 executing program 4: sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 462.620567][ T3881] ? __fget+0x40c/0x4a0 [ 462.624695][ T3881] ? debug_smp_processor_id+0x20/0x20 [ 462.630039][ T3881] ? selinux_file_permission+0x2c2/0x530 [ 462.635660][ T3881] vfs_write+0x210/0x4f0 [ 462.639877][ T3881] ksys_write+0x198/0x2c0 [ 462.644183][ T3881] ? __ia32_sys_read+0x80/0x80 [ 462.648924][ T3881] do_syscall_64+0xcb/0x1c0 [ 462.653402][ T3881] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 09:25:28 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 09:25:28 executing program 1: syz_clone(0x8001000, &(0x7f0000000100), 0x0, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)="2655bdf0cc5e778848d98a6730f9a6c69ac74965333510487f843e040c02e202e3db0f08cd28b1c40731282fc0e84528f1eb221c5a3f0d3e48354df66b11cc5f699c5659bb253f81099a453fa5") 09:25:28 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 09:25:28 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_INTERFACE(r0, &(0x7f00000009c0)={&(0x7f00000008c0), 0xfffffffffffffe58, &(0x7f0000000980)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="0000000000000000000005000000"], 0x67}}, 0x0) 09:25:28 executing program 1: io_uring_setup(0x363f, &(0x7f0000000040)={0x0, 0x0, 0x1}) [ 463.048757][ T3881] memory: usage 48kB, limit 0kB, failcnt 3173 [ 463.067043][ T3881] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 463.075153][ T801] device bridge_slave_1 left promiscuous mode [ 463.082431][ T801] bridge0: port 2(bridge_slave_1) entered disabled state [ 463.087898][ T3881] Memory cgroup stats for /syz0: [ 463.088084][ T3881] anon 102400 [ 463.088084][ T3881] file 0 [ 463.088084][ T3881] kernel_stack 0 [ 463.088084][ T3881] slab 0 [ 463.088084][ T3881] sock 0 [ 463.088084][ T3881] shmem 0 [ 463.088084][ T3881] file_mapped 0 [ 463.088084][ T3881] file_dirty 0 [ 463.088084][ T3881] file_writeback 0 [ 463.088084][ T3881] anon_thp 0 [ 463.088084][ T3881] inactive_anon 0 [ 463.088084][ T3881] active_anon 135168 [ 463.088084][ T3881] inactive_file 0 [ 463.088084][ T3881] active_file 0 [ 463.088084][ T3881] unevictable 0 [ 463.088084][ T3881] slab_reclaimable 0 [ 463.088084][ T3881] slab_unreclaimable 0 [ 463.088084][ T3881] pgfault 83325 [ 463.088084][ T3881] pgmajfault 0 [ 463.088084][ T3881] workingset_refault 0 [ 463.088084][ T3881] workingset_activate 0 [ 463.088084][ T3881] workingset_nodereclaim 0 [ 463.088084][ T3881] pgrefill 1518 [ 463.088084][ T3881] pgscan 1288 [ 463.088084][ T3881] pgsteal 0 [ 463.088084][ T3881] pgactivate 1287 [ 463.088084][ T3881] pgdeactivate 1518 [ 463.199479][ T801] device bridge_slave_0 left promiscuous mode [ 463.212186][ T801] bridge0: port 1(bridge_slave_0) entered disabled state [ 463.381999][ T3881] Out of memory and no killable processes... [ 463.394591][ T3896] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 463.404845][ T3896] CPU: 0 PID: 3896 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 463.414995][ T3896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 463.425035][ T3896] Call Trace: [ 463.428316][ T3896] dump_stack+0x1d8/0x241 [ 463.432640][ T3896] ? panic+0x73e/0x73e [ 463.436699][ T3896] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 463.442499][ T3896] dump_header+0xdb/0x700 [ 463.446818][ T3896] out_of_memory+0x6d0/0x940 [ 463.451397][ T3896] ? unregister_oom_notifier+0x20/0x20 [ 463.456931][ T3896] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 463.462738][ T3896] memory_max_write+0x528/0x600 [ 463.467580][ T3896] ? memory_max_show+0xa0/0xa0 [ 463.472330][ T3896] ? memory_max_show+0xa0/0xa0 [ 463.477089][ T3896] cgroup_file_write+0x273/0x5c0 [ 463.482023][ T3896] ? cgroup_seqfile_stop+0xc0/0xc0 [ 463.487117][ T3896] ? kernfs_get+0x90/0x90 [ 463.491429][ T3896] ? cgroup_seqfile_stop+0xc0/0xc0 [ 463.496522][ T3896] kernfs_fop_write+0x2ec/0x3e0 [ 463.501356][ T3896] ? kernfs_fop_read+0x450/0x450 [ 463.506276][ T3896] __vfs_write+0x103/0x780 [ 463.510681][ T3896] ? __kernel_write+0x340/0x340 [ 463.515515][ T3896] ? check_preemption_disabled+0x9e/0x330 [ 463.521219][ T3896] ? __fget+0x40c/0x4a0 [ 463.525396][ T3896] ? debug_smp_processor_id+0x20/0x20 [ 463.530760][ T3896] ? selinux_file_permission+0x2c2/0x530 [ 463.536377][ T3896] vfs_write+0x210/0x4f0 [ 463.540609][ T3896] ksys_write+0x198/0x2c0 [ 463.544924][ T3896] ? __ia32_sys_read+0x80/0x80 [ 463.549670][ T3896] do_syscall_64+0xcb/0x1c0 [ 463.554155][ T3896] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 463.560226][ T3896] memory: usage 48kB, limit 0kB, failcnt 3173 [ 463.566316][ T3896] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 463.573172][ T3896] Memory cgroup stats for /syz0: [ 463.573236][ T3896] anon 102400 09:25:29 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) [ 463.573236][ T3896] file 0 [ 463.573236][ T3896] kernel_stack 0 [ 463.573236][ T3896] slab 0 [ 463.573236][ T3896] sock 0 [ 463.573236][ T3896] shmem 0 [ 463.573236][ T3896] file_mapped 0 [ 463.573236][ T3896] file_dirty 0 [ 463.573236][ T3896] file_writeback 0 [ 463.573236][ T3896] anon_thp 0 [ 463.573236][ T3896] inactive_anon 0 [ 463.573236][ T3896] active_anon 135168 [ 463.573236][ T3896] inactive_file 0 [ 463.573236][ T3896] active_file 0 [ 463.573236][ T3896] unevictable 0 [ 463.573236][ T3896] slab_reclaimable 0 09:25:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000140)={0x3, 0x300, 0x0, &(0x7f0000000380)}) ioctl$KVM_SET_CLOCK(r1, 0x4188aec6, &(0x7f00000000c0)={0x0, 0x3, 0x403, 0x0, 0x20000000}) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r2, r1, 0x0) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) [ 463.573236][ T3896] slab_unreclaimable 0 [ 463.573236][ T3896] pgfault 83325 [ 463.573236][ T3896] pgmajfault 0 [ 463.573236][ T3896] workingset_refault 0 [ 463.573236][ T3896] workingset_activate 0 [ 463.573236][ T3896] workingset_nodereclaim 0 [ 463.573236][ T3896] pgrefill 1518 [ 463.573236][ T3896] pgscan 1288 [ 463.573236][ T3896] pgsteal 0 [ 463.573236][ T3896] pgactivate 1287 [ 463.573236][ T3896] pgdeactivate 1518 [ 463.669300][ T3896] Out of memory and no killable processes... [ 464.799985][ T3914] bridge0: port 1(bridge_slave_0) entered blocking state [ 464.807054][ T3914] bridge0: port 1(bridge_slave_0) entered disabled state [ 464.814352][ T3914] device bridge_slave_0 entered promiscuous mode [ 464.821528][ T3914] bridge0: port 2(bridge_slave_1) entered blocking state [ 464.828555][ T3914] bridge0: port 2(bridge_slave_1) entered disabled state [ 464.835980][ T3914] device bridge_slave_1 entered promiscuous mode [ 464.872939][ T3914] bridge0: port 2(bridge_slave_1) entered blocking state [ 464.879975][ T3914] bridge0: port 2(bridge_slave_1) entered forwarding state [ 464.887270][ T3914] bridge0: port 1(bridge_slave_0) entered blocking state [ 464.894269][ T3914] bridge0: port 1(bridge_slave_0) entered forwarding state [ 464.913831][ T1366] bridge0: port 1(bridge_slave_0) entered disabled state [ 464.921311][ T1366] bridge0: port 2(bridge_slave_1) entered disabled state [ 464.929235][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 464.937224][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 464.955500][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 464.963617][ T1366] bridge0: port 1(bridge_slave_0) entered blocking state [ 464.970675][ T1366] bridge0: port 1(bridge_slave_0) entered forwarding state [ 464.978139][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 464.986357][ T1366] bridge0: port 2(bridge_slave_1) entered blocking state [ 464.993353][ T1366] bridge0: port 2(bridge_slave_1) entered forwarding state [ 465.000896][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 465.008972][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 465.020788][ T1928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 465.035179][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 465.045644][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 465.057039][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 465.068599][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 09:25:31 executing program 0: r0 = socket$inet(0x2, 0x0, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:31 executing program 4: sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:31 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:31 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:31 executing program 1: syz_usb_connect(0x0, 0x44, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xdd, 0xbe, 0xd5, 0x20, 0x421, 0x223, 0xabaa, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x32, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x84, 0x0, 0x1, 0x2, 0x2, 0xff, 0x0, [@cdc_ecm={{0x5}, {0x5}, {0xd}}], [{{0x9, 0x5, 0xe}}]}}]}}]}}, 0x0) 09:25:31 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) [ 466.151233][ T3936] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 466.161421][ T3936] CPU: 1 PID: 3936 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 466.171554][ T3936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 466.181597][ T3936] Call Trace: [ 466.184904][ T3936] dump_stack+0x1d8/0x241 [ 466.189229][ T3936] ? panic+0x73e/0x73e [ 466.193282][ T3936] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 466.199076][ T3936] ? _raw_spin_lock+0xa3/0x1b0 [ 466.203833][ T3936] ? asan.module_dtor+0x20/0x20 [ 466.208675][ T3936] dump_header+0xdb/0x700 [ 466.213254][ T3936] oom_kill_process+0xf0/0x2d0 [ 466.218026][ T3936] out_of_memory+0x666/0x940 [ 466.222604][ T3936] ? unregister_oom_notifier+0x20/0x20 [ 466.228242][ T3936] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 466.234064][ T3936] memory_max_write+0x528/0x600 [ 466.238910][ T3936] ? memory_max_show+0xa0/0xa0 [ 466.243674][ T3936] ? memory_max_show+0xa0/0xa0 [ 466.248515][ T3936] cgroup_file_write+0x273/0x5c0 [ 466.253442][ T3936] ? cgroup_seqfile_stop+0xc0/0xc0 [ 466.258542][ T3936] ? kernfs_get+0x90/0x90 [ 466.262861][ T3936] ? cgroup_seqfile_stop+0xc0/0xc0 [ 466.267966][ T3936] kernfs_fop_write+0x2ec/0x3e0 [ 466.272805][ T3936] ? kernfs_fop_read+0x450/0x450 [ 466.277729][ T3936] __vfs_write+0x103/0x780 [ 466.282132][ T3936] ? __kernel_write+0x340/0x340 [ 466.286970][ T3936] ? check_preemption_disabled+0x9e/0x330 [ 466.292673][ T3936] ? __fget+0x40c/0x4a0 [ 466.296813][ T3936] ? debug_smp_processor_id+0x20/0x20 [ 466.302168][ T3936] ? selinux_file_permission+0x2c2/0x530 [ 466.307785][ T3936] vfs_write+0x210/0x4f0 [ 466.312024][ T3936] ksys_write+0x198/0x2c0 [ 466.316336][ T3936] ? __ia32_sys_read+0x80/0x80 [ 466.321092][ T3936] do_syscall_64+0xcb/0x1c0 [ 466.325584][ T3936] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 466.331527][ T3936] memory: usage 824kB, limit 0kB, failcnt 3181 [ 466.337690][ T3936] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 466.344517][ T3936] Memory cgroup stats for /syz0: [ 466.344589][ T3936] anon 696320 [ 466.344589][ T3936] file 0 [ 466.344589][ T3936] kernel_stack 0 [ 466.344589][ T3936] slab 0 [ 466.344589][ T3936] sock 0 [ 466.344589][ T3936] shmem 0 [ 466.344589][ T3936] file_mapped 0 [ 466.344589][ T3936] file_dirty 0 [ 466.344589][ T3936] file_writeback 0 [ 466.344589][ T3936] anon_thp 0 [ 466.344589][ T3936] inactive_anon 0 [ 466.344589][ T3936] active_anon 675840 [ 466.344589][ T3936] inactive_file 0 [ 466.344589][ T3936] active_file 0 [ 466.344589][ T3936] unevictable 0 [ 466.344589][ T3936] slab_reclaimable 0 [ 466.344589][ T3936] slab_unreclaimable 0 [ 466.344589][ T3936] pgfault 85833 [ 466.344589][ T3936] pgmajfault 0 [ 466.344589][ T3936] workingset_refault 0 [ 466.344589][ T3936] workingset_activate 0 [ 466.344589][ T3936] workingset_nodereclaim 0 [ 466.344589][ T3936] pgrefill 1518 [ 466.344589][ T3936] pgscan 1288 [ 466.344589][ T3936] pgsteal 0 [ 466.344589][ T3936] pgactivate 1287 [ 466.344589][ T3936] pgdeactivate 1518 [ 466.440456][ T3936] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3923,uid=0 [ 466.455613][ T3936] Memory cgroup out of memory: Killed process 3923 (syz-executor.0) total-vm:52612kB, anon-rss:976kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:100kB oom_score_adj:1000 [ 466.565551][ T3936] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 466.575734][ T3936] CPU: 1 PID: 3936 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 466.585900][ T3936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 466.595939][ T3936] Call Trace: [ 466.599219][ T3936] dump_stack+0x1d8/0x241 [ 466.603532][ T3936] ? panic+0x73e/0x73e [ 466.607594][ T3936] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 466.613381][ T3936] ? _raw_spin_lock+0xa3/0x1b0 [ 466.618129][ T3936] ? asan.module_dtor+0x20/0x20 [ 466.622962][ T3936] dump_header+0xdb/0x700 [ 466.627276][ T3936] oom_kill_process+0xf0/0x2d0 [ 466.632022][ T3936] out_of_memory+0x666/0x940 [ 466.636594][ T3936] ? unregister_oom_notifier+0x20/0x20 [ 466.642033][ T3936] memory_max_write+0x528/0x600 [ 466.647305][ T3936] ? memory_max_show+0xa0/0xa0 [ 466.652058][ T3936] ? memory_max_show+0xa0/0xa0 [ 466.656805][ T3936] cgroup_file_write+0x273/0x5c0 09:25:32 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 466.661723][ T3936] ? cgroup_seqfile_stop+0xc0/0xc0 [ 466.666813][ T3936] ? kernfs_get+0x90/0x90 [ 466.671128][ T3936] ? cgroup_seqfile_stop+0xc0/0xc0 [ 466.676230][ T3936] kernfs_fop_write+0x2ec/0x3e0 [ 466.681069][ T3936] ? kernfs_fop_read+0x450/0x450 [ 466.685994][ T3936] __vfs_write+0x103/0x780 [ 466.690394][ T3936] ? __kernel_write+0x340/0x340 [ 466.695231][ T3936] ? check_preemption_disabled+0x9e/0x330 [ 466.700930][ T3936] ? __fget+0x40c/0x4a0 [ 466.705070][ T3936] ? debug_smp_processor_id+0x20/0x20 [ 466.710428][ T3936] ? selinux_file_permission+0x2c2/0x530 [ 466.716042][ T3936] vfs_write+0x210/0x4f0 [ 466.720267][ T3936] ksys_write+0x198/0x2c0 [ 466.724582][ T3936] ? __ia32_sys_read+0x80/0x80 [ 466.729331][ T3936] do_syscall_64+0xcb/0x1c0 [ 466.733818][ T3936] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 466.739858][ T3936] memory: usage 80kB, limit 0kB, failcnt 4930 [ 466.745934][ T3936] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 466.752760][ T3936] Memory cgroup stats for /syz0: [ 466.752836][ T3936] anon 73728 [ 466.752836][ T3936] file 0 [ 466.752836][ T3936] kernel_stack 0 [ 466.752836][ T3936] slab 0 [ 466.752836][ T3936] sock 0 [ 466.752836][ T3936] shmem 0 [ 466.752836][ T3936] file_mapped 0 [ 466.752836][ T3936] file_dirty 0 [ 466.752836][ T3936] file_writeback 0 [ 466.752836][ T3936] anon_thp 0 [ 466.752836][ T3936] inactive_anon 0 [ 466.752836][ T3936] active_anon 0 [ 466.752836][ T3936] inactive_file 0 [ 466.752836][ T3936] active_file 0 [ 466.752836][ T3936] unevictable 0 [ 466.752836][ T3936] slab_reclaimable 0 [ 466.752836][ T3936] slab_unreclaimable 0 [ 466.752836][ T3936] pgfault 87549 [ 466.752836][ T3936] pgmajfault 0 [ 466.752836][ T3936] workingset_refault 0 [ 466.752836][ T3936] workingset_activate 0 [ 466.752836][ T3936] workingset_nodereclaim 0 [ 466.752836][ T3936] pgrefill 1518 [ 466.752836][ T3936] pgscan 1288 [ 466.752836][ T3936] pgsteal 0 [ 466.752836][ T3936] pgactivate 1287 [ 466.752836][ T3936] pgdeactivate 1518 [ 466.848373][ T3936] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3914,uid=0 09:25:32 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 466.863878][ T3936] Memory cgroup out of memory: Killed process 3914 (syz-executor.0) total-vm:48508kB, anon-rss:440kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:0 09:25:32 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:32 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 467.039520][ T3949] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 467.049740][ T3949] CPU: 0 PID: 3949 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 467.059875][ T3949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 467.069938][ T3949] Call Trace: [ 467.073217][ T3949] dump_stack+0x1d8/0x241 [ 467.077519][ T3949] ? panic+0x73e/0x73e [ 467.081558][ T3949] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 467.087336][ T3949] dump_header+0xdb/0x700 [ 467.091640][ T3949] out_of_memory+0x6d0/0x940 [ 467.096205][ T3949] ? unregister_oom_notifier+0x20/0x20 [ 467.101634][ T3949] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 467.107498][ T3949] memory_max_write+0x528/0x600 [ 467.112335][ T3949] ? memory_max_show+0xa0/0xa0 [ 467.117078][ T3949] ? memory_max_show+0xa0/0xa0 [ 467.121832][ T3949] cgroup_file_write+0x273/0x5c0 [ 467.126780][ T3949] ? cgroup_seqfile_stop+0xc0/0xc0 [ 467.131871][ T3949] ? kernfs_get+0x90/0x90 [ 467.136192][ T3949] ? cgroup_seqfile_stop+0xc0/0xc0 [ 467.141284][ T3949] kernfs_fop_write+0x2ec/0x3e0 [ 467.146115][ T3949] ? kernfs_fop_read+0x450/0x450 [ 467.151028][ T3949] __vfs_write+0x103/0x780 [ 467.155417][ T3949] ? __kernel_write+0x340/0x340 [ 467.160240][ T3949] ? check_preemption_disabled+0x9e/0x330 [ 467.165931][ T3949] ? __fget+0x40c/0x4a0 [ 467.170057][ T3949] ? debug_smp_processor_id+0x20/0x20 [ 467.175401][ T3949] ? selinux_file_permission+0x2c2/0x530 [ 467.181006][ T3949] vfs_write+0x210/0x4f0 [ 467.185234][ T3949] ksys_write+0x198/0x2c0 [ 467.189547][ T3949] ? __ia32_sys_read+0x80/0x80 [ 467.194295][ T3949] do_syscall_64+0xcb/0x1c0 [ 467.198794][ T3949] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 467.204859][ T3949] memory: usage 48kB, limit 0kB, failcnt 4932 [ 467.210916][ T3949] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 467.217773][ T3949] Memory cgroup stats for /syz0: [ 467.217857][ T3949] anon 0 [ 467.217857][ T3949] file 0 [ 467.217857][ T3949] kernel_stack 0 [ 467.217857][ T3949] slab 0 [ 467.217857][ T3949] sock 0 [ 467.217857][ T3949] shmem 0 [ 467.217857][ T3949] file_mapped 0 [ 467.217857][ T3949] file_dirty 0 [ 467.217857][ T3949] file_writeback 0 [ 467.217857][ T3949] anon_thp 0 [ 467.217857][ T3949] inactive_anon 0 [ 467.217857][ T3949] active_anon 0 [ 467.217857][ T3949] inactive_file 0 [ 467.217857][ T3949] active_file 0 [ 467.217857][ T3949] unevictable 0 [ 467.217857][ T3949] slab_reclaimable 0 [ 467.217857][ T3949] slab_unreclaimable 0 [ 467.217857][ T3949] pgfault 87549 [ 467.217857][ T3949] pgmajfault 0 [ 467.217857][ T3949] workingset_refault 0 [ 467.217857][ T3949] workingset_activate 0 [ 467.217857][ T3949] workingset_nodereclaim 0 [ 467.217857][ T3949] pgrefill 1551 [ 467.217857][ T3949] pgscan 1288 [ 467.217857][ T3949] pgsteal 0 [ 467.217857][ T3949] pgactivate 1287 [ 467.217857][ T3949] pgdeactivate 1518 [ 467.312872][ T3949] Out of memory and no killable processes... [ 467.366741][ T1366] usb 2-1: new high-speed USB device number 10 using dummy_hcd 09:25:33 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:25:33 executing program 4: sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 467.472149][ T3952] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 467.492762][ T3952] CPU: 1 PID: 3952 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 467.503182][ T3952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 467.513228][ T3952] Call Trace: [ 467.516514][ T3952] dump_stack+0x1d8/0x241 [ 467.520839][ T3952] ? panic+0x73e/0x73e [ 467.524899][ T3952] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 467.530700][ T3952] ? preempt_schedule_common+0xb7/0xe0 [ 467.536148][ T3952] dump_header+0xdb/0x700 [ 467.540472][ T3952] out_of_memory+0x6d0/0x940 [ 467.545055][ T3952] ? unregister_oom_notifier+0x20/0x20 [ 467.550508][ T3952] memory_max_write+0x528/0x600 [ 467.555351][ T3952] ? memory_max_show+0xa0/0xa0 [ 467.560099][ T3952] ? memory_max_show+0xa0/0xa0 [ 467.564838][ T3952] cgroup_file_write+0x273/0x5c0 [ 467.569747][ T3952] ? cgroup_seqfile_stop+0xc0/0xc0 [ 467.574830][ T3952] ? kernfs_get+0x90/0x90 [ 467.579130][ T3952] ? cgroup_seqfile_stop+0xc0/0xc0 [ 467.584223][ T3952] kernfs_fop_write+0x2ec/0x3e0 [ 467.589481][ T3952] ? kernfs_fop_read+0x450/0x450 [ 467.594476][ T3952] __vfs_write+0x103/0x780 [ 467.598865][ T3952] ? __kernel_write+0x340/0x340 [ 467.603706][ T3952] ? check_preemption_disabled+0x9e/0x330 [ 467.609394][ T3952] ? __fget+0x40c/0x4a0 [ 467.613608][ T3952] ? debug_smp_processor_id+0x20/0x20 [ 467.619039][ T3952] ? selinux_file_permission+0x2c2/0x530 [ 467.624644][ T3952] vfs_write+0x210/0x4f0 [ 467.628862][ T3952] ksys_write+0x198/0x2c0 [ 467.633266][ T3952] ? __ia32_sys_read+0x80/0x80 [ 467.638021][ T3952] do_syscall_64+0xcb/0x1c0 [ 467.642697][ T3952] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 09:25:33 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 467.764813][ T1366] usb 2-1: Using ep0 maxpacket: 32 [ 467.948375][ T1366] usb 2-1: config 0 has an invalid interface number: 132 but max is 0 [ 467.965415][ T1366] usb 2-1: config 0 has no interface number 0 [ 467.995455][ T1366] usb 2-1: config 0 interface 132 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 468.034907][ T3952] memory: usage 48kB, limit 0kB, failcnt 4932 [ 468.041243][ T3952] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 468.059907][ T3952] Memory cgroup stats for /syz0: [ 468.061259][ T3952] anon 0 [ 468.061259][ T3952] file 0 [ 468.061259][ T3952] kernel_stack 0 [ 468.061259][ T3952] slab 0 [ 468.061259][ T3952] sock 0 [ 468.061259][ T3952] shmem 0 [ 468.061259][ T3952] file_mapped 0 [ 468.061259][ T3952] file_dirty 0 [ 468.061259][ T3952] file_writeback 0 [ 468.061259][ T3952] anon_thp 0 [ 468.061259][ T3952] inactive_anon 0 [ 468.061259][ T3952] active_anon 0 [ 468.061259][ T3952] inactive_file 0 [ 468.061259][ T3952] active_file 0 [ 468.061259][ T3952] unevictable 0 [ 468.061259][ T3952] slab_reclaimable 0 [ 468.061259][ T3952] slab_unreclaimable 0 [ 468.061259][ T3952] pgfault 87549 [ 468.061259][ T3952] pgmajfault 0 [ 468.061259][ T3952] workingset_refault 0 [ 468.061259][ T3952] workingset_activate 0 [ 468.061259][ T3952] workingset_nodereclaim 0 [ 468.061259][ T3952] pgrefill 1551 [ 468.061259][ T3952] pgscan 1321 [ 468.061259][ T3952] pgsteal 0 [ 468.061259][ T3952] pgactivate 1320 [ 468.061259][ T3952] pgdeactivate 1551 [ 468.215033][ T801] device bridge_slave_1 left promiscuous mode [ 468.222355][ T801] bridge0: port 2(bridge_slave_1) entered disabled state [ 468.238355][ T801] device bridge_slave_0 left promiscuous mode [ 468.252071][ T801] bridge0: port 1(bridge_slave_0) entered disabled state [ 468.274946][ T1366] usb 2-1: New USB device found, idVendor=0421, idProduct=0223, bcdDevice=ab.aa [ 468.293216][ T1366] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 468.321455][ T1366] usb 2-1: Product: syz [ 468.333263][ T1366] usb 2-1: Manufacturer: syz [ 468.345757][ T1366] usb 2-1: SerialNumber: syz [ 468.359663][ T1366] usb 2-1: config 0 descriptor?? [ 468.377969][ T3952] Out of memory and no killable processes... [ 468.392209][ T3960] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 468.405952][ T1366] usb 2-1: bad CDC descriptors [ 468.420954][ T3960] CPU: 0 PID: 3960 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 468.431108][ T3960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 468.441152][ T3960] Call Trace: [ 468.444434][ T3960] dump_stack+0x1d8/0x241 [ 468.448757][ T3960] ? panic+0x73e/0x73e [ 468.452816][ T3960] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 468.458617][ T3960] ? preempt_schedule_common+0xb7/0xe0 [ 468.464068][ T3960] dump_header+0xdb/0x700 [ 468.468393][ T3960] out_of_memory+0x6d0/0x940 [ 468.472975][ T3960] ? unregister_oom_notifier+0x20/0x20 [ 468.478424][ T3960] memory_max_write+0x528/0x600 [ 468.483267][ T3960] ? memory_max_show+0xa0/0xa0 [ 468.488024][ T3960] ? memory_max_show+0xa0/0xa0 [ 468.492786][ T3960] cgroup_file_write+0x273/0x5c0 [ 468.497892][ T3960] ? cgroup_seqfile_stop+0xc0/0xc0 [ 468.502995][ T3960] ? kernfs_get+0x90/0x90 [ 468.507327][ T3960] ? cgroup_seqfile_stop+0xc0/0xc0 [ 468.512433][ T3960] kernfs_fop_write+0x2ec/0x3e0 [ 468.517273][ T3960] ? kernfs_fop_read+0x450/0x450 [ 468.522197][ T3960] __vfs_write+0x103/0x780 09:25:34 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 468.526608][ T3960] ? __kernel_write+0x340/0x340 [ 468.531572][ T3960] ? check_preemption_disabled+0x9e/0x330 [ 468.537281][ T3960] ? __fget+0x40c/0x4a0 [ 468.541423][ T3960] ? debug_smp_processor_id+0x20/0x20 [ 468.546789][ T3960] ? selinux_file_permission+0x2c2/0x530 [ 468.552417][ T3960] vfs_write+0x210/0x4f0 [ 468.556654][ T3960] ksys_write+0x198/0x2c0 [ 468.560991][ T3960] ? __ia32_sys_read+0x80/0x80 [ 468.565731][ T3960] do_syscall_64+0xcb/0x1c0 [ 468.570212][ T3960] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 09:25:34 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(r0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 468.621303][ T3130] usb 2-1: USB disconnect, device number 10 [ 468.639833][ T3960] memory: usage 48kB, limit 0kB, failcnt 4932 [ 468.658994][ T3960] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 468.668499][ T3960] Memory cgroup stats for /syz0: [ 468.668877][ T3960] anon 0 [ 468.668877][ T3960] file 0 [ 468.668877][ T3960] kernel_stack 0 [ 468.668877][ T3960] slab 0 [ 468.668877][ T3960] sock 0 [ 468.668877][ T3960] shmem 0 [ 468.668877][ T3960] file_mapped 0 [ 468.668877][ T3960] file_dirty 0 [ 468.668877][ T3960] file_writeback 0 [ 468.668877][ T3960] anon_thp 0 [ 468.668877][ T3960] inactive_anon 0 [ 468.668877][ T3960] active_anon 0 [ 468.668877][ T3960] inactive_file 0 [ 468.668877][ T3960] active_file 0 [ 468.668877][ T3960] unevictable 0 09:25:34 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 468.668877][ T3960] slab_reclaimable 0 [ 468.668877][ T3960] slab_unreclaimable 0 [ 468.668877][ T3960] pgfault 87549 [ 468.668877][ T3960] pgmajfault 0 [ 468.668877][ T3960] workingset_refault 0 [ 468.668877][ T3960] workingset_activate 0 [ 468.668877][ T3960] workingset_nodereclaim 0 [ 468.668877][ T3960] pgrefill 1551 [ 468.668877][ T3960] pgscan 1321 [ 468.668877][ T3960] pgsteal 0 [ 468.668877][ T3960] pgactivate 1320 [ 468.668877][ T3960] pgdeactivate 1551 [ 468.862799][ T3960] Out of memory and no killable processes... [ 468.876021][ T3969] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 468.886259][ T3969] CPU: 0 PID: 3969 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 468.896390][ T3969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 468.906426][ T3969] Call Trace: [ 468.909701][ T3969] dump_stack+0x1d8/0x241 [ 468.914016][ T3969] ? panic+0x73e/0x73e [ 468.918070][ T3969] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 468.923862][ T3969] dump_header+0xdb/0x700 [ 468.928173][ T3969] out_of_memory+0x6d0/0x940 [ 468.932744][ T3969] ? unregister_oom_notifier+0x20/0x20 [ 468.938205][ T3969] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 468.944082][ T3969] memory_max_write+0x528/0x600 [ 468.948918][ T3969] ? memory_max_show+0xa0/0xa0 [ 468.953662][ T3969] ? memory_max_show+0xa0/0xa0 [ 468.958405][ T3969] cgroup_file_write+0x273/0x5c0 [ 468.963327][ T3969] ? cgroup_seqfile_stop+0xc0/0xc0 [ 468.968427][ T3969] ? kernfs_get+0x90/0x90 [ 468.972737][ T3969] ? cgroup_seqfile_stop+0xc0/0xc0 [ 468.978523][ T3969] kernfs_fop_write+0x2ec/0x3e0 [ 468.983541][ T3969] ? kernfs_fop_read+0x450/0x450 [ 468.988551][ T3969] __vfs_write+0x103/0x780 [ 468.992950][ T3969] ? __kernel_write+0x340/0x340 [ 468.997782][ T3969] ? check_preemption_disabled+0x9e/0x330 [ 469.003495][ T3969] ? __fget+0x40c/0x4a0 [ 469.007635][ T3969] ? debug_smp_processor_id+0x20/0x20 [ 469.012990][ T3969] ? selinux_file_permission+0x2c2/0x530 [ 469.018606][ T3969] vfs_write+0x210/0x4f0 [ 469.022828][ T3969] ksys_write+0x198/0x2c0 [ 469.027140][ T3969] ? __ia32_sys_read+0x80/0x80 [ 469.031890][ T3969] do_syscall_64+0xcb/0x1c0 [ 469.036380][ T3969] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 469.042415][ T3969] memory: usage 48kB, limit 0kB, failcnt 4932 [ 469.048606][ T3969] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 469.055463][ T3969] Memory cgroup stats for /syz0: [ 469.055529][ T3969] anon 0 [ 469.055529][ T3969] file 0 [ 469.055529][ T3969] kernel_stack 0 [ 469.055529][ T3969] slab 0 [ 469.055529][ T3969] sock 0 [ 469.055529][ T3969] shmem 0 [ 469.055529][ T3969] file_mapped 0 [ 469.055529][ T3969] file_dirty 0 [ 469.055529][ T3969] file_writeback 0 [ 469.055529][ T3969] anon_thp 0 [ 469.055529][ T3969] inactive_anon 0 [ 469.055529][ T3969] active_anon 0 [ 469.055529][ T3969] inactive_file 0 [ 469.055529][ T3969] active_file 0 [ 469.055529][ T3969] unevictable 0 [ 469.055529][ T3969] slab_reclaimable 0 [ 469.055529][ T3969] slab_unreclaimable 0 [ 469.055529][ T3969] pgfault 87549 [ 469.055529][ T3969] pgmajfault 0 [ 469.055529][ T3969] workingset_refault 0 [ 469.055529][ T3969] workingset_activate 0 [ 469.055529][ T3969] workingset_nodereclaim 0 [ 469.055529][ T3969] pgrefill 1551 [ 469.055529][ T3969] pgscan 1321 [ 469.055529][ T3969] pgsteal 0 [ 469.055529][ T3969] pgactivate 1320 [ 469.055529][ T3969] pgdeactivate 1551 [ 469.150408][ T3969] Out of memory and no killable processes... [ 469.157427][ T3972] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 469.168026][ T3972] CPU: 0 PID: 3972 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 469.178165][ T3972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 469.188287][ T3972] Call Trace: [ 469.191562][ T3972] dump_stack+0x1d8/0x241 [ 469.195879][ T3972] ? panic+0x73e/0x73e [ 469.199919][ T3972] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 469.205694][ T3972] ? preempt_schedule_common+0xb7/0xe0 [ 469.211122][ T3972] dump_header+0xdb/0x700 [ 469.215423][ T3972] out_of_memory+0x6d0/0x940 [ 469.219984][ T3972] ? unregister_oom_notifier+0x20/0x20 [ 469.225412][ T3972] memory_max_write+0x528/0x600 [ 469.230245][ T3972] ? memory_max_show+0xa0/0xa0 [ 469.235067][ T3972] ? memory_max_show+0xa0/0xa0 [ 469.239799][ T3972] cgroup_file_write+0x273/0x5c0 [ 469.244706][ T3972] ? cgroup_seqfile_stop+0xc0/0xc0 [ 469.249789][ T3972] ? kernfs_get+0x90/0x90 [ 469.254091][ T3972] ? cgroup_seqfile_stop+0xc0/0xc0 [ 469.259189][ T3972] kernfs_fop_write+0x2ec/0x3e0 [ 469.264023][ T3972] ? kernfs_fop_read+0x450/0x450 [ 469.268929][ T3972] __vfs_write+0x103/0x780 [ 469.273320][ T3972] ? __kernel_write+0x340/0x340 [ 469.278142][ T3972] ? check_preemption_disabled+0x9e/0x330 [ 469.283830][ T3972] ? debug_smp_processor_id+0x20/0x20 [ 469.289171][ T3972] ? selinux_file_permission+0x2c2/0x530 [ 469.294775][ T3972] vfs_write+0x210/0x4f0 [ 469.298988][ T3972] ksys_write+0x198/0x2c0 [ 469.303289][ T3972] ? __ia32_sys_read+0x80/0x80 [ 469.308024][ T3972] do_syscall_64+0xcb/0x1c0 09:25:34 executing program 1: r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000e00), 0x0, 0x0) inotify_rm_watch(r0, 0x0) 09:25:34 executing program 4: prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 469.312505][ T3972] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 469.322915][ T3972] memory: usage 48kB, limit 0kB, failcnt 4932 [ 469.348925][ T3972] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 469.370696][ T3972] Memory cgroup stats for /syz0: [ 469.371835][ T3972] anon 0 [ 469.371835][ T3972] file 0 [ 469.371835][ T3972] kernel_stack 0 [ 469.371835][ T3972] slab 0 [ 469.371835][ T3972] sock 0 [ 469.371835][ T3972] shmem 0 [ 469.371835][ T3972] file_mapped 0 [ 469.371835][ T3972] file_dirty 0 [ 469.371835][ T3972] file_writeback 0 [ 469.371835][ T3972] anon_thp 0 [ 469.371835][ T3972] inactive_anon 0 [ 469.371835][ T3972] active_anon 0 [ 469.371835][ T3972] inactive_file 0 [ 469.371835][ T3972] active_file 0 09:25:35 executing program 1: r0 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, r0) add_key$keyring(&(0x7f0000000000), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r1) [ 469.371835][ T3972] unevictable 0 [ 469.371835][ T3972] slab_reclaimable 0 [ 469.371835][ T3972] slab_unreclaimable 0 [ 469.371835][ T3972] pgfault 87549 [ 469.371835][ T3972] pgmajfault 0 [ 469.371835][ T3972] workingset_refault 0 [ 469.371835][ T3972] workingset_activate 0 [ 469.371835][ T3972] workingset_nodereclaim 0 [ 469.371835][ T3972] pgrefill 1551 [ 469.371835][ T3972] pgscan 1321 [ 469.371835][ T3972] pgsteal 0 [ 469.371835][ T3972] pgactivate 1320 [ 469.371835][ T3972] pgdeactivate 1551 09:25:35 executing program 1: request_key(&(0x7f0000000040)='encrypted\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0xfffffffffffffffd) request_key(&(0x7f0000000080)='logon\x00', &(0x7f00000002c0)={'syz', 0x3}, &(0x7f00000000c0)='/sys/kernelmon/kdamond_pid\x00\x04\xd4C5\xac@\xd1\xba\xf4\x9a\xb7\'K~\xba\xf5`\t:\xdb>|+0\xc2\xbb\xd1\x8f\xfeZ\xe7\xd3\x9a\x97\x87\x89\xfeA\x7f\xee\x00l\xeb\xf5\x82RL\xbc\xcb\xd4\xb3\x1c3-\xfcw1\xd1\a\xd2h\xa3\x1c\xb9\x8b\"\xc9\xba\x0fpFl\xeao\xaf\xf5\xde`\xab\x84\x7f\xdc\xda\xf9\x15YA\x84\xb1\a\xfe\xdeG\xe4,\xect\x1a\xaa\x1ag\xa4\xff\x81+\x1f\xafK\xcc\xb0\x11\x1e\x01:\xcb\xc0\xec\xcf\\\xa5\v-}\xb8\xc9P\xabM#\xfa\x1a\xe3\xeb\xff\xf36+\x90\xb8\xeeGenX\xbd_F\xc6\x04}\xc3\xe5\xa5\xb7Ff\x9f\xfc2\xe2\xc4\r\x01\x00\x01\x00\x00\x00\x00\x00\xaa\xb2,\xaaX\xd3\xe3\xb3\xae [L(\xea\x85\xe9\xc3\xac\xb4\x94;\x10\x8e~27I6\xa7\x0ew;N\xa97\xd8s\xabc\x0f\xe4\xa6\xb0\xdc\x87n\x8f\x7f\xbf\xa7\xe0g\x9f\x18\x05\xee\xbfGtl\xcf\x8f;J-\xcdB\\\xb97e\xfe\x87\x9c\xce\x1b\x96\x83#\xff\t\xcb\xa6\xce\\E\x8b\xc6\xa8y\xef#\x1b\xa5\xa8\xb2\xe7\xc3\xac\'\x14\x1d<9w\xe1y%,\x11\x1e\x9e^T\x95py\a\x029\xce\xb2\xbd>y\x8a\x9d38b|\xc0', 0x0) [ 469.481349][ T22] audit: type=1400 audit(1675589135.050:178): avc: denied { write } for pid=3981 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 469.577732][ T3972] Out of memory and no killable processes... [ 469.583836][ T3975] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 469.596226][ T3975] CPU: 0 PID: 3975 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 469.606369][ T3975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 469.616405][ T3975] Call Trace: [ 469.619677][ T3975] dump_stack+0x1d8/0x241 [ 469.624352][ T3975] ? panic+0x73e/0x73e [ 469.628391][ T3975] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 469.634167][ T3975] ? preempt_schedule_common+0xb7/0xe0 [ 469.639613][ T3975] dump_header+0xdb/0x700 [ 469.643912][ T3975] out_of_memory+0x6d0/0x940 [ 469.648476][ T3975] ? unregister_oom_notifier+0x20/0x20 [ 469.653904][ T3975] memory_max_write+0x528/0x600 [ 469.658727][ T3975] ? memory_max_show+0xa0/0xa0 [ 469.663463][ T3975] ? memory_max_show+0xa0/0xa0 [ 469.668197][ T3975] cgroup_file_write+0x273/0x5c0 [ 469.673365][ T3975] ? cgroup_seqfile_stop+0xc0/0xc0 [ 469.678450][ T3975] ? kernfs_get+0x90/0x90 [ 469.682775][ T3975] ? cgroup_seqfile_stop+0xc0/0xc0 [ 469.687857][ T3975] kernfs_fop_write+0x2ec/0x3e0 [ 469.692678][ T3975] ? kernfs_fop_read+0x450/0x450 [ 469.697584][ T3975] __vfs_write+0x103/0x780 [ 469.701969][ T3975] ? __kernel_write+0x340/0x340 [ 469.706790][ T3975] ? check_preemption_disabled+0x9e/0x330 [ 469.712494][ T3975] ? __fget+0x40c/0x4a0 [ 469.716706][ T3975] ? debug_smp_processor_id+0x20/0x20 [ 469.722047][ T3975] ? selinux_file_permission+0x2c2/0x530 [ 469.727653][ T3975] vfs_write+0x210/0x4f0 [ 469.731886][ T3975] ksys_write+0x198/0x2c0 [ 469.736189][ T3975] ? __ia32_sys_read+0x80/0x80 [ 469.740926][ T3975] do_syscall_64+0xcb/0x1c0 [ 469.745404][ T3975] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 469.752778][ T3975] memory: usage 48kB, limit 0kB, failcnt 4932 [ 469.759981][ T3975] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 469.766892][ T3975] Memory cgroup stats for /syz0: [ 469.766968][ T3975] anon 0 [ 469.766968][ T3975] file 0 [ 469.766968][ T3975] kernel_stack 0 [ 469.766968][ T3975] slab 0 [ 469.766968][ T3975] sock 0 [ 469.766968][ T3975] shmem 0 [ 469.766968][ T3975] file_mapped 0 [ 469.766968][ T3975] file_dirty 0 [ 469.766968][ T3975] file_writeback 0 [ 469.766968][ T3975] anon_thp 0 [ 469.766968][ T3975] inactive_anon 0 [ 469.766968][ T3975] active_anon 0 [ 469.766968][ T3975] inactive_file 0 [ 469.766968][ T3975] active_file 0 [ 469.766968][ T3975] unevictable 0 [ 469.766968][ T3975] slab_reclaimable 0 [ 469.766968][ T3975] slab_unreclaimable 0 [ 469.766968][ T3975] pgfault 87549 [ 469.766968][ T3975] pgmajfault 0 [ 469.766968][ T3975] workingset_refault 0 [ 469.766968][ T3975] workingset_activate 0 [ 469.766968][ T3975] workingset_nodereclaim 0 [ 469.766968][ T3975] pgrefill 1551 [ 469.766968][ T3975] pgscan 1321 [ 469.766968][ T3975] pgsteal 0 [ 469.766968][ T3975] pgactivate 1320 [ 469.766968][ T3975] pgdeactivate 1551 [ 469.862217][ T3975] Out of memory and no killable processes... [ 469.868352][ T3984] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 469.878768][ T3984] CPU: 1 PID: 3984 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 469.888900][ T3984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 469.898939][ T3984] Call Trace: [ 469.902211][ T3984] dump_stack+0x1d8/0x241 [ 469.906523][ T3984] ? panic+0x73e/0x73e [ 469.910564][ T3984] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 469.916353][ T3984] ? preempt_schedule_common+0xb7/0xe0 [ 469.921781][ T3984] dump_header+0xdb/0x700 [ 469.926082][ T3984] out_of_memory+0x6d0/0x940 [ 469.930669][ T3984] ? unregister_oom_notifier+0x20/0x20 [ 469.936099][ T3984] memory_max_write+0x528/0x600 [ 469.940919][ T3984] ? memory_max_show+0xa0/0xa0 [ 469.945653][ T3984] ? memory_max_show+0xa0/0xa0 [ 469.950395][ T3984] cgroup_file_write+0x273/0x5c0 [ 469.955308][ T3984] ? cgroup_seqfile_stop+0xc0/0xc0 [ 469.960393][ T3984] ? kernfs_get+0x90/0x90 [ 469.964695][ T3984] ? cgroup_seqfile_stop+0xc0/0xc0 [ 469.969775][ T3984] kernfs_fop_write+0x2ec/0x3e0 [ 469.974599][ T3984] ? kernfs_fop_read+0x450/0x450 [ 469.979508][ T3984] __vfs_write+0x103/0x780 [ 469.983927][ T3984] ? __kernel_write+0x340/0x340 [ 469.988752][ T3984] ? check_preemption_disabled+0x9e/0x330 [ 469.994441][ T3984] ? __fget+0x40c/0x4a0 [ 469.998592][ T3984] ? debug_smp_processor_id+0x20/0x20 [ 470.003934][ T3984] ? selinux_file_permission+0x2c2/0x530 [ 470.009538][ T3984] vfs_write+0x210/0x4f0 [ 470.013750][ T3984] ksys_write+0x198/0x2c0 [ 470.018049][ T3984] ? __ia32_sys_read+0x80/0x80 [ 470.022785][ T3984] do_syscall_64+0xcb/0x1c0 [ 470.027261][ T3984] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 470.033246][ T3984] memory: usage 48kB, limit 0kB, failcnt 4932 [ 470.039363][ T3984] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 470.046258][ T3984] Memory cgroup stats for /syz0: [ 470.046324][ T3984] anon 0 [ 470.046324][ T3984] file 0 [ 470.046324][ T3984] kernel_stack 0 [ 470.046324][ T3984] slab 0 [ 470.046324][ T3984] sock 0 [ 470.046324][ T3984] shmem 0 [ 470.046324][ T3984] file_mapped 0 [ 470.046324][ T3984] file_dirty 0 [ 470.046324][ T3984] file_writeback 0 [ 470.046324][ T3984] anon_thp 0 [ 470.046324][ T3984] inactive_anon 0 [ 470.046324][ T3984] active_anon 0 [ 470.046324][ T3984] inactive_file 0 [ 470.046324][ T3984] active_file 0 [ 470.046324][ T3984] unevictable 0 [ 470.046324][ T3984] slab_reclaimable 0 [ 470.046324][ T3984] slab_unreclaimable 0 [ 470.046324][ T3984] pgfault 87549 [ 470.046324][ T3984] pgmajfault 0 [ 470.046324][ T3984] workingset_refault 0 [ 470.046324][ T3984] workingset_activate 0 [ 470.046324][ T3984] workingset_nodereclaim 0 [ 470.046324][ T3984] pgrefill 1551 [ 470.046324][ T3984] pgscan 1321 [ 470.046324][ T3984] pgsteal 0 [ 470.046324][ T3984] pgactivate 1320 [ 470.046324][ T3984] pgdeactivate 1551 [ 470.183054][ T3984] Out of memory and no killable processes... [ 470.204137][ T3987] bridge0: port 1(bridge_slave_0) entered blocking state [ 470.222016][ T3987] bridge0: port 1(bridge_slave_0) entered disabled state [ 470.237130][ T3987] device bridge_slave_0 entered promiscuous mode [ 470.251743][ T3987] bridge0: port 2(bridge_slave_1) entered blocking state [ 470.267428][ T3987] bridge0: port 2(bridge_slave_1) entered disabled state [ 470.278934][ T3987] device bridge_slave_1 entered promiscuous mode [ 470.340921][ T3987] bridge0: port 2(bridge_slave_1) entered blocking state [ 470.347961][ T3987] bridge0: port 2(bridge_slave_1) entered forwarding state [ 470.355233][ T3987] bridge0: port 1(bridge_slave_0) entered blocking state [ 470.362231][ T3987] bridge0: port 1(bridge_slave_0) entered forwarding state [ 470.381715][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 470.389002][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 470.396992][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 470.404341][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 470.413822][ T118] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 470.421960][ T118] bridge0: port 1(bridge_slave_0) entered blocking state [ 470.428972][ T118] bridge0: port 1(bridge_slave_0) entered forwarding state [ 470.445310][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 470.453417][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 470.460438][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 470.467749][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 470.475737][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 470.495250][ T977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 470.503554][ T977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 470.512586][ T977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 470.526856][ T1928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 470.535475][ T1928] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 09:25:36 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:36 executing program 1: request_key(&(0x7f0000000040)='encrypted\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0xfffffffffffffffd) r0 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) request_key(&(0x7f00000001c0)='trusted\x00', &(0x7f00000000c0)={'syz', 0x3}, 0x0, r0) 09:25:36 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:36 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(r0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:36 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:36 executing program 4: prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:37 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x0, 0x0, 0x0, 0x0, 0xbc, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48) 09:25:37 executing program 1: r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000300)='./file0\x00', 0x408) 09:25:37 executing program 1: openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x30941, 0x0) 09:25:37 executing program 1: socketpair(0x1e, 0x0, 0x10000, &(0x7f0000000080)) 09:25:37 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) io_uring_setup(0x5967, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000380)={0x0, 0x0}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, 0x0) syz_usb_connect$uac1(0x2, 0x7f, &(0x7f0000001680)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6d, 0x3, 0x1, 0x4, 0xa0, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xff, 0x8}, [@extension_unit={0x7}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x94, 0x0, 0x3, {0x7, 0x25, 0x1, 0x0, 0x3f, 0x401}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x17, 0x80}]}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x2, {0x7}}}}}}}]}}, 0x0) [ 471.476753][ T4020] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 471.486957][ T4020] CPU: 1 PID: 4020 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 471.497089][ T4020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 471.507168][ T4020] Call Trace: [ 471.510550][ T4020] dump_stack+0x1d8/0x241 [ 471.514875][ T4020] ? panic+0x73e/0x73e [ 471.518940][ T4020] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 471.524740][ T4020] ? _raw_spin_lock+0xa3/0x1b0 [ 471.529498][ T4020] ? asan.module_dtor+0x20/0x20 [ 471.534381][ T4020] dump_header+0xdb/0x700 [ 471.538702][ T4020] oom_kill_process+0xf0/0x2d0 [ 471.543456][ T4020] out_of_memory+0x666/0x940 [ 471.548036][ T4020] ? unregister_oom_notifier+0x20/0x20 [ 471.553480][ T4020] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 471.559280][ T4020] memory_max_write+0x528/0x600 [ 471.564125][ T4020] ? memory_max_show+0xa0/0xa0 [ 471.568884][ T4020] ? memory_max_show+0xa0/0xa0 [ 471.573637][ T4020] cgroup_file_write+0x273/0x5c0 [ 471.578568][ T4020] ? cgroup_seqfile_stop+0xc0/0xc0 [ 471.583671][ T4020] ? kernfs_get+0x90/0x90 [ 471.587996][ T4020] ? cgroup_seqfile_stop+0xc0/0xc0 [ 471.593103][ T4020] kernfs_fop_write+0x2ec/0x3e0 [ 471.597953][ T4020] ? kernfs_fop_read+0x450/0x450 [ 471.602881][ T4020] __vfs_write+0x103/0x780 [ 471.607290][ T4020] ? __kernel_write+0x340/0x340 [ 471.612129][ T4020] ? check_preemption_disabled+0x9e/0x330 [ 471.617837][ T4020] ? __fget+0x40c/0x4a0 [ 471.622075][ T4020] ? debug_smp_processor_id+0x20/0x20 [ 471.627443][ T4020] ? selinux_file_permission+0x2c2/0x530 [ 471.633067][ T4020] vfs_write+0x210/0x4f0 [ 471.637301][ T4020] ksys_write+0x198/0x2c0 [ 471.641621][ T4020] ? __ia32_sys_read+0x80/0x80 [ 471.646514][ T4020] do_syscall_64+0xcb/0x1c0 [ 471.651008][ T4020] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 471.657116][ T4020] memory: usage 308kB, limit 0kB, failcnt 4940 [ 471.663254][ T4020] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 471.670099][ T4020] Memory cgroup stats for /syz0: [ 471.670176][ T4020] anon 208896 [ 471.670176][ T4020] file 0 [ 471.670176][ T4020] kernel_stack 0 [ 471.670176][ T4020] slab 0 [ 471.670176][ T4020] sock 0 [ 471.670176][ T4020] shmem 0 [ 471.670176][ T4020] file_mapped 0 [ 471.670176][ T4020] file_dirty 0 [ 471.670176][ T4020] file_writeback 0 [ 471.670176][ T4020] anon_thp 0 [ 471.670176][ T4020] inactive_anon 0 [ 471.670176][ T4020] active_anon 135168 [ 471.670176][ T4020] inactive_file 0 [ 471.670176][ T4020] active_file 0 [ 471.670176][ T4020] unevictable 0 [ 471.670176][ T4020] slab_reclaimable 0 [ 471.670176][ T4020] slab_unreclaimable 0 [ 471.670176][ T4020] pgfault 89793 [ 471.670176][ T4020] pgmajfault 0 [ 471.670176][ T4020] workingset_refault 0 [ 471.670176][ T4020] workingset_activate 0 [ 471.670176][ T4020] workingset_nodereclaim 0 [ 471.670176][ T4020] pgrefill 1551 [ 471.670176][ T4020] pgscan 1321 [ 471.670176][ T4020] pgsteal 0 [ 471.670176][ T4020] pgactivate 1320 [ 471.670176][ T4020] pgdeactivate 1551 [ 471.765814][ T4020] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4005,uid=0 [ 471.780963][ T4020] Memory cgroup out of memory: Killed process 4005 (syz-executor.0) total-vm:52612kB, anon-rss:452kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000 09:25:37 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 471.904590][ T4020] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 471.914783][ T4020] CPU: 1 PID: 4020 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 471.924912][ T4020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 471.934952][ T4020] Call Trace: [ 471.938234][ T4020] dump_stack+0x1d8/0x241 [ 471.942566][ T4020] ? panic+0x73e/0x73e [ 471.946623][ T4020] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 471.952411][ T4020] ? _raw_spin_lock+0xa3/0x1b0 [ 471.957156][ T4020] ? asan.module_dtor+0x20/0x20 [ 471.961993][ T4020] dump_header+0xdb/0x700 [ 471.966304][ T4020] oom_kill_process+0xf0/0x2d0 [ 471.971049][ T4020] out_of_memory+0x666/0x940 [ 471.975622][ T4020] ? unregister_oom_notifier+0x20/0x20 [ 471.981323][ T4020] memory_max_write+0x528/0x600 [ 471.986154][ T4020] ? memory_max_show+0xa0/0xa0 [ 471.990900][ T4020] ? memory_max_show+0xa0/0xa0 [ 471.995642][ T4020] cgroup_file_write+0x273/0x5c0 [ 472.000738][ T4020] ? cgroup_seqfile_stop+0xc0/0xc0 [ 472.005835][ T4020] ? kernfs_get+0x90/0x90 [ 472.010237][ T4020] ? cgroup_seqfile_stop+0xc0/0xc0 [ 472.015332][ T4020] kernfs_fop_write+0x2ec/0x3e0 [ 472.020163][ T4020] ? kernfs_fop_read+0x450/0x450 [ 472.025085][ T4020] __vfs_write+0x103/0x780 [ 472.029493][ T4020] ? __kernel_write+0x340/0x340 [ 472.034327][ T4020] ? check_preemption_disabled+0x9e/0x330 [ 472.040032][ T4020] ? __fget+0x40c/0x4a0 [ 472.044186][ T4020] ? debug_smp_processor_id+0x20/0x20 [ 472.049552][ T4020] ? selinux_file_permission+0x2c2/0x530 [ 472.055169][ T4020] vfs_write+0x210/0x4f0 [ 472.059395][ T4020] ksys_write+0x198/0x2c0 [ 472.063705][ T4020] ? __ia32_sys_read+0x80/0x80 [ 472.068449][ T4020] do_syscall_64+0xcb/0x1c0 [ 472.072935][ T4020] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 472.078830][ T4020] memory: usage 80kB, limit 0kB, failcnt 6945 [ 472.084896][ T4020] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 472.091715][ T4020] Memory cgroup stats for /syz0: [ 472.091796][ T4020] anon 114688 [ 472.091796][ T4020] file 0 [ 472.091796][ T4020] kernel_stack 0 [ 472.091796][ T4020] slab 0 [ 472.091796][ T4020] sock 0 [ 472.091796][ T4020] shmem 0 [ 472.091796][ T4020] file_mapped 0 [ 472.091796][ T4020] file_dirty 0 [ 472.091796][ T4020] file_writeback 0 [ 472.091796][ T4020] anon_thp 0 [ 472.091796][ T4020] inactive_anon 0 [ 472.091796][ T4020] active_anon 135168 [ 472.091796][ T4020] inactive_file 0 [ 472.091796][ T4020] active_file 0 [ 472.091796][ T4020] unevictable 0 [ 472.091796][ T4020] slab_reclaimable 0 [ 472.091796][ T4020] slab_unreclaimable 0 [ 472.091796][ T4020] pgfault 91806 [ 472.091796][ T4020] pgmajfault 0 [ 472.091796][ T4020] workingset_refault 0 [ 472.091796][ T4020] workingset_activate 0 [ 472.091796][ T4020] workingset_nodereclaim 0 [ 472.091796][ T4020] pgrefill 1551 [ 472.091796][ T4020] pgscan 1321 [ 472.091796][ T4020] pgsteal 0 [ 472.091796][ T4020] pgactivate 1320 [ 472.091796][ T4020] pgdeactivate 1551 [ 472.187440][ T4020] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=3987,uid=0 [ 472.202678][ T4020] Memory cgroup out of memory: Killed process 3987 (syz-executor.0) total-vm:48508kB, anon-rss:440kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:0 [ 472.219984][ T23] oom_reaper: reaped process 3987 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:48kB [ 472.222456][ T4023] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 472.241320][ T4023] CPU: 1 PID: 4023 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 472.251452][ T4023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 472.261488][ T4023] Call Trace: [ 472.264756][ T4023] dump_stack+0x1d8/0x241 [ 472.269062][ T4023] ? panic+0x73e/0x73e [ 472.273115][ T4023] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 472.278891][ T4023] ? _raw_spin_lock+0xa3/0x1b0 [ 472.283630][ T4023] ? asan.module_dtor+0x20/0x20 [ 472.288453][ T4023] dump_header+0xdb/0x700 [ 472.292754][ T4023] oom_kill_process+0xf0/0x2d0 [ 472.297486][ T4023] out_of_memory+0x666/0x940 [ 472.302050][ T4023] ? unregister_oom_notifier+0x20/0x20 [ 472.307477][ T4023] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 472.313257][ T4023] memory_max_write+0x528/0x600 [ 472.318081][ T4023] ? memory_max_show+0xa0/0xa0 [ 472.322816][ T4023] ? memory_max_show+0xa0/0xa0 [ 472.327549][ T4023] cgroup_file_write+0x273/0x5c0 [ 472.332458][ T4023] ? cgroup_seqfile_stop+0xc0/0xc0 [ 472.337541][ T4023] ? kernfs_get+0x90/0x90 [ 472.341844][ T4023] ? cgroup_seqfile_stop+0xc0/0xc0 [ 472.346925][ T4023] kernfs_fop_write+0x2ec/0x3e0 [ 472.351750][ T4023] ? kernfs_fop_read+0x450/0x450 [ 472.356656][ T4023] __vfs_write+0x103/0x780 [ 472.361042][ T4023] ? __kernel_write+0x340/0x340 [ 472.365869][ T4023] ? check_preemption_disabled+0x9e/0x330 [ 472.371556][ T4023] ? __fget+0x40c/0x4a0 [ 472.375698][ T4023] ? debug_smp_processor_id+0x20/0x20 [ 472.381042][ T4023] ? selinux_file_permission+0x2c2/0x530 [ 472.386661][ T4023] vfs_write+0x210/0x4f0 [ 472.390876][ T4023] ksys_write+0x198/0x2c0 [ 472.395174][ T4023] ? __ia32_sys_read+0x80/0x80 [ 472.399909][ T4023] do_syscall_64+0xcb/0x1c0 09:25:38 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(r0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 472.404385][ T4023] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 472.449147][ T4023] memory: usage 48kB, limit 0kB, failcnt 6947 [ 472.457175][ T4023] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 472.464093][ T4023] Memory cgroup stats for /syz0: [ 472.464168][ T4023] anon 114688 [ 472.464168][ T4023] file 0 [ 472.464168][ T4023] kernel_stack 0 [ 472.464168][ T4023] slab 0 [ 472.464168][ T4023] sock 0 [ 472.464168][ T4023] shmem 0 [ 472.464168][ T4023] file_mapped 0 [ 472.464168][ T4023] file_dirty 0 [ 472.464168][ T4023] file_writeback 0 [ 472.464168][ T4023] anon_thp 0 [ 472.464168][ T4023] inactive_anon 0 [ 472.464168][ T4023] active_anon 0 [ 472.464168][ T4023] inactive_file 0 [ 472.464168][ T4023] active_file 0 [ 472.464168][ T4023] unevictable 0 [ 472.464168][ T4023] slab_reclaimable 0 [ 472.464168][ T4023] slab_unreclaimable 0 [ 472.464168][ T4023] pgfault 91806 [ 472.464168][ T4023] pgmajfault 0 [ 472.464168][ T4023] workingset_refault 0 [ 472.464168][ T4023] workingset_activate 0 [ 472.464168][ T4023] workingset_nodereclaim 0 [ 472.464168][ T4023] pgrefill 1551 [ 472.464168][ T4023] pgscan 1321 09:25:38 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 472.464168][ T4023] pgsteal 0 [ 472.464168][ T4023] pgactivate 1320 [ 472.464168][ T4023] pgdeactivate 1551 [ 472.563102][ T4023] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4026,uid=0 [ 472.564938][ T118] usb 2-1: new full-speed USB device number 11 using dummy_hcd 09:25:38 executing program 4: prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:38 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 472.599022][ T4028] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 472.639846][ T4028] CPU: 1 PID: 4028 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 472.650000][ T4028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 472.660038][ T4028] Call Trace: [ 472.663314][ T4028] dump_stack+0x1d8/0x241 [ 472.667617][ T4028] ? panic+0x73e/0x73e [ 472.671655][ T4028] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 472.677435][ T4028] dump_header+0xdb/0x700 [ 472.681739][ T4028] out_of_memory+0x6d0/0x940 [ 472.686301][ T4028] ? unregister_oom_notifier+0x20/0x20 [ 472.691731][ T4028] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 472.697507][ T4028] memory_max_write+0x528/0x600 [ 472.702333][ T4028] ? memory_max_show+0xa0/0xa0 [ 472.707070][ T4028] ? memory_max_show+0xa0/0xa0 [ 472.711806][ T4028] cgroup_file_write+0x273/0x5c0 [ 472.716732][ T4028] ? cgroup_seqfile_stop+0xc0/0xc0 [ 472.721811][ T4028] ? kernfs_get+0x90/0x90 [ 472.726115][ T4028] ? cgroup_seqfile_stop+0xc0/0xc0 [ 472.731195][ T4028] kernfs_fop_write+0x2ec/0x3e0 [ 472.736018][ T4028] ? kernfs_fop_read+0x450/0x450 [ 472.740934][ T4028] __vfs_write+0x103/0x780 [ 472.745323][ T4028] ? __kernel_write+0x340/0x340 [ 472.750146][ T4028] ? check_preemption_disabled+0x9e/0x330 [ 472.755835][ T4028] ? __fget+0x40c/0x4a0 [ 472.759962][ T4028] ? debug_smp_processor_id+0x20/0x20 [ 472.765317][ T4028] ? selinux_file_permission+0x2c2/0x530 [ 472.771010][ T4028] vfs_write+0x210/0x4f0 [ 472.775225][ T4028] ksys_write+0x198/0x2c0 [ 472.779524][ T4028] ? __ia32_sys_read+0x80/0x80 [ 472.784286][ T4028] do_syscall_64+0xcb/0x1c0 [ 472.788762][ T4028] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 472.804830][ T4028] memory: usage 48kB, limit 0kB, failcnt 6947 [ 472.810976][ T4028] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 472.837962][ T4028] Memory cgroup stats for /syz0: [ 472.838205][ T4028] anon 114688 [ 472.838205][ T4028] file 0 [ 472.838205][ T4028] kernel_stack 0 [ 472.838205][ T4028] slab 0 [ 472.838205][ T4028] sock 0 [ 472.838205][ T4028] shmem 0 [ 472.838205][ T4028] file_mapped 0 [ 472.838205][ T4028] file_dirty 0 [ 472.838205][ T4028] file_writeback 0 [ 472.838205][ T4028] anon_thp 0 [ 472.838205][ T4028] inactive_anon 0 [ 472.838205][ T4028] active_anon 0 [ 472.838205][ T4028] inactive_file 0 [ 472.838205][ T4028] active_file 0 [ 472.838205][ T4028] unevictable 0 [ 472.838205][ T4028] slab_reclaimable 0 [ 472.838205][ T4028] slab_unreclaimable 0 [ 472.838205][ T4028] pgfault 91806 [ 472.838205][ T4028] pgmajfault 0 [ 472.838205][ T4028] workingset_refault 0 [ 472.838205][ T4028] workingset_activate 0 [ 472.838205][ T4028] workingset_nodereclaim 0 [ 472.838205][ T4028] pgrefill 1584 [ 472.838205][ T4028] pgscan 1321 [ 472.838205][ T4028] pgsteal 0 [ 472.838205][ T4028] pgactivate 1320 [ 472.838205][ T4028] pgdeactivate 1584 09:25:38 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 473.114904][ T118] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 473.143694][ T118] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 473.207773][ T4028] Out of memory and no killable processes... [ 473.234040][ T4036] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 473.259540][ T4036] CPU: 0 PID: 4036 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 473.269769][ T4036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 473.279832][ T4036] Call Trace: [ 473.283105][ T4036] dump_stack+0x1d8/0x241 [ 473.287409][ T4036] ? panic+0x73e/0x73e [ 473.291453][ T4036] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 473.297235][ T4036] ? out_of_memory+0x156/0x940 [ 473.301971][ T4036] dump_header+0xdb/0x700 [ 473.306272][ T4036] out_of_memory+0x6d0/0x940 [ 473.310847][ T4036] ? unregister_oom_notifier+0x20/0x20 [ 473.316364][ T4036] memory_max_write+0x528/0x600 [ 473.321187][ T4036] ? memory_max_show+0xa0/0xa0 [ 473.325920][ T4036] ? memory_max_show+0xa0/0xa0 [ 473.330656][ T4036] cgroup_file_write+0x273/0x5c0 [ 473.335565][ T4036] ? cgroup_seqfile_stop+0xc0/0xc0 [ 473.340649][ T4036] ? kernfs_get+0x90/0x90 [ 473.344964][ T4036] ? cgroup_seqfile_stop+0xc0/0xc0 [ 473.350072][ T4036] kernfs_fop_write+0x2ec/0x3e0 [ 473.354907][ T4036] ? kernfs_fop_read+0x450/0x450 [ 473.359815][ T4036] __vfs_write+0x103/0x780 [ 473.364201][ T4036] ? __kernel_write+0x340/0x340 [ 473.369043][ T4036] ? switch_mm_irqs_off+0x338/0x960 [ 473.374217][ T4036] ? check_preemption_disabled+0x9e/0x330 [ 473.379995][ T4036] ? __fget+0x40c/0x4a0 [ 473.384120][ T4036] ? debug_smp_processor_id+0x20/0x20 [ 473.389465][ T4036] ? selinux_file_permission+0x2c2/0x530 [ 473.395074][ T4036] vfs_write+0x210/0x4f0 [ 473.399290][ T4036] ksys_write+0x198/0x2c0 [ 473.403588][ T4036] ? __ia32_sys_read+0x80/0x80 09:25:39 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 473.408323][ T4036] do_syscall_64+0xcb/0x1c0 [ 473.412797][ T4036] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 473.475399][ T801] device bridge_slave_1 left promiscuous mode [ 473.482061][ T801] bridge0: port 2(bridge_slave_1) entered disabled state [ 473.494873][ T118] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 473.512358][ T801] device bridge_slave_0 left promiscuous mode [ 473.513692][ T118] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 473.539184][ T801] bridge0: port 1(bridge_slave_0) entered disabled state [ 473.566236][ T118] usb 2-1: Product: syz [ 473.583739][ T118] usb 2-1: Manufacturer: syz [ 473.602861][ T118] usb 2-1: SerialNumber: syz 09:25:39 executing program 4: prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 473.892192][ T4036] memory: usage 48kB, limit 0kB, failcnt 6947 [ 473.928027][ T4036] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 473.967710][ T4036] Memory cgroup stats for /syz0: [ 473.967778][ T4036] anon 114688 [ 473.967778][ T4036] file 0 [ 473.967778][ T4036] kernel_stack 0 [ 473.967778][ T4036] slab 0 [ 473.967778][ T4036] sock 0 [ 473.967778][ T4036] shmem 0 [ 473.967778][ T4036] file_mapped 0 [ 473.967778][ T4036] file_dirty 0 [ 473.967778][ T4036] file_writeback 0 [ 473.967778][ T4036] anon_thp 0 [ 473.967778][ T4036] inactive_anon 0 [ 473.967778][ T4036] active_anon 0 [ 473.967778][ T4036] inactive_file 0 [ 473.967778][ T4036] active_file 0 [ 473.967778][ T4036] unevictable 0 [ 473.967778][ T4036] slab_reclaimable 0 [ 473.967778][ T4036] slab_unreclaimable 0 [ 473.967778][ T4036] pgfault 91806 [ 473.967778][ T4036] pgmajfault 0 [ 473.967778][ T4036] workingset_refault 0 [ 473.967778][ T4036] workingset_activate 0 [ 473.967778][ T4036] workingset_nodereclaim 0 [ 473.967778][ T4036] pgrefill 1584 [ 473.967778][ T4036] pgscan 1321 [ 473.967778][ T4036] pgsteal 0 [ 473.967778][ T4036] pgactivate 1320 [ 473.967778][ T4036] pgdeactivate 1584 [ 473.984946][ T118] usb 2-1: 0:2 : does not exist [ 474.150664][ T4036] Out of memory and no killable processes... [ 474.162258][ T118] usb 2-1: USB disconnect, device number 11 [ 474.187367][ T4044] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 474.197586][ T4044] CPU: 0 PID: 4044 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 474.207719][ T4044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 474.217847][ T4044] Call Trace: [ 474.221137][ T4044] dump_stack+0x1d8/0x241 [ 474.225579][ T4044] ? panic+0x73e/0x73e [ 474.229639][ T4044] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 474.235436][ T4044] dump_header+0xdb/0x700 [ 474.239751][ T4044] out_of_memory+0x6d0/0x940 [ 474.244353][ T4044] ? unregister_oom_notifier+0x20/0x20 [ 474.249797][ T4044] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 474.255600][ T4044] memory_max_write+0x528/0x600 [ 474.260432][ T4044] ? memory_max_show+0xa0/0xa0 [ 474.265179][ T4044] ? memory_max_show+0xa0/0xa0 [ 474.269926][ T4044] cgroup_file_write+0x273/0x5c0 [ 474.274847][ T4044] ? cgroup_seqfile_stop+0xc0/0xc0 [ 474.279937][ T4044] ? kernfs_get+0x90/0x90 [ 474.284255][ T4044] ? cgroup_seqfile_stop+0xc0/0xc0 [ 474.289346][ T4044] kernfs_fop_write+0x2ec/0x3e0 [ 474.294184][ T4044] ? kernfs_fop_read+0x450/0x450 [ 474.299108][ T4044] __vfs_write+0x103/0x780 [ 474.303506][ T4044] ? __kernel_write+0x340/0x340 [ 474.308337][ T4044] ? check_preemption_disabled+0x9e/0x330 [ 474.314037][ T4044] ? __fget+0x40c/0x4a0 [ 474.318175][ T4044] ? debug_smp_processor_id+0x20/0x20 [ 474.323531][ T4044] ? selinux_file_permission+0x2c2/0x530 [ 474.329224][ T4044] vfs_write+0x210/0x4f0 [ 474.333451][ T4044] ksys_write+0x198/0x2c0 [ 474.337765][ T4044] ? __ia32_sys_read+0x80/0x80 [ 474.342514][ T4044] do_syscall_64+0xcb/0x1c0 09:25:39 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 474.347010][ T4044] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 474.352998][ T4044] memory: usage 48kB, limit 0kB, failcnt 6947 [ 474.359089][ T4044] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 474.365932][ T4044] Memory cgroup stats for /syz0: [ 474.366006][ T4044] anon 114688 [ 474.366006][ T4044] file 0 [ 474.366006][ T4044] kernel_stack 0 [ 474.366006][ T4044] slab 0 [ 474.366006][ T4044] sock 0 [ 474.366006][ T4044] shmem 0 [ 474.366006][ T4044] file_mapped 0 [ 474.366006][ T4044] file_dirty 0 [ 474.366006][ T4044] file_writeback 0 [ 474.366006][ T4044] anon_thp 0 [ 474.366006][ T4044] inactive_anon 0 [ 474.366006][ T4044] active_anon 0 [ 474.366006][ T4044] inactive_file 0 [ 474.366006][ T4044] active_file 0 [ 474.366006][ T4044] unevictable 0 [ 474.366006][ T4044] slab_reclaimable 0 [ 474.366006][ T4044] slab_unreclaimable 0 [ 474.366006][ T4044] pgfault 91806 [ 474.366006][ T4044] pgmajfault 0 [ 474.366006][ T4044] workingset_refault 0 [ 474.366006][ T4044] workingset_activate 0 [ 474.366006][ T4044] workingset_nodereclaim 0 [ 474.366006][ T4044] pgrefill 1584 [ 474.366006][ T4044] pgscan 1321 09:25:40 executing program 1: setsockopt$MRT_DEL_MFC(0xffffffffffffffff, 0x0, 0xcd, 0x0, 0x0) 09:25:40 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 474.366006][ T4044] pgsteal 0 [ 474.366006][ T4044] pgactivate 1320 [ 474.366006][ T4044] pgdeactivate 1584 [ 474.461204][ T4044] Out of memory and no killable processes... [ 474.477252][ T4048] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 474.510788][ T4048] CPU: 1 PID: 4048 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 474.520950][ T4048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 474.530994][ T4048] Call Trace: [ 474.534274][ T4048] dump_stack+0x1d8/0x241 [ 474.538590][ T4048] ? panic+0x73e/0x73e [ 474.542641][ T4048] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 474.548429][ T4048] ? preempt_schedule_common+0xb7/0xe0 [ 474.553871][ T4048] dump_header+0xdb/0x700 [ 474.558184][ T4048] out_of_memory+0x6d0/0x940 [ 474.562757][ T4048] ? unregister_oom_notifier+0x20/0x20 [ 474.568202][ T4048] memory_max_write+0x528/0x600 [ 474.573038][ T4048] ? memory_max_show+0xa0/0xa0 [ 474.577788][ T4048] ? memory_max_show+0xa0/0xa0 [ 474.582532][ T4048] cgroup_file_write+0x273/0x5c0 [ 474.587449][ T4048] ? cgroup_seqfile_stop+0xc0/0xc0 [ 474.592538][ T4048] ? kernfs_get+0x90/0x90 [ 474.596854][ T4048] ? cgroup_seqfile_stop+0xc0/0xc0 [ 474.601946][ T4048] kernfs_fop_write+0x2ec/0x3e0 [ 474.606778][ T4048] ? kernfs_fop_read+0x450/0x450 [ 474.611694][ T4048] __vfs_write+0x103/0x780 [ 474.616091][ T4048] ? __kernel_write+0x340/0x340 [ 474.620924][ T4048] ? check_preemption_disabled+0x9e/0x330 [ 474.626627][ T4048] ? __fget+0x40c/0x4a0 [ 474.630765][ T4048] ? debug_smp_processor_id+0x20/0x20 [ 474.636127][ T4048] ? selinux_file_permission+0x2c2/0x530 [ 474.641749][ T4048] vfs_write+0x210/0x4f0 [ 474.645978][ T4048] ksys_write+0x198/0x2c0 [ 474.650294][ T4048] ? __ia32_sys_read+0x80/0x80 [ 474.655040][ T4048] do_syscall_64+0xcb/0x1c0 09:25:40 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1={0x0}}, 0x1c) [ 474.659525][ T4048] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 474.681863][ T4048] memory: usage 48kB, limit 0kB, failcnt 6947 [ 474.688118][ T4048] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 474.695390][ T22] audit: type=1400 audit(1675589140.270:179): avc: denied { bind } for pid=4061 comm="syz-executor.1" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 474.696171][ T4048] Memory cgroup stats for /syz0: [ 474.696241][ T4048] anon 114688 [ 474.696241][ T4048] file 0 [ 474.696241][ T4048] kernel_stack 0 [ 474.696241][ T4048] slab 0 [ 474.696241][ T4048] sock 0 [ 474.696241][ T4048] shmem 0 [ 474.696241][ T4048] file_mapped 0 [ 474.696241][ T4048] file_dirty 0 [ 474.696241][ T4048] file_writeback 0 [ 474.696241][ T4048] anon_thp 0 [ 474.696241][ T4048] inactive_anon 0 [ 474.696241][ T4048] active_anon 0 [ 474.696241][ T4048] inactive_file 0 [ 474.696241][ T4048] active_file 0 [ 474.696241][ T4048] unevictable 0 [ 474.696241][ T4048] slab_reclaimable 0 [ 474.696241][ T4048] slab_unreclaimable 0 [ 474.696241][ T4048] pgfault 91806 [ 474.696241][ T4048] pgmajfault 0 [ 474.696241][ T4048] workingset_refault 0 [ 474.696241][ T4048] workingset_activate 0 [ 474.696241][ T4048] workingset_nodereclaim 0 [ 474.696241][ T4048] pgrefill 1584 [ 474.696241][ T4048] pgscan 1354 [ 474.696241][ T4048] pgsteal 0 [ 474.696241][ T4048] pgactivate 1353 [ 474.696241][ T4048] pgdeactivate 1584 [ 474.746669][ T22] audit: type=1400 audit(1675589140.290:180): avc: denied { node_bind } for pid=4061 comm="syz-executor.1" saddr=1::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 09:25:40 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@bridge_delvlan={0x18, 0x6a, 0xf}, 0x18}}, 0x0) [ 474.812951][ T4048] Out of memory and no killable processes... [ 474.838749][ T4060] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 474.858182][ T4060] CPU: 1 PID: 4060 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 474.868336][ T4060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 474.878377][ T4060] Call Trace: [ 474.881657][ T4060] dump_stack+0x1d8/0x241 [ 474.885975][ T4060] ? panic+0x73e/0x73e [ 474.890035][ T4060] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 474.895844][ T4060] ? preempt_schedule_common+0xb7/0xe0 [ 474.901291][ T4060] dump_header+0xdb/0x700 [ 474.905613][ T4060] out_of_memory+0x6d0/0x940 [ 474.910196][ T4060] ? unregister_oom_notifier+0x20/0x20 [ 474.915645][ T4060] memory_max_write+0x528/0x600 [ 474.920487][ T4060] ? memory_max_show+0xa0/0xa0 [ 474.925233][ T4060] ? memory_max_show+0xa0/0xa0 [ 474.929973][ T4060] cgroup_file_write+0x273/0x5c0 [ 474.934912][ T4060] ? cgroup_seqfile_stop+0xc0/0xc0 [ 474.940008][ T4060] ? kernfs_get+0x90/0x90 [ 474.944308][ T4060] ? cgroup_seqfile_stop+0xc0/0xc0 [ 474.949395][ T4060] kernfs_fop_write+0x2ec/0x3e0 [ 474.954229][ T4060] ? kernfs_fop_read+0x450/0x450 [ 474.959161][ T4060] __vfs_write+0x103/0x780 [ 474.963550][ T4060] ? __kernel_write+0x340/0x340 [ 474.968371][ T4060] ? check_preemption_disabled+0x9e/0x330 [ 474.974066][ T4060] ? __fget+0x40c/0x4a0 [ 474.978207][ T4060] ? debug_smp_processor_id+0x20/0x20 [ 474.983553][ T4060] ? selinux_file_permission+0x2c2/0x530 [ 474.989157][ T4060] vfs_write+0x210/0x4f0 [ 474.993396][ T4060] ksys_write+0x198/0x2c0 [ 474.997705][ T4060] ? __ia32_sys_read+0x80/0x80 [ 475.002448][ T4060] do_syscall_64+0xcb/0x1c0 [ 475.006926][ T4060] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 475.012908][ T4060] memory: usage 48kB, limit 0kB, failcnt 6947 [ 475.019069][ T4060] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 475.025954][ T4060] Memory cgroup stats for /syz0: [ 475.026026][ T4060] anon 114688 [ 475.026026][ T4060] file 0 [ 475.026026][ T4060] kernel_stack 0 [ 475.026026][ T4060] slab 0 [ 475.026026][ T4060] sock 0 [ 475.026026][ T4060] shmem 0 [ 475.026026][ T4060] file_mapped 0 [ 475.026026][ T4060] file_dirty 0 [ 475.026026][ T4060] file_writeback 0 [ 475.026026][ T4060] anon_thp 0 [ 475.026026][ T4060] inactive_anon 0 [ 475.026026][ T4060] active_anon 0 [ 475.026026][ T4060] inactive_file 0 [ 475.026026][ T4060] active_file 0 [ 475.026026][ T4060] unevictable 0 [ 475.026026][ T4060] slab_reclaimable 0 [ 475.026026][ T4060] slab_unreclaimable 0 [ 475.026026][ T4060] pgfault 91806 [ 475.026026][ T4060] pgmajfault 0 [ 475.026026][ T4060] workingset_refault 0 [ 475.026026][ T4060] workingset_activate 0 [ 475.026026][ T4060] workingset_nodereclaim 0 [ 475.026026][ T4060] pgrefill 1584 [ 475.026026][ T4060] pgscan 1354 [ 475.026026][ T4060] pgsteal 0 [ 475.026026][ T4060] pgactivate 1353 [ 475.026026][ T4060] pgdeactivate 1584 [ 475.121410][ T4060] Out of memory and no killable processes... [ 475.127440][ T4056] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 475.137617][ T4056] CPU: 0 PID: 4056 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 475.147735][ T4056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 475.157791][ T4056] Call Trace: [ 475.161053][ T4056] dump_stack+0x1d8/0x241 [ 475.165353][ T4056] ? panic+0x73e/0x73e [ 475.169435][ T4056] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 475.175211][ T4056] dump_header+0xdb/0x700 [ 475.179513][ T4056] out_of_memory+0x6d0/0x940 [ 475.184089][ T4056] ? unregister_oom_notifier+0x20/0x20 [ 475.189540][ T4056] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 475.195318][ T4056] memory_max_write+0x528/0x600 [ 475.200138][ T4056] ? memory_max_show+0xa0/0xa0 [ 475.204879][ T4056] ? memory_max_show+0xa0/0xa0 [ 475.209614][ T4056] cgroup_file_write+0x273/0x5c0 [ 475.214523][ T4056] ? cgroup_seqfile_stop+0xc0/0xc0 [ 475.219610][ T4056] ? kernfs_get+0x90/0x90 [ 475.223908][ T4056] ? cgroup_seqfile_stop+0xc0/0xc0 [ 475.228990][ T4056] kernfs_fop_write+0x2ec/0x3e0 [ 475.233821][ T4056] ? kernfs_fop_read+0x450/0x450 [ 475.238725][ T4056] __vfs_write+0x103/0x780 [ 475.243116][ T4056] ? __kernel_write+0x340/0x340 [ 475.247943][ T4056] ? check_preemption_disabled+0x9e/0x330 [ 475.253640][ T4056] ? __fget+0x40c/0x4a0 [ 475.257770][ T4056] ? debug_smp_processor_id+0x20/0x20 [ 475.263124][ T4056] ? selinux_file_permission+0x2c2/0x530 [ 475.268736][ T4056] vfs_write+0x210/0x4f0 [ 475.272954][ T4056] ksys_write+0x198/0x2c0 [ 475.277251][ T4056] ? __ia32_sys_read+0x80/0x80 [ 475.282073][ T4056] do_syscall_64+0xcb/0x1c0 [ 475.286546][ T4056] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 475.292493][ T4056] memory: usage 48kB, limit 0kB, failcnt 6947 [ 475.298565][ T4056] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 475.313860][ T4056] Memory cgroup stats for /syz0: [ 475.313929][ T4056] anon 114688 [ 475.313929][ T4056] file 0 [ 475.313929][ T4056] kernel_stack 0 [ 475.313929][ T4056] slab 0 [ 475.313929][ T4056] sock 0 [ 475.313929][ T4056] shmem 0 [ 475.313929][ T4056] file_mapped 0 [ 475.313929][ T4056] file_dirty 0 [ 475.313929][ T4056] file_writeback 0 [ 475.313929][ T4056] anon_thp 0 [ 475.313929][ T4056] inactive_anon 0 [ 475.313929][ T4056] active_anon 0 [ 475.313929][ T4056] inactive_file 0 [ 475.313929][ T4056] active_file 0 [ 475.313929][ T4056] unevictable 0 [ 475.313929][ T4056] slab_reclaimable 0 [ 475.313929][ T4056] slab_unreclaimable 0 [ 475.313929][ T4056] pgfault 91806 [ 475.313929][ T4056] pgmajfault 0 [ 475.313929][ T4056] workingset_refault 0 [ 475.313929][ T4056] workingset_activate 0 [ 475.313929][ T4056] workingset_nodereclaim 0 [ 475.313929][ T4056] pgrefill 1584 [ 475.313929][ T4056] pgscan 1354 [ 475.313929][ T4056] pgsteal 0 [ 475.313929][ T4056] pgactivate 1353 [ 475.313929][ T4056] pgdeactivate 1584 [ 475.398144][ T4066] bridge0: port 1(bridge_slave_0) entered blocking state [ 475.409148][ T4056] Out of memory and no killable processes... [ 475.412662][ T22] audit: type=1400 audit(1675589140.900:181): avc: denied { module_request } for pid=4066 comm="syz-executor.0" kmod="netdev-nr0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 475.419851][ T4066] bridge0: port 1(bridge_slave_0) entered disabled state [ 475.435209][ T22] audit: type=1400 audit(1675589141.010:182): avc: denied { read } for pid=137 comm="syslogd" name="log" dev="sda1" ino=1125 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 475.444601][ T4066] device bridge_slave_0 entered promiscuous mode [ 475.479726][ T4066] bridge0: port 2(bridge_slave_1) entered blocking state [ 475.486749][ T4066] bridge0: port 2(bridge_slave_1) entered disabled state [ 475.494082][ T4066] device bridge_slave_1 entered promiscuous mode [ 475.543189][ T118] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 475.551055][ T118] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 475.565737][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 475.573985][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 475.582790][ T1366] bridge0: port 1(bridge_slave_0) entered blocking state [ 475.589818][ T1366] bridge0: port 1(bridge_slave_0) entered forwarding state [ 475.597851][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 475.606253][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 475.614425][ T1366] bridge0: port 2(bridge_slave_1) entered blocking state [ 475.621501][ T1366] bridge0: port 2(bridge_slave_1) entered forwarding state [ 475.628879][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 475.638181][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 475.645818][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 475.660646][ T1928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 475.675804][ T977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 475.683690][ T977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 475.699065][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 475.708135][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 475.716612][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 475.724759][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 475.862096][ T22] audit: type=1400 audit(1675589141.430:183): avc: denied { prog_load } for pid=4070 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 09:25:42 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:42 executing program 4: prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:42 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c) 09:25:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:42 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:42 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 476.619162][ T4082] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 476.629363][ T4082] CPU: 1 PID: 4082 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 476.639479][ T4082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 476.649508][ T4082] Call Trace: [ 476.652772][ T4082] dump_stack+0x1d8/0x241 [ 476.657069][ T4082] ? panic+0x73e/0x73e [ 476.661278][ T4082] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 476.667053][ T4082] ? _raw_spin_lock+0xa3/0x1b0 [ 476.671789][ T4082] ? asan.module_dtor+0x20/0x20 [ 476.676634][ T4082] dump_header+0xdb/0x700 [ 476.680941][ T4082] oom_kill_process+0xf0/0x2d0 [ 476.685690][ T4082] out_of_memory+0x666/0x940 [ 476.690266][ T4082] ? unregister_oom_notifier+0x20/0x20 [ 476.695693][ T4082] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 476.701480][ T4082] memory_max_write+0x528/0x600 [ 476.706301][ T4082] ? memory_max_show+0xa0/0xa0 [ 476.711039][ T4082] ? memory_max_show+0xa0/0xa0 [ 476.715862][ T4082] cgroup_file_write+0x273/0x5c0 [ 476.720780][ T4082] ? cgroup_seqfile_stop+0xc0/0xc0 [ 476.725876][ T4082] ? kernfs_get+0x90/0x90 [ 476.730172][ T4082] ? cgroup_seqfile_stop+0xc0/0xc0 [ 476.735252][ T4082] kernfs_fop_write+0x2ec/0x3e0 [ 476.740072][ T4082] ? kernfs_fop_read+0x450/0x450 [ 476.744982][ T4082] __vfs_write+0x103/0x780 [ 476.749385][ T4082] ? __kernel_write+0x340/0x340 [ 476.754218][ T4082] ? check_preemption_disabled+0x9e/0x330 [ 476.759917][ T4082] ? __fget+0x40c/0x4a0 [ 476.764049][ T4082] ? debug_smp_processor_id+0x20/0x20 09:25:42 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r0, &(0x7f0000002940)=[{{&(0x7f0000000040)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3f}}, 0x10, 0x0}}, {{&(0x7f0000001200)={0x2, 0x4e23, @remote}, 0x10, 0x0, 0x0, &(0x7f0000002880)=[@ip_retopts={{0x14, 0x0, 0x7, {[@rr={0x7, 0x3}]}}}], 0x18}}], 0x2, 0x0) [ 476.769393][ T4082] ? selinux_file_permission+0x2c2/0x530 [ 476.775006][ T4082] vfs_write+0x210/0x4f0 [ 476.779234][ T4082] ksys_write+0x198/0x2c0 [ 476.783534][ T4082] ? __ia32_sys_read+0x80/0x80 [ 476.788272][ T4082] do_syscall_64+0xcb/0x1c0 [ 476.792756][ T4082] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 476.798937][ T4082] memory: usage 188kB, limit 0kB, failcnt 6955 [ 476.805101][ T4082] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 476.811919][ T4082] Memory cgroup stats for /syz0: 09:25:42 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private0}}}, 0x108) [ 476.811988][ T4082] anon 122880 [ 476.811988][ T4082] file 0 [ 476.811988][ T4082] kernel_stack 0 [ 476.811988][ T4082] slab 0 [ 476.811988][ T4082] sock 0 [ 476.811988][ T4082] shmem 0 [ 476.811988][ T4082] file_mapped 0 [ 476.811988][ T4082] file_dirty 0 [ 476.811988][ T4082] file_writeback 0 [ 476.811988][ T4082] anon_thp 0 [ 476.811988][ T4082] inactive_anon 0 [ 476.811988][ T4082] active_anon 270336 [ 476.811988][ T4082] inactive_file 0 [ 476.811988][ T4082] active_file 0 [ 476.811988][ T4082] unevictable 0 [ 476.811988][ T4082] slab_reclaimable 0 09:25:42 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r0, &(0x7f0000004500)=[{{&(0x7f0000000000)={0x2, 0x4e22}, 0x10, 0x0}}], 0x1, 0x0) [ 476.811988][ T4082] slab_unreclaimable 0 [ 476.811988][ T4082] pgfault 93984 [ 476.811988][ T4082] pgmajfault 0 [ 476.811988][ T4082] workingset_refault 0 [ 476.811988][ T4082] workingset_activate 0 [ 476.811988][ T4082] workingset_nodereclaim 0 [ 476.811988][ T4082] pgrefill 1584 [ 476.811988][ T4082] pgscan 1354 [ 476.811988][ T4082] pgsteal 0 [ 476.811988][ T4082] pgactivate 1353 [ 476.811988][ T4082] pgdeactivate 1617 [ 476.908109][ T4082] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4081,uid=0 [ 476.923268][ T4082] Memory cgroup out of memory: Killed process 4081 (syz-executor.0) total-vm:52612kB, anon-rss:456kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000 [ 476.941046][ T4086] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 476.951242][ T4086] CPU: 1 PID: 4086 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 09:25:42 executing program 1: bpf$OBJ_GET_PROG(0x7, &(0x7f00000093c0)={&(0x7f0000009380)='\x00'}, 0x10) [ 476.961372][ T4086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 476.971412][ T4086] Call Trace: [ 476.974695][ T4086] dump_stack+0x1d8/0x241 [ 476.979010][ T4086] ? panic+0x73e/0x73e [ 476.983066][ T4086] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 476.988859][ T4086] ? _raw_spin_lock+0xa3/0x1b0 [ 476.993612][ T4086] ? asan.module_dtor+0x20/0x20 [ 476.998450][ T4086] dump_header+0xdb/0x700 [ 477.002765][ T4086] oom_kill_process+0xf0/0x2d0 [ 477.007518][ T4086] out_of_memory+0x666/0x940 [ 477.012094][ T4086] ? unregister_oom_notifier+0x20/0x20 09:25:42 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0), 0x0, 0x0) ioctl$LOOP_GET_STATUS64(r0, 0x1278, 0x0) [ 477.017537][ T4086] memory_max_write+0x528/0x600 [ 477.022375][ T4086] ? memory_max_show+0xa0/0xa0 [ 477.027126][ T4086] ? memory_max_show+0xa0/0xa0 [ 477.031873][ T4086] cgroup_file_write+0x273/0x5c0 [ 477.036795][ T4086] ? cgroup_seqfile_stop+0xc0/0xc0 [ 477.041902][ T4086] ? kernfs_get+0x90/0x90 [ 477.046221][ T4086] ? cgroup_seqfile_stop+0xc0/0xc0 [ 477.051321][ T4086] kernfs_fop_write+0x2ec/0x3e0 [ 477.056161][ T4086] ? kernfs_fop_read+0x450/0x450 [ 477.061086][ T4086] __vfs_write+0x103/0x780 [ 477.065497][ T4086] ? __kernel_write+0x340/0x340 09:25:42 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r0, &(0x7f0000002940)=[{{&(0x7f0000000040)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3f}}, 0x10, 0x0}}, {{&(0x7f0000001200)={0x2, 0x0, @remote}, 0x10, 0x0}}], 0x2, 0x0) [ 477.070335][ T4086] ? check_preemption_disabled+0x9e/0x330 [ 477.076039][ T4086] ? __fget+0x40c/0x4a0 [ 477.080176][ T4086] ? debug_smp_processor_id+0x20/0x20 [ 477.085976][ T4086] ? selinux_file_permission+0x2c2/0x530 [ 477.091604][ T4086] vfs_write+0x210/0x4f0 [ 477.095843][ T4086] ksys_write+0x198/0x2c0 [ 477.100162][ T4086] ? __ia32_sys_read+0x80/0x80 [ 477.104914][ T4086] do_syscall_64+0xcb/0x1c0 [ 477.109411][ T4086] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 477.115451][ T4086] memory: usage 84kB, limit 0kB, failcnt 6956 [ 477.121499][ T4086] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 477.124921][ T23] oom_reaper: reaped process 4081 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:4kB [ 477.128342][ T4086] Memory cgroup stats for /syz0: [ 477.128419][ T4086] anon 0 [ 477.128419][ T4086] file 0 [ 477.128419][ T4086] kernel_stack 0 [ 477.128419][ T4086] slab 0 [ 477.128419][ T4086] sock 0 [ 477.128419][ T4086] shmem 0 [ 477.128419][ T4086] file_mapped 0 [ 477.128419][ T4086] file_dirty 0 [ 477.128419][ T4086] file_writeback 0 09:25:42 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 477.128419][ T4086] anon_thp 0 [ 477.128419][ T4086] inactive_anon 0 [ 477.128419][ T4086] active_anon 135168 [ 477.128419][ T4086] inactive_file 0 [ 477.128419][ T4086] active_file 0 [ 477.128419][ T4086] unevictable 0 [ 477.128419][ T4086] slab_reclaimable 0 [ 477.128419][ T4086] slab_unreclaimable 0 [ 477.128419][ T4086] pgfault 93984 [ 477.128419][ T4086] pgmajfault 0 [ 477.128419][ T4086] workingset_refault 0 [ 477.128419][ T4086] workingset_activate 0 [ 477.128419][ T4086] workingset_nodereclaim 0 [ 477.128419][ T4086] pgrefill 1584 [ 477.128419][ T4086] pgscan 1354 [ 477.128419][ T4086] pgsteal 0 [ 477.128419][ T4086] pgactivate 1353 [ 477.128419][ T4086] pgdeactivate 1617 [ 477.234483][ T4086] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4066,uid=0 [ 477.249657][ T4086] Memory cgroup out of memory: Killed process 4066 (syz-executor.0) total-vm:48508kB, anon-rss:444kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:0 [ 477.268061][ T23] oom_reaper: reaped process 4066 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:48kB [ 477.271098][ T4092] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 477.289410][ T4092] CPU: 1 PID: 4092 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 477.299540][ T4092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 477.309571][ T4092] Call Trace: [ 477.312862][ T4092] dump_stack+0x1d8/0x241 [ 477.317177][ T4092] ? panic+0x73e/0x73e [ 477.321218][ T4092] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 477.327008][ T4092] ? _raw_spin_lock+0xa3/0x1b0 [ 477.331746][ T4092] ? asan.module_dtor+0x20/0x20 [ 477.336566][ T4092] dump_header+0xdb/0x700 [ 477.340867][ T4092] oom_kill_process+0xf0/0x2d0 [ 477.345611][ T4092] out_of_memory+0x666/0x940 [ 477.350176][ T4092] ? unregister_oom_notifier+0x20/0x20 [ 477.355606][ T4092] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 477.361383][ T4092] memory_max_write+0x528/0x600 [ 477.366205][ T4092] ? memory_max_show+0xa0/0xa0 [ 477.370942][ T4092] ? memory_max_show+0xa0/0xa0 [ 477.375679][ T4092] cgroup_file_write+0x273/0x5c0 [ 477.380602][ T4092] ? cgroup_seqfile_stop+0xc0/0xc0 [ 477.385684][ T4092] ? kernfs_get+0x90/0x90 [ 477.389987][ T4092] ? cgroup_seqfile_stop+0xc0/0xc0 [ 477.395068][ T4092] kernfs_fop_write+0x2ec/0x3e0 [ 477.399905][ T4092] ? kernfs_fop_read+0x450/0x450 [ 477.404813][ T4092] __vfs_write+0x103/0x780 [ 477.409288][ T4092] ? __kernel_write+0x340/0x340 [ 477.414109][ T4092] ? check_preemption_disabled+0x9e/0x330 [ 477.419799][ T4092] ? __fget+0x40c/0x4a0 [ 477.423926][ T4092] ? debug_smp_processor_id+0x20/0x20 [ 477.429268][ T4092] ? selinux_file_permission+0x2c2/0x530 [ 477.434889][ T4092] vfs_write+0x210/0x4f0 [ 477.439105][ T4092] ksys_write+0x198/0x2c0 [ 477.443409][ T4092] ? __ia32_sys_read+0x80/0x80 [ 477.448145][ T4092] do_syscall_64+0xcb/0x1c0 [ 477.452643][ T4092] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 477.473957][ T4092] memory: usage 84kB, limit 0kB, failcnt 6973 [ 477.496783][ T4092] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 477.503745][ T4092] Memory cgroup stats for /syz0: [ 477.503822][ T4092] anon 0 [ 477.503822][ T4092] file 0 [ 477.503822][ T4092] kernel_stack 0 [ 477.503822][ T4092] slab 0 [ 477.503822][ T4092] sock 0 [ 477.503822][ T4092] shmem 0 [ 477.503822][ T4092] file_mapped 0 [ 477.503822][ T4092] file_dirty 0 [ 477.503822][ T4092] file_writeback 0 [ 477.503822][ T4092] anon_thp 0 [ 477.503822][ T4092] inactive_anon 0 [ 477.503822][ T4092] active_anon 135168 [ 477.503822][ T4092] inactive_file 0 [ 477.503822][ T4092] active_file 0 [ 477.503822][ T4092] unevictable 0 [ 477.503822][ T4092] slab_reclaimable 0 [ 477.503822][ T4092] slab_unreclaimable 0 [ 477.503822][ T4092] pgfault 93984 [ 477.503822][ T4092] pgmajfault 0 [ 477.503822][ T4092] workingset_refault 0 [ 477.503822][ T4092] workingset_activate 0 [ 477.503822][ T4092] workingset_nodereclaim 0 [ 477.503822][ T4092] pgrefill 1584 [ 477.503822][ T4092] pgscan 1354 [ 477.503822][ T4092] pgsteal 0 [ 477.503822][ T4092] pgactivate 1353 [ 477.503822][ T4092] pgdeactivate 1617 [ 477.600831][ T4092] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4103,uid=0 09:25:43 executing program 4: prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:43 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_buf(r0, 0x29, 0x4e, 0x0, 0x7) 09:25:43 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:43 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:43 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:43 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 477.710947][ T4110] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 477.721314][ T4110] CPU: 1 PID: 4110 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 477.731445][ T4110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 477.741488][ T4110] Call Trace: [ 477.744782][ T4110] dump_stack+0x1d8/0x241 [ 477.749107][ T4110] ? panic+0x73e/0x73e [ 477.753176][ T4110] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 477.758971][ T4110] dump_header+0xdb/0x700 [ 477.763293][ T4110] out_of_memory+0x6d0/0x940 [ 477.767877][ T4110] ? unregister_oom_notifier+0x20/0x20 [ 477.773326][ T4110] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 477.779119][ T4110] memory_max_write+0x528/0x600 [ 477.783963][ T4110] ? memory_max_show+0xa0/0xa0 [ 477.788724][ T4110] ? memory_max_show+0xa0/0xa0 [ 477.793480][ T4110] cgroup_file_write+0x273/0x5c0 [ 477.798414][ T4110] ? cgroup_seqfile_stop+0xc0/0xc0 [ 477.803518][ T4110] ? kernfs_get+0x90/0x90 [ 477.807844][ T4110] ? cgroup_seqfile_stop+0xc0/0xc0 [ 477.812950][ T4110] kernfs_fop_write+0x2ec/0x3e0 [ 477.817793][ T4110] ? kernfs_fop_read+0x450/0x450 [ 477.822722][ T4110] __vfs_write+0x103/0x780 [ 477.827123][ T4110] ? __kernel_write+0x340/0x340 [ 477.831964][ T4110] ? check_preemption_disabled+0x9e/0x330 [ 477.837667][ T4110] ? __fget+0x40c/0x4a0 [ 477.841810][ T4110] ? debug_smp_processor_id+0x20/0x20 [ 477.847165][ T4110] ? selinux_file_permission+0x2c2/0x530 [ 477.852787][ T4110] vfs_write+0x210/0x4f0 [ 477.857018][ T4110] ksys_write+0x198/0x2c0 [ 477.861342][ T4110] ? __ia32_sys_read+0x80/0x80 [ 477.866089][ T4110] do_syscall_64+0xcb/0x1c0 [ 477.870576][ T4110] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 477.876929][ T4110] memory: usage 48kB, limit 0kB, failcnt 6974 [ 477.882981][ T4110] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 477.889834][ T4110] Memory cgroup stats for /syz0: [ 477.889898][ T4110] anon 0 [ 477.889898][ T4110] file 0 [ 477.889898][ T4110] kernel_stack 0 [ 477.889898][ T4110] slab 0 [ 477.889898][ T4110] sock 0 [ 477.889898][ T4110] shmem 0 09:25:43 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@bridge_delvlan={0x24, 0x71, 0x0, 0x0, 0x0, {}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_STATE={0x5}}]}, 0x24}}, 0x0) [ 477.889898][ T4110] file_mapped 0 [ 477.889898][ T4110] file_dirty 0 [ 477.889898][ T4110] file_writeback 0 [ 477.889898][ T4110] anon_thp 0 [ 477.889898][ T4110] inactive_anon 0 [ 477.889898][ T4110] active_anon 135168 [ 477.889898][ T4110] inactive_file 0 [ 477.889898][ T4110] active_file 0 [ 477.889898][ T4110] unevictable 0 [ 477.889898][ T4110] slab_reclaimable 0 [ 477.889898][ T4110] slab_unreclaimable 0 [ 477.889898][ T4110] pgfault 93984 [ 477.889898][ T4110] pgmajfault 0 [ 477.889898][ T4110] workingset_refault 0 09:25:43 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r1 = getpgrp(r0) prlimit64(r1, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) [ 477.889898][ T4110] workingset_activate 0 [ 477.889898][ T4110] workingset_nodereclaim 0 [ 477.889898][ T4110] pgrefill 1617 [ 477.889898][ T4110] pgscan 1354 [ 477.889898][ T4110] pgsteal 0 [ 477.889898][ T4110] pgactivate 1353 [ 477.889898][ T4110] pgdeactivate 1617 [ 477.985390][ T4110] Out of memory and no killable processes... [ 477.991385][ T4119] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 478.022545][ T4122] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=113 sclass=netlink_route_socket pid=4122 comm=syz-executor.1 [ 478.046906][ T4119] CPU: 0 PID: 4119 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 478.057058][ T4119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 478.067221][ T4119] Call Trace: [ 478.070603][ T4119] dump_stack+0x1d8/0x241 [ 478.074926][ T4119] ? panic+0x73e/0x73e [ 478.078984][ T4119] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 478.084781][ T4119] dump_header+0xdb/0x700 [ 478.089102][ T4119] out_of_memory+0x6d0/0x940 [ 478.093681][ T4119] ? unregister_oom_notifier+0x20/0x20 [ 478.099127][ T4119] memory_max_write+0x528/0x600 [ 478.103963][ T4119] ? memory_max_show+0xa0/0xa0 [ 478.108973][ T4119] ? memory_max_show+0xa0/0xa0 [ 478.113725][ T4119] cgroup_file_write+0x273/0x5c0 [ 478.118648][ T4119] ? cgroup_seqfile_stop+0xc0/0xc0 [ 478.123741][ T4119] ? kernfs_get+0x90/0x90 [ 478.128066][ T4119] ? cgroup_seqfile_stop+0xc0/0xc0 [ 478.133157][ T4119] kernfs_fop_write+0x2ec/0x3e0 [ 478.137993][ T4119] ? kernfs_fop_read+0x450/0x450 [ 478.142912][ T4119] __vfs_write+0x103/0x780 [ 478.147313][ T4119] ? __kernel_write+0x340/0x340 [ 478.152149][ T4119] ? check_preemption_disabled+0x9e/0x330 [ 478.157851][ T4119] ? __fget+0x40c/0x4a0 [ 478.161988][ T4119] ? debug_smp_processor_id+0x20/0x20 [ 478.167342][ T4119] ? selinux_file_permission+0x2c2/0x530 [ 478.172964][ T4119] vfs_write+0x210/0x4f0 [ 478.177197][ T4119] ksys_write+0x198/0x2c0 [ 478.181543][ T4119] ? __ia32_sys_read+0x80/0x80 [ 478.186324][ T4119] do_syscall_64+0xcb/0x1c0 [ 478.190822][ T4119] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 09:25:43 executing program 1: add_key$fscrypt_v1(&(0x7f0000000000), 0x0, 0x0, 0xfffff, 0x0) 09:25:43 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000140)) 09:25:43 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_buf(r0, 0x29, 0x23, &(0x7f0000000180)="be", 0x1) 09:25:43 executing program 1: mount$9p_fd(0x0, 0x0, 0x0, 0xc4a847ea855b347b, 0x0) [ 478.505033][ T801] device bridge_slave_1 left promiscuous mode [ 478.512653][ T801] bridge0: port 2(bridge_slave_1) entered disabled state [ 478.529185][ T801] device bridge_slave_0 left promiscuous mode [ 478.544131][ T801] bridge0: port 1(bridge_slave_0) entered disabled state [ 478.591828][ T4119] memory: usage 48kB, limit 0kB, failcnt 6974 [ 478.607970][ T4119] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 478.630457][ T4119] Memory cgroup stats for /syz0: [ 478.630537][ T4119] anon 0 [ 478.630537][ T4119] file 0 [ 478.630537][ T4119] kernel_stack 0 [ 478.630537][ T4119] slab 0 [ 478.630537][ T4119] sock 0 [ 478.630537][ T4119] shmem 0 [ 478.630537][ T4119] file_mapped 0 [ 478.630537][ T4119] file_dirty 0 [ 478.630537][ T4119] file_writeback 0 [ 478.630537][ T4119] anon_thp 0 [ 478.630537][ T4119] inactive_anon 0 [ 478.630537][ T4119] active_anon 135168 [ 478.630537][ T4119] inactive_file 0 [ 478.630537][ T4119] active_file 0 [ 478.630537][ T4119] unevictable 0 [ 478.630537][ T4119] slab_reclaimable 0 [ 478.630537][ T4119] slab_unreclaimable 0 [ 478.630537][ T4119] pgfault 93984 [ 478.630537][ T4119] pgmajfault 0 [ 478.630537][ T4119] workingset_refault 0 [ 478.630537][ T4119] workingset_activate 0 [ 478.630537][ T4119] workingset_nodereclaim 0 [ 478.630537][ T4119] pgrefill 1650 [ 478.630537][ T4119] pgscan 1354 [ 478.630537][ T4119] pgsteal 0 [ 478.630537][ T4119] pgactivate 1353 [ 478.630537][ T4119] pgdeactivate 1650 [ 478.738821][ T4119] Out of memory and no killable processes... [ 478.751130][ T4124] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 478.761426][ T4124] CPU: 1 PID: 4124 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 478.771563][ T4124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 478.781609][ T4124] Call Trace: [ 478.784889][ T4124] dump_stack+0x1d8/0x241 09:25:44 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:44 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000040)) 09:25:44 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:44 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 478.789209][ T4124] ? panic+0x73e/0x73e [ 478.793269][ T4124] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 478.799063][ T4124] dump_header+0xdb/0x700 [ 478.803383][ T4124] out_of_memory+0x6d0/0x940 [ 478.807961][ T4124] ? unregister_oom_notifier+0x20/0x20 [ 478.813405][ T4124] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 478.819199][ T4124] memory_max_write+0x528/0x600 [ 478.824035][ T4124] ? memory_max_show+0xa0/0xa0 [ 478.828786][ T4124] ? memory_max_show+0xa0/0xa0 [ 478.833539][ T4124] cgroup_file_write+0x273/0x5c0 [ 478.838647][ T4124] ? cgroup_seqfile_stop+0xc0/0xc0 [ 478.843745][ T4124] ? kernfs_get+0x90/0x90 [ 478.848066][ T4124] ? cgroup_seqfile_stop+0xc0/0xc0 [ 478.853166][ T4124] kernfs_fop_write+0x2ec/0x3e0 [ 478.858011][ T4124] ? kernfs_fop_read+0x450/0x450 [ 478.862948][ T4124] __vfs_write+0x103/0x780 [ 478.867356][ T4124] ? __kernel_write+0x340/0x340 [ 478.872229][ T4124] ? check_preemption_disabled+0x9e/0x330 [ 478.877928][ T4124] ? __fget+0x40c/0x4a0 [ 478.882059][ T4124] ? debug_smp_processor_id+0x20/0x20 [ 478.887409][ T4124] ? selinux_file_permission+0x2c2/0x530 [ 478.893022][ T4124] vfs_write+0x210/0x4f0 [ 478.897258][ T4124] ksys_write+0x198/0x2c0 [ 478.901566][ T4124] ? __ia32_sys_read+0x80/0x80 [ 478.906312][ T4124] do_syscall_64+0xcb/0x1c0 [ 478.910798][ T4124] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 478.916729][ T4124] memory: usage 48kB, limit 0kB, failcnt 6974 [ 478.922781][ T4124] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 478.929633][ T4124] Memory cgroup stats for /syz0: [ 478.929706][ T4124] anon 0 [ 478.929706][ T4124] file 0 [ 478.929706][ T4124] kernel_stack 0 [ 478.929706][ T4124] slab 0 [ 478.929706][ T4124] sock 0 [ 478.929706][ T4124] shmem 0 [ 478.929706][ T4124] file_mapped 0 [ 478.929706][ T4124] file_dirty 0 [ 478.929706][ T4124] file_writeback 0 [ 478.929706][ T4124] anon_thp 0 [ 478.929706][ T4124] inactive_anon 0 [ 478.929706][ T4124] active_anon 135168 [ 478.929706][ T4124] inactive_file 0 [ 478.929706][ T4124] active_file 0 [ 478.929706][ T4124] unevictable 0 [ 478.929706][ T4124] slab_reclaimable 0 [ 478.929706][ T4124] slab_unreclaimable 0 [ 478.929706][ T4124] pgfault 93984 [ 478.929706][ T4124] pgmajfault 0 [ 478.929706][ T4124] workingset_refault 0 [ 478.929706][ T4124] workingset_activate 0 [ 478.929706][ T4124] workingset_nodereclaim 0 [ 478.929706][ T4124] pgrefill 1650 [ 478.929706][ T4124] pgscan 1354 [ 478.929706][ T4124] pgsteal 0 [ 478.929706][ T4124] pgactivate 1353 [ 478.929706][ T4124] pgdeactivate 1650 [ 479.025833][ T4124] Out of memory and no killable processes... [ 479.031832][ T4137] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 479.042198][ T4137] CPU: 0 PID: 4137 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 479.052329][ T4137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 479.062371][ T4137] Call Trace: [ 479.065673][ T4137] dump_stack+0x1d8/0x241 [ 479.069990][ T4137] ? panic+0x73e/0x73e [ 479.074043][ T4137] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 479.079830][ T4137] dump_header+0xdb/0x700 [ 479.084140][ T4137] out_of_memory+0x6d0/0x940 [ 479.088746][ T4137] ? unregister_oom_notifier+0x20/0x20 [ 479.094186][ T4137] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 479.099978][ T4137] memory_max_write+0x528/0x600 [ 479.104815][ T4137] ? memory_max_show+0xa0/0xa0 [ 479.109560][ T4137] ? memory_max_show+0xa0/0xa0 [ 479.114310][ T4137] cgroup_file_write+0x273/0x5c0 [ 479.119229][ T4137] ? cgroup_seqfile_stop+0xc0/0xc0 [ 479.124323][ T4137] ? kernfs_get+0x90/0x90 [ 479.128640][ T4137] ? cgroup_seqfile_stop+0xc0/0xc0 [ 479.133742][ T4137] kernfs_fop_write+0x2ec/0x3e0 [ 479.138582][ T4137] ? kernfs_fop_read+0x450/0x450 [ 479.143500][ T4137] __vfs_write+0x103/0x780 [ 479.147898][ T4137] ? __kernel_write+0x340/0x340 [ 479.152728][ T4137] ? check_preemption_disabled+0x9e/0x330 [ 479.158479][ T4137] ? __fget+0x40c/0x4a0 [ 479.162615][ T4137] ? debug_smp_processor_id+0x20/0x20 [ 479.167970][ T4137] ? selinux_file_permission+0x2c2/0x530 [ 479.173592][ T4137] vfs_write+0x210/0x4f0 [ 479.177821][ T4137] ksys_write+0x198/0x2c0 [ 479.182135][ T4137] ? __ia32_sys_read+0x80/0x80 [ 479.186882][ T4137] do_syscall_64+0xcb/0x1c0 09:25:44 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_buf(r0, 0x29, 0x17, 0x0, 0x300) [ 479.191368][ T4137] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 479.197677][ T4137] memory: usage 48kB, limit 0kB, failcnt 6974 [ 479.203733][ T4137] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 479.210590][ T4137] Memory cgroup stats for /syz0: [ 479.210665][ T4137] anon 0 [ 479.210665][ T4137] file 0 [ 479.210665][ T4137] kernel_stack 0 [ 479.210665][ T4137] slab 0 [ 479.210665][ T4137] sock 0 [ 479.210665][ T4137] shmem 0 [ 479.210665][ T4137] file_mapped 0 [ 479.210665][ T4137] file_dirty 0 [ 479.210665][ T4137] file_writeback 0 [ 479.210665][ T4137] anon_thp 0 [ 479.210665][ T4137] inactive_anon 0 [ 479.210665][ T4137] active_anon 135168 [ 479.210665][ T4137] inactive_file 0 [ 479.210665][ T4137] active_file 0 [ 479.210665][ T4137] unevictable 0 [ 479.210665][ T4137] slab_reclaimable 0 [ 479.210665][ T4137] slab_unreclaimable 0 [ 479.210665][ T4137] pgfault 93984 [ 479.210665][ T4137] pgmajfault 0 [ 479.210665][ T4137] workingset_refault 0 [ 479.210665][ T4137] workingset_activate 0 [ 479.210665][ T4137] workingset_nodereclaim 0 [ 479.210665][ T4137] pgrefill 1650 [ 479.210665][ T4137] pgscan 1354 [ 479.210665][ T4137] pgsteal 0 [ 479.210665][ T4137] pgactivate 1353 [ 479.210665][ T4137] pgdeactivate 1650 [ 479.306348][ T4137] Out of memory and no killable processes... [ 479.312766][ T4147] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 479.338602][ T4147] CPU: 1 PID: 4147 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 479.348750][ T4147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 479.358781][ T4147] Call Trace: [ 479.362063][ T4147] dump_stack+0x1d8/0x241 [ 479.366368][ T4147] ? panic+0x73e/0x73e [ 479.370410][ T4147] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 479.376190][ T4147] ? preempt_schedule_common+0xb7/0xe0 [ 479.381621][ T4147] dump_header+0xdb/0x700 [ 479.385937][ T4147] out_of_memory+0x6d0/0x940 [ 479.390499][ T4147] ? unregister_oom_notifier+0x20/0x20 [ 479.395928][ T4147] memory_max_write+0x528/0x600 [ 479.400750][ T4147] ? memory_max_show+0xa0/0xa0 [ 479.405487][ T4147] ? memory_max_show+0xa0/0xa0 [ 479.410223][ T4147] cgroup_file_write+0x273/0x5c0 [ 479.415131][ T4147] ? cgroup_seqfile_stop+0xc0/0xc0 [ 479.420214][ T4147] ? kernfs_get+0x90/0x90 [ 479.424515][ T4147] ? cgroup_seqfile_stop+0xc0/0xc0 [ 479.429597][ T4147] kernfs_fop_write+0x2ec/0x3e0 [ 479.434418][ T4147] ? kernfs_fop_read+0x450/0x450 [ 479.439326][ T4147] __vfs_write+0x103/0x780 [ 479.443713][ T4147] ? __kernel_write+0x340/0x340 [ 479.448534][ T4147] ? check_preemption_disabled+0x9e/0x330 [ 479.454221][ T4147] ? __fget+0x40c/0x4a0 [ 479.458349][ T4147] ? debug_smp_processor_id+0x20/0x20 [ 479.463704][ T4147] ? selinux_file_permission+0x2c2/0x530 [ 479.469316][ T4147] vfs_write+0x210/0x4f0 [ 479.473545][ T4147] ksys_write+0x198/0x2c0 [ 479.477864][ T4147] ? __ia32_sys_read+0x80/0x80 [ 479.482621][ T4147] do_syscall_64+0xcb/0x1c0 [ 479.487098][ T4147] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 479.611853][ T4147] memory: usage 48kB, limit 0kB, failcnt 6974 [ 479.617986][ T4147] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 479.625355][ T4147] Memory cgroup stats for /syz0: [ 479.625430][ T4147] anon 0 [ 479.625430][ T4147] file 0 [ 479.625430][ T4147] kernel_stack 0 [ 479.625430][ T4147] slab 0 [ 479.625430][ T4147] sock 0 [ 479.625430][ T4147] shmem 0 [ 479.625430][ T4147] file_mapped 0 [ 479.625430][ T4147] file_dirty 0 [ 479.625430][ T4147] file_writeback 0 [ 479.625430][ T4147] anon_thp 0 [ 479.625430][ T4147] inactive_anon 0 [ 479.625430][ T4147] active_anon 135168 [ 479.625430][ T4147] inactive_file 0 [ 479.625430][ T4147] active_file 0 [ 479.625430][ T4147] unevictable 0 [ 479.625430][ T4147] slab_reclaimable 0 [ 479.625430][ T4147] slab_unreclaimable 0 [ 479.625430][ T4147] pgfault 93984 [ 479.625430][ T4147] pgmajfault 0 [ 479.625430][ T4147] workingset_refault 0 [ 479.625430][ T4147] workingset_activate 0 [ 479.625430][ T4147] workingset_nodereclaim 0 [ 479.625430][ T4147] pgrefill 1650 [ 479.625430][ T4147] pgscan 1387 [ 479.625430][ T4147] pgsteal 0 [ 479.625430][ T4147] pgactivate 1353 [ 479.625430][ T4147] pgdeactivate 1650 [ 479.722175][ T4147] Out of memory and no killable processes... [ 480.000037][ T4150] bridge0: port 1(bridge_slave_0) entered blocking state [ 480.007276][ T4150] bridge0: port 1(bridge_slave_0) entered disabled state [ 480.014604][ T4150] device bridge_slave_0 entered promiscuous mode [ 480.021584][ T4150] bridge0: port 2(bridge_slave_1) entered blocking state [ 480.028621][ T4150] bridge0: port 2(bridge_slave_1) entered disabled state [ 480.036069][ T4150] device bridge_slave_1 entered promiscuous mode [ 480.073642][ T4150] bridge0: port 2(bridge_slave_1) entered blocking state [ 480.080680][ T4150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 480.087949][ T4150] bridge0: port 1(bridge_slave_0) entered blocking state [ 480.094979][ T4150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 480.114948][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 480.122586][ T67] bridge0: port 1(bridge_slave_0) entered disabled state [ 480.130058][ T67] bridge0: port 2(bridge_slave_1) entered disabled state [ 480.145518][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 480.153611][ T67] bridge0: port 1(bridge_slave_0) entered blocking state [ 480.160641][ T67] bridge0: port 1(bridge_slave_0) entered forwarding state [ 480.168500][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 480.176754][ T67] bridge0: port 2(bridge_slave_1) entered blocking state [ 480.183745][ T67] bridge0: port 2(bridge_slave_1) entered forwarding state [ 480.191631][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 480.199750][ T67] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 480.214439][ T1928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 480.236296][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 480.245203][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 480.253583][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 480.261576][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready 09:25:46 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_buf(r0, 0x29, 0x14, 0x0, 0x300) 09:25:46 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r1 = getpgrp(r0) prlimit64(r1, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:25:46 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:46 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:46 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:46 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:46 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0), 0x0, 0x0) ioctl$LOOP_GET_STATUS64(r0, 0x127e, 0x0) 09:25:46 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x41, &(0x7f0000000080)=@security={'security\x00', 0xe, 0x4, 0x3a0, 0xffffffff, 0xd0, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x470, 0x470, 0x470, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "db4a882e238e1968cd657e82a051591dde7e4c9406efd47cbcd90e1632db"}}, {{@ipv6={@local, @private0, [], [], 'caif0\x00', 'team0\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "8402baceed2c408cc347198dc4ce6d000b641aa8ca662ee4a4c1b01c42c1ed63b3579e6952a63406f91593b5192d7bcba7e2214df792a05ef4a52ee3372e9fd5"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400) 09:25:46 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0), 0x0, 0x0) ioctl$LOOP_GET_STATUS64(r0, 0x125e, 0x0) [ 481.157723][ T4164] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 481.167973][ T4164] CPU: 0 PID: 4164 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 481.178118][ T4164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 481.188156][ T4164] Call Trace: [ 481.191432][ T4164] dump_stack+0x1d8/0x241 [ 481.195756][ T4164] ? panic+0x73e/0x73e [ 481.199827][ T4164] ? nf_ct_l4proto_log_invalid+0x26c/0x26c 09:25:46 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x13, &(0x7f0000000080)=@security={'security\x00', 0xe, 0x4, 0x3a0, 0xffffffff, 0xd0, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x470, 0x470, 0x470, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "db4a882e238e1968cd657e82a051591dde7e4c9406efd47cbcd90e1632db"}}, {{@ipv6={@local, @private0, [], [], 'caif0\x00', 'team0\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "8402baceed2c408cc347198dc4ce6d000b641aa8ca662ee4a4c1b01c42c1ed63b3579e6952a63406f91593b5192d7bcba7e2214df792a05ef4a52ee3372e9fd5"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400) 09:25:46 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x38}, 0x0) [ 481.205628][ T4164] ? _raw_spin_lock+0xa3/0x1b0 [ 481.210384][ T4164] ? asan.module_dtor+0x20/0x20 [ 481.215236][ T4164] dump_header+0xdb/0x700 [ 481.219565][ T4164] oom_kill_process+0xf0/0x2d0 [ 481.224320][ T4164] out_of_memory+0x666/0x940 [ 481.228899][ T4164] ? unregister_oom_notifier+0x20/0x20 [ 481.234350][ T4164] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 481.240142][ T4164] memory_max_write+0x528/0x600 [ 481.244979][ T4164] ? memory_max_show+0xa0/0xa0 [ 481.249728][ T4164] ? memory_max_show+0xa0/0xa0 [ 481.254474][ T4164] cgroup_file_write+0x273/0x5c0 [ 481.259413][ T4164] ? cgroup_seqfile_stop+0xc0/0xc0 [ 481.264509][ T4164] ? kernfs_get+0x90/0x90 [ 481.268826][ T4164] ? cgroup_seqfile_stop+0xc0/0xc0 [ 481.273920][ T4164] kernfs_fop_write+0x2ec/0x3e0 [ 481.278756][ T4164] ? kernfs_fop_read+0x450/0x450 [ 481.283675][ T4164] __vfs_write+0x103/0x780 [ 481.288094][ T4164] ? __kernel_write+0x340/0x340 [ 481.292929][ T4164] ? check_preemption_disabled+0x9e/0x330 [ 481.298636][ T4164] ? __fget+0x40c/0x4a0 [ 481.302775][ T4164] ? debug_smp_processor_id+0x20/0x20 [ 481.308130][ T4164] ? selinux_file_permission+0x2c2/0x530 [ 481.313758][ T4164] vfs_write+0x210/0x4f0 [ 481.317991][ T4164] ksys_write+0x198/0x2c0 [ 481.322308][ T4164] ? __ia32_sys_read+0x80/0x80 [ 481.327061][ T4164] do_syscall_64+0xcb/0x1c0 [ 481.331549][ T4164] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 481.338343][ T4164] memory: usage 80kB, limit 0kB, failcnt 6990 [ 481.344401][ T4164] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 481.351548][ T4164] Memory cgroup stats for /syz0: 09:25:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000000)=0x400, 0x4) [ 481.351626][ T4164] anon 147456 [ 481.351626][ T4164] file 0 [ 481.351626][ T4164] kernel_stack 0 [ 481.351626][ T4164] slab 0 [ 481.351626][ T4164] sock 0 [ 481.351626][ T4164] shmem 0 [ 481.351626][ T4164] file_mapped 0 [ 481.351626][ T4164] file_dirty 0 [ 481.351626][ T4164] file_writeback 0 [ 481.351626][ T4164] anon_thp 0 [ 481.351626][ T4164] inactive_anon 0 [ 481.351626][ T4164] active_anon 135168 [ 481.351626][ T4164] inactive_file 0 [ 481.351626][ T4164] active_file 0 [ 481.351626][ T4164] unevictable 0 [ 481.351626][ T4164] slab_reclaimable 0 09:25:47 executing program 1: openat$procfs(0xffffffffffffff9c, &(0x7f0000001e80)='/proc/locks\x00', 0x0, 0x0) openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0) [ 481.351626][ T4164] slab_unreclaimable 0 [ 481.351626][ T4164] pgfault 96129 [ 481.351626][ T4164] pgmajfault 0 [ 481.351626][ T4164] workingset_refault 0 [ 481.351626][ T4164] workingset_activate 0 [ 481.351626][ T4164] workingset_nodereclaim 0 [ 481.351626][ T4164] pgrefill 1650 [ 481.351626][ T4164] pgscan 1387 [ 481.351626][ T4164] pgsteal 0 [ 481.351626][ T4164] pgactivate 1386 [ 481.351626][ T4164] pgdeactivate 1650 [ 481.448005][ T4164] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4150,uid=0 [ 481.463195][ T4164] Memory cgroup out of memory: Killed process 4150 (syz-executor.0) total-vm:48508kB, anon-rss:448kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:0 [ 481.480648][ T23] oom_reaper: reaped process 4150 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:48kB [ 481.480962][ T4168] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 481.501894][ T4168] CPU: 0 PID: 4168 Comm: syz-executor.0 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 481.512198][ T4168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 481.522251][ T4168] Call Trace: [ 481.525536][ T4168] dump_stack+0x1d8/0x241 [ 481.529899][ T4168] ? panic+0x73e/0x73e [ 481.533953][ T4168] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 481.539748][ T4168] ? _raw_spin_lock+0xa3/0x1b0 [ 481.544498][ T4168] ? asan.module_dtor+0x20/0x20 [ 481.549335][ T4168] dump_header+0xdb/0x700 [ 481.553652][ T4168] oom_kill_process+0xf0/0x2d0 [ 481.558407][ T4168] out_of_memory+0x666/0x940 [ 481.562986][ T4168] ? unregister_oom_notifier+0x20/0x20 [ 481.568429][ T4168] ? _raw_spin_unlock+0x49/0x60 [ 481.573262][ T4168] mem_cgroup_oom+0x6d2/0x810 [ 481.577929][ T4168] ? drain_all_stock+0x5f0/0x5f0 [ 481.582854][ T4168] ? cgroup_file_notify+0x106/0x190 [ 481.588034][ T4168] try_charge+0xce7/0x11f0 [ 481.592431][ T4168] ? preempt_count_add+0x8d/0x180 [ 481.597445][ T4168] ? __memcg_kmem_charge_memcg+0x140/0x140 [ 481.603240][ T4168] ? __alloc_pages_nodemask+0x372/0x860 [ 481.608772][ T4168] ? get_mem_cgroup_from_mm+0x284/0x2d0 [ 481.614303][ T4168] mem_cgroup_try_charge+0xd5/0x2a0 [ 481.619491][ T4168] wp_page_copy+0x3c6/0x19a0 [ 481.624066][ T4168] ? zap_pte_range+0x1ce0/0x1ce0 [ 481.628988][ T4168] ? debug_smp_processor_id+0x20/0x20 [ 481.634344][ T4168] ? _raw_spin_unlock+0x49/0x60 [ 481.639177][ T4168] ? do_wp_page+0x535/0x8b0 [ 481.643665][ T4168] handle_mm_fault+0xe52/0x3bd0 [ 481.648501][ T4168] ? finish_fault+0x230/0x230 [ 481.653161][ T4168] ? down_read_trylock+0x17a/0x1d0 [ 481.658259][ T4168] ? vmacache_update+0x9f/0xf0 [ 481.663009][ T4168] do_user_addr_fault+0x4a4/0xb30 [ 481.668017][ T4168] page_fault+0x2f/0x40 [ 481.672162][ T4168] ? __task_pid_nr_ns+0x180/0x270 [ 481.677170][ T4168] ? __put_user_4+0x1c/0x30 [ 481.681656][ T4168] ? schedule_tail+0xa8/0xd0 [ 481.686234][ T4168] ? ret_from_fork+0x8/0x30 [ 481.694817][ T4168] memory: usage 80kB, limit 0kB, failcnt 6991 [ 481.703223][ T4168] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 481.710259][ T4168] Memory cgroup stats for /syz0: [ 481.710322][ T4168] anon 147456 [ 481.710322][ T4168] file 0 [ 481.710322][ T4168] kernel_stack 0 [ 481.710322][ T4168] slab 0 [ 481.710322][ T4168] sock 0 [ 481.710322][ T4168] shmem 0 [ 481.710322][ T4168] file_mapped 0 [ 481.710322][ T4168] file_dirty 0 [ 481.710322][ T4168] file_writeback 0 [ 481.710322][ T4168] anon_thp 0 [ 481.710322][ T4168] inactive_anon 0 [ 481.710322][ T4168] active_anon 135168 [ 481.710322][ T4168] inactive_file 0 [ 481.710322][ T4168] active_file 0 [ 481.710322][ T4168] unevictable 0 [ 481.710322][ T4168] slab_reclaimable 0 [ 481.710322][ T4168] slab_unreclaimable 0 [ 481.710322][ T4168] pgfault 96129 [ 481.710322][ T4168] pgmajfault 0 [ 481.710322][ T4168] workingset_refault 0 [ 481.710322][ T4168] workingset_activate 0 [ 481.710322][ T4168] workingset_nodereclaim 0 [ 481.710322][ T4168] pgrefill 1650 [ 481.710322][ T4168] pgscan 1387 [ 481.710322][ T4168] pgsteal 0 [ 481.710322][ T4168] pgactivate 1386 [ 481.710322][ T4168] pgdeactivate 1650 [ 481.807180][ T4168] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4168,uid=0 [ 481.822395][ T4168] Memory cgroup out of memory: Killed process 4168 (syz-executor.0) total-vm:48508kB, anon-rss:456kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:68kB oom_score_adj:0 [ 481.840200][ T23] oom_reaper: reaped process 4168 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:0kB 09:25:47 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r1 = getpgrp(r0) prlimit64(r1, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:25:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 482.050263][ T4180] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 482.081141][ T4180] CPU: 0 PID: 4180 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 482.091315][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 482.101473][ T4180] Call Trace: [ 482.104762][ T4180] dump_stack+0x1d8/0x241 [ 482.109082][ T4180] ? panic+0x73e/0x73e [ 482.113145][ T4180] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 482.118935][ T4180] ? put_css_set_locked+0x377/0x9a0 [ 482.124117][ T4180] dump_header+0xdb/0x700 [ 482.128437][ T4180] out_of_memory+0x6d0/0x940 [ 482.133011][ T4180] ? unregister_oom_notifier+0x20/0x20 [ 482.138491][ T4180] memory_max_write+0x528/0x600 [ 482.143331][ T4180] ? memory_max_show+0xa0/0xa0 [ 482.148085][ T4180] ? memory_max_show+0xa0/0xa0 [ 482.152845][ T4180] cgroup_file_write+0x273/0x5c0 [ 482.157776][ T4180] ? cgroup_seqfile_stop+0xc0/0xc0 [ 482.162860][ T4180] ? kernfs_get+0x90/0x90 [ 482.167172][ T4180] ? cgroup_seqfile_stop+0xc0/0xc0 [ 482.172257][ T4180] kernfs_fop_write+0x2ec/0x3e0 [ 482.177106][ T4180] ? kernfs_fop_read+0x450/0x450 [ 482.182163][ T4180] __vfs_write+0x103/0x780 [ 482.186600][ T4180] ? __kernel_write+0x340/0x340 [ 482.191424][ T4180] ? check_preemption_disabled+0x9e/0x330 [ 482.197146][ T4180] ? __fget+0x40c/0x4a0 [ 482.201284][ T4180] ? debug_smp_processor_id+0x20/0x20 [ 482.206629][ T4180] ? selinux_file_permission+0x2c2/0x530 [ 482.212231][ T4180] vfs_write+0x210/0x4f0 [ 482.216462][ T4180] ksys_write+0x198/0x2c0 [ 482.220760][ T4180] ? __ia32_sys_read+0x80/0x80 [ 482.225501][ T4180] do_syscall_64+0xcb/0x1c0 [ 482.229981][ T4180] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 482.237452][ T4180] memory: usage 48kB, limit 0kB, failcnt 6994 [ 482.243592][ T4180] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 482.251142][ T4180] Memory cgroup stats for /syz0: [ 482.251250][ T4180] anon 147456 [ 482.251250][ T4180] file 0 [ 482.251250][ T4180] kernel_stack 0 [ 482.251250][ T4180] slab 0 [ 482.251250][ T4180] sock 0 [ 482.251250][ T4180] shmem 0 [ 482.251250][ T4180] file_mapped 0 [ 482.251250][ T4180] file_dirty 0 [ 482.251250][ T4180] file_writeback 0 [ 482.251250][ T4180] anon_thp 0 [ 482.251250][ T4180] inactive_anon 0 [ 482.251250][ T4180] active_anon 135168 [ 482.251250][ T4180] inactive_file 0 [ 482.251250][ T4180] active_file 0 [ 482.251250][ T4180] unevictable 0 [ 482.251250][ T4180] slab_reclaimable 0 [ 482.251250][ T4180] slab_unreclaimable 0 [ 482.251250][ T4180] pgfault 96129 [ 482.251250][ T4180] pgmajfault 0 [ 482.251250][ T4180] workingset_refault 0 [ 482.251250][ T4180] workingset_activate 0 [ 482.251250][ T4180] workingset_nodereclaim 0 [ 482.251250][ T4180] pgrefill 1650 [ 482.251250][ T4180] pgscan 1387 [ 482.251250][ T4180] pgsteal 0 [ 482.251250][ T4180] pgactivate 1386 [ 482.251250][ T4180] pgdeactivate 1650 [ 482.347718][ T4180] Out of memory and no killable processes... [ 482.353736][ T4192] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 482.364478][ T4192] CPU: 1 PID: 4192 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 482.374633][ T4192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 482.384693][ T4192] Call Trace: [ 482.387961][ T4192] dump_stack+0x1d8/0x241 [ 482.392264][ T4192] ? panic+0x73e/0x73e [ 482.396300][ T4192] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 482.402096][ T4192] dump_header+0xdb/0x700 [ 482.406414][ T4192] out_of_memory+0x6d0/0x940 [ 482.410974][ T4192] ? unregister_oom_notifier+0x20/0x20 [ 482.416426][ T4192] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 482.422323][ T4192] memory_max_write+0x528/0x600 [ 482.428646][ T4192] ? memory_max_show+0xa0/0xa0 [ 482.433394][ T4192] ? memory_max_show+0xa0/0xa0 [ 482.438139][ T4192] cgroup_file_write+0x273/0x5c0 [ 482.443083][ T4192] ? cgroup_seqfile_stop+0xc0/0xc0 [ 482.448165][ T4192] ? kernfs_get+0x90/0x90 [ 482.452464][ T4192] ? cgroup_seqfile_stop+0xc0/0xc0 [ 482.457547][ T4192] kernfs_fop_write+0x2ec/0x3e0 [ 482.462366][ T4192] ? kernfs_fop_read+0x450/0x450 [ 482.467273][ T4192] __vfs_write+0x103/0x780 [ 482.471659][ T4192] ? __kernel_write+0x340/0x340 [ 482.476483][ T4192] ? check_preemption_disabled+0x9e/0x330 [ 482.482196][ T4192] ? __fget+0x40c/0x4a0 [ 482.486320][ T4192] ? debug_smp_processor_id+0x20/0x20 [ 482.491686][ T4192] ? selinux_file_permission+0x2c2/0x530 [ 482.497299][ T4192] vfs_write+0x210/0x4f0 [ 482.501521][ T4192] ksys_write+0x198/0x2c0 [ 482.505821][ T4192] ? __ia32_sys_read+0x80/0x80 [ 482.510555][ T4192] do_syscall_64+0xcb/0x1c0 [ 482.515026][ T4192] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 482.520925][ T4192] memory: usage 48kB, limit 0kB, failcnt 6994 [ 482.526993][ T4192] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 482.533804][ T4192] Memory cgroup stats for /syz0: [ 482.533855][ T4192] anon 147456 [ 482.533855][ T4192] file 0 [ 482.533855][ T4192] kernel_stack 0 [ 482.533855][ T4192] slab 0 [ 482.533855][ T4192] sock 0 [ 482.533855][ T4192] shmem 0 [ 482.533855][ T4192] file_mapped 0 [ 482.533855][ T4192] file_dirty 0 [ 482.533855][ T4192] file_writeback 0 [ 482.533855][ T4192] anon_thp 0 [ 482.533855][ T4192] inactive_anon 0 [ 482.533855][ T4192] active_anon 135168 [ 482.533855][ T4192] inactive_file 0 [ 482.533855][ T4192] active_file 0 [ 482.533855][ T4192] unevictable 0 [ 482.533855][ T4192] slab_reclaimable 0 [ 482.533855][ T4192] slab_unreclaimable 0 [ 482.533855][ T4192] pgfault 96129 [ 482.533855][ T4192] pgmajfault 0 [ 482.533855][ T4192] workingset_refault 0 [ 482.533855][ T4192] workingset_activate 0 [ 482.533855][ T4192] workingset_nodereclaim 0 [ 482.533855][ T4192] pgrefill 1650 [ 482.533855][ T4192] pgscan 1387 [ 482.533855][ T4192] pgsteal 0 [ 482.533855][ T4192] pgactivate 1386 [ 482.533855][ T4192] pgdeactivate 1650 [ 482.629828][ T4192] Out of memory and no killable processes... [ 482.635866][ T4189] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 482.646024][ T4189] CPU: 1 PID: 4189 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 482.656149][ T4189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 482.666178][ T4189] Call Trace: [ 482.669452][ T4189] dump_stack+0x1d8/0x241 [ 482.673758][ T4189] ? panic+0x73e/0x73e [ 482.677826][ T4189] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 482.683607][ T4189] dump_header+0xdb/0x700 [ 482.687909][ T4189] out_of_memory+0x6d0/0x940 [ 482.692481][ T4189] ? unregister_oom_notifier+0x20/0x20 [ 482.697910][ T4189] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 482.703683][ T4189] memory_max_write+0x528/0x600 [ 482.708528][ T4189] ? memory_max_show+0xa0/0xa0 [ 482.713266][ T4189] ? memory_max_show+0xa0/0xa0 [ 482.718025][ T4189] cgroup_file_write+0x273/0x5c0 [ 482.722937][ T4189] ? cgroup_seqfile_stop+0xc0/0xc0 [ 482.728015][ T4189] ? kernfs_get+0x90/0x90 [ 482.732353][ T4189] ? cgroup_seqfile_stop+0xc0/0xc0 [ 482.737434][ T4189] kernfs_fop_write+0x2ec/0x3e0 [ 482.742254][ T4189] ? kernfs_fop_read+0x450/0x450 [ 482.747187][ T4189] __vfs_write+0x103/0x780 [ 482.751575][ T4189] ? __kernel_write+0x340/0x340 [ 482.756400][ T4189] ? check_preemption_disabled+0x9e/0x330 [ 482.762088][ T4189] ? __fget+0x40c/0x4a0 [ 482.766300][ T4189] ? debug_smp_processor_id+0x20/0x20 [ 482.771640][ T4189] ? selinux_file_permission+0x2c2/0x530 [ 482.777247][ T4189] vfs_write+0x210/0x4f0 [ 482.781463][ T4189] ksys_write+0x198/0x2c0 [ 482.785786][ T4189] ? __ia32_sys_read+0x80/0x80 [ 482.790526][ T4189] do_syscall_64+0xcb/0x1c0 [ 482.795000][ T4189] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 482.800924][ T4189] memory: usage 48kB, limit 0kB, failcnt 6994 [ 482.807009][ T4189] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 482.813914][ T4189] Memory cgroup stats for /syz0: [ 482.813966][ T4189] anon 147456 [ 482.813966][ T4189] file 0 [ 482.813966][ T4189] kernel_stack 0 [ 482.813966][ T4189] slab 0 [ 482.813966][ T4189] sock 0 [ 482.813966][ T4189] shmem 0 [ 482.813966][ T4189] file_mapped 0 [ 482.813966][ T4189] file_dirty 0 [ 482.813966][ T4189] file_writeback 0 [ 482.813966][ T4189] anon_thp 0 [ 482.813966][ T4189] inactive_anon 0 [ 482.813966][ T4189] active_anon 135168 [ 482.813966][ T4189] inactive_file 0 [ 482.813966][ T4189] active_file 0 [ 482.813966][ T4189] unevictable 0 [ 482.813966][ T4189] slab_reclaimable 0 [ 482.813966][ T4189] slab_unreclaimable 0 [ 482.813966][ T4189] pgfault 96129 [ 482.813966][ T4189] pgmajfault 0 [ 482.813966][ T4189] workingset_refault 0 [ 482.813966][ T4189] workingset_activate 0 [ 482.813966][ T4189] workingset_nodereclaim 0 [ 482.813966][ T4189] pgrefill 1650 [ 482.813966][ T4189] pgscan 1387 [ 482.813966][ T4189] pgsteal 0 [ 482.813966][ T4189] pgactivate 1386 [ 482.813966][ T4189] pgdeactivate 1650 [ 482.909776][ T4189] Out of memory and no killable processes... 09:25:48 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0), 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:48 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r0, &(0x7f0000002940)=[{{&(0x7f0000000040)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3f}}, 0x10, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000002880)=[@ip_retopts={{0x10}}], 0x10}}], 0x2, 0x0) 09:25:48 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:48 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:48 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:48 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000080)=@security={'security\x00', 0xe, 0x7fffffe, 0x3a0, 0xffffffff, 0xd0, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x470, 0x470, 0x470, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "db4a882e238e1968cd657e82a051591dde7e4c9406efd47cbcd90e1632db"}}, {{@ipv6={@local, @private0, [], [], 'caif0\x00', 'team0\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "8402baceed2c408cc347198dc4ce6d000b641aa8ca662ee4a4c1b01c42c1ed63b3579e6952a63406f91593b5192d7bcba7e2214df792a05ef4a52ee3372e9fd5"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400) 09:25:48 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0), 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 483.103414][ T4206] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 483.113640][ T4206] CPU: 1 PID: 4206 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 483.123767][ T4206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 483.134154][ T4206] Call Trace: [ 483.137438][ T4206] dump_stack+0x1d8/0x241 [ 483.142012][ T4206] ? panic+0x73e/0x73e [ 483.146056][ T4206] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 483.151833][ T4206] dump_header+0xdb/0x700 [ 483.156132][ T4206] out_of_memory+0x6d0/0x940 [ 483.160691][ T4206] ? unregister_oom_notifier+0x20/0x20 [ 483.166122][ T4206] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 483.171976][ T4206] memory_max_write+0x528/0x600 [ 483.176798][ T4206] ? memory_max_show+0xa0/0xa0 [ 483.181533][ T4206] ? memory_max_show+0xa0/0xa0 [ 483.187156][ T4206] cgroup_file_write+0x273/0x5c0 [ 483.192073][ T4206] ? cgroup_seqfile_stop+0xc0/0xc0 [ 483.197160][ T4206] ? kernfs_get+0x90/0x90 [ 483.201468][ T4206] ? cgroup_seqfile_stop+0xc0/0xc0 [ 483.206552][ T4206] kernfs_fop_write+0x2ec/0x3e0 [ 483.211371][ T4206] ? kernfs_fop_read+0x450/0x450 [ 483.216278][ T4206] __vfs_write+0x103/0x780 [ 483.220664][ T4206] ? __kernel_write+0x340/0x340 [ 483.225498][ T4206] ? check_preemption_disabled+0x9e/0x330 [ 483.231192][ T4206] ? __fget+0x40c/0x4a0 [ 483.235317][ T4206] ? debug_smp_processor_id+0x20/0x20 [ 483.240657][ T4206] ? selinux_file_permission+0x2c2/0x530 [ 483.246263][ T4206] vfs_write+0x210/0x4f0 [ 483.250489][ T4206] ksys_write+0x198/0x2c0 [ 483.254800][ T4206] ? __ia32_sys_read+0x80/0x80 [ 483.259551][ T4206] do_syscall_64+0xcb/0x1c0 [ 483.264037][ T4206] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 483.269983][ T4206] memory: usage 48kB, limit 0kB, failcnt 6994 [ 483.276086][ T4206] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 483.282907][ T4206] Memory cgroup stats for /syz0: [ 483.282983][ T4206] anon 147456 [ 483.282983][ T4206] file 0 [ 483.282983][ T4206] kernel_stack 0 [ 483.282983][ T4206] slab 0 [ 483.282983][ T4206] sock 0 [ 483.282983][ T4206] shmem 0 [ 483.282983][ T4206] file_mapped 0 [ 483.282983][ T4206] file_dirty 0 [ 483.282983][ T4206] file_writeback 0 [ 483.282983][ T4206] anon_thp 0 [ 483.282983][ T4206] inactive_anon 0 [ 483.282983][ T4206] active_anon 135168 [ 483.282983][ T4206] inactive_file 0 [ 483.282983][ T4206] active_file 0 [ 483.282983][ T4206] unevictable 0 [ 483.282983][ T4206] slab_reclaimable 0 [ 483.282983][ T4206] slab_unreclaimable 0 [ 483.282983][ T4206] pgfault 96129 [ 483.282983][ T4206] pgmajfault 0 [ 483.282983][ T4206] workingset_refault 0 09:25:48 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 483.282983][ T4206] workingset_activate 0 [ 483.282983][ T4206] workingset_nodereclaim 0 [ 483.282983][ T4206] pgrefill 1650 [ 483.282983][ T4206] pgscan 1387 [ 483.282983][ T4206] pgsteal 0 [ 483.282983][ T4206] pgactivate 1386 [ 483.282983][ T4206] pgdeactivate 1650 [ 483.378837][ T4206] Out of memory and no killable processes... [ 483.440428][ T4208] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 483.499491][ T4208] CPU: 1 PID: 4208 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 483.509656][ T4208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 483.519696][ T4208] Call Trace: [ 483.522982][ T4208] dump_stack+0x1d8/0x241 [ 483.527305][ T4208] ? panic+0x73e/0x73e [ 483.531365][ T4208] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 483.537163][ T4208] ? preempt_schedule_common+0xb7/0xe0 [ 483.542614][ T4208] dump_header+0xdb/0x700 [ 483.546979][ T4208] out_of_memory+0x6d0/0x940 [ 483.551568][ T4208] ? unregister_oom_notifier+0x20/0x20 [ 483.557023][ T4208] memory_max_write+0x528/0x600 [ 483.561955][ T4208] ? memory_max_show+0xa0/0xa0 [ 483.566719][ T4208] ? memory_max_show+0xa0/0xa0 [ 483.571470][ T4208] cgroup_file_write+0x273/0x5c0 [ 483.576405][ T4208] ? cgroup_seqfile_stop+0xc0/0xc0 [ 483.581509][ T4208] ? kernfs_get+0x90/0x90 [ 483.585831][ T4208] ? cgroup_seqfile_stop+0xc0/0xc0 [ 483.590927][ T4208] kernfs_fop_write+0x2ec/0x3e0 [ 483.595769][ T4208] ? kernfs_fop_read+0x450/0x450 [ 483.600690][ T4208] __vfs_write+0x103/0x780 [ 483.605091][ T4208] ? __kernel_write+0x340/0x340 [ 483.609930][ T4208] ? check_preemption_disabled+0x9e/0x330 [ 483.615634][ T4208] ? __fget+0x40c/0x4a0 [ 483.619775][ T4208] ? debug_smp_processor_id+0x20/0x20 [ 483.625146][ T4208] ? selinux_file_permission+0x2c2/0x530 [ 483.630768][ T4208] vfs_write+0x210/0x4f0 [ 483.635000][ T4208] ksys_write+0x198/0x2c0 [ 483.639317][ T4208] ? __ia32_sys_read+0x80/0x80 [ 483.644079][ T4208] do_syscall_64+0xcb/0x1c0 [ 483.648605][ T4208] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 09:25:49 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 484.058047][ T4208] memory: usage 48kB, limit 0kB, failcnt 6994 [ 484.064241][ T4208] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 484.084364][ T4208] Memory cgroup stats for /syz0: [ 484.084439][ T4208] anon 147456 [ 484.084439][ T4208] file 0 [ 484.084439][ T4208] kernel_stack 0 [ 484.084439][ T4208] slab 0 [ 484.084439][ T4208] sock 0 [ 484.084439][ T4208] shmem 0 [ 484.084439][ T4208] file_mapped 0 [ 484.084439][ T4208] file_dirty 0 [ 484.084439][ T4208] file_writeback 0 [ 484.084439][ T4208] anon_thp 0 [ 484.084439][ T4208] inactive_anon 0 [ 484.084439][ T4208] active_anon 135168 [ 484.084439][ T4208] inactive_file 0 [ 484.084439][ T4208] active_file 0 [ 484.084439][ T4208] unevictable 0 [ 484.084439][ T4208] slab_reclaimable 0 [ 484.084439][ T4208] slab_unreclaimable 0 [ 484.084439][ T4208] pgfault 96129 [ 484.084439][ T4208] pgmajfault 0 [ 484.084439][ T4208] workingset_refault 0 [ 484.084439][ T4208] workingset_activate 0 [ 484.084439][ T4208] workingset_nodereclaim 0 [ 484.084439][ T4208] pgrefill 1650 [ 484.084439][ T4208] pgscan 1387 [ 484.084439][ T4208] pgsteal 0 [ 484.084439][ T4208] pgactivate 1386 [ 484.084439][ T4208] pgdeactivate 1650 09:25:49 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:49 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 484.255479][ T801] device bridge_slave_1 left promiscuous mode [ 484.263747][ T801] bridge0: port 2(bridge_slave_1) entered disabled state [ 484.286293][ T801] device bridge_slave_0 left promiscuous mode [ 484.326553][ T801] bridge0: port 1(bridge_slave_0) entered disabled state [ 484.386341][ T4208] Out of memory and no killable processes... [ 484.407760][ T4216] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 484.417964][ T4216] CPU: 0 PID: 4216 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 484.428093][ T4216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 484.438130][ T4216] Call Trace: [ 484.441415][ T4216] dump_stack+0x1d8/0x241 [ 484.445822][ T4216] ? panic+0x73e/0x73e [ 484.449884][ T4216] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 484.455680][ T4216] dump_header+0xdb/0x700 [ 484.459999][ T4216] out_of_memory+0x6d0/0x940 [ 484.464574][ T4216] ? unregister_oom_notifier+0x20/0x20 [ 484.470014][ T4216] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 484.475805][ T4216] memory_max_write+0x528/0x600 [ 484.480651][ T4216] ? memory_max_show+0xa0/0xa0 [ 484.485399][ T4216] ? memory_max_show+0xa0/0xa0 [ 484.490144][ T4216] cgroup_file_write+0x273/0x5c0 [ 484.495065][ T4216] ? cgroup_seqfile_stop+0xc0/0xc0 [ 484.500154][ T4216] ? kernfs_get+0x90/0x90 [ 484.504469][ T4216] ? cgroup_seqfile_stop+0xc0/0xc0 [ 484.509566][ T4216] kernfs_fop_write+0x2ec/0x3e0 [ 484.514399][ T4216] ? kernfs_fop_read+0x450/0x450 [ 484.519318][ T4216] __vfs_write+0x103/0x780 [ 484.523716][ T4216] ? __kernel_write+0x340/0x340 [ 484.528547][ T4216] ? check_preemption_disabled+0x9e/0x330 [ 484.534245][ T4216] ? __fget+0x40c/0x4a0 [ 484.538385][ T4216] ? debug_smp_processor_id+0x20/0x20 [ 484.543745][ T4216] ? selinux_file_permission+0x2c2/0x530 [ 484.549364][ T4216] vfs_write+0x210/0x4f0 [ 484.553593][ T4216] ksys_write+0x198/0x2c0 [ 484.557911][ T4216] ? __ia32_sys_read+0x80/0x80 [ 484.562660][ T4216] do_syscall_64+0xcb/0x1c0 [ 484.567151][ T4216] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 484.573190][ T4216] memory: usage 48kB, limit 0kB, failcnt 6994 [ 484.579257][ T4216] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 484.586118][ T4216] Memory cgroup stats for /syz0: [ 484.586194][ T4216] anon 147456 [ 484.586194][ T4216] file 0 [ 484.586194][ T4216] kernel_stack 0 [ 484.586194][ T4216] slab 0 [ 484.586194][ T4216] sock 0 [ 484.586194][ T4216] shmem 0 [ 484.586194][ T4216] file_mapped 0 [ 484.586194][ T4216] file_dirty 0 [ 484.586194][ T4216] file_writeback 0 [ 484.586194][ T4216] anon_thp 0 [ 484.586194][ T4216] inactive_anon 0 [ 484.586194][ T4216] active_anon 135168 [ 484.586194][ T4216] inactive_file 0 [ 484.586194][ T4216] active_file 0 [ 484.586194][ T4216] unevictable 0 [ 484.586194][ T4216] slab_reclaimable 0 [ 484.586194][ T4216] slab_unreclaimable 0 [ 484.586194][ T4216] pgfault 96129 [ 484.586194][ T4216] pgmajfault 0 [ 484.586194][ T4216] workingset_refault 0 [ 484.586194][ T4216] workingset_activate 0 [ 484.586194][ T4216] workingset_nodereclaim 0 [ 484.586194][ T4216] pgrefill 1683 [ 484.586194][ T4216] pgscan 1387 [ 484.586194][ T4216] pgsteal 0 [ 484.586194][ T4216] pgactivate 1386 [ 484.586194][ T4216] pgdeactivate 1683 [ 484.682262][ T4216] Out of memory and no killable processes... [ 484.688280][ T4223] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 484.698494][ T4223] CPU: 1 PID: 4223 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 484.708625][ T4223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 484.718673][ T4223] Call Trace: [ 484.721958][ T4223] dump_stack+0x1d8/0x241 [ 484.726308][ T4223] ? panic+0x73e/0x73e [ 484.730365][ T4223] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 484.736168][ T4223] dump_header+0xdb/0x700 [ 484.740488][ T4223] out_of_memory+0x6d0/0x940 [ 484.745067][ T4223] ? unregister_oom_notifier+0x20/0x20 [ 484.750511][ T4223] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 484.756305][ T4223] memory_max_write+0x528/0x600 [ 484.761186][ T4223] ? memory_max_show+0xa0/0xa0 [ 484.765936][ T4223] ? memory_max_show+0xa0/0xa0 [ 484.770688][ T4223] cgroup_file_write+0x273/0x5c0 [ 484.775612][ T4223] ? cgroup_seqfile_stop+0xc0/0xc0 [ 484.780707][ T4223] ? kernfs_get+0x90/0x90 [ 484.785021][ T4223] ? cgroup_seqfile_stop+0xc0/0xc0 [ 484.790114][ T4223] kernfs_fop_write+0x2ec/0x3e0 [ 484.794977][ T4223] ? kernfs_fop_read+0x450/0x450 [ 484.799907][ T4223] __vfs_write+0x103/0x780 [ 484.804316][ T4223] ? __kernel_write+0x340/0x340 [ 484.809154][ T4223] ? check_preemption_disabled+0x9e/0x330 [ 484.814941][ T4223] ? __fget+0x40c/0x4a0 [ 484.819077][ T4223] ? debug_smp_processor_id+0x20/0x20 [ 484.824436][ T4223] ? selinux_file_permission+0x2c2/0x530 [ 484.830173][ T4223] vfs_write+0x210/0x4f0 [ 484.834409][ T4223] ksys_write+0x198/0x2c0 [ 484.838726][ T4223] ? __ia32_sys_read+0x80/0x80 [ 484.843481][ T4223] do_syscall_64+0xcb/0x1c0 [ 484.847979][ T4223] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 484.854109][ T4223] memory: usage 48kB, limit 0kB, failcnt 6994 [ 484.860232][ T4223] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 484.867090][ T4223] Memory cgroup stats for /syz0: [ 484.867166][ T4223] anon 147456 [ 484.867166][ T4223] file 0 [ 484.867166][ T4223] kernel_stack 0 [ 484.867166][ T4223] slab 0 [ 484.867166][ T4223] sock 0 [ 484.867166][ T4223] shmem 0 [ 484.867166][ T4223] file_mapped 0 [ 484.867166][ T4223] file_dirty 0 [ 484.867166][ T4223] file_writeback 0 [ 484.867166][ T4223] anon_thp 0 [ 484.867166][ T4223] inactive_anon 0 [ 484.867166][ T4223] active_anon 135168 [ 484.867166][ T4223] inactive_file 0 [ 484.867166][ T4223] active_file 0 [ 484.867166][ T4223] unevictable 0 [ 484.867166][ T4223] slab_reclaimable 0 [ 484.867166][ T4223] slab_unreclaimable 0 [ 484.867166][ T4223] pgfault 96129 [ 484.867166][ T4223] pgmajfault 0 [ 484.867166][ T4223] workingset_refault 0 09:25:50 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:50 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 484.867166][ T4223] workingset_activate 0 [ 484.867166][ T4223] workingset_nodereclaim 0 [ 484.867166][ T4223] pgrefill 1683 [ 484.867166][ T4223] pgscan 1387 [ 484.867166][ T4223] pgsteal 0 [ 484.867166][ T4223] pgactivate 1386 [ 484.867166][ T4223] pgdeactivate 1683 [ 484.963495][ T4223] Out of memory and no killable processes... [ 485.092770][ T4230] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 485.102978][ T4230] CPU: 1 PID: 4230 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 485.113200][ T4230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 485.123254][ T4230] Call Trace: [ 485.126543][ T4230] dump_stack+0x1d8/0x241 [ 485.130847][ T4230] ? panic+0x73e/0x73e [ 485.134885][ T4230] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 485.140662][ T4230] dump_header+0xdb/0x700 [ 485.144964][ T4230] out_of_memory+0x6d0/0x940 [ 485.149523][ T4230] ? unregister_oom_notifier+0x20/0x20 [ 485.154964][ T4230] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 485.160741][ T4230] memory_max_write+0x528/0x600 [ 485.165563][ T4230] ? memory_max_show+0xa0/0xa0 [ 485.170318][ T4230] ? memory_max_show+0xa0/0xa0 [ 485.175064][ T4230] cgroup_file_write+0x273/0x5c0 [ 485.179982][ T4230] ? cgroup_seqfile_stop+0xc0/0xc0 [ 485.185101][ T4230] ? kernfs_get+0x90/0x90 [ 485.189404][ T4230] ? cgroup_seqfile_stop+0xc0/0xc0 [ 485.194484][ T4230] kernfs_fop_write+0x2ec/0x3e0 [ 485.199305][ T4230] ? kernfs_fop_read+0x450/0x450 [ 485.204213][ T4230] __vfs_write+0x103/0x780 [ 485.208601][ T4230] ? __kernel_write+0x340/0x340 [ 485.213422][ T4230] ? check_preemption_disabled+0x9e/0x330 [ 485.219121][ T4230] ? __fget+0x40c/0x4a0 [ 485.223246][ T4230] ? debug_smp_processor_id+0x20/0x20 [ 485.228591][ T4230] ? selinux_file_permission+0x2c2/0x530 [ 485.234214][ T4230] vfs_write+0x210/0x4f0 [ 485.238438][ T4230] ksys_write+0x198/0x2c0 [ 485.242748][ T4230] ? __ia32_sys_read+0x80/0x80 [ 485.247484][ T4230] do_syscall_64+0xcb/0x1c0 [ 485.251963][ T4230] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 485.257908][ T4230] memory: usage 48kB, limit 0kB, failcnt 6994 [ 485.264039][ T4230] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 485.270889][ T4230] Memory cgroup stats for /syz0: [ 485.270964][ T4230] anon 147456 [ 485.270964][ T4230] file 0 [ 485.270964][ T4230] kernel_stack 0 [ 485.270964][ T4230] slab 0 [ 485.270964][ T4230] sock 0 [ 485.270964][ T4230] shmem 0 [ 485.270964][ T4230] file_mapped 0 [ 485.270964][ T4230] file_dirty 0 [ 485.270964][ T4230] file_writeback 0 [ 485.270964][ T4230] anon_thp 0 [ 485.270964][ T4230] inactive_anon 0 [ 485.270964][ T4230] active_anon 135168 [ 485.270964][ T4230] inactive_file 0 [ 485.270964][ T4230] active_file 0 [ 485.270964][ T4230] unevictable 0 [ 485.270964][ T4230] slab_reclaimable 0 [ 485.270964][ T4230] slab_unreclaimable 0 [ 485.270964][ T4230] pgfault 96129 [ 485.270964][ T4230] pgmajfault 0 [ 485.270964][ T4230] workingset_refault 0 [ 485.270964][ T4230] workingset_activate 0 [ 485.270964][ T4230] workingset_nodereclaim 0 [ 485.270964][ T4230] pgrefill 1683 [ 485.270964][ T4230] pgscan 1387 [ 485.270964][ T4230] pgsteal 0 [ 485.270964][ T4230] pgactivate 1386 [ 485.270964][ T4230] pgdeactivate 1683 [ 485.366771][ T4230] Out of memory and no killable processes... 09:25:50 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 485.406839][ T4231] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 485.429989][ T4231] CPU: 0 PID: 4231 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 485.440142][ T4231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 485.450183][ T4231] Call Trace: [ 485.453465][ T4231] dump_stack+0x1d8/0x241 [ 485.457792][ T4231] ? panic+0x73e/0x73e [ 485.461861][ T4231] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 485.467650][ T4231] ? preempt_schedule_common+0xb7/0xe0 [ 485.473094][ T4231] dump_header+0xdb/0x700 [ 485.477409][ T4231] out_of_memory+0x6d0/0x940 [ 485.481986][ T4231] ? unregister_oom_notifier+0x20/0x20 [ 485.487436][ T4231] memory_max_write+0x528/0x600 [ 485.492272][ T4231] ? memory_max_show+0xa0/0xa0 [ 485.497022][ T4231] ? memory_max_show+0xa0/0xa0 [ 485.501772][ T4231] cgroup_file_write+0x273/0x5c0 [ 485.506707][ T4231] ? cgroup_seqfile_stop+0xc0/0xc0 [ 485.511904][ T4231] ? kernfs_get+0x90/0x90 [ 485.516226][ T4231] ? cgroup_seqfile_stop+0xc0/0xc0 [ 485.521324][ T4231] kernfs_fop_write+0x2ec/0x3e0 [ 485.526161][ T4231] ? kernfs_fop_read+0x450/0x450 [ 485.531093][ T4231] __vfs_write+0x103/0x780 [ 485.535496][ T4231] ? __kernel_write+0x340/0x340 [ 485.540335][ T4231] ? check_preemption_disabled+0x9e/0x330 [ 485.546041][ T4231] ? __fget+0x40c/0x4a0 [ 485.550182][ T4231] ? debug_smp_processor_id+0x20/0x20 09:25:51 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 485.555652][ T4231] ? selinux_file_permission+0x2c2/0x530 [ 485.561287][ T4231] vfs_write+0x210/0x4f0 [ 485.565517][ T4231] ksys_write+0x198/0x2c0 [ 485.569840][ T4231] ? __ia32_sys_read+0x80/0x80 [ 485.574593][ T4231] do_syscall_64+0xcb/0x1c0 [ 485.579086][ T4231] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 485.598220][ T4231] memory: usage 48kB, limit 0kB, failcnt 6994 [ 485.604836][ T4231] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 485.611817][ T4231] Memory cgroup stats for /syz0: [ 485.611896][ T4231] anon 147456 [ 485.611896][ T4231] file 0 [ 485.611896][ T4231] kernel_stack 0 [ 485.611896][ T4231] slab 0 [ 485.611896][ T4231] sock 0 [ 485.611896][ T4231] shmem 0 [ 485.611896][ T4231] file_mapped 0 [ 485.611896][ T4231] file_dirty 0 [ 485.611896][ T4231] file_writeback 0 [ 485.611896][ T4231] anon_thp 0 [ 485.611896][ T4231] inactive_anon 0 [ 485.611896][ T4231] active_anon 135168 [ 485.611896][ T4231] inactive_file 0 [ 485.611896][ T4231] active_file 0 [ 485.611896][ T4231] unevictable 0 [ 485.611896][ T4231] slab_reclaimable 0 [ 485.611896][ T4231] slab_unreclaimable 0 [ 485.611896][ T4231] pgfault 96129 [ 485.611896][ T4231] pgmajfault 0 [ 485.611896][ T4231] workingset_refault 0 [ 485.611896][ T4231] workingset_activate 0 [ 485.611896][ T4231] workingset_nodereclaim 0 [ 485.611896][ T4231] pgrefill 1683 [ 485.611896][ T4231] pgscan 1387 [ 485.611896][ T4231] pgsteal 0 [ 485.611896][ T4231] pgactivate 1386 [ 485.611896][ T4231] pgdeactivate 1683 [ 485.711026][ T4231] Out of memory and no killable processes... [ 485.717123][ T4233] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 485.727344][ T4233] CPU: 1 PID: 4233 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 485.737482][ T4233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 485.747537][ T4233] Call Trace: [ 485.750817][ T4233] dump_stack+0x1d8/0x241 [ 485.755134][ T4233] ? panic+0x73e/0x73e [ 485.759190][ T4233] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 485.764986][ T4233] dump_header+0xdb/0x700 [ 485.769305][ T4233] out_of_memory+0x6d0/0x940 [ 485.773884][ T4233] ? unregister_oom_notifier+0x20/0x20 [ 485.779335][ T4233] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 485.785131][ T4233] memory_max_write+0x528/0x600 [ 485.789970][ T4233] ? memory_max_show+0xa0/0xa0 [ 485.794720][ T4233] ? memory_max_show+0xa0/0xa0 [ 485.799476][ T4233] cgroup_file_write+0x273/0x5c0 [ 485.804509][ T4233] ? cgroup_seqfile_stop+0xc0/0xc0 [ 485.809608][ T4233] ? kernfs_get+0x90/0x90 [ 485.813942][ T4233] ? cgroup_seqfile_stop+0xc0/0xc0 [ 485.819050][ T4233] kernfs_fop_write+0x2ec/0x3e0 [ 485.823898][ T4233] ? kernfs_fop_read+0x450/0x450 [ 485.828825][ T4233] __vfs_write+0x103/0x780 [ 485.833230][ T4233] ? __kernel_write+0x340/0x340 [ 485.838070][ T4233] ? check_preemption_disabled+0x9e/0x330 [ 485.843785][ T4233] ? __fget+0x40c/0x4a0 [ 485.847924][ T4233] ? debug_smp_processor_id+0x20/0x20 [ 485.853281][ T4233] ? selinux_file_permission+0x2c2/0x530 09:25:51 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:51 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 485.858904][ T4233] vfs_write+0x210/0x4f0 [ 485.863137][ T4233] ksys_write+0x198/0x2c0 [ 485.867459][ T4233] ? __ia32_sys_read+0x80/0x80 [ 485.872206][ T4233] do_syscall_64+0xcb/0x1c0 [ 485.876694][ T4233] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 485.882678][ T4233] memory: usage 48kB, limit 0kB, failcnt 6994 [ 485.888750][ T4233] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 485.895638][ T4233] Memory cgroup stats for /syz0: [ 485.895696][ T4233] anon 147456 [ 485.895696][ T4233] file 0 [ 485.895696][ T4233] kernel_stack 0 [ 485.895696][ T4233] slab 0 [ 485.895696][ T4233] sock 0 [ 485.895696][ T4233] shmem 0 [ 485.895696][ T4233] file_mapped 0 [ 485.895696][ T4233] file_dirty 0 [ 485.895696][ T4233] file_writeback 0 [ 485.895696][ T4233] anon_thp 0 [ 485.895696][ T4233] inactive_anon 0 [ 485.895696][ T4233] active_anon 135168 [ 485.895696][ T4233] inactive_file 0 [ 485.895696][ T4233] active_file 0 [ 485.895696][ T4233] unevictable 0 [ 485.895696][ T4233] slab_reclaimable 0 [ 485.895696][ T4233] slab_unreclaimable 0 [ 485.895696][ T4233] pgfault 96129 [ 485.895696][ T4233] pgmajfault 0 [ 485.895696][ T4233] workingset_refault 0 [ 485.895696][ T4233] workingset_activate 0 [ 485.895696][ T4233] workingset_nodereclaim 0 [ 485.895696][ T4233] pgrefill 1683 [ 485.895696][ T4233] pgscan 1387 [ 485.895696][ T4233] pgsteal 0 [ 485.895696][ T4233] pgactivate 1386 [ 485.895696][ T4233] pgdeactivate 1683 [ 485.991340][ T4233] Out of memory and no killable processes... [ 486.052461][ T4245] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 486.062772][ T4245] CPU: 0 PID: 4245 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 486.072897][ T4245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 486.082928][ T4245] Call Trace: [ 486.086215][ T4245] dump_stack+0x1d8/0x241 [ 486.090515][ T4245] ? panic+0x73e/0x73e [ 486.094552][ T4245] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 486.100333][ T4245] dump_header+0xdb/0x700 [ 486.104632][ T4245] out_of_memory+0x6d0/0x940 [ 486.109193][ T4245] ? unregister_oom_notifier+0x20/0x20 [ 486.114620][ T4245] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 486.120397][ T4245] memory_max_write+0x528/0x600 [ 486.125223][ T4245] ? memory_max_show+0xa0/0xa0 [ 486.129968][ T4245] ? memory_max_show+0xa0/0xa0 [ 486.134713][ T4245] cgroup_file_write+0x273/0x5c0 [ 486.139624][ T4245] ? cgroup_seqfile_stop+0xc0/0xc0 [ 486.144704][ T4245] ? kernfs_get+0x90/0x90 [ 486.149003][ T4245] ? cgroup_seqfile_stop+0xc0/0xc0 [ 486.154083][ T4245] kernfs_fop_write+0x2ec/0x3e0 [ 486.158905][ T4245] ? kernfs_fop_read+0x450/0x450 [ 486.163816][ T4245] __vfs_write+0x103/0x780 [ 486.168205][ T4245] ? __kernel_write+0x340/0x340 [ 486.173027][ T4245] ? check_preemption_disabled+0x9e/0x330 [ 486.178715][ T4245] ? __fget+0x40c/0x4a0 [ 486.182846][ T4245] ? debug_smp_processor_id+0x20/0x20 [ 486.188188][ T4245] ? selinux_file_permission+0x2c2/0x530 [ 486.193984][ T4245] vfs_write+0x210/0x4f0 [ 486.198205][ T4245] ksys_write+0x198/0x2c0 [ 486.202529][ T4245] ? __ia32_sys_read+0x80/0x80 [ 486.207272][ T4245] do_syscall_64+0xcb/0x1c0 [ 486.211752][ T4245] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 486.217687][ T4245] memory: usage 48kB, limit 0kB, failcnt 6994 [ 486.223763][ T4245] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 486.230599][ T4245] Memory cgroup stats for /syz0: [ 486.230675][ T4245] anon 147456 [ 486.230675][ T4245] file 0 [ 486.230675][ T4245] kernel_stack 0 [ 486.230675][ T4245] slab 0 [ 486.230675][ T4245] sock 0 [ 486.230675][ T4245] shmem 0 [ 486.230675][ T4245] file_mapped 0 [ 486.230675][ T4245] file_dirty 0 [ 486.230675][ T4245] file_writeback 0 [ 486.230675][ T4245] anon_thp 0 [ 486.230675][ T4245] inactive_anon 0 [ 486.230675][ T4245] active_anon 135168 [ 486.230675][ T4245] inactive_file 0 [ 486.230675][ T4245] active_file 0 [ 486.230675][ T4245] unevictable 0 [ 486.230675][ T4245] slab_reclaimable 0 [ 486.230675][ T4245] slab_unreclaimable 0 [ 486.230675][ T4245] pgfault 96129 [ 486.230675][ T4245] pgmajfault 0 [ 486.230675][ T4245] workingset_refault 0 [ 486.230675][ T4245] workingset_activate 0 [ 486.230675][ T4245] workingset_nodereclaim 0 [ 486.230675][ T4245] pgrefill 1683 [ 486.230675][ T4245] pgscan 1387 [ 486.230675][ T4245] pgsteal 0 [ 486.230675][ T4245] pgactivate 1386 [ 486.230675][ T4245] pgdeactivate 1683 [ 486.326519][ T4245] Out of memory and no killable processes... [ 486.415128][ T4247] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 486.452808][ T4247] CPU: 0 PID: 4247 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 486.462964][ T4247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 486.473001][ T4247] Call Trace: [ 486.476285][ T4247] dump_stack+0x1d8/0x241 [ 486.480590][ T4247] ? panic+0x73e/0x73e [ 486.484630][ T4247] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 486.490406][ T4247] ? preempt_schedule_common+0xb7/0xe0 [ 486.496356][ T4247] dump_header+0xdb/0x700 [ 486.500656][ T4247] out_of_memory+0x6d0/0x940 [ 486.505215][ T4247] ? unregister_oom_notifier+0x20/0x20 [ 486.510647][ T4247] memory_max_write+0x528/0x600 [ 486.515469][ T4247] ? memory_max_show+0xa0/0xa0 [ 486.520308][ T4247] ? memory_max_show+0xa0/0xa0 [ 486.525047][ T4247] cgroup_file_write+0x273/0x5c0 [ 486.529958][ T4247] ? cgroup_seqfile_stop+0xc0/0xc0 [ 486.535042][ T4247] ? kernfs_get+0x90/0x90 [ 486.539343][ T4247] ? cgroup_seqfile_stop+0xc0/0xc0 [ 486.544424][ T4247] kernfs_fop_write+0x2ec/0x3e0 [ 486.549245][ T4247] ? kernfs_fop_read+0x450/0x450 [ 486.554152][ T4247] __vfs_write+0x103/0x780 [ 486.558541][ T4247] ? __kernel_write+0x340/0x340 [ 486.563380][ T4247] ? check_preemption_disabled+0x9e/0x330 [ 486.569069][ T4247] ? __fget+0x40c/0x4a0 [ 486.574672][ T4247] ? debug_smp_processor_id+0x20/0x20 [ 486.580014][ T4247] ? selinux_file_permission+0x2c2/0x530 [ 486.585619][ T4247] vfs_write+0x210/0x4f0 [ 486.589837][ T4247] ksys_write+0x198/0x2c0 [ 486.594137][ T4247] ? __ia32_sys_read+0x80/0x80 [ 486.598871][ T4247] do_syscall_64+0xcb/0x1c0 [ 486.603347][ T4247] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 486.709056][ T4247] memory: usage 48kB, limit 0kB, failcnt 6994 [ 486.720488][ T4247] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 486.727590][ T4247] Memory cgroup stats for /syz0: [ 486.727664][ T4247] anon 147456 [ 486.727664][ T4247] file 0 [ 486.727664][ T4247] kernel_stack 0 [ 486.727664][ T4247] slab 0 [ 486.727664][ T4247] sock 0 [ 486.727664][ T4247] shmem 0 [ 486.727664][ T4247] file_mapped 0 [ 486.727664][ T4247] file_dirty 0 [ 486.727664][ T4247] file_writeback 0 [ 486.727664][ T4247] anon_thp 0 [ 486.727664][ T4247] inactive_anon 0 [ 486.727664][ T4247] active_anon 135168 [ 486.727664][ T4247] inactive_file 0 [ 486.727664][ T4247] active_file 0 [ 486.727664][ T4247] unevictable 0 [ 486.727664][ T4247] slab_reclaimable 0 [ 486.727664][ T4247] slab_unreclaimable 0 [ 486.727664][ T4247] pgfault 96129 [ 486.727664][ T4247] pgmajfault 0 [ 486.727664][ T4247] workingset_refault 0 [ 486.727664][ T4247] workingset_activate 0 [ 486.727664][ T4247] workingset_nodereclaim 0 [ 486.727664][ T4247] pgrefill 1683 [ 486.727664][ T4247] pgscan 1387 [ 486.727664][ T4247] pgsteal 0 [ 486.727664][ T4247] pgactivate 1386 [ 486.727664][ T4247] pgdeactivate 1683 [ 486.836954][ T4247] Out of memory and no killable processes... [ 486.860417][ T4248] bridge0: port 1(bridge_slave_0) entered blocking state [ 486.875092][ T4248] bridge0: port 1(bridge_slave_0) entered disabled state [ 486.895301][ T4248] device bridge_slave_0 entered promiscuous mode [ 486.902382][ T4248] bridge0: port 2(bridge_slave_1) entered blocking state [ 486.919654][ T4248] bridge0: port 2(bridge_slave_1) entered disabled state [ 486.934743][ T4248] device bridge_slave_1 entered promiscuous mode [ 487.005373][ T4248] bridge0: port 2(bridge_slave_1) entered blocking state [ 487.012420][ T4248] bridge0: port 2(bridge_slave_1) entered forwarding state [ 487.019721][ T4248] bridge0: port 1(bridge_slave_0) entered blocking state [ 487.026747][ T4248] bridge0: port 1(bridge_slave_0) entered forwarding state [ 487.058253][ T1324] bridge0: port 1(bridge_slave_0) entered disabled state [ 487.066228][ T1324] bridge0: port 2(bridge_slave_1) entered disabled state [ 487.073651][ T1324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 487.081823][ T1324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 487.105913][ T1324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 487.114120][ T1324] bridge0: port 1(bridge_slave_0) entered blocking state [ 487.121158][ T1324] bridge0: port 1(bridge_slave_0) entered forwarding state [ 487.129282][ T1324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 487.137578][ T1324] bridge0: port 2(bridge_slave_1) entered blocking state [ 487.144581][ T1324] bridge0: port 2(bridge_slave_1) entered forwarding state [ 487.152279][ T1324] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 487.160394][ T1324] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 487.186467][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 487.195434][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 487.218277][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 487.227140][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 487.236689][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready 09:25:53 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$sock_int(r0, 0x1, 0x2b, 0x0, &(0x7f0000000280)) 09:25:53 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0), 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:53 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:53 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:53 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:53 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:53 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0), 0x0, 0x0) ioctl$LOOP_GET_STATUS64(r0, 0x1263, 0x0) 09:25:53 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_buf(r0, 0x29, 0x49, 0x0, 0x7) 09:25:53 executing program 1: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) add_key$fscrypt_v1(&(0x7f0000000380), &(0x7f00000003c0)={'fscrypt:', @desc4}, &(0x7f0000000400)={0x0, "d370f2c54138ddae50299f6b906dd37a88e8ad3c36812059c7806abadf279e2d78f1df61c24cad9f28e2ab0d3fc2479493ba0a8bf7d1935cd6b9cda49c3927fb"}, 0x48, r0) keyctl$search(0x3, r0, 0x0, 0x0, 0x0) 09:25:53 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000080)=@security={'security\x00', 0xe, 0x8000000, 0x3a0, 0xffffffff, 0xd0, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x470, 0x470, 0x470, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "db4a882e238e1968cd657e82a051591dde7e4c9406efd47cbcd90e1632db"}}, {{@ipv6={@local, @private0, [], [], 'caif0\x00', 'team0\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "8402baceed2c408cc347198dc4ce6d000b641aa8ca662ee4a4c1b01c42c1ed63b3579e6952a63406f91593b5192d7bcba7e2214df792a05ef4a52ee3372e9fd5"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400) [ 488.505696][ T4265] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 488.515882][ T4265] CPU: 1 PID: 4265 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 488.526020][ T4265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 488.536063][ T4265] Call Trace: [ 488.539343][ T4265] dump_stack+0x1d8/0x241 [ 488.543659][ T4265] ? panic+0x73e/0x73e [ 488.547712][ T4265] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 488.553499][ T4265] ? _raw_spin_lock+0xa3/0x1b0 [ 488.558244][ T4265] ? asan.module_dtor+0x20/0x20 [ 488.563076][ T4265] dump_header+0xdb/0x700 [ 488.567388][ T4265] oom_kill_process+0xf0/0x2d0 [ 488.572132][ T4265] out_of_memory+0x666/0x940 [ 488.576706][ T4265] ? unregister_oom_notifier+0x20/0x20 [ 488.582145][ T4265] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 488.587939][ T4265] memory_max_write+0x528/0x600 [ 488.592782][ T4265] ? memory_max_show+0xa0/0xa0 [ 488.597542][ T4265] ? memory_max_show+0xa0/0xa0 [ 488.602294][ T4265] cgroup_file_write+0x273/0x5c0 [ 488.607223][ T4265] ? cgroup_seqfile_stop+0xc0/0xc0 [ 488.612323][ T4265] ? kernfs_get+0x90/0x90 [ 488.616646][ T4265] ? cgroup_seqfile_stop+0xc0/0xc0 [ 488.621751][ T4265] kernfs_fop_write+0x2ec/0x3e0 [ 488.626595][ T4265] ? kernfs_fop_read+0x450/0x450 [ 488.631525][ T4265] __vfs_write+0x103/0x780 [ 488.635933][ T4265] ? __kernel_write+0x340/0x340 [ 488.640785][ T4265] ? check_preemption_disabled+0x9e/0x330 [ 488.646493][ T4265] ? __fget+0x40c/0x4a0 [ 488.650636][ T4265] ? debug_smp_processor_id+0x20/0x20 [ 488.656001][ T4265] ? selinux_file_permission+0x2c2/0x530 [ 488.661624][ T4265] vfs_write+0x210/0x4f0 [ 488.665851][ T4265] ksys_write+0x198/0x2c0 [ 488.670170][ T4265] ? __ia32_sys_read+0x80/0x80 [ 488.674920][ T4265] do_syscall_64+0xcb/0x1c0 [ 488.679408][ T4265] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 488.685586][ T4265] memory: usage 4296kB, limit 0kB, failcnt 7010 [ 488.691815][ T4265] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 488.698657][ T4265] Memory cgroup stats for /syz0: [ 488.698736][ T4265] anon 4399104 [ 488.698736][ T4265] file 0 [ 488.698736][ T4265] kernel_stack 0 [ 488.698736][ T4265] slab 0 [ 488.698736][ T4265] sock 0 [ 488.698736][ T4265] shmem 0 [ 488.698736][ T4265] file_mapped 0 [ 488.698736][ T4265] file_dirty 0 [ 488.698736][ T4265] file_writeback 0 [ 488.698736][ T4265] anon_thp 0 [ 488.698736][ T4265] inactive_anon 0 [ 488.698736][ T4265] active_anon 4325376 [ 488.698736][ T4265] inactive_file 0 [ 488.698736][ T4265] active_file 0 [ 488.698736][ T4265] unevictable 0 [ 488.698736][ T4265] slab_reclaimable 0 [ 488.698736][ T4265] slab_unreclaimable 0 [ 488.698736][ T4265] pgfault 100386 [ 488.698736][ T4265] pgmajfault 0 [ 488.698736][ T4265] workingset_refault 0 [ 488.698736][ T4265] workingset_activate 0 [ 488.698736][ T4265] workingset_nodereclaim 0 [ 488.698736][ T4265] pgrefill 1683 [ 488.698736][ T4265] pgscan 1420 [ 488.698736][ T4265] pgsteal 0 [ 488.698736][ T4265] pgactivate 1419 [ 488.698736][ T4265] pgdeactivate 1683 [ 488.795408][ T4265] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4268,uid=0 [ 488.810573][ T4265] Memory cgroup out of memory: Killed process 4268 (syz-executor.0) total-vm:52744kB, anon-rss:4544kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:104kB oom_score_adj:1000 [ 488.885610][ T4277] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 488.893308][ T23] oom_reaper: reaped process 4268 (syz-executor.0), now anon-rss:0kB, file-rss:14336kB, shmem-rss:8kB [ 488.895838][ T4277] CPU: 0 PID: 4277 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 488.916857][ T4277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 488.926898][ T4277] Call Trace: [ 488.930178][ T4277] dump_stack+0x1d8/0x241 09:25:54 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 488.934495][ T4277] ? panic+0x73e/0x73e [ 488.938555][ T4277] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 488.944355][ T4277] ? _raw_spin_lock+0xa3/0x1b0 [ 488.949108][ T4277] ? asan.module_dtor+0x20/0x20 [ 488.953950][ T4277] dump_header+0xdb/0x700 [ 488.958270][ T4277] oom_kill_process+0xf0/0x2d0 [ 488.963057][ T4277] out_of_memory+0x666/0x940 [ 488.967640][ T4277] ? unregister_oom_notifier+0x20/0x20 [ 488.973117][ T4277] memory_max_write+0x528/0x600 [ 488.977958][ T4277] ? memory_max_show+0xa0/0xa0 09:25:54 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 488.982709][ T4277] ? memory_max_show+0xa0/0xa0 [ 488.987468][ T4277] cgroup_file_write+0x273/0x5c0 [ 488.992396][ T4277] ? cgroup_seqfile_stop+0xc0/0xc0 [ 488.997493][ T4277] ? kernfs_get+0x90/0x90 [ 489.001809][ T4277] ? cgroup_seqfile_stop+0xc0/0xc0 [ 489.006906][ T4277] kernfs_fop_write+0x2ec/0x3e0 [ 489.011785][ T4277] ? kernfs_fop_read+0x450/0x450 [ 489.016702][ T4277] __vfs_write+0x103/0x780 [ 489.021099][ T4277] ? __kernel_write+0x340/0x340 [ 489.025960][ T4277] ? check_preemption_disabled+0x9e/0x330 [ 489.031662][ T4277] ? __fget+0x40c/0x4a0 [ 489.035805][ T4277] ? debug_smp_processor_id+0x20/0x20 [ 489.041158][ T4277] ? selinux_file_permission+0x2c2/0x530 [ 489.046771][ T4277] vfs_write+0x210/0x4f0 [ 489.050993][ T4277] ksys_write+0x198/0x2c0 [ 489.055312][ T4277] ? __ia32_sys_read+0x80/0x80 [ 489.060056][ T4277] do_syscall_64+0xcb/0x1c0 [ 489.064541][ T4277] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 489.070681][ T4277] memory: usage 92kB, limit 0kB, failcnt 7012 [ 489.076778][ T4277] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 489.083607][ T4277] Memory cgroup stats for /syz0: [ 489.083684][ T4277] anon 102400 [ 489.083684][ T4277] file 0 [ 489.083684][ T4277] kernel_stack 0 [ 489.083684][ T4277] slab 0 [ 489.083684][ T4277] sock 0 [ 489.083684][ T4277] shmem 0 [ 489.083684][ T4277] file_mapped 0 [ 489.083684][ T4277] file_dirty 0 [ 489.083684][ T4277] file_writeback 0 [ 489.083684][ T4277] anon_thp 0 [ 489.083684][ T4277] inactive_anon 0 [ 489.083684][ T4277] active_anon 135168 [ 489.083684][ T4277] inactive_file 0 [ 489.083684][ T4277] active_file 0 [ 489.083684][ T4277] unevictable 0 [ 489.083684][ T4277] slab_reclaimable 0 [ 489.083684][ T4277] slab_unreclaimable 0 [ 489.083684][ T4277] pgfault 100386 [ 489.083684][ T4277] pgmajfault 0 [ 489.083684][ T4277] workingset_refault 0 [ 489.083684][ T4277] workingset_activate 0 [ 489.083684][ T4277] workingset_nodereclaim 0 [ 489.083684][ T4277] pgrefill 1683 [ 489.083684][ T4277] pgscan 1420 [ 489.083684][ T4277] pgsteal 0 [ 489.083684][ T4277] pgactivate 1419 [ 489.083684][ T4277] pgdeactivate 1683 [ 489.179657][ T4277] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4248,uid=0 [ 489.194900][ T4277] Memory cgroup out of memory: Killed process 4248 (syz-executor.0) total-vm:48508kB, anon-rss:444kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:0 [ 489.273840][ T4286] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 489.284028][ T4286] CPU: 1 PID: 4286 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 489.294420][ T4286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 489.304493][ T4286] Call Trace: [ 489.307776][ T4286] dump_stack+0x1d8/0x241 [ 489.312096][ T4286] ? panic+0x73e/0x73e [ 489.316157][ T4286] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 489.321964][ T4286] ? _raw_spin_lock+0xa3/0x1b0 [ 489.326731][ T4286] ? asan.module_dtor+0x20/0x20 [ 489.331573][ T4286] dump_header+0xdb/0x700 [ 489.335895][ T4286] oom_kill_process+0xf0/0x2d0 [ 489.340649][ T4286] out_of_memory+0x666/0x940 [ 489.345234][ T4286] ? unregister_oom_notifier+0x20/0x20 [ 489.350686][ T4286] memory_max_write+0x528/0x600 [ 489.355537][ T4286] ? memory_max_show+0xa0/0xa0 [ 489.360300][ T4286] ? memory_max_show+0xa0/0xa0 [ 489.365088][ T4286] cgroup_file_write+0x273/0x5c0 09:25:54 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:54 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:54 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 489.370031][ T4286] ? cgroup_seqfile_stop+0xc0/0xc0 [ 489.375134][ T4286] ? kernfs_get+0x90/0x90 [ 489.379460][ T4286] ? cgroup_seqfile_stop+0xc0/0xc0 [ 489.384565][ T4286] kernfs_fop_write+0x2ec/0x3e0 [ 489.389416][ T4286] ? kernfs_fop_read+0x450/0x450 [ 489.394350][ T4286] __vfs_write+0x103/0x780 [ 489.398768][ T4286] ? __kernel_write+0x340/0x340 [ 489.403608][ T4286] ? check_preemption_disabled+0x9e/0x330 [ 489.409317][ T4286] ? __fget+0x40c/0x4a0 [ 489.413472][ T4286] ? debug_smp_processor_id+0x20/0x20 [ 489.418838][ T4286] ? selinux_file_permission+0x2c2/0x530 [ 489.424461][ T4286] vfs_write+0x210/0x4f0 [ 489.428721][ T4286] ksys_write+0x198/0x2c0 [ 489.433041][ T4286] ? __ia32_sys_read+0x80/0x80 [ 489.437801][ T4286] do_syscall_64+0xcb/0x1c0 [ 489.442298][ T4286] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 489.448519][ T4286] memory: usage 48kB, limit 0kB, failcnt 7021 [ 489.454596][ T4286] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 489.461477][ T4286] Memory cgroup stats for /syz0: [ 489.461551][ T4286] anon 102400 [ 489.461551][ T4286] file 0 [ 489.461551][ T4286] kernel_stack 0 [ 489.461551][ T4286] slab 0 [ 489.461551][ T4286] sock 0 [ 489.461551][ T4286] shmem 0 [ 489.461551][ T4286] file_mapped 0 [ 489.461551][ T4286] file_dirty 0 [ 489.461551][ T4286] file_writeback 0 [ 489.461551][ T4286] anon_thp 0 [ 489.461551][ T4286] inactive_anon 0 [ 489.461551][ T4286] active_anon 135168 [ 489.461551][ T4286] inactive_file 0 [ 489.461551][ T4286] active_file 0 [ 489.461551][ T4286] unevictable 0 [ 489.461551][ T4286] slab_reclaimable 0 [ 489.461551][ T4286] slab_unreclaimable 0 [ 489.461551][ T4286] pgfault 100386 [ 489.461551][ T4286] pgmajfault 0 [ 489.461551][ T4286] workingset_refault 0 [ 489.461551][ T4286] workingset_activate 0 [ 489.461551][ T4286] workingset_nodereclaim 0 [ 489.461551][ T4286] pgrefill 1683 [ 489.461551][ T4286] pgscan 1453 [ 489.461551][ T4286] pgsteal 0 [ 489.461551][ T4286] pgactivate 1452 [ 489.461551][ T4286] pgdeactivate 1683 [ 489.557468][ T4286] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4284,uid=0 [ 489.572619][ T4286] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 489.582770][ T4286] CPU: 1 PID: 4286 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 489.592925][ T4286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 489.602966][ T4286] Call Trace: [ 489.606243][ T4286] dump_stack+0x1d8/0x241 [ 489.610558][ T4286] ? panic+0x73e/0x73e [ 489.614611][ T4286] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 489.620427][ T4286] ? _raw_spin_trylock_bh+0x190/0x190 [ 489.625782][ T4286] dump_header+0xdb/0x700 [ 489.630096][ T4286] out_of_memory+0x6d0/0x940 [ 489.634681][ T4286] ? unregister_oom_notifier+0x20/0x20 [ 489.640137][ T4286] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 489.645929][ T4286] memory_max_write+0x528/0x600 [ 489.650860][ T4286] ? memory_max_show+0xa0/0xa0 [ 489.655620][ T4286] ? memory_max_show+0xa0/0xa0 [ 489.660374][ T4286] cgroup_file_write+0x273/0x5c0 [ 489.665392][ T4286] ? cgroup_seqfile_stop+0xc0/0xc0 [ 489.670496][ T4286] ? kernfs_get+0x90/0x90 [ 489.674816][ T4286] ? cgroup_seqfile_stop+0xc0/0xc0 [ 489.679918][ T4286] kernfs_fop_write+0x2ec/0x3e0 [ 489.684755][ T4286] ? kernfs_fop_read+0x450/0x450 [ 489.689675][ T4286] __vfs_write+0x103/0x780 [ 489.694076][ T4286] ? __kernel_write+0x340/0x340 [ 489.699009][ T4286] ? check_preemption_disabled+0x9e/0x330 [ 489.704804][ T4286] ? __fget+0x40c/0x4a0 [ 489.708954][ T4286] ? debug_smp_processor_id+0x20/0x20 [ 489.714312][ T4286] ? selinux_file_permission+0x2c2/0x530 [ 489.719932][ T4286] vfs_write+0x210/0x4f0 [ 489.724162][ T4286] ksys_write+0x198/0x2c0 [ 489.728483][ T4286] ? __ia32_sys_read+0x80/0x80 [ 489.733234][ T4286] do_syscall_64+0xcb/0x1c0 [ 489.737725][ T4286] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 489.743628][ T4286] memory: usage 48kB, limit 0kB, failcnt 7021 [ 489.749737][ T4286] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 489.756582][ T4286] Memory cgroup stats for /syz0: [ 489.756654][ T4286] anon 102400 [ 489.756654][ T4286] file 0 [ 489.756654][ T4286] kernel_stack 0 [ 489.756654][ T4286] slab 0 [ 489.756654][ T4286] sock 0 [ 489.756654][ T4286] shmem 0 [ 489.756654][ T4286] file_mapped 0 [ 489.756654][ T4286] file_dirty 0 [ 489.756654][ T4286] file_writeback 0 [ 489.756654][ T4286] anon_thp 0 [ 489.756654][ T4286] inactive_anon 0 [ 489.756654][ T4286] active_anon 135168 [ 489.756654][ T4286] inactive_file 0 [ 489.756654][ T4286] active_file 0 [ 489.756654][ T4286] unevictable 0 [ 489.756654][ T4286] slab_reclaimable 0 [ 489.756654][ T4286] slab_unreclaimable 0 [ 489.756654][ T4286] pgfault 100386 [ 489.756654][ T4286] pgmajfault 0 [ 489.756654][ T4286] workingset_refault 0 [ 489.756654][ T4286] workingset_activate 0 [ 489.756654][ T4286] workingset_nodereclaim 0 [ 489.756654][ T4286] pgrefill 1716 [ 489.756654][ T4286] pgscan 1453 [ 489.756654][ T4286] pgsteal 0 [ 489.756654][ T4286] pgactivate 1452 [ 489.756654][ T4286] pgdeactivate 1716 [ 489.852463][ T4286] Out of memory and no killable processes... [ 489.860732][ T4295] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 489.871349][ T4295] CPU: 1 PID: 4295 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 489.881580][ T4295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 489.891620][ T4295] Call Trace: [ 489.894899][ T4295] dump_stack+0x1d8/0x241 [ 489.899218][ T4295] ? panic+0x73e/0x73e [ 489.903346][ T4295] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 489.909125][ T4295] dump_header+0xdb/0x700 [ 489.913427][ T4295] out_of_memory+0x6d0/0x940 [ 489.917993][ T4295] ? unregister_oom_notifier+0x20/0x20 [ 489.923423][ T4295] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 489.929212][ T4295] memory_max_write+0x528/0x600 [ 489.934037][ T4295] ? memory_max_show+0xa0/0xa0 [ 489.938774][ T4295] ? memory_max_show+0xa0/0xa0 [ 489.943509][ T4295] cgroup_file_write+0x273/0x5c0 [ 489.948420][ T4295] ? cgroup_seqfile_stop+0xc0/0xc0 [ 489.953503][ T4295] ? kernfs_get+0x90/0x90 [ 489.957810][ T4295] ? cgroup_seqfile_stop+0xc0/0xc0 [ 489.962983][ T4295] kernfs_fop_write+0x2ec/0x3e0 [ 489.967914][ T4295] ? kernfs_fop_read+0x450/0x450 [ 489.972824][ T4295] __vfs_write+0x103/0x780 [ 489.977216][ T4295] ? __kernel_write+0x340/0x340 [ 489.982039][ T4295] ? check_preemption_disabled+0x9e/0x330 [ 489.987730][ T4295] ? __fget+0x40c/0x4a0 [ 489.991858][ T4295] ? debug_smp_processor_id+0x20/0x20 [ 489.997207][ T4295] ? selinux_file_permission+0x2c2/0x530 [ 490.002815][ T4295] vfs_write+0x210/0x4f0 [ 490.007035][ T4295] ksys_write+0x198/0x2c0 [ 490.011339][ T4295] ? __ia32_sys_read+0x80/0x80 [ 490.016079][ T4295] do_syscall_64+0xcb/0x1c0 [ 490.020573][ T4295] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 09:25:55 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 490.028402][ T4295] memory: usage 48kB, limit 0kB, failcnt 7021 [ 490.035180][ T4295] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 490.042337][ T4295] Memory cgroup stats for /syz0: [ 490.042411][ T4295] anon 102400 [ 490.042411][ T4295] file 0 [ 490.042411][ T4295] kernel_stack 0 [ 490.042411][ T4295] slab 0 [ 490.042411][ T4295] sock 0 [ 490.042411][ T4295] shmem 0 [ 490.042411][ T4295] file_mapped 0 [ 490.042411][ T4295] file_dirty 0 [ 490.042411][ T4295] file_writeback 0 [ 490.042411][ T4295] anon_thp 0 [ 490.042411][ T4295] inactive_anon 0 [ 490.042411][ T4295] active_anon 135168 [ 490.042411][ T4295] inactive_file 0 [ 490.042411][ T4295] active_file 0 [ 490.042411][ T4295] unevictable 0 [ 490.042411][ T4295] slab_reclaimable 0 [ 490.042411][ T4295] slab_unreclaimable 0 [ 490.042411][ T4295] pgfault 100386 [ 490.042411][ T4295] pgmajfault 0 [ 490.042411][ T4295] workingset_refault 0 [ 490.042411][ T4295] workingset_activate 0 [ 490.042411][ T4295] workingset_nodereclaim 0 [ 490.042411][ T4295] pgrefill 1716 [ 490.042411][ T4295] pgscan 1453 [ 490.042411][ T4295] pgsteal 0 [ 490.042411][ T4295] pgactivate 1452 [ 490.042411][ T4295] pgdeactivate 1716 [ 490.138547][ T4295] Out of memory and no killable processes... [ 490.144642][ T4297] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 490.154903][ T4297] CPU: 0 PID: 4297 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 490.165035][ T4297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 490.175774][ T4297] Call Trace: [ 490.179060][ T4297] dump_stack+0x1d8/0x241 [ 490.183380][ T4297] ? panic+0x73e/0x73e [ 490.187437][ T4297] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 490.193228][ T4297] dump_header+0xdb/0x700 [ 490.197548][ T4297] out_of_memory+0x6d0/0x940 [ 490.202128][ T4297] ? unregister_oom_notifier+0x20/0x20 [ 490.207584][ T4297] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 490.213990][ T4297] memory_max_write+0x528/0x600 [ 490.218832][ T4297] ? memory_max_show+0xa0/0xa0 [ 490.223594][ T4297] ? memory_max_show+0xa0/0xa0 [ 490.228352][ T4297] cgroup_file_write+0x273/0x5c0 [ 490.233286][ T4297] ? cgroup_seqfile_stop+0xc0/0xc0 [ 490.238475][ T4297] ? kernfs_get+0x90/0x90 [ 490.242795][ T4297] ? cgroup_seqfile_stop+0xc0/0xc0 [ 490.247899][ T4297] kernfs_fop_write+0x2ec/0x3e0 [ 490.252741][ T4297] ? kernfs_fop_read+0x450/0x450 [ 490.257665][ T4297] __vfs_write+0x103/0x780 [ 490.262154][ T4297] ? __kernel_write+0x340/0x340 [ 490.266989][ T4297] ? check_preemption_disabled+0x9e/0x330 [ 490.272777][ T4297] ? __fget+0x40c/0x4a0 [ 490.276920][ T4297] ? debug_smp_processor_id+0x20/0x20 [ 490.282277][ T4297] ? selinux_file_permission+0x2c2/0x530 [ 490.287895][ T4297] vfs_write+0x210/0x4f0 [ 490.292121][ T4297] ksys_write+0x198/0x2c0 [ 490.296611][ T4297] ? __ia32_sys_read+0x80/0x80 [ 490.301368][ T4297] do_syscall_64+0xcb/0x1c0 [ 490.305867][ T4297] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 490.311795][ T4297] memory: usage 48kB, limit 0kB, failcnt 7021 [ 490.317953][ T4297] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 490.324909][ T4297] Memory cgroup stats for /syz0: [ 490.324980][ T4297] anon 102400 [ 490.324980][ T4297] file 0 [ 490.324980][ T4297] kernel_stack 0 [ 490.324980][ T4297] slab 0 [ 490.324980][ T4297] sock 0 [ 490.324980][ T4297] shmem 0 [ 490.324980][ T4297] file_mapped 0 [ 490.324980][ T4297] file_dirty 0 [ 490.324980][ T4297] file_writeback 0 [ 490.324980][ T4297] anon_thp 0 [ 490.324980][ T4297] inactive_anon 0 [ 490.324980][ T4297] active_anon 135168 [ 490.324980][ T4297] inactive_file 0 [ 490.324980][ T4297] active_file 0 [ 490.324980][ T4297] unevictable 0 [ 490.324980][ T4297] slab_reclaimable 0 [ 490.324980][ T4297] slab_unreclaimable 0 [ 490.324980][ T4297] pgfault 100386 [ 490.324980][ T4297] pgmajfault 0 [ 490.324980][ T4297] workingset_refault 0 [ 490.324980][ T4297] workingset_activate 0 [ 490.324980][ T4297] workingset_nodereclaim 0 [ 490.324980][ T4297] pgrefill 1716 [ 490.324980][ T4297] pgscan 1453 [ 490.324980][ T4297] pgsteal 0 [ 490.324980][ T4297] pgactivate 1452 [ 490.324980][ T4297] pgdeactivate 1716 [ 490.421783][ T4297] Out of memory and no killable processes... [ 490.441723][ T4303] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 490.452176][ T4303] CPU: 0 PID: 4303 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 490.462312][ T4303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 490.472363][ T4303] Call Trace: [ 490.475644][ T4303] dump_stack+0x1d8/0x241 [ 490.479961][ T4303] ? panic+0x73e/0x73e [ 490.484005][ T4303] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 490.489972][ T4303] dump_header+0xdb/0x700 [ 490.494286][ T4303] out_of_memory+0x6d0/0x940 [ 490.498858][ T4303] ? unregister_oom_notifier+0x20/0x20 [ 490.504295][ T4303] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 490.510074][ T4303] memory_max_write+0x528/0x600 [ 490.515090][ T4303] ? memory_max_show+0xa0/0xa0 [ 490.519829][ T4303] ? memory_max_show+0xa0/0xa0 [ 490.524589][ T4303] cgroup_file_write+0x273/0x5c0 [ 490.529499][ T4303] ? cgroup_seqfile_stop+0xc0/0xc0 [ 490.534603][ T4303] ? kernfs_get+0x90/0x90 [ 490.538923][ T4303] ? cgroup_seqfile_stop+0xc0/0xc0 [ 490.544027][ T4303] kernfs_fop_write+0x2ec/0x3e0 [ 490.548857][ T4303] ? kernfs_fop_read+0x450/0x450 [ 490.553771][ T4303] __vfs_write+0x103/0x780 [ 490.558158][ T4303] ? __kernel_write+0x340/0x340 [ 490.563000][ T4303] ? check_preemption_disabled+0x9e/0x330 [ 490.568776][ T4303] ? __fget+0x40c/0x4a0 [ 490.572908][ T4303] ? debug_smp_processor_id+0x20/0x20 [ 490.578252][ T4303] ? selinux_file_permission+0x2c2/0x530 [ 490.583859][ T4303] vfs_write+0x210/0x4f0 [ 490.588091][ T4303] ksys_write+0x198/0x2c0 [ 490.592395][ T4303] ? __ia32_sys_read+0x80/0x80 [ 490.597135][ T4303] do_syscall_64+0xcb/0x1c0 [ 490.602508][ T4303] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 490.608444][ T4303] memory: usage 48kB, limit 0kB, failcnt 7021 [ 490.614501][ T4303] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 490.621465][ T4303] Memory cgroup stats for /syz0: [ 490.621589][ T4303] anon 102400 [ 490.621589][ T4303] file 0 [ 490.621589][ T4303] kernel_stack 0 [ 490.621589][ T4303] slab 0 [ 490.621589][ T4303] sock 0 [ 490.621589][ T4303] shmem 0 [ 490.621589][ T4303] file_mapped 0 [ 490.621589][ T4303] file_dirty 0 [ 490.621589][ T4303] file_writeback 0 [ 490.621589][ T4303] anon_thp 0 [ 490.621589][ T4303] inactive_anon 0 [ 490.621589][ T4303] active_anon 135168 [ 490.621589][ T4303] inactive_file 0 [ 490.621589][ T4303] active_file 0 [ 490.621589][ T4303] unevictable 0 [ 490.621589][ T4303] slab_reclaimable 0 [ 490.621589][ T4303] slab_unreclaimable 0 [ 490.621589][ T4303] pgfault 100386 [ 490.621589][ T4303] pgmajfault 0 [ 490.621589][ T4303] workingset_refault 0 [ 490.621589][ T4303] workingset_activate 0 [ 490.621589][ T4303] workingset_nodereclaim 0 [ 490.621589][ T4303] pgrefill 1716 [ 490.621589][ T4303] pgscan 1453 [ 490.621589][ T4303] pgsteal 0 [ 490.621589][ T4303] pgactivate 1452 [ 490.621589][ T4303] pgdeactivate 1716 [ 490.717545][ T4303] Out of memory and no killable processes... 09:25:56 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:56 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(r0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:56 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:25:56 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 491.045246][ T4309] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 491.055459][ T4309] CPU: 0 PID: 4309 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 491.065592][ T4309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 491.075632][ T4309] Call Trace: [ 491.078911][ T4309] dump_stack+0x1d8/0x241 [ 491.083238][ T4309] ? panic+0x73e/0x73e [ 491.087302][ T4309] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 491.093102][ T4309] dump_header+0xdb/0x700 [ 491.097418][ T4309] out_of_memory+0x6d0/0x940 [ 491.101988][ T4309] ? unregister_oom_notifier+0x20/0x20 [ 491.107514][ T4309] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 491.113305][ T4309] memory_max_write+0x528/0x600 [ 491.118228][ T4309] ? memory_max_show+0xa0/0xa0 [ 491.122972][ T4309] ? memory_max_show+0xa0/0xa0 [ 491.127716][ T4309] cgroup_file_write+0x273/0x5c0 [ 491.132636][ T4309] ? cgroup_seqfile_stop+0xc0/0xc0 [ 491.137728][ T4309] ? kernfs_get+0x90/0x90 [ 491.142040][ T4309] ? cgroup_seqfile_stop+0xc0/0xc0 [ 491.147140][ T4309] kernfs_fop_write+0x2ec/0x3e0 [ 491.151983][ T4309] ? kernfs_fop_read+0x450/0x450 [ 491.156917][ T4309] __vfs_write+0x103/0x780 [ 491.161321][ T4309] ? __kernel_write+0x340/0x340 [ 491.166154][ T4309] ? check_preemption_disabled+0x9e/0x330 [ 491.171861][ T4309] ? __fget+0x40c/0x4a0 [ 491.176003][ T4309] ? debug_smp_processor_id+0x20/0x20 [ 491.181378][ T4309] ? selinux_file_permission+0x2c2/0x530 [ 491.186996][ T4309] vfs_write+0x210/0x4f0 [ 491.191222][ T4309] ksys_write+0x198/0x2c0 09:25:56 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 491.195533][ T4309] ? __ia32_sys_read+0x80/0x80 [ 491.200283][ T4309] do_syscall_64+0xcb/0x1c0 [ 491.204770][ T4309] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 491.210825][ T4309] memory: usage 48kB, limit 0kB, failcnt 7021 [ 491.217282][ T4309] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 491.224118][ T4309] Memory cgroup stats for /syz0: [ 491.224190][ T4309] anon 102400 [ 491.224190][ T4309] file 0 [ 491.224190][ T4309] kernel_stack 0 [ 491.224190][ T4309] slab 0 [ 491.224190][ T4309] sock 0 [ 491.224190][ T4309] shmem 0 [ 491.224190][ T4309] file_mapped 0 [ 491.224190][ T4309] file_dirty 0 [ 491.224190][ T4309] file_writeback 0 [ 491.224190][ T4309] anon_thp 0 [ 491.224190][ T4309] inactive_anon 0 [ 491.224190][ T4309] active_anon 135168 [ 491.224190][ T4309] inactive_file 0 [ 491.224190][ T4309] active_file 0 [ 491.224190][ T4309] unevictable 0 [ 491.224190][ T4309] slab_reclaimable 0 [ 491.224190][ T4309] slab_unreclaimable 0 [ 491.224190][ T4309] pgfault 100386 [ 491.224190][ T4309] pgmajfault 0 [ 491.224190][ T4309] workingset_refault 0 [ 491.224190][ T4309] workingset_activate 0 [ 491.224190][ T4309] workingset_nodereclaim 0 [ 491.224190][ T4309] pgrefill 1716 [ 491.224190][ T4309] pgscan 1453 [ 491.224190][ T4309] pgsteal 0 [ 491.224190][ T4309] pgactivate 1452 [ 491.224190][ T4309] pgdeactivate 1716 [ 491.320279][ T4309] Out of memory and no killable processes... [ 491.326308][ T4308] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 491.336515][ T4308] CPU: 1 PID: 4308 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 491.346735][ T4308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 491.356776][ T4308] Call Trace: [ 491.360058][ T4308] dump_stack+0x1d8/0x241 [ 491.364376][ T4308] ? panic+0x73e/0x73e [ 491.368433][ T4308] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 491.374224][ T4308] dump_header+0xdb/0x700 [ 491.378632][ T4308] out_of_memory+0x6d0/0x940 [ 491.383210][ T4308] ? unregister_oom_notifier+0x20/0x20 [ 491.388655][ T4308] memory_max_write+0x528/0x600 [ 491.393497][ T4308] ? memory_max_show+0xa0/0xa0 [ 491.398253][ T4308] ? memory_max_show+0xa0/0xa0 [ 491.403000][ T4308] cgroup_file_write+0x273/0x5c0 [ 491.407926][ T4308] ? cgroup_seqfile_stop+0xc0/0xc0 [ 491.413023][ T4308] ? kernfs_get+0x90/0x90 [ 491.417344][ T4308] ? cgroup_seqfile_stop+0xc0/0xc0 [ 491.422437][ T4308] kernfs_fop_write+0x2ec/0x3e0 [ 491.427276][ T4308] ? kernfs_fop_read+0x450/0x450 [ 491.432198][ T4308] __vfs_write+0x103/0x780 [ 491.436601][ T4308] ? __kernel_write+0x340/0x340 [ 491.441436][ T4308] ? check_preemption_disabled+0x9e/0x330 [ 491.447136][ T4308] ? __fget+0x40c/0x4a0 [ 491.451272][ T4308] ? debug_smp_processor_id+0x20/0x20 [ 491.456631][ T4308] ? selinux_file_permission+0x2c2/0x530 [ 491.462253][ T4308] vfs_write+0x210/0x4f0 [ 491.466480][ T4308] ksys_write+0x198/0x2c0 [ 491.470797][ T4308] ? __ia32_sys_read+0x80/0x80 [ 491.475545][ T4308] do_syscall_64+0xcb/0x1c0 [ 491.480035][ T4308] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 491.486338][ T4308] memory: usage 48kB, limit 0kB, failcnt 7021 [ 491.492392][ T4308] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 491.499250][ T4308] Memory cgroup stats for /syz0: [ 491.499322][ T4308] anon 102400 [ 491.499322][ T4308] file 0 [ 491.499322][ T4308] kernel_stack 0 [ 491.499322][ T4308] slab 0 [ 491.499322][ T4308] sock 0 [ 491.499322][ T4308] shmem 0 [ 491.499322][ T4308] file_mapped 0 [ 491.499322][ T4308] file_dirty 0 [ 491.499322][ T4308] file_writeback 0 [ 491.499322][ T4308] anon_thp 0 [ 491.499322][ T4308] inactive_anon 0 [ 491.499322][ T4308] active_anon 135168 [ 491.499322][ T4308] inactive_file 0 [ 491.499322][ T4308] active_file 0 [ 491.499322][ T4308] unevictable 0 [ 491.499322][ T4308] slab_reclaimable 0 [ 491.499322][ T4308] slab_unreclaimable 0 [ 491.499322][ T4308] pgfault 100386 [ 491.499322][ T4308] pgmajfault 0 [ 491.499322][ T4308] workingset_refault 0 [ 491.499322][ T4308] workingset_activate 0 [ 491.499322][ T4308] workingset_nodereclaim 0 [ 491.499322][ T4308] pgrefill 1716 [ 491.499322][ T4308] pgscan 1453 [ 491.499322][ T4308] pgsteal 0 [ 491.499322][ T4308] pgactivate 1452 [ 491.499322][ T4308] pgdeactivate 1716 [ 491.595028][ T4308] Out of memory and no killable processes... [ 491.642216][ T4314] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 491.652423][ T4314] CPU: 0 PID: 4314 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 491.662728][ T4314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 491.673131][ T4314] Call Trace: [ 491.676419][ T4314] dump_stack+0x1d8/0x241 [ 491.680751][ T4314] ? panic+0x73e/0x73e [ 491.684847][ T4314] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 491.690643][ T4314] dump_header+0xdb/0x700 [ 491.694960][ T4314] out_of_memory+0x6d0/0x940 [ 491.699598][ T4314] ? unregister_oom_notifier+0x20/0x20 [ 491.705045][ T4314] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 491.710839][ T4314] memory_max_write+0x528/0x600 [ 491.715684][ T4314] ? memory_max_show+0xa0/0xa0 [ 491.720432][ T4314] ? memory_max_show+0xa0/0xa0 [ 491.725179][ T4314] cgroup_file_write+0x273/0x5c0 [ 491.730112][ T4314] ? cgroup_seqfile_stop+0xc0/0xc0 [ 491.735208][ T4314] ? kernfs_get+0x90/0x90 [ 491.739530][ T4314] ? cgroup_seqfile_stop+0xc0/0xc0 [ 491.744626][ T4314] kernfs_fop_write+0x2ec/0x3e0 [ 491.749466][ T4314] ? kernfs_fop_read+0x450/0x450 [ 491.754391][ T4314] __vfs_write+0x103/0x780 [ 491.758793][ T4314] ? __kernel_write+0x340/0x340 [ 491.763630][ T4314] ? check_preemption_disabled+0x9e/0x330 [ 491.769333][ T4314] ? __fget+0x40c/0x4a0 [ 491.773500][ T4314] ? debug_smp_processor_id+0x20/0x20 [ 491.778853][ T4314] ? selinux_file_permission+0x2c2/0x530 [ 491.784466][ T4314] vfs_write+0x210/0x4f0 [ 491.788720][ T4314] ksys_write+0x198/0x2c0 [ 491.793045][ T4314] ? __ia32_sys_read+0x80/0x80 [ 491.797791][ T4314] do_syscall_64+0xcb/0x1c0 [ 491.802283][ T4314] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 491.808202][ T4314] memory: usage 48kB, limit 0kB, failcnt 7021 [ 491.814353][ T4314] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 491.821307][ T4314] Memory cgroup stats for /syz0: [ 491.821380][ T4314] anon 102400 [ 491.821380][ T4314] file 0 [ 491.821380][ T4314] kernel_stack 0 [ 491.821380][ T4314] slab 0 [ 491.821380][ T4314] sock 0 [ 491.821380][ T4314] shmem 0 [ 491.821380][ T4314] file_mapped 0 [ 491.821380][ T4314] file_dirty 0 [ 491.821380][ T4314] file_writeback 0 [ 491.821380][ T4314] anon_thp 0 [ 491.821380][ T4314] inactive_anon 0 [ 491.821380][ T4314] active_anon 135168 [ 491.821380][ T4314] inactive_file 0 [ 491.821380][ T4314] active_file 0 [ 491.821380][ T4314] unevictable 0 [ 491.821380][ T4314] slab_reclaimable 0 [ 491.821380][ T4314] slab_unreclaimable 0 [ 491.821380][ T4314] pgfault 100386 [ 491.821380][ T4314] pgmajfault 0 [ 491.821380][ T4314] workingset_refault 0 [ 491.821380][ T4314] workingset_activate 0 [ 491.821380][ T4314] workingset_nodereclaim 0 [ 491.821380][ T4314] pgrefill 1716 [ 491.821380][ T4314] pgscan 1453 [ 491.821380][ T4314] pgsteal 0 [ 491.821380][ T4314] pgactivate 1452 [ 491.821380][ T4314] pgdeactivate 1716 [ 491.917160][ T4314] Out of memory and no killable processes... [ 492.255091][ T172] device bridge_slave_1 left promiscuous mode [ 492.262334][ T172] bridge0: port 2(bridge_slave_1) entered disabled state [ 492.277171][ T172] device bridge_slave_0 left promiscuous mode [ 492.286547][ T172] bridge0: port 1(bridge_slave_0) entered disabled state 09:25:58 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000940)='tmpfs\x00', 0x0, 0x0) 09:25:58 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:58 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(r0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:58 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:25:58 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r0, &(0x7f0000000700)=[{{&(0x7f00000000c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}}], 0x1, 0x0) [ 492.756641][ T22] audit: type=1400 audit(1675589158.330:184): avc: denied { mount } for pid=4315 comm="syz-executor.1" name="/" dev="tmpfs" ino=34682 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 492.781136][ T22] audit: type=1400 audit(1675589158.360:185): avc: denied { unmount } for pid=320 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 09:25:58 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bind$inet6(r0, &(0x7f00000004c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c) [ 492.809186][ T4329] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 492.819374][ T4329] CPU: 1 PID: 4329 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 492.829499][ T4329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 492.839569][ T4329] Call Trace: [ 492.842849][ T4329] dump_stack+0x1d8/0x241 [ 492.847201][ T4329] ? panic+0x73e/0x73e [ 492.851254][ T4329] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 492.857047][ T4329] dump_header+0xdb/0x700 [ 492.861358][ T4329] out_of_memory+0x6d0/0x940 [ 492.865931][ T4329] ? unregister_oom_notifier+0x20/0x20 [ 492.871372][ T4329] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 492.877172][ T4329] memory_max_write+0x528/0x600 [ 492.882003][ T4329] ? memory_max_show+0xa0/0xa0 [ 492.886750][ T4329] ? memory_max_show+0xa0/0xa0 [ 492.891492][ T4329] cgroup_file_write+0x273/0x5c0 [ 492.896409][ T4329] ? cgroup_seqfile_stop+0xc0/0xc0 [ 492.901502][ T4329] ? kernfs_get+0x90/0x90 [ 492.905813][ T4329] ? cgroup_seqfile_stop+0xc0/0xc0 [ 492.910906][ T4329] kernfs_fop_write+0x2ec/0x3e0 [ 492.915742][ T4329] ? kernfs_fop_read+0x450/0x450 [ 492.920664][ T4329] __vfs_write+0x103/0x780 [ 492.925067][ T4329] ? __kernel_write+0x340/0x340 [ 492.929902][ T4329] ? check_preemption_disabled+0x9e/0x330 [ 492.935604][ T4329] ? __fget+0x40c/0x4a0 [ 492.939741][ T4329] ? debug_smp_processor_id+0x20/0x20 [ 492.945095][ T4329] ? selinux_file_permission+0x2c2/0x530 [ 492.950710][ T4329] vfs_write+0x210/0x4f0 [ 492.954949][ T4329] ksys_write+0x198/0x2c0 [ 492.959268][ T4329] ? __ia32_sys_read+0x80/0x80 [ 492.964014][ T4329] do_syscall_64+0xcb/0x1c0 [ 492.968510][ T4329] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 492.974468][ T4329] memory: usage 48kB, limit 0kB, failcnt 7021 [ 492.980576][ T4329] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 492.987451][ T4329] Memory cgroup stats for /syz0: [ 492.987572][ T4329] anon 102400 [ 492.987572][ T4329] file 0 [ 492.987572][ T4329] kernel_stack 0 [ 492.987572][ T4329] slab 0 [ 492.987572][ T4329] sock 0 [ 492.987572][ T4329] shmem 0 [ 492.987572][ T4329] file_mapped 0 [ 492.987572][ T4329] file_dirty 0 [ 492.987572][ T4329] file_writeback 0 [ 492.987572][ T4329] anon_thp 0 [ 492.987572][ T4329] inactive_anon 0 [ 492.987572][ T4329] active_anon 135168 [ 492.987572][ T4329] inactive_file 0 [ 492.987572][ T4329] active_file 0 [ 492.987572][ T4329] unevictable 0 [ 492.987572][ T4329] slab_reclaimable 0 [ 492.987572][ T4329] slab_unreclaimable 0 [ 492.987572][ T4329] pgfault 100386 [ 492.987572][ T4329] pgmajfault 0 [ 492.987572][ T4329] workingset_refault 0 [ 492.987572][ T4329] workingset_activate 0 [ 492.987572][ T4329] workingset_nodereclaim 0 [ 492.987572][ T4329] pgrefill 1716 [ 492.987572][ T4329] pgscan 1453 [ 492.987572][ T4329] pgsteal 0 [ 492.987572][ T4329] pgactivate 1452 [ 492.987572][ T4329] pgdeactivate 1716 [ 493.083329][ T4329] Out of memory and no killable processes... [ 493.095256][ T4334] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 493.105447][ T4334] CPU: 1 PID: 4334 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 493.115572][ T4334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 493.125610][ T4334] Call Trace: [ 493.128893][ T4334] dump_stack+0x1d8/0x241 [ 493.133207][ T4334] ? panic+0x73e/0x73e [ 493.137247][ T4334] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 493.143045][ T4334] dump_header+0xdb/0x700 [ 493.147354][ T4334] out_of_memory+0x6d0/0x940 [ 493.151914][ T4334] ? unregister_oom_notifier+0x20/0x20 [ 493.157429][ T4334] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 493.163294][ T4334] memory_max_write+0x528/0x600 [ 493.168119][ T4334] ? memory_max_show+0xa0/0xa0 [ 493.172868][ T4334] ? memory_max_show+0xa0/0xa0 [ 493.177608][ T4334] cgroup_file_write+0x273/0x5c0 [ 493.182518][ T4334] ? cgroup_seqfile_stop+0xc0/0xc0 [ 493.187602][ T4334] ? kernfs_get+0x90/0x90 [ 493.191905][ T4334] ? cgroup_seqfile_stop+0xc0/0xc0 [ 493.197000][ T4334] kernfs_fop_write+0x2ec/0x3e0 [ 493.201823][ T4334] ? kernfs_fop_read+0x450/0x450 [ 493.206729][ T4334] __vfs_write+0x103/0x780 [ 493.211117][ T4334] ? __kernel_write+0x340/0x340 [ 493.215941][ T4334] ? check_preemption_disabled+0x9e/0x330 [ 493.221641][ T4334] ? __fget+0x40c/0x4a0 [ 493.225766][ T4334] ? debug_smp_processor_id+0x20/0x20 [ 493.231780][ T4334] ? selinux_file_permission+0x2c2/0x530 [ 493.237391][ T4334] vfs_write+0x210/0x4f0 [ 493.241615][ T4334] ksys_write+0x198/0x2c0 [ 493.245926][ T4334] ? __ia32_sys_read+0x80/0x80 [ 493.250667][ T4334] do_syscall_64+0xcb/0x1c0 [ 493.255172][ T4334] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 493.261112][ T4334] memory: usage 48kB, limit 0kB, failcnt 7021 [ 493.267181][ T4334] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 493.274007][ T4334] Memory cgroup stats for /syz0: [ 493.274129][ T4334] anon 102400 [ 493.274129][ T4334] file 0 [ 493.274129][ T4334] kernel_stack 0 [ 493.274129][ T4334] slab 0 [ 493.274129][ T4334] sock 0 [ 493.274129][ T4334] shmem 0 [ 493.274129][ T4334] file_mapped 0 [ 493.274129][ T4334] file_dirty 0 [ 493.274129][ T4334] file_writeback 0 [ 493.274129][ T4334] anon_thp 0 [ 493.274129][ T4334] inactive_anon 0 [ 493.274129][ T4334] active_anon 135168 [ 493.274129][ T4334] inactive_file 0 [ 493.274129][ T4334] active_file 0 [ 493.274129][ T4334] unevictable 0 [ 493.274129][ T4334] slab_reclaimable 0 [ 493.274129][ T4334] slab_unreclaimable 0 [ 493.274129][ T4334] pgfault 100386 [ 493.274129][ T4334] pgmajfault 0 [ 493.274129][ T4334] workingset_refault 0 [ 493.274129][ T4334] workingset_activate 0 [ 493.274129][ T4334] workingset_nodereclaim 0 [ 493.274129][ T4334] pgrefill 1716 [ 493.274129][ T4334] pgscan 1453 [ 493.274129][ T4334] pgsteal 0 [ 493.274129][ T4334] pgactivate 1452 [ 493.274129][ T4334] pgdeactivate 1716 [ 493.370671][ T4334] Out of memory and no killable processes... [ 493.380510][ T4331] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 493.391319][ T4331] CPU: 1 PID: 4331 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 493.401453][ T4331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 493.411491][ T4331] Call Trace: [ 493.414767][ T4331] dump_stack+0x1d8/0x241 [ 493.419080][ T4331] ? panic+0x73e/0x73e [ 493.423134][ T4331] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 493.428923][ T4331] dump_header+0xdb/0x700 [ 493.433233][ T4331] out_of_memory+0x6d0/0x940 [ 493.437807][ T4331] ? unregister_oom_notifier+0x20/0x20 [ 493.443309][ T4331] memory_max_write+0x528/0x600 [ 493.448138][ T4331] ? memory_max_show+0xa0/0xa0 [ 493.452883][ T4331] ? memory_max_show+0xa0/0xa0 [ 493.457624][ T4331] cgroup_file_write+0x273/0x5c0 [ 493.462541][ T4331] ? cgroup_seqfile_stop+0xc0/0xc0 [ 493.467632][ T4331] ? kernfs_get+0x90/0x90 [ 493.471944][ T4331] ? cgroup_seqfile_stop+0xc0/0xc0 [ 493.477039][ T4331] kernfs_fop_write+0x2ec/0x3e0 [ 493.481870][ T4331] ? kernfs_fop_read+0x450/0x450 [ 493.486784][ T4331] __vfs_write+0x103/0x780 [ 493.491184][ T4331] ? __kernel_write+0x340/0x340 [ 493.496013][ T4331] ? check_preemption_disabled+0x9e/0x330 [ 493.501717][ T4331] ? __fget+0x40c/0x4a0 [ 493.505853][ T4331] ? debug_smp_processor_id+0x20/0x20 [ 493.511203][ T4331] ? selinux_file_permission+0x2c2/0x530 [ 493.516850][ T4331] vfs_write+0x210/0x4f0 [ 493.521092][ T4331] ksys_write+0x198/0x2c0 [ 493.525402][ T4331] ? __ia32_sys_read+0x80/0x80 [ 493.530155][ T4331] do_syscall_64+0xcb/0x1c0 [ 493.534640][ T4331] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 493.540564][ T4331] memory: usage 48kB, limit 0kB, failcnt 7021 [ 493.546637][ T4331] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 493.553470][ T4331] Memory cgroup stats for /syz0: [ 493.553587][ T4331] anon 102400 [ 493.553587][ T4331] file 0 [ 493.553587][ T4331] kernel_stack 0 [ 493.553587][ T4331] slab 0 [ 493.553587][ T4331] sock 0 [ 493.553587][ T4331] shmem 0 [ 493.553587][ T4331] file_mapped 0 [ 493.553587][ T4331] file_dirty 0 [ 493.553587][ T4331] file_writeback 0 [ 493.553587][ T4331] anon_thp 0 [ 493.553587][ T4331] inactive_anon 0 [ 493.553587][ T4331] active_anon 135168 [ 493.553587][ T4331] inactive_file 0 [ 493.553587][ T4331] active_file 0 [ 493.553587][ T4331] unevictable 0 [ 493.553587][ T4331] slab_reclaimable 0 [ 493.553587][ T4331] slab_unreclaimable 0 [ 493.553587][ T4331] pgfault 100386 [ 493.553587][ T4331] pgmajfault 0 [ 493.553587][ T4331] workingset_refault 0 [ 493.553587][ T4331] workingset_activate 0 [ 493.553587][ T4331] workingset_nodereclaim 0 [ 493.553587][ T4331] pgrefill 1716 [ 493.553587][ T4331] pgscan 1453 [ 493.553587][ T4331] pgsteal 0 [ 493.553587][ T4331] pgactivate 1452 [ 493.553587][ T4331] pgdeactivate 1716 [ 493.649348][ T4331] Out of memory and no killable processes... 09:25:59 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'xfrm0\x00', &(0x7f0000000040)=@ethtool_sfeatures={0x3b, 0x2, [{}, {}]}}) 09:25:59 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(r0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:25:59 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 493.727329][ T4336] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 493.765321][ T4336] CPU: 1 PID: 4336 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 493.775482][ T4336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 493.785525][ T4336] Call Trace: [ 493.788811][ T4336] dump_stack+0x1d8/0x241 [ 493.793162][ T4336] ? panic+0x73e/0x73e [ 493.797221][ T4336] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 493.803029][ T4336] ? preempt_schedule_common+0xb7/0xe0 [ 493.808459][ T4336] dump_header+0xdb/0x700 [ 493.812762][ T4336] out_of_memory+0x6d0/0x940 [ 493.817323][ T4336] ? unregister_oom_notifier+0x20/0x20 [ 493.822754][ T4336] memory_max_write+0x528/0x600 [ 493.827592][ T4336] ? memory_max_show+0xa0/0xa0 [ 493.832341][ T4336] ? memory_max_show+0xa0/0xa0 [ 493.837079][ T4336] cgroup_file_write+0x273/0x5c0 [ 493.841990][ T4336] ? cgroup_seqfile_stop+0xc0/0xc0 [ 493.847079][ T4336] ? kernfs_get+0x90/0x90 [ 493.851383][ T4336] ? cgroup_seqfile_stop+0xc0/0xc0 [ 493.856465][ T4336] kernfs_fop_write+0x2ec/0x3e0 [ 493.861387][ T4336] ? kernfs_fop_read+0x450/0x450 [ 493.866384][ T4336] __vfs_write+0x103/0x780 [ 493.870776][ T4336] ? __kernel_write+0x340/0x340 [ 493.875606][ T4336] ? check_preemption_disabled+0x9e/0x330 [ 493.881299][ T4336] ? __fget+0x40c/0x4a0 [ 493.885427][ T4336] ? debug_smp_processor_id+0x20/0x20 [ 493.890773][ T4336] ? selinux_file_permission+0x2c2/0x530 [ 493.896378][ T4336] vfs_write+0x210/0x4f0 [ 493.900595][ T4336] ksys_write+0x198/0x2c0 [ 493.905098][ T4336] ? __ia32_sys_read+0x80/0x80 [ 493.909835][ T4336] do_syscall_64+0xcb/0x1c0 [ 493.914311][ T4336] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 494.175348][ T4343] bridge0: port 1(bridge_slave_0) entered blocking state [ 494.183024][ T4343] bridge0: port 1(bridge_slave_0) entered disabled state [ 494.187982][ T4336] memory: usage 48kB, limit 0kB, failcnt 7021 [ 494.190950][ T4343] device bridge_slave_0 entered promiscuous mode [ 494.196327][ T4336] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 494.203178][ T4343] bridge0: port 2(bridge_slave_1) entered blocking state [ 494.209543][ T4336] Memory cgroup stats for /syz0: [ 494.209616][ T4336] anon 102400 [ 494.209616][ T4336] file 0 [ 494.209616][ T4336] kernel_stack 0 [ 494.209616][ T4336] slab 0 [ 494.209616][ T4336] sock 0 [ 494.209616][ T4336] shmem 0 [ 494.209616][ T4336] file_mapped 0 [ 494.209616][ T4336] file_dirty 0 [ 494.209616][ T4336] file_writeback 0 [ 494.209616][ T4336] anon_thp 0 [ 494.209616][ T4336] inactive_anon 0 [ 494.209616][ T4336] active_anon 135168 [ 494.209616][ T4336] inactive_file 0 [ 494.209616][ T4336] active_file 0 [ 494.209616][ T4336] unevictable 0 [ 494.209616][ T4336] slab_reclaimable 0 [ 494.209616][ T4336] slab_unreclaimable 0 [ 494.209616][ T4336] pgfault 100386 [ 494.209616][ T4336] pgmajfault 0 [ 494.209616][ T4336] workingset_refault 0 [ 494.209616][ T4336] workingset_activate 0 [ 494.209616][ T4336] workingset_nodereclaim 0 [ 494.209616][ T4336] pgrefill 1749 [ 494.209616][ T4336] pgscan 1453 [ 494.209616][ T4336] pgsteal 0 [ 494.209616][ T4336] pgactivate 1452 [ 494.209616][ T4336] pgdeactivate 1749 [ 494.216361][ T4343] bridge0: port 2(bridge_slave_1) entered disabled state [ 494.222530][ T4336] Out of memory and no killable processes... [ 494.312898][ T4343] device bridge_slave_1 entered promiscuous mode [ 494.331631][ T4344] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 494.341914][ T4344] CPU: 0 PID: 4344 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 494.352047][ T4344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 494.362261][ T4344] Call Trace: [ 494.365542][ T4344] dump_stack+0x1d8/0x241 [ 494.369950][ T4344] ? panic+0x73e/0x73e [ 494.374013][ T4344] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 494.379809][ T4344] dump_header+0xdb/0x700 [ 494.384132][ T4344] out_of_memory+0x6d0/0x940 [ 494.387652][ T4343] bridge0: port 2(bridge_slave_1) entered blocking state [ 494.388708][ T4344] ? unregister_oom_notifier+0x20/0x20 [ 494.388719][ T4344] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 494.388734][ T4344] memory_max_write+0x528/0x600 [ 494.395748][ T4343] bridge0: port 2(bridge_slave_1) entered forwarding state [ 494.401160][ T4344] ? memory_max_show+0xa0/0xa0 [ 494.407046][ T4343] bridge0: port 1(bridge_slave_0) entered blocking state [ 494.411752][ T4344] ? preempt_schedule_irq+0xef/0x140 [ 494.418925][ T4343] bridge0: port 1(bridge_slave_0) entered forwarding state [ 494.423659][ T4344] ? preempt_schedule_notrace+0x140/0x140 [ 494.448772][ T4344] ? memory_max_show+0xa0/0xa0 [ 494.453530][ T4344] cgroup_file_write+0x273/0x5c0 [ 494.458479][ T4344] ? cgroup_seqfile_stop+0xc0/0xc0 [ 494.463567][ T4344] ? cgroup_seqfile_stop+0xc0/0xc0 [ 494.468648][ T4344] ? kernfs_get_active+0x118/0x220 [ 494.473729][ T4344] ? cgroup_file_write+0x1/0x5c0 [ 494.478640][ T4344] ? cgroup_seqfile_stop+0xc0/0xc0 [ 494.484941][ T4344] kernfs_fop_write+0x2ec/0x3e0 [ 494.489772][ T4344] ? kernfs_fop_read+0x450/0x450 [ 494.494683][ T4344] __vfs_write+0x103/0x780 [ 494.499071][ T4344] ? __kernel_write+0x340/0x340 [ 494.503897][ T4344] ? __rcu_read_unlock+0x92/0x100 [ 494.508897][ T4344] ? check_preemption_disabled+0x9e/0x330 [ 494.514585][ T4344] ? retint_kernel+0x1b/0x1b [ 494.519144][ T4344] ? debug_smp_processor_id+0x20/0x20 [ 494.524488][ T4344] ? security_file_permission+0x140/0x330 [ 494.530188][ T4344] vfs_write+0x210/0x4f0 [ 494.534403][ T4344] ksys_write+0x198/0x2c0 [ 494.538703][ T4344] ? __ia32_sys_read+0x80/0x80 [ 494.543442][ T4344] do_syscall_64+0xcb/0x1c0 [ 494.547923][ T4344] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 494.553848][ T4344] memory: usage 48kB, limit 0kB, failcnt 7021 [ 494.554310][ T1366] bridge0: port 1(bridge_slave_0) entered disabled state [ 494.559979][ T4344] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 494.573829][ T4344] Memory cgroup stats for /syz0: [ 494.573898][ T4344] anon 102400 [ 494.573898][ T4344] file 0 [ 494.573898][ T4344] kernel_stack 0 [ 494.573898][ T4344] slab 0 [ 494.573898][ T4344] sock 0 [ 494.573898][ T4344] shmem 0 [ 494.573898][ T4344] file_mapped 0 [ 494.573898][ T4344] file_dirty 0 [ 494.573898][ T4344] file_writeback 0 [ 494.573898][ T4344] anon_thp 0 [ 494.573898][ T4344] inactive_anon 0 [ 494.573898][ T4344] active_anon 135168 [ 494.573898][ T4344] inactive_file 0 [ 494.573898][ T4344] active_file 0 [ 494.573898][ T4344] unevictable 0 [ 494.573898][ T4344] slab_reclaimable 0 [ 494.573898][ T4344] slab_unreclaimable 0 [ 494.573898][ T4344] pgfault 100386 [ 494.573898][ T4344] pgmajfault 0 [ 494.573898][ T4344] workingset_refault 0 [ 494.573898][ T4344] workingset_activate 0 [ 494.573898][ T4344] workingset_nodereclaim 0 [ 494.573898][ T4344] pgrefill 1749 [ 494.573898][ T4344] pgscan 1453 [ 494.573898][ T4344] pgsteal 0 [ 494.573898][ T4344] pgactivate 1452 [ 494.573898][ T4344] pgdeactivate 1749 [ 494.669894][ T4344] Out of memory and no killable processes... [ 494.681727][ T1366] bridge0: port 2(bridge_slave_1) entered disabled state [ 494.689658][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 494.705211][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 494.726264][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 494.734478][ T1366] bridge0: port 1(bridge_slave_0) entered blocking state [ 494.741518][ T1366] bridge0: port 1(bridge_slave_0) entered forwarding state [ 494.749048][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 494.758749][ T1366] bridge0: port 2(bridge_slave_1) entered blocking state [ 494.765781][ T1366] bridge0: port 2(bridge_slave_1) entered forwarding state [ 494.773066][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 494.781139][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 494.790507][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 494.801372][ T1324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 494.813445][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 494.825189][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 494.837782][ T1324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 09:26:01 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:26:01 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:26:01 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f00000000c0)={0x0, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0xfd}]}, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x890b, &(0x7f0000000080)={'xfrm0\x00', 0x0}) 09:26:01 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r2 = getpgrp(0x0) prlimit64(r2, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:26:01 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:26:01 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:26:01 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r0, &(0x7f0000004500)=[{{&(0x7f0000000000)={0x2, 0x4e22}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@ip_ttl={{0x14, 0x0, 0x2, 0x2}}], 0x18}}], 0x1, 0x0) 09:26:01 executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002640)={&(0x7f00000024c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000002580)=""/186, 0x26, 0xba, 0x1}, 0x20) 09:26:01 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8943, &(0x7f0000000080)={'xfrm0\x00', 0x0}) 09:26:01 executing program 1: futex(&(0x7f0000000380), 0x3, 0x0, 0x0, &(0x7f0000000400), 0x0) 09:26:01 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x4c, &(0x7f0000000000), 0x4) [ 495.766312][ T4378] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 495.776499][ T4378] CPU: 1 PID: 4378 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 495.786711][ T4378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 495.796751][ T4378] Call Trace: [ 495.800034][ T4378] dump_stack+0x1d8/0x241 [ 495.804788][ T4378] ? panic+0x73e/0x73e [ 495.808839][ T4378] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 495.814626][ T4378] ? _raw_spin_lock+0xa3/0x1b0 [ 495.819370][ T4378] ? asan.module_dtor+0x20/0x20 [ 495.824203][ T4378] dump_header+0xdb/0x700 [ 495.828514][ T4378] oom_kill_process+0xf0/0x2d0 [ 495.833260][ T4378] out_of_memory+0x666/0x940 [ 495.837828][ T4378] ? unregister_oom_notifier+0x20/0x20 [ 495.843275][ T4378] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 495.849063][ T4378] memory_max_write+0x528/0x600 [ 495.853894][ T4378] ? memory_max_show+0xa0/0xa0 [ 495.858644][ T4378] ? memory_max_show+0xa0/0xa0 [ 495.863394][ T4378] cgroup_file_write+0x273/0x5c0 [ 495.868318][ T4378] ? cgroup_seqfile_stop+0xc0/0xc0 [ 495.873409][ T4378] ? kernfs_get+0x90/0x90 [ 495.877733][ T4378] ? cgroup_seqfile_stop+0xc0/0xc0 [ 495.882842][ T4378] kernfs_fop_write+0x2ec/0x3e0 [ 495.887854][ T4378] ? kernfs_fop_read+0x450/0x450 [ 495.892771][ T4378] __vfs_write+0x103/0x780 [ 495.897169][ T4378] ? __kernel_write+0x340/0x340 [ 495.902002][ T4378] ? check_preemption_disabled+0x9e/0x330 [ 495.907696][ T4378] ? __fget+0x40c/0x4a0 [ 495.911836][ T4378] ? debug_smp_processor_id+0x20/0x20 [ 495.917192][ T4378] ? selinux_file_permission+0x2c2/0x530 [ 495.922805][ T4378] vfs_write+0x210/0x4f0 [ 495.927031][ T4378] ksys_write+0x198/0x2c0 [ 495.931341][ T4378] ? __ia32_sys_read+0x80/0x80 [ 495.936085][ T4378] do_syscall_64+0xcb/0x1c0 [ 495.940571][ T4378] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 495.946736][ T4378] memory: usage 188kB, limit 0kB, failcnt 7021 [ 495.952940][ T4378] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 495.959842][ T4378] Memory cgroup stats for /syz0: 09:26:01 executing program 1: pselect6(0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000100), 0x0) [ 495.960484][ T4378] anon 135168 [ 495.960484][ T4378] file 0 [ 495.960484][ T4378] kernel_stack 0 [ 495.960484][ T4378] slab 0 [ 495.960484][ T4378] sock 0 [ 495.960484][ T4378] shmem 0 [ 495.960484][ T4378] file_mapped 0 [ 495.960484][ T4378] file_dirty 0 [ 495.960484][ T4378] file_writeback 0 [ 495.960484][ T4378] anon_thp 0 [ 495.960484][ T4378] inactive_anon 0 [ 495.960484][ T4378] active_anon 135168 [ 495.960484][ T4378] inactive_file 0 [ 495.960484][ T4378] active_file 0 [ 495.960484][ T4378] unevictable 0 [ 495.960484][ T4378] slab_reclaimable 0 [ 495.960484][ T4378] slab_unreclaimable 0 [ 495.960484][ T4378] pgfault 102564 [ 495.960484][ T4378] pgmajfault 0 [ 495.960484][ T4378] workingset_refault 0 [ 495.960484][ T4378] workingset_activate 0 [ 495.960484][ T4378] workingset_nodereclaim 0 [ 495.960484][ T4378] pgrefill 1749 [ 495.960484][ T4378] pgscan 1453 [ 495.960484][ T4378] pgsteal 0 [ 495.960484][ T4378] pgactivate 1452 [ 495.960484][ T4378] pgdeactivate 1749 09:26:01 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 496.056724][ T4378] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4364,uid=0 [ 496.071917][ T4378] Memory cgroup out of memory: Killed process 4364 (syz-executor.0) total-vm:52480kB, anon-rss:460kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:104kB oom_score_adj:1000 [ 496.089727][ T4378] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 496.099905][ T4378] CPU: 1 PID: 4378 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 496.110044][ T4378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 496.120090][ T4378] Call Trace: [ 496.123371][ T4378] dump_stack+0x1d8/0x241 [ 496.127686][ T4378] ? panic+0x73e/0x73e [ 496.131739][ T4378] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 496.137529][ T4378] ? _raw_spin_lock+0xa3/0x1b0 [ 496.142364][ T4378] ? asan.module_dtor+0x20/0x20 [ 496.147200][ T4378] dump_header+0xdb/0x700 [ 496.151514][ T4378] oom_kill_process+0xf0/0x2d0 [ 496.156265][ T4378] out_of_memory+0x666/0x940 [ 496.160841][ T4378] ? unregister_oom_notifier+0x20/0x20 [ 496.166286][ T4378] memory_max_write+0x528/0x600 [ 496.171118][ T4378] ? memory_max_show+0xa0/0xa0 [ 496.175914][ T4378] ? memory_max_show+0xa0/0xa0 [ 496.180674][ T4378] cgroup_file_write+0x273/0x5c0 [ 496.185613][ T4378] ? cgroup_seqfile_stop+0xc0/0xc0 [ 496.190717][ T4378] ? kernfs_get+0x90/0x90 [ 496.195038][ T4378] ? cgroup_seqfile_stop+0xc0/0xc0 [ 496.200163][ T4378] kernfs_fop_write+0x2ec/0x3e0 [ 496.205013][ T4378] ? kernfs_fop_read+0x450/0x450 [ 496.209953][ T4378] __vfs_write+0x103/0x780 [ 496.214367][ T4378] ? __kernel_write+0x340/0x340 [ 496.219212][ T4378] ? check_preemption_disabled+0x9e/0x330 [ 496.224917][ T4378] ? __fget+0x40c/0x4a0 [ 496.229056][ T4378] ? debug_smp_processor_id+0x20/0x20 [ 496.234894][ T4378] ? selinux_file_permission+0x2c2/0x530 [ 496.240522][ T4378] vfs_write+0x210/0x4f0 [ 496.244758][ T4378] ksys_write+0x198/0x2c0 [ 496.249075][ T4378] ? __ia32_sys_read+0x80/0x80 [ 496.253825][ T4378] do_syscall_64+0xcb/0x1c0 [ 496.258317][ T4378] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 496.264227][ T4378] memory: usage 84kB, limit 0kB, failcnt 7037 [ 496.270294][ T4378] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 496.277147][ T4378] Memory cgroup stats for /syz0: [ 496.277212][ T4378] anon 0 [ 496.277212][ T4378] file 0 [ 496.277212][ T4378] kernel_stack 0 [ 496.277212][ T4378] slab 0 [ 496.277212][ T4378] sock 0 [ 496.277212][ T4378] shmem 0 [ 496.277212][ T4378] file_mapped 0 [ 496.277212][ T4378] file_dirty 0 [ 496.277212][ T4378] file_writeback 0 [ 496.277212][ T4378] anon_thp 0 [ 496.277212][ T4378] inactive_anon 0 [ 496.277212][ T4378] active_anon 135168 [ 496.277212][ T4378] inactive_file 0 [ 496.277212][ T4378] active_file 0 [ 496.277212][ T4378] unevictable 0 [ 496.277212][ T4378] slab_reclaimable 0 [ 496.277212][ T4378] slab_unreclaimable 0 [ 496.277212][ T4378] pgfault 102564 [ 496.277212][ T4378] pgmajfault 0 [ 496.277212][ T4378] workingset_refault 0 [ 496.277212][ T4378] workingset_activate 0 [ 496.277212][ T4378] workingset_nodereclaim 0 [ 496.277212][ T4378] pgrefill 1749 [ 496.277212][ T4378] pgscan 1486 [ 496.277212][ T4378] pgsteal 0 [ 496.277212][ T4378] pgactivate 1485 [ 496.277212][ T4378] pgdeactivate 1749 [ 496.372580][ T4378] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz5,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4343,uid=0 [ 496.387724][ T4378] Memory cgroup out of memory: Killed process 4343 (syz-executor.0) total-vm:48508kB, anon-rss:448kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:92kB oom_score_adj:0 [ 496.410142][ T4379] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 496.420370][ T4379] CPU: 0 PID: 4379 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 496.430496][ T4379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 496.440535][ T4379] Call Trace: [ 496.443809][ T4379] dump_stack+0x1d8/0x241 [ 496.448120][ T4379] ? panic+0x73e/0x73e [ 496.452169][ T4379] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 496.457956][ T4379] ? _raw_spin_lock+0xa3/0x1b0 [ 496.462701][ T4379] ? asan.module_dtor+0x20/0x20 [ 496.467534][ T4379] dump_header+0xdb/0x700 [ 496.471847][ T4379] oom_kill_process+0xf0/0x2d0 [ 496.476600][ T4379] out_of_memory+0x666/0x940 [ 496.481174][ T4379] ? unregister_oom_notifier+0x20/0x20 [ 496.486614][ T4379] memory_max_write+0x528/0x600 [ 496.491449][ T4379] ? memory_max_show+0xa0/0xa0 [ 496.496197][ T4379] ? memory_max_show+0xa0/0xa0 [ 496.500946][ T4379] cgroup_file_write+0x273/0x5c0 [ 496.505869][ T4379] ? cgroup_seqfile_stop+0xc0/0xc0 [ 496.510964][ T4379] ? kernfs_get+0x90/0x90 [ 496.515276][ T4379] ? cgroup_seqfile_stop+0xc0/0xc0 [ 496.520365][ T4379] kernfs_fop_write+0x2ec/0x3e0 [ 496.525197][ T4379] ? kernfs_fop_read+0x450/0x450 [ 496.530112][ T4379] __vfs_write+0x103/0x780 [ 496.534508][ T4379] ? __kernel_write+0x340/0x340 [ 496.539338][ T4379] ? check_preemption_disabled+0x9e/0x330 [ 496.545047][ T4379] ? __fget+0x40c/0x4a0 [ 496.549190][ T4379] ? debug_smp_processor_id+0x20/0x20 [ 496.554548][ T4379] ? selinux_file_permission+0x2c2/0x530 [ 496.560171][ T4379] vfs_write+0x210/0x4f0 [ 496.564405][ T4379] ksys_write+0x198/0x2c0 [ 496.568717][ T4379] ? __ia32_sys_read+0x80/0x80 [ 496.573463][ T4379] do_syscall_64+0xcb/0x1c0 [ 496.577950][ T4379] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 496.583971][ T4379] memory: usage 52kB, limit 0kB, failcnt 7039 [ 496.590058][ T4379] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 496.596902][ T4379] Memory cgroup stats for /syz0: [ 496.596977][ T4379] anon 0 [ 496.596977][ T4379] file 0 [ 496.596977][ T4379] kernel_stack 0 [ 496.596977][ T4379] slab 0 [ 496.596977][ T4379] sock 0 [ 496.596977][ T4379] shmem 0 [ 496.596977][ T4379] file_mapped 0 [ 496.596977][ T4379] file_dirty 0 [ 496.596977][ T4379] file_writeback 0 [ 496.596977][ T4379] anon_thp 0 [ 496.596977][ T4379] inactive_anon 0 [ 496.596977][ T4379] active_anon 135168 [ 496.596977][ T4379] inactive_file 0 [ 496.596977][ T4379] active_file 0 [ 496.596977][ T4379] unevictable 0 [ 496.596977][ T4379] slab_reclaimable 0 [ 496.596977][ T4379] slab_unreclaimable 0 [ 496.596977][ T4379] pgfault 102564 [ 496.596977][ T4379] pgmajfault 0 [ 496.596977][ T4379] workingset_refault 0 09:26:02 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:26:02 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB=','], 0x2c}}, 0x0) 09:26:02 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) getpgrp(0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:26:02 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:26:02 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) [ 496.596977][ T4379] workingset_activate 0 [ 496.596977][ T4379] workingset_nodereclaim 0 [ 496.596977][ T4379] pgrefill 1749 [ 496.596977][ T4379] pgscan 1486 [ 496.596977][ T4379] pgsteal 0 [ 496.596977][ T4379] pgactivate 1485 [ 496.596977][ T4379] pgdeactivate 1749 [ 496.621876][ T4386] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4386 comm=syz-executor.1 [ 496.692893][ T4379] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4384,uid=0 09:26:02 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'veth0_to_bond\x00', &(0x7f0000000000)=@ethtool_modinfo}) 09:26:02 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x8, 0x1, &(0x7f0000000000)=@raw=[@ldst={0x3}], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 09:26:02 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x30, &(0x7f0000000080)=@security={'security\x00', 0xe, 0x4, 0x3a0, 0xffffffff, 0xd0, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x470, 0x470, 0x470, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "db4a882e238e1968cd657e82a051591dde7e4c9406efd47cbcd90e1632db"}}, {{@ipv6={@local, @private0, [], [], 'caif0\x00', 'team0\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "8402baceed2c408cc347198dc4ce6d000b641aa8ca662ee4a4c1b01c42c1ed63b3579e6952a63406f91593b5192d7bcba7e2214df792a05ef4a52ee3372e9fd5"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400) 09:26:02 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, 0x4000) 09:26:02 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 496.782216][ T4401] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 496.792765][ T4401] CPU: 1 PID: 4401 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 496.803241][ T4401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 496.813279][ T4401] Call Trace: [ 496.816557][ T4401] dump_stack+0x1d8/0x241 [ 496.820875][ T4401] ? panic+0x73e/0x73e [ 496.824924][ T4401] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 496.830713][ T4401] dump_header+0xdb/0x700 [ 496.835023][ T4401] out_of_memory+0x6d0/0x940 [ 496.839593][ T4401] ? unregister_oom_notifier+0x20/0x20 [ 496.845033][ T4401] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 496.850815][ T4401] memory_max_write+0x528/0x600 [ 496.855648][ T4401] ? memory_max_show+0xa0/0xa0 [ 496.860399][ T4401] ? memory_max_show+0xa0/0xa0 [ 496.865143][ T4401] cgroup_file_write+0x273/0x5c0 [ 496.870062][ T4401] ? cgroup_seqfile_stop+0xc0/0xc0 [ 496.875152][ T4401] ? kernfs_get+0x90/0x90 [ 496.879468][ T4401] ? cgroup_seqfile_stop+0xc0/0xc0 [ 496.884569][ T4401] kernfs_fop_write+0x2ec/0x3e0 [ 496.889407][ T4401] ? kernfs_fop_read+0x450/0x450 [ 496.894332][ T4401] __vfs_write+0x103/0x780 [ 496.898735][ T4401] ? __kernel_write+0x340/0x340 [ 496.903573][ T4401] ? check_preemption_disabled+0x9e/0x330 [ 496.909275][ T4401] ? __fget+0x40c/0x4a0 [ 496.913415][ T4401] ? debug_smp_processor_id+0x20/0x20 [ 496.918772][ T4401] ? selinux_file_permission+0x2c2/0x530 [ 496.924390][ T4401] vfs_write+0x210/0x4f0 [ 496.928618][ T4401] ksys_write+0x198/0x2c0 [ 496.932935][ T4401] ? __ia32_sys_read+0x80/0x80 [ 496.937683][ T4401] do_syscall_64+0xcb/0x1c0 [ 496.942173][ T4401] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 496.948832][ T4401] memory: usage 48kB, limit 0kB, failcnt 7039 [ 496.955204][ T4401] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 496.962036][ T4401] Memory cgroup stats for /syz0: [ 496.962152][ T4401] anon 0 [ 496.962152][ T4401] file 0 [ 496.962152][ T4401] kernel_stack 0 [ 496.962152][ T4401] slab 0 [ 496.962152][ T4401] sock 0 [ 496.962152][ T4401] shmem 0 [ 496.962152][ T4401] file_mapped 0 [ 496.962152][ T4401] file_dirty 0 [ 496.962152][ T4401] file_writeback 0 [ 496.962152][ T4401] anon_thp 0 [ 496.962152][ T4401] inactive_anon 0 [ 496.962152][ T4401] active_anon 135168 [ 496.962152][ T4401] inactive_file 0 [ 496.962152][ T4401] active_file 0 [ 496.962152][ T4401] unevictable 0 [ 496.962152][ T4401] slab_reclaimable 0 [ 496.962152][ T4401] slab_unreclaimable 0 [ 496.962152][ T4401] pgfault 102564 [ 496.962152][ T4401] pgmajfault 0 [ 496.962152][ T4401] workingset_refault 0 [ 496.962152][ T4401] workingset_activate 0 [ 496.962152][ T4401] workingset_nodereclaim 0 [ 496.962152][ T4401] pgrefill 1782 [ 496.962152][ T4401] pgscan 1486 [ 496.962152][ T4401] pgsteal 0 [ 496.962152][ T4401] pgactivate 1485 [ 496.962152][ T4401] pgdeactivate 1782 [ 497.057844][ T4401] Out of memory and no killable processes... [ 497.069631][ T4409] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 497.080027][ T4409] CPU: 1 PID: 4409 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 497.090156][ T4409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 497.100214][ T4409] Call Trace: [ 497.103484][ T4409] dump_stack+0x1d8/0x241 [ 497.107795][ T4409] ? panic+0x73e/0x73e [ 497.111935][ T4409] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 497.117716][ T4409] dump_header+0xdb/0x700 [ 497.122018][ T4409] out_of_memory+0x6d0/0x940 [ 497.126583][ T4409] ? unregister_oom_notifier+0x20/0x20 [ 497.132015][ T4409] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 497.137804][ T4409] memory_max_write+0x528/0x600 [ 497.142632][ T4409] ? memory_max_show+0xa0/0xa0 [ 497.147381][ T4409] ? memory_max_show+0xa0/0xa0 [ 497.152115][ T4409] cgroup_file_write+0x273/0x5c0 [ 497.157023][ T4409] ? cgroup_seqfile_stop+0xc0/0xc0 [ 497.162120][ T4409] ? kernfs_get+0x90/0x90 [ 497.166420][ T4409] ? cgroup_seqfile_stop+0xc0/0xc0 [ 497.171500][ T4409] kernfs_fop_write+0x2ec/0x3e0 [ 497.176319][ T4409] ? kernfs_fop_read+0x450/0x450 [ 497.181225][ T4409] __vfs_write+0x103/0x780 [ 497.185612][ T4409] ? __kernel_write+0x340/0x340 [ 497.190434][ T4409] ? check_preemption_disabled+0x9e/0x330 [ 497.196125][ T4409] ? __fget+0x40c/0x4a0 [ 497.200266][ T4409] ? debug_smp_processor_id+0x20/0x20 [ 497.206066][ T4409] ? selinux_file_permission+0x2c2/0x530 [ 497.211806][ T4409] vfs_write+0x210/0x4f0 [ 497.216027][ T4409] ksys_write+0x198/0x2c0 [ 497.220328][ T4409] ? __ia32_sys_read+0x80/0x80 [ 497.225069][ T4409] do_syscall_64+0xcb/0x1c0 [ 497.229550][ T4409] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 497.235720][ T4409] memory: usage 48kB, limit 0kB, failcnt 7039 [ 497.241788][ T4409] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 497.248649][ T4409] Memory cgroup stats for /syz0: [ 497.248766][ T4409] anon 0 [ 497.248766][ T4409] file 0 [ 497.248766][ T4409] kernel_stack 0 [ 497.248766][ T4409] slab 0 [ 497.248766][ T4409] sock 0 [ 497.248766][ T4409] shmem 0 [ 497.248766][ T4409] file_mapped 0 [ 497.248766][ T4409] file_dirty 0 [ 497.248766][ T4409] file_writeback 0 [ 497.248766][ T4409] anon_thp 0 [ 497.248766][ T4409] inactive_anon 0 [ 497.248766][ T4409] active_anon 135168 [ 497.248766][ T4409] inactive_file 0 [ 497.248766][ T4409] active_file 0 [ 497.248766][ T4409] unevictable 0 [ 497.248766][ T4409] slab_reclaimable 0 [ 497.248766][ T4409] slab_unreclaimable 0 [ 497.248766][ T4409] pgfault 102564 [ 497.248766][ T4409] pgmajfault 0 [ 497.248766][ T4409] workingset_refault 0 [ 497.248766][ T4409] workingset_activate 0 [ 497.248766][ T4409] workingset_nodereclaim 0 [ 497.248766][ T4409] pgrefill 1782 [ 497.248766][ T4409] pgscan 1486 [ 497.248766][ T4409] pgsteal 0 [ 497.248766][ T4409] pgactivate 1485 [ 497.248766][ T4409] pgdeactivate 1782 [ 497.344786][ T4409] Out of memory and no killable processes... [ 497.354528][ T4402] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 497.364808][ T4402] CPU: 1 PID: 4402 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 497.375042][ T4402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 497.385083][ T4402] Call Trace: [ 497.388372][ T4402] dump_stack+0x1d8/0x241 [ 497.392685][ T4402] ? panic+0x73e/0x73e [ 497.396738][ T4402] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 497.402525][ T4402] dump_header+0xdb/0x700 [ 497.406841][ T4402] out_of_memory+0x6d0/0x940 [ 497.411414][ T4402] ? unregister_oom_notifier+0x20/0x20 [ 497.416856][ T4402] memory_max_write+0x528/0x600 [ 497.421691][ T4402] ? memory_max_show+0xa0/0xa0 [ 497.426437][ T4402] ? memory_max_show+0xa0/0xa0 [ 497.431180][ T4402] cgroup_file_write+0x273/0x5c0 [ 497.436109][ T4402] ? cgroup_seqfile_stop+0xc0/0xc0 [ 497.441202][ T4402] ? kernfs_get+0x90/0x90 [ 497.445512][ T4402] ? cgroup_seqfile_stop+0xc0/0xc0 [ 497.450600][ T4402] kernfs_fop_write+0x2ec/0x3e0 [ 497.455430][ T4402] ? kernfs_fop_read+0x450/0x450 [ 497.460347][ T4402] __vfs_write+0x103/0x780 [ 497.464744][ T4402] ? __kernel_write+0x340/0x340 [ 497.469571][ T4402] ? check_preemption_disabled+0x9e/0x330 [ 497.475267][ T4402] ? __fget+0x40c/0x4a0 [ 497.479400][ T4402] ? debug_smp_processor_id+0x20/0x20 [ 497.484748][ T4402] ? selinux_file_permission+0x2c2/0x530 [ 497.490360][ T4402] vfs_write+0x210/0x4f0 [ 497.494584][ T4402] ksys_write+0x198/0x2c0 [ 497.498895][ T4402] ? __ia32_sys_read+0x80/0x80 [ 497.503639][ T4402] do_syscall_64+0xcb/0x1c0 [ 497.508123][ T4402] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 497.514033][ T4402] memory: usage 48kB, limit 0kB, failcnt 7039 [ 497.520284][ T4402] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 497.527134][ T4402] Memory cgroup stats for /syz0: [ 497.527265][ T4402] anon 0 [ 497.527265][ T4402] file 0 [ 497.527265][ T4402] kernel_stack 0 [ 497.527265][ T4402] slab 0 [ 497.527265][ T4402] sock 0 [ 497.527265][ T4402] shmem 0 [ 497.527265][ T4402] file_mapped 0 [ 497.527265][ T4402] file_dirty 0 [ 497.527265][ T4402] file_writeback 0 [ 497.527265][ T4402] anon_thp 0 [ 497.527265][ T4402] inactive_anon 0 [ 497.527265][ T4402] active_anon 135168 [ 497.527265][ T4402] inactive_file 0 [ 497.527265][ T4402] active_file 0 [ 497.527265][ T4402] unevictable 0 [ 497.527265][ T4402] slab_reclaimable 0 09:26:03 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:26:03 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$sock_int(r0, 0x1, 0x39, 0x0, &(0x7f00000000c0)) [ 497.527265][ T4402] slab_unreclaimable 0 [ 497.527265][ T4402] pgfault 102564 [ 497.527265][ T4402] pgmajfault 0 [ 497.527265][ T4402] workingset_refault 0 [ 497.527265][ T4402] workingset_activate 0 [ 497.527265][ T4402] workingset_nodereclaim 0 [ 497.527265][ T4402] pgrefill 1782 [ 497.527265][ T4402] pgscan 1486 [ 497.527265][ T4402] pgsteal 0 [ 497.527265][ T4402] pgactivate 1485 [ 497.527265][ T4402] pgdeactivate 1782 [ 497.622747][ T4402] Out of memory and no killable processes... 09:26:03 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:26:03 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 497.690694][ T4410] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 497.714866][ T4410] CPU: 0 PID: 4410 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 497.725014][ T4410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 497.735051][ T4410] Call Trace: [ 497.738327][ T4410] dump_stack+0x1d8/0x241 [ 497.742629][ T4410] ? panic+0x73e/0x73e [ 497.746669][ T4410] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 497.752448][ T4410] ? preempt_schedule_common+0xb7/0xe0 [ 497.757891][ T4410] dump_header+0xdb/0x700 [ 497.762204][ T4410] out_of_memory+0x6d0/0x940 [ 497.766777][ T4410] ? unregister_oom_notifier+0x20/0x20 [ 497.772231][ T4410] memory_max_write+0x528/0x600 [ 497.777063][ T4410] ? memory_max_show+0xa0/0xa0 [ 497.781831][ T4410] ? memory_max_show+0xa0/0xa0 [ 497.786583][ T4410] cgroup_file_write+0x273/0x5c0 [ 497.791523][ T4410] ? cgroup_seqfile_stop+0xc0/0xc0 [ 497.796609][ T4410] ? kernfs_get+0x90/0x90 [ 497.801110][ T4410] ? cgroup_seqfile_stop+0xc0/0xc0 [ 497.806194][ T4410] kernfs_fop_write+0x2ec/0x3e0 [ 497.811017][ T4410] ? kernfs_fop_read+0x450/0x450 [ 497.815924][ T4410] __vfs_write+0x103/0x780 [ 497.820311][ T4410] ? __kernel_write+0x340/0x340 [ 497.825133][ T4410] ? check_preemption_disabled+0x9e/0x330 [ 497.830835][ T4410] ? __fget+0x40c/0x4a0 [ 497.834960][ T4410] ? debug_smp_processor_id+0x20/0x20 [ 497.840302][ T4410] ? selinux_file_permission+0x2c2/0x530 [ 497.845909][ T4410] vfs_write+0x210/0x4f0 [ 497.850121][ T4410] ksys_write+0x198/0x2c0 [ 497.854435][ T4410] ? __ia32_sys_read+0x80/0x80 [ 497.859171][ T4410] do_syscall_64+0xcb/0x1c0 [ 497.863680][ T4410] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 498.126242][ T4410] memory: usage 48kB, limit 0kB, failcnt 7039 [ 498.132345][ T4410] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 498.139439][ T4410] Memory cgroup stats for /syz0: [ 498.139504][ T4410] anon 0 [ 498.139504][ T4410] file 0 [ 498.139504][ T4410] kernel_stack 0 [ 498.139504][ T4410] slab 0 [ 498.139504][ T4410] sock 0 [ 498.139504][ T4410] shmem 0 [ 498.139504][ T4410] file_mapped 0 [ 498.139504][ T4410] file_dirty 0 [ 498.139504][ T4410] file_writeback 0 [ 498.139504][ T4410] anon_thp 0 [ 498.139504][ T4410] inactive_anon 0 [ 498.139504][ T4410] active_anon 135168 [ 498.139504][ T4410] inactive_file 0 [ 498.139504][ T4410] active_file 0 [ 498.139504][ T4410] unevictable 0 [ 498.139504][ T4410] slab_reclaimable 0 [ 498.139504][ T4410] slab_unreclaimable 0 [ 498.139504][ T4410] pgfault 102564 [ 498.139504][ T4410] pgmajfault 0 [ 498.139504][ T4410] workingset_refault 0 [ 498.139504][ T4410] workingset_activate 0 [ 498.139504][ T4410] workingset_nodereclaim 0 [ 498.139504][ T4410] pgrefill 1782 [ 498.139504][ T4410] pgscan 1486 [ 498.139504][ T4410] pgsteal 0 [ 498.139504][ T4410] pgactivate 1485 [ 498.139504][ T4410] pgdeactivate 1782 [ 498.236224][ T4410] Out of memory and no killable processes... [ 498.249433][ T4415] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 498.259677][ T4415] CPU: 0 PID: 4415 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 498.269903][ T4415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 498.280132][ T4415] Call Trace: [ 498.283418][ T4415] dump_stack+0x1d8/0x241 [ 498.287739][ T4415] ? panic+0x73e/0x73e [ 498.291802][ T4415] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 498.297601][ T4415] dump_header+0xdb/0x700 [ 498.301926][ T4415] out_of_memory+0x6d0/0x940 [ 498.306510][ T4415] ? unregister_oom_notifier+0x20/0x20 [ 498.311963][ T4415] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 498.317762][ T4415] memory_max_write+0x528/0x600 [ 498.322710][ T4415] ? memory_max_show+0xa0/0xa0 [ 498.327469][ T4415] ? memory_max_show+0xa0/0xa0 [ 498.332311][ T4415] cgroup_file_write+0x273/0x5c0 [ 498.337247][ T4415] ? cgroup_seqfile_stop+0xc0/0xc0 [ 498.342351][ T4415] ? kernfs_get+0x90/0x90 [ 498.346676][ T4415] ? cgroup_seqfile_stop+0xc0/0xc0 [ 498.351778][ T4415] kernfs_fop_write+0x2ec/0x3e0 [ 498.356624][ T4415] ? kernfs_fop_read+0x450/0x450 [ 498.361557][ T4415] __vfs_write+0x103/0x780 [ 498.365969][ T4415] ? __kernel_write+0x340/0x340 [ 498.370815][ T4415] ? check_preemption_disabled+0x9e/0x330 [ 498.376524][ T4415] ? __fget+0x40c/0x4a0 [ 498.380674][ T4415] ? debug_smp_processor_id+0x20/0x20 [ 498.386039][ T4415] ? selinux_file_permission+0x2c2/0x530 [ 498.391671][ T4415] vfs_write+0x210/0x4f0 [ 498.395901][ T4415] ksys_write+0x198/0x2c0 [ 498.400219][ T4415] ? __ia32_sys_read+0x80/0x80 [ 498.405581][ T4415] do_syscall_64+0xcb/0x1c0 [ 498.410083][ T4415] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 498.416178][ T4415] memory: usage 48kB, limit 0kB, failcnt 7039 [ 498.422234][ T4415] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 498.429103][ T4415] Memory cgroup stats for /syz0: [ 498.429178][ T4415] anon 0 [ 498.429178][ T4415] file 0 [ 498.429178][ T4415] kernel_stack 0 [ 498.429178][ T4415] slab 0 [ 498.429178][ T4415] sock 0 [ 498.429178][ T4415] shmem 0 [ 498.429178][ T4415] file_mapped 0 [ 498.429178][ T4415] file_dirty 0 [ 498.429178][ T4415] file_writeback 0 [ 498.429178][ T4415] anon_thp 0 [ 498.429178][ T4415] inactive_anon 0 [ 498.429178][ T4415] active_anon 135168 [ 498.429178][ T4415] inactive_file 0 09:26:04 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) getpgrp(0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:26:04 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(0x0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:26:04 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r0, &(0x7f0000000700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 498.429178][ T4415] active_file 0 [ 498.429178][ T4415] unevictable 0 [ 498.429178][ T4415] slab_reclaimable 0 [ 498.429178][ T4415] slab_unreclaimable 0 [ 498.429178][ T4415] pgfault 102564 [ 498.429178][ T4415] pgmajfault 0 [ 498.429178][ T4415] workingset_refault 0 [ 498.429178][ T4415] workingset_activate 0 [ 498.429178][ T4415] workingset_nodereclaim 0 [ 498.429178][ T4415] pgrefill 1782 [ 498.429178][ T4415] pgscan 1486 [ 498.429178][ T4415] pgsteal 0 [ 498.429178][ T4415] pgactivate 1485 [ 498.429178][ T4415] pgdeactivate 1782 09:26:04 executing program 1: socket$inet6(0xa, 0x675dc689eb9ea38c, 0x0) 09:26:04 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:26:04 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c) [ 498.524688][ T4415] Out of memory and no killable processes... [ 498.530782][ T4419] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 498.541158][ T4419] CPU: 0 PID: 4419 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 498.551293][ T4419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 498.561341][ T4419] Call Trace: [ 498.564627][ T4419] dump_stack+0x1d8/0x241 [ 498.568952][ T4419] ? panic+0x73e/0x73e 09:26:04 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f00000000c0)=0x200, 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private0}, 0x1c) [ 498.573015][ T4419] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 498.578801][ T4419] dump_header+0xdb/0x700 [ 498.583106][ T4419] out_of_memory+0x6d0/0x940 [ 498.587681][ T4419] ? unregister_oom_notifier+0x20/0x20 [ 498.593142][ T4419] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 498.598939][ T4419] memory_max_write+0x528/0x600 [ 498.603775][ T4419] ? memory_max_show+0xa0/0xa0 [ 498.608513][ T4419] ? memory_max_show+0xa0/0xa0 [ 498.613258][ T4419] cgroup_file_write+0x273/0x5c0 [ 498.618188][ T4419] ? cgroup_seqfile_stop+0xc0/0xc0 [ 498.623284][ T4419] ? kernfs_get+0x90/0x90 [ 498.627777][ T4419] ? cgroup_seqfile_stop+0xc0/0xc0 [ 498.632876][ T4419] kernfs_fop_write+0x2ec/0x3e0 [ 498.638583][ T4419] ? kernfs_fop_read+0x450/0x450 [ 498.643506][ T4419] __vfs_write+0x103/0x780 [ 498.647911][ T4419] ? __kernel_write+0x340/0x340 [ 498.652746][ T4419] ? check_preemption_disabled+0x9e/0x330 [ 498.658473][ T4419] ? __fget+0x40c/0x4a0 [ 498.662619][ T4419] ? debug_smp_processor_id+0x20/0x20 [ 498.667975][ T4419] ? selinux_file_permission+0x2c2/0x530 [ 498.673594][ T4419] vfs_write+0x210/0x4f0 [ 498.677823][ T4419] ksys_write+0x198/0x2c0 [ 498.682138][ T4419] ? __ia32_sys_read+0x80/0x80 [ 498.686887][ T4419] do_syscall_64+0xcb/0x1c0 [ 498.691380][ T4419] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 498.697349][ T4419] memory: usage 48kB, limit 0kB, failcnt 7039 [ 498.703446][ T4419] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 498.710450][ T4419] Memory cgroup stats for /syz0: [ 498.710523][ T4419] anon 0 [ 498.710523][ T4419] file 0 [ 498.710523][ T4419] kernel_stack 0 [ 498.710523][ T4419] slab 0 [ 498.710523][ T4419] sock 0 [ 498.710523][ T4419] shmem 0 [ 498.710523][ T4419] file_mapped 0 [ 498.710523][ T4419] file_dirty 0 [ 498.710523][ T4419] file_writeback 0 [ 498.710523][ T4419] anon_thp 0 [ 498.710523][ T4419] inactive_anon 0 [ 498.710523][ T4419] active_anon 135168 [ 498.710523][ T4419] inactive_file 0 [ 498.710523][ T4419] active_file 0 [ 498.710523][ T4419] unevictable 0 [ 498.710523][ T4419] slab_reclaimable 0 [ 498.710523][ T4419] slab_unreclaimable 0 [ 498.710523][ T4419] pgfault 102564 [ 498.710523][ T4419] pgmajfault 0 [ 498.710523][ T4419] workingset_refault 0 [ 498.710523][ T4419] workingset_activate 0 [ 498.710523][ T4419] workingset_nodereclaim 0 [ 498.710523][ T4419] pgrefill 1782 [ 498.710523][ T4419] pgscan 1486 [ 498.710523][ T4419] pgsteal 0 [ 498.710523][ T4419] pgactivate 1485 [ 498.710523][ T4419] pgdeactivate 1782 [ 498.806944][ T4419] Out of memory and no killable processes... 09:26:04 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:26:04 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x890b, &(0x7f0000000080)={'xfrm0\x00', 0x0}) [ 498.830942][ T4433] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 498.842482][ T4433] CPU: 1 PID: 4433 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 498.852635][ T4433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 498.862677][ T4433] Call Trace: [ 498.865977][ T4433] dump_stack+0x1d8/0x241 [ 498.870284][ T4433] ? panic+0x73e/0x73e [ 498.874358][ T4433] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 498.880658][ T4433] ? preempt_schedule_common+0xb7/0xe0 [ 498.886793][ T4433] dump_header+0xdb/0x700 [ 498.891098][ T4433] out_of_memory+0x6d0/0x940 [ 498.895663][ T4433] ? unregister_oom_notifier+0x20/0x20 [ 498.901100][ T4433] memory_max_write+0x528/0x600 [ 498.905942][ T4433] ? memory_max_show+0xa0/0xa0 [ 498.910684][ T4433] ? memory_max_show+0xa0/0xa0 [ 498.915420][ T4433] cgroup_file_write+0x273/0x5c0 [ 498.920332][ T4433] ? cgroup_seqfile_stop+0xc0/0xc0 [ 498.925521][ T4433] ? kernfs_get+0x90/0x90 [ 498.929824][ T4433] ? cgroup_seqfile_stop+0xc0/0xc0 [ 498.934913][ T4433] kernfs_fop_write+0x2ec/0x3e0 [ 498.939754][ T4433] ? kernfs_fop_read+0x450/0x450 [ 498.944665][ T4433] __vfs_write+0x103/0x780 [ 498.949059][ T4433] ? __kernel_write+0x340/0x340 [ 498.953887][ T4433] ? check_preemption_disabled+0x9e/0x330 [ 498.959576][ T4433] ? __fget+0x40c/0x4a0 [ 498.963705][ T4433] ? debug_smp_processor_id+0x20/0x20 [ 498.969050][ T4433] ? selinux_file_permission+0x2c2/0x530 [ 498.974657][ T4433] vfs_write+0x210/0x4f0 09:26:04 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x16}, 0x48) [ 498.978883][ T4433] ksys_write+0x198/0x2c0 [ 498.983185][ T4433] ? __ia32_sys_read+0x80/0x80 [ 498.987923][ T4433] do_syscall_64+0xcb/0x1c0 [ 498.992418][ T4433] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 499.048385][ T22] audit: type=1400 audit(1675589164.620:186): avc: denied { map_create } for pid=4445 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 09:26:04 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @mcast2, 0x9}, 0x1c) [ 499.196622][ T4433] memory: usage 48kB, limit 0kB, failcnt 7039 [ 499.203162][ T4433] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 499.210358][ T4433] Memory cgroup stats for /syz0: [ 499.210432][ T4433] anon 0 [ 499.210432][ T4433] file 0 [ 499.210432][ T4433] kernel_stack 0 [ 499.210432][ T4433] slab 0 [ 499.210432][ T4433] sock 0 [ 499.210432][ T4433] shmem 0 [ 499.210432][ T4433] file_mapped 0 [ 499.210432][ T4433] file_dirty 0 [ 499.210432][ T4433] file_writeback 0 [ 499.210432][ T4433] anon_thp 0 [ 499.210432][ T4433] inactive_anon 0 [ 499.210432][ T4433] active_anon 135168 [ 499.210432][ T4433] inactive_file 0 [ 499.210432][ T4433] active_file 0 [ 499.210432][ T4433] unevictable 0 [ 499.210432][ T4433] slab_reclaimable 0 [ 499.210432][ T4433] slab_unreclaimable 0 [ 499.210432][ T4433] pgfault 102564 [ 499.210432][ T4433] pgmajfault 0 [ 499.210432][ T4433] workingset_refault 0 [ 499.210432][ T4433] workingset_activate 0 [ 499.210432][ T4433] workingset_nodereclaim 0 [ 499.210432][ T4433] pgrefill 1782 [ 499.210432][ T4433] pgscan 1486 [ 499.210432][ T4433] pgsteal 0 [ 499.210432][ T4433] pgactivate 1485 [ 499.210432][ T4433] pgdeactivate 1782 [ 499.306874][ T4433] Out of memory and no killable processes... [ 499.322452][ T4423] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 499.332686][ T4423] CPU: 0 PID: 4423 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 499.342825][ T4423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 499.352863][ T4423] Call Trace: [ 499.356140][ T4423] dump_stack+0x1d8/0x241 [ 499.360442][ T4423] ? panic+0x73e/0x73e [ 499.364576][ T4423] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 499.370353][ T4423] dump_header+0xdb/0x700 [ 499.374661][ T4423] out_of_memory+0x6d0/0x940 [ 499.379232][ T4423] ? unregister_oom_notifier+0x20/0x20 [ 499.384664][ T4423] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 499.390442][ T4423] memory_max_write+0x528/0x600 [ 499.395269][ T4423] ? memory_max_show+0xa0/0xa0 [ 499.400007][ T4423] ? memory_max_show+0xa0/0xa0 [ 499.404746][ T4423] cgroup_file_write+0x273/0x5c0 [ 499.409656][ T4423] ? cgroup_seqfile_stop+0xc0/0xc0 [ 499.414738][ T4423] ? kernfs_get+0x90/0x90 [ 499.419041][ T4423] ? cgroup_seqfile_stop+0xc0/0xc0 [ 499.424123][ T4423] kernfs_fop_write+0x2ec/0x3e0 [ 499.429314][ T4423] ? kernfs_fop_read+0x450/0x450 [ 499.434230][ T4423] __vfs_write+0x103/0x780 [ 499.438638][ T4423] ? __kernel_write+0x340/0x340 [ 499.443464][ T4423] ? check_preemption_disabled+0x9e/0x330 [ 499.449169][ T4423] ? __fget+0x40c/0x4a0 [ 499.453302][ T4423] ? debug_smp_processor_id+0x20/0x20 [ 499.458674][ T4423] ? selinux_file_permission+0x2c2/0x530 [ 499.464294][ T4423] vfs_write+0x210/0x4f0 [ 499.468515][ T4423] ksys_write+0x198/0x2c0 [ 499.472824][ T4423] ? __ia32_sys_read+0x80/0x80 [ 499.477655][ T4423] do_syscall_64+0xcb/0x1c0 [ 499.482131][ T4423] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 499.488093][ T4423] memory: usage 48kB, limit 0kB, failcnt 7039 [ 499.494166][ T4423] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 499.501023][ T4423] Memory cgroup stats for /syz0: [ 499.501097][ T4423] anon 0 [ 499.501097][ T4423] file 0 [ 499.501097][ T4423] kernel_stack 0 [ 499.501097][ T4423] slab 0 [ 499.501097][ T4423] sock 0 [ 499.501097][ T4423] shmem 0 [ 499.501097][ T4423] file_mapped 0 [ 499.501097][ T4423] file_dirty 0 [ 499.501097][ T4423] file_writeback 0 [ 499.501097][ T4423] anon_thp 0 [ 499.501097][ T4423] inactive_anon 0 [ 499.501097][ T4423] active_anon 135168 [ 499.501097][ T4423] inactive_file 0 [ 499.501097][ T4423] active_file 0 [ 499.501097][ T4423] unevictable 0 [ 499.501097][ T4423] slab_reclaimable 0 [ 499.501097][ T4423] slab_unreclaimable 0 [ 499.501097][ T4423] pgfault 102564 [ 499.501097][ T4423] pgmajfault 0 [ 499.501097][ T4423] workingset_refault 0 [ 499.501097][ T4423] workingset_activate 0 [ 499.501097][ T4423] workingset_nodereclaim 0 [ 499.501097][ T4423] pgrefill 1782 [ 499.501097][ T4423] pgscan 1486 [ 499.501097][ T4423] pgsteal 0 [ 499.501097][ T4423] pgactivate 1485 [ 499.501097][ T4423] pgdeactivate 1782 [ 499.596504][ T4423] Out of memory and no killable processes... [ 499.602527][ T4448] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 499.621031][ T4448] CPU: 1 PID: 4448 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 499.631345][ T4448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 499.641437][ T4448] Call Trace: [ 499.644720][ T4448] dump_stack+0x1d8/0x241 [ 499.649048][ T4448] ? panic+0x73e/0x73e [ 499.653100][ T4448] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 499.658892][ T4448] dump_header+0xdb/0x700 [ 499.663209][ T4448] out_of_memory+0x6d0/0x940 [ 499.667790][ T4448] ? unregister_oom_notifier+0x20/0x20 [ 499.673337][ T4448] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 499.679134][ T4448] memory_max_write+0x528/0x600 [ 499.683977][ T4448] ? memory_max_show+0xa0/0xa0 [ 499.688729][ T4448] ? memory_max_show+0xa0/0xa0 [ 499.693481][ T4448] cgroup_file_write+0x273/0x5c0 [ 499.698415][ T4448] ? cgroup_seqfile_stop+0xc0/0xc0 [ 499.703512][ T4448] ? kernfs_get+0x90/0x90 [ 499.707837][ T4448] ? cgroup_seqfile_stop+0xc0/0xc0 [ 499.712940][ T4448] kernfs_fop_write+0x2ec/0x3e0 [ 499.717782][ T4448] ? kernfs_fop_read+0x450/0x450 [ 499.722707][ T4448] __vfs_write+0x103/0x780 [ 499.727122][ T4448] ? __kernel_write+0x340/0x340 [ 499.732047][ T4448] ? check_preemption_disabled+0x9e/0x330 [ 499.737755][ T4448] ? __fget+0x40c/0x4a0 [ 499.741907][ T4448] ? debug_smp_processor_id+0x20/0x20 [ 499.747270][ T4448] ? selinux_file_permission+0x2c2/0x530 [ 499.752892][ T4448] vfs_write+0x210/0x4f0 [ 499.757123][ T4448] ksys_write+0x198/0x2c0 [ 499.761440][ T4448] ? __ia32_sys_read+0x80/0x80 [ 499.766204][ T4448] do_syscall_64+0xcb/0x1c0 [ 499.770664][ T4453] bridge0: port 1(bridge_slave_0) entered blocking state [ 499.770696][ T4448] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 499.777845][ T4453] bridge0: port 1(bridge_slave_0) entered disabled state [ 499.783834][ T4448] memory: usage 48kB, limit 0kB, failcnt 7039 [ 499.794632][ T4453] device bridge_slave_0 entered promiscuous mode [ 499.796702][ T4448] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 499.796710][ T4448] Memory cgroup stats for /syz0: [ 499.796781][ T4448] anon 0 [ 499.796781][ T4448] file 0 [ 499.796781][ T4448] kernel_stack 0 [ 499.796781][ T4448] slab 0 [ 499.796781][ T4448] sock 0 [ 499.796781][ T4448] shmem 0 [ 499.796781][ T4448] file_mapped 0 [ 499.796781][ T4448] file_dirty 0 [ 499.796781][ T4448] file_writeback 0 [ 499.796781][ T4448] anon_thp 0 [ 499.796781][ T4448] inactive_anon 0 [ 499.796781][ T4448] active_anon 135168 [ 499.796781][ T4448] inactive_file 0 [ 499.796781][ T4448] active_file 0 [ 499.796781][ T4448] unevictable 0 [ 499.796781][ T4448] slab_reclaimable 0 [ 499.796781][ T4448] slab_unreclaimable 0 [ 499.796781][ T4448] pgfault 102564 [ 499.796781][ T4448] pgmajfault 0 [ 499.796781][ T4448] workingset_refault 0 [ 499.796781][ T4448] workingset_activate 0 [ 499.796781][ T4448] workingset_nodereclaim 0 [ 499.796781][ T4448] pgrefill 1782 [ 499.796781][ T4448] pgscan 1486 [ 499.796781][ T4448] pgsteal 0 [ 499.796781][ T4448] pgactivate 1485 [ 499.796781][ T4448] pgdeactivate 1782 [ 499.905644][ T4448] Out of memory and no killable processes... [ 499.931893][ T4453] bridge0: port 2(bridge_slave_1) entered blocking state [ 499.938969][ T4453] bridge0: port 2(bridge_slave_1) entered disabled state [ 499.946892][ T4453] device bridge_slave_1 entered promiscuous mode [ 499.955973][ T801] device bridge_slave_1 left promiscuous mode [ 499.962081][ T801] bridge0: port 2(bridge_slave_1) entered disabled state [ 499.969508][ T801] device bridge_slave_0 left promiscuous mode [ 499.975623][ T801] bridge0: port 1(bridge_slave_0) entered disabled state [ 500.094824][ T4453] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.101871][ T4453] bridge0: port 2(bridge_slave_1) entered forwarding state [ 500.109149][ T4453] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.116174][ T4453] bridge0: port 1(bridge_slave_0) entered forwarding state [ 500.136898][ T381] bridge0: port 1(bridge_slave_0) entered disabled state [ 500.144194][ T381] bridge0: port 2(bridge_slave_1) entered disabled state [ 500.152059][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 500.159538][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 500.175510][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 500.183629][ T381] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.190657][ T381] bridge0: port 1(bridge_slave_0) entered forwarding state [ 500.198329][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 500.206732][ T381] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.213728][ T381] bridge0: port 2(bridge_slave_1) entered forwarding state [ 500.221450][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 500.229374][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 500.244078][ T1366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 500.255257][ T3130] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 500.274985][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 500.283364][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 500.292041][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready 09:26:06 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:26:06 executing program 1: r0 = syz_open_dev$loop(&(0x7f00000000c0), 0x0, 0x0) ioctl$LOOP_GET_STATUS64(r0, 0x401870c8, 0x0) 09:26:06 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) getpgrp(0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:26:06 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:26:06 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(0x0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:26:06 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:26:06 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)=ANY=[@ANYBLOB="18"], 0x2c}}, 0x0) 09:26:06 executing program 1: socketpair$unix(0x1, 0x8818a72e9c68e6f7, 0x0, 0x0) 09:26:06 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8927, &(0x7f0000000080)={'xfrm0\x00', 0x0}) 09:26:06 executing program 1: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFC_CMD_GET_SE(r0, &(0x7f0000002000)={&(0x7f0000001f40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001fc0)={&(0x7f0000001f80)={0x14}, 0x14}}, 0x0) 09:26:06 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFC_CMD_GET_SE(r0, &(0x7f0000002000)={&(0x7f0000001f40)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001fc0)={&(0x7f0000001f80)={0x14}, 0x14}}, 0x0) [ 501.911286][ T4483] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 501.921490][ T4483] CPU: 1 PID: 4483 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 501.931622][ T4483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 501.941665][ T4483] Call Trace: [ 501.944944][ T4483] dump_stack+0x1d8/0x241 [ 501.949257][ T4483] ? panic+0x73e/0x73e [ 501.953310][ T4483] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 501.959097][ T4483] ? _raw_spin_lock+0xa3/0x1b0 [ 501.963843][ T4483] ? asan.module_dtor+0x20/0x20 [ 501.968676][ T4483] dump_header+0xdb/0x700 [ 501.972989][ T4483] oom_kill_process+0xf0/0x2d0 [ 501.977735][ T4483] out_of_memory+0x666/0x940 [ 501.982306][ T4483] ? unregister_oom_notifier+0x20/0x20 [ 501.987746][ T4483] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 501.993542][ T4483] memory_max_write+0x528/0x600 [ 501.998392][ T4483] ? memory_max_show+0xa0/0xa0 [ 502.003149][ T4483] ? memory_max_show+0xa0/0xa0 09:26:07 executing program 1: bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0xa, 0x4, &(0x7f0000000000)=@framed={{}, [@jmp={0x7, 0x1}]}, &(0x7f00000000c0)='syzkaller\x00', 0x2, 0x83, &(0x7f0000000100)=""/131, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) [ 502.007900][ T4483] cgroup_file_write+0x273/0x5c0 [ 502.012827][ T4483] ? cgroup_seqfile_stop+0xc0/0xc0 [ 502.017932][ T4483] ? kernfs_get+0x90/0x90 [ 502.022253][ T4483] ? cgroup_seqfile_stop+0xc0/0xc0 [ 502.027348][ T4483] kernfs_fop_write+0x2ec/0x3e0 [ 502.032194][ T4483] ? kernfs_fop_read+0x450/0x450 [ 502.037120][ T4483] __vfs_write+0x103/0x780 [ 502.041529][ T4483] ? __kernel_write+0x340/0x340 [ 502.046364][ T4483] ? check_preemption_disabled+0x9e/0x330 [ 502.052076][ T4483] ? __fget+0x40c/0x4a0 [ 502.056319][ T4483] ? debug_smp_processor_id+0x20/0x20 09:26:07 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) [ 502.061678][ T4483] ? selinux_file_permission+0x2c2/0x530 [ 502.067312][ T4483] vfs_write+0x210/0x4f0 [ 502.071546][ T4483] ksys_write+0x198/0x2c0 [ 502.075864][ T4483] ? __ia32_sys_read+0x80/0x80 [ 502.080616][ T4483] do_syscall_64+0xcb/0x1c0 [ 502.085108][ T4483] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 502.091231][ T4483] memory: usage 4300kB, limit 0kB, failcnt 7039 [ 502.097497][ T4483] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 502.104320][ T4483] Memory cgroup stats for /syz0: 09:26:07 executing program 1: syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000f80), 0xffffffffffffffff) [ 502.104400][ T4483] anon 94208 [ 502.104400][ T4483] file 0 [ 502.104400][ T4483] kernel_stack 0 [ 502.104400][ T4483] slab 0 [ 502.104400][ T4483] sock 0 [ 502.104400][ T4483] shmem 0 [ 502.104400][ T4483] file_mapped 0 [ 502.104400][ T4483] file_dirty 0 [ 502.104400][ T4483] file_writeback 0 [ 502.104400][ T4483] anon_thp 0 [ 502.104400][ T4483] inactive_anon 0 [ 502.104400][ T4483] active_anon 270336 [ 502.104400][ T4483] inactive_file 0 [ 502.104400][ T4483] active_file 0 [ 502.104400][ T4483] unevictable 0 [ 502.104400][ T4483] slab_reclaimable 0 [ 502.104400][ T4483] slab_unreclaimable 0 [ 502.104400][ T4483] pgfault 106821 [ 502.104400][ T4483] pgmajfault 0 [ 502.104400][ T4483] workingset_refault 0 [ 502.104400][ T4483] workingset_activate 0 [ 502.104400][ T4483] workingset_nodereclaim 0 [ 502.104400][ T4483] pgrefill 1782 [ 502.104400][ T4483] pgscan 1486 [ 502.104400][ T4483] pgsteal 0 [ 502.104400][ T4483] pgactivate 1485 [ 502.104400][ T4483] pgdeactivate 1782 [ 502.200641][ T4483] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4471,uid=0 [ 502.215917][ T4493] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 502.239830][ T4493] CPU: 1 PID: 4493 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 502.250034][ T4493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 502.260067][ T4493] Call Trace: [ 502.263374][ T4493] dump_stack+0x1d8/0x241 [ 502.267770][ T4493] ? panic+0x73e/0x73e [ 502.271850][ T4493] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 502.277630][ T4493] ? _raw_spin_lock+0xa3/0x1b0 [ 502.282371][ T4493] ? asan.module_dtor+0x20/0x20 [ 502.287194][ T4493] dump_header+0xdb/0x700 [ 502.291498][ T4493] oom_kill_process+0xf0/0x2d0 [ 502.296234][ T4493] out_of_memory+0x666/0x940 [ 502.300810][ T4493] ? unregister_oom_notifier+0x20/0x20 [ 502.306349][ T4493] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 502.312125][ T4493] memory_max_write+0x528/0x600 [ 502.316959][ T4493] ? memory_max_show+0xa0/0xa0 [ 502.321693][ T4493] ? memory_max_show+0xa0/0xa0 [ 502.326431][ T4493] cgroup_file_write+0x273/0x5c0 [ 502.331339][ T4493] ? cgroup_seqfile_stop+0xc0/0xc0 [ 502.336426][ T4493] ? kernfs_get+0x90/0x90 [ 502.340728][ T4493] ? cgroup_seqfile_stop+0xc0/0xc0 [ 502.345821][ T4493] kernfs_fop_write+0x2ec/0x3e0 [ 502.350643][ T4493] ? kernfs_fop_read+0x450/0x450 [ 502.355548][ T4493] __vfs_write+0x103/0x780 [ 502.359938][ T4493] ? __kernel_write+0x340/0x340 [ 502.364759][ T4493] ? check_preemption_disabled+0x9e/0x330 [ 502.370449][ T4493] ? __fget+0x40c/0x4a0 [ 502.374585][ T4493] ? debug_smp_processor_id+0x20/0x20 [ 502.379928][ T4493] ? selinux_file_permission+0x2c2/0x530 [ 502.385531][ T4493] vfs_write+0x210/0x4f0 [ 502.389743][ T4493] ksys_write+0x198/0x2c0 [ 502.394061][ T4493] ? __ia32_sys_read+0x80/0x80 [ 502.398795][ T4493] do_syscall_64+0xcb/0x1c0 [ 502.403269][ T4493] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 502.417238][ T4493] memory: usage 84kB, limit 0kB, failcnt 7055 [ 502.423344][ T4493] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 502.430704][ T4493] Memory cgroup stats for /syz0: [ 502.430778][ T4493] anon 94208 [ 502.430778][ T4493] file 0 [ 502.430778][ T4493] kernel_stack 0 [ 502.430778][ T4493] slab 0 [ 502.430778][ T4493] sock 0 [ 502.430778][ T4493] shmem 0 [ 502.430778][ T4493] file_mapped 0 [ 502.430778][ T4493] file_dirty 0 [ 502.430778][ T4493] file_writeback 0 [ 502.430778][ T4493] anon_thp 0 [ 502.430778][ T4493] inactive_anon 0 [ 502.430778][ T4493] active_anon 135168 [ 502.430778][ T4493] inactive_file 0 [ 502.430778][ T4493] active_file 0 [ 502.430778][ T4493] unevictable 0 [ 502.430778][ T4493] slab_reclaimable 0 [ 502.430778][ T4493] slab_unreclaimable 0 [ 502.430778][ T4493] pgfault 106821 [ 502.430778][ T4493] pgmajfault 0 [ 502.430778][ T4493] workingset_refault 0 [ 502.430778][ T4493] workingset_activate 0 [ 502.430778][ T4493] workingset_nodereclaim 0 [ 502.430778][ T4493] pgrefill 1782 [ 502.430778][ T4493] pgscan 1486 [ 502.430778][ T4493] pgsteal 0 [ 502.430778][ T4493] pgactivate 1485 [ 502.430778][ T4493] pgdeactivate 1782 [ 502.528081][ T4493] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4453,uid=0 [ 502.543414][ T4493] Memory cgroup out of memory: Killed process 4453 (syz-executor.0) total-vm:48508kB, anon-rss:448kB, file-rss:14336kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:0 09:26:08 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:26:08 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:26:08 executing program 1: bpf$OBJ_PIN_MAP(0x6, &(0x7f0000001340)={0x0, 0x1}, 0x10) 09:26:08 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:26:08 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:26:08 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(0x0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:26:08 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$net_dm(&(0x7f0000001400), r0) 09:26:08 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000480)='/proc/self/exe\x00', 0x0, 0x0) flistxattr(r0, &(0x7f0000000080)=""/120, 0xe) 09:26:08 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x78, 0x4) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38}, 0x0) r4 = syz_clone3(&(0x7f0000000a00)={0x40b86000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200087e8, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78050a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e756d44ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="1c0100000000010000000000fedbdf25ff0000006186f90b81daee70b9810900e8859db117f449d7d1d2869f916865253f07ec10ead59da6cfc1f44b5a7600e26e2efd58c2d13ecf09cbf1db90a319f7871e7f94a2d487af9de0a2fd0d38561e43489c31a105fccdd151b6ca7d4fd4f54a1aace0497f66e1d7f6f98c687de4a5ca42f1bbdf409142eb6cae41e3c87a13d3343088589683f8dd2c3a88ac261c9ad11b847e78bc11ff4949803092d252c5160764d4fc18c43712ed25e27efa9d23b5beb5b1d1288a742c2bfc2e321167d66ce0c896d3576f6e9945ac61756924853541dc5a90b54014b0a07c73d66650de2a127ccc27286823538b4dab8d06f6c9b32742703d42aa7c95a4e00008001e00000000009f000000"], 0x11c}], 0x1}, 0x0) r7 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x3a0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000001740)=ANY=[@ANYBLOB="c40300001a00000425bd7000fedbdf259401888004439695a6eaf8cf070c76bbebf80f2d970e0128991ef385348e417b24958d98604514182f9b412cba971e40ad799544d6b7ea6e1c9102b90e89b34d166036e3c9205761bdb2eb11c9fcbe1b82306bace99865a02b4d11902480c760896516f0b142dc3786f933a22cab43fa334bc2bacdab61fc29256edb7c620a5831f1371b70f908006600ac1e0001907e93c2652f13ac6da2be4b3c0baca9e5ec54c0e2080302a95651aed54a67473148c6cf7b424ff4a9a2644789229eaa699c6d5acb90c1bcfdf3ae05d91f0d6848483fc4af28aeb367c849ad34632c5b3467a5dd7252fdb97d9ff0f71efaff624ae5c3270a33371e4c2e38b7a6e5377abbca3b1b07af3596a93e43709db931ac80d578d0681dcd0361571d4cd67a36027cb16c09d5d8770614184c862c13e3c5a2b04970c173cdffffd9edda63c9dbe03d9cf9c4bd539ad02168b5171bd7b3dbec4c6e6dcfa914002e00ff0200000000000000000000000000010c007e00080000000000000014002600fe8000000000000000000000000000bb0c00050081000000000000008a014b80d4002700ad1df2d9bee741269d07dd2012f6e8fca3154bf9faf80513a8ac47c1fb2b87c6192c19ecc4b371497dc2e6bac72bee6ad4444767933ac08412c9301aee5984ad0cf7397fc51abb942f06a90110df030ac85e30ae38a0151ed06d169c0d7fa5f793fa2b8625df1ffd6f816a975c24f436ca7d40d63d8d4a436a5b85f449928a32481ffbd5f97f6e801e1de689d86c745819a1f0e954605372d94d3b7088514c399643d8c62198e585b3beddb904a4942f7bc901e930770b61851f284d6eff2a1609845a6f9569c7905e74a9e870f3a9b735df5bfa63382f9debc2d5aee616ea10116e17380297ff11e1a6c2e61e6c3aba0fd6944438755a081230811326dfbf76339bee55c9447d7fc363505d8640a59ea13a452d59da6f04f9e0aca66a483e4fc376b89d7501412d954c6669f4e977143075992a337abbf80494b3723e7c338e52a4954b46beb1d00457f3d436f80cc11e76d900daad459015fb0d72b4815d0dea7d6601b5dc6c88c1f4ec3d9d8fcdaf02bea8d81ed7f128b4b6f3c770efdb17ad57acb3a3c5b9f8bb38e5afe7458200000c0025000d0600000000000019d40c54cac52507445acd313d0d05f5a01dd71df7196adc78bc6be3fd93da2515f145cb20be49f7a7808f4b12628d731f1ea8ceddc39be5abf14ed99f762913e2d59b0ba5631581ee8da37027f26bf74ca761e3fe7cef80f6885c4f72b7954a9857a71c427935a790d3005ca979d4d406709d5c2ee6d8235ec9a9adecef9c4f7082b00bb3497b428d46f4ccdeff596f8aac2925715ee1946f1d8e7dc2ab2c3a113b5fe6ce8c7ad2657a0de1cf70801e3520660fd2c8ce058c74df19f0e74d9167e5c9da1cb3f3b6f11193145a08c61bf2c48ba79dce9d39ea5632f2b9c5dd4f56dedc83aded77a905b8b05e539c2a9cd66339c7a393545328a78c76d914d5a9e57ecc3735c1f83a78d61580bf12bb66296cd19b5d4ed0eed79c3f228117d41228d166f0793ba8ed4b31f4fdd296b7b1bb8d27596eb10d4389ea1a378b05a484631223"], 0x3c4}], 0x1, &(0x7f0000000780)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [r7, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r3, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r2, r3]}}], 0xf8, 0x40800}, 0x24020) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000340)={{0x21, @dev={0xac, 0x14, 0x14, 0x41}, 0x4e22, 0x1, 'lblcr\x00', 0x1, 0x1000, 0x70}, {@remote, 0x4e21, 0x10000, 0x1000, 0xfffffff9, 0x3}}, 0x44) 09:26:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f0000000040)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f000f011c268ee0", 0x3e}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000009000/0x18000)=nil, &(0x7f00000001c0)=[@textreal={0x8, &(0x7f0000000140)="260f001f0f40deba4200ed0f013966b9d90200000f320f0131b8a90b8ed00fc79e0000640faefb2ef3ad", 0x2a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x3, 0x0, 0x0, 0x0, 0x7d, 0x2004c7], 0x0, 0xe02}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 502.686776][ T4513] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 502.697079][ T4513] CPU: 0 PID: 4513 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 502.707213][ T4513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 502.717265][ T4513] Call Trace: [ 502.720546][ T4513] dump_stack+0x1d8/0x241 [ 502.724866][ T4513] ? panic+0x73e/0x73e [ 502.728919][ T4513] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 502.734708][ T4513] dump_header+0xdb/0x700 [ 502.739023][ T4513] out_of_memory+0x6d0/0x940 [ 502.743596][ T4513] ? unregister_oom_notifier+0x20/0x20 [ 502.749033][ T4513] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 502.754822][ T4513] memory_max_write+0x528/0x600 [ 502.759656][ T4513] ? memory_max_show+0xa0/0xa0 [ 502.764404][ T4513] ? memory_max_show+0xa0/0xa0 [ 502.769156][ T4513] cgroup_file_write+0x273/0x5c0 [ 502.774076][ T4513] ? cgroup_seqfile_stop+0xc0/0xc0 [ 502.779170][ T4513] ? kernfs_get+0x90/0x90 [ 502.783485][ T4513] ? cgroup_seqfile_stop+0xc0/0xc0 [ 502.788578][ T4513] kernfs_fop_write+0x2ec/0x3e0 [ 502.793424][ T4513] ? kernfs_fop_read+0x450/0x450 [ 502.798540][ T4513] __vfs_write+0x103/0x780 [ 502.803046][ T4513] ? __kernel_write+0x340/0x340 [ 502.807893][ T4513] ? check_preemption_disabled+0x9e/0x330 [ 502.813607][ T4513] ? __fget+0x40c/0x4a0 [ 502.817754][ T4513] ? debug_smp_processor_id+0x20/0x20 [ 502.823115][ T4513] ? selinux_file_permission+0x2c2/0x530 [ 502.828789][ T4513] vfs_write+0x210/0x4f0 [ 502.833022][ T4513] ksys_write+0x198/0x2c0 [ 502.837375][ T4513] ? __ia32_sys_read+0x80/0x80 [ 502.842125][ T4513] do_syscall_64+0xcb/0x1c0 [ 502.846609][ T4513] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 502.852597][ T4513] memory: usage 48kB, limit 0kB, failcnt 7057 [ 502.858692][ T4513] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 502.865535][ T4513] Memory cgroup stats for /syz0: [ 502.865614][ T4513] anon 0 [ 502.865614][ T4513] file 0 [ 502.865614][ T4513] kernel_stack 0 [ 502.865614][ T4513] slab 0 [ 502.865614][ T4513] sock 0 [ 502.865614][ T4513] shmem 0 [ 502.865614][ T4513] file_mapped 0 [ 502.865614][ T4513] file_dirty 0 [ 502.865614][ T4513] file_writeback 0 [ 502.865614][ T4513] anon_thp 0 [ 502.865614][ T4513] inactive_anon 0 [ 502.865614][ T4513] active_anon 135168 [ 502.865614][ T4513] inactive_file 0 [ 502.865614][ T4513] active_file 0 [ 502.865614][ T4513] unevictable 0 [ 502.865614][ T4513] slab_reclaimable 0 [ 502.865614][ T4513] slab_unreclaimable 0 [ 502.865614][ T4513] pgfault 106821 [ 502.865614][ T4513] pgmajfault 0 [ 502.865614][ T4513] workingset_refault 0 [ 502.865614][ T4513] workingset_activate 0 [ 502.865614][ T4513] workingset_nodereclaim 0 [ 502.865614][ T4513] pgrefill 1782 [ 502.865614][ T4513] pgscan 1486 [ 502.865614][ T4513] pgsteal 0 [ 502.865614][ T4513] pgactivate 1485 [ 502.865614][ T4513] pgdeactivate 1782 [ 502.961585][ T4513] Out of memory and no killable processes... [ 502.967599][ T4515] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 502.977910][ T4515] CPU: 1 PID: 4515 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 502.988046][ T4515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 503.001045][ T4515] Call Trace: [ 503.004337][ T4515] dump_stack+0x1d8/0x241 [ 503.008666][ T4515] ? panic+0x73e/0x73e [ 503.012736][ T4515] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 503.018539][ T4515] dump_header+0xdb/0x700 [ 503.023049][ T4515] out_of_memory+0x6d0/0x940 [ 503.027642][ T4515] ? unregister_oom_notifier+0x20/0x20 [ 503.033101][ T4515] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 503.038904][ T4515] memory_max_write+0x528/0x600 [ 503.043760][ T4515] ? memory_max_show+0xa0/0xa0 [ 503.048529][ T4515] ? memory_max_show+0xa0/0xa0 [ 503.053312][ T4515] cgroup_file_write+0x273/0x5c0 [ 503.058251][ T4515] ? cgroup_seqfile_stop+0xc0/0xc0 [ 503.063360][ T4515] ? kernfs_get+0x90/0x90 [ 503.067690][ T4515] ? cgroup_seqfile_stop+0xc0/0xc0 [ 503.072797][ T4515] kernfs_fop_write+0x2ec/0x3e0 [ 503.077647][ T4515] ? kernfs_fop_read+0x450/0x450 [ 503.082583][ T4515] __vfs_write+0x103/0x780 [ 503.087004][ T4515] ? __kernel_write+0x340/0x340 [ 503.091852][ T4515] ? check_preemption_disabled+0x9e/0x330 [ 503.097564][ T4515] ? __fget+0x40c/0x4a0 [ 503.101717][ T4515] ? debug_smp_processor_id+0x20/0x20 [ 503.107097][ T4515] ? selinux_file_permission+0x2c2/0x530 [ 503.112727][ T4515] vfs_write+0x210/0x4f0 [ 503.116963][ T4515] ksys_write+0x198/0x2c0 [ 503.121290][ T4515] ? __ia32_sys_read+0x80/0x80 [ 503.126041][ T4515] do_syscall_64+0xcb/0x1c0 [ 503.130545][ T4515] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 503.136496][ T4515] memory: usage 48kB, limit 0kB, failcnt 7057 [ 503.142570][ T4515] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 503.149419][ T4515] Memory cgroup stats for /syz0: [ 503.149485][ T4515] anon 0 [ 503.149485][ T4515] file 0 [ 503.149485][ T4515] kernel_stack 0 [ 503.149485][ T4515] slab 0 [ 503.149485][ T4515] sock 0 [ 503.149485][ T4515] shmem 0 [ 503.149485][ T4515] file_mapped 0 [ 503.149485][ T4515] file_dirty 0 [ 503.149485][ T4515] file_writeback 0 [ 503.149485][ T4515] anon_thp 0 [ 503.149485][ T4515] inactive_anon 0 [ 503.149485][ T4515] active_anon 135168 [ 503.149485][ T4515] inactive_file 0 [ 503.149485][ T4515] active_file 0 [ 503.149485][ T4515] unevictable 0 [ 503.149485][ T4515] slab_reclaimable 0 [ 503.149485][ T4515] slab_unreclaimable 0 [ 503.149485][ T4515] pgfault 106821 [ 503.149485][ T4515] pgmajfault 0 [ 503.149485][ T4515] workingset_refault 0 [ 503.149485][ T4515] workingset_activate 0 [ 503.149485][ T4515] workingset_nodereclaim 0 [ 503.149485][ T4515] pgrefill 1782 [ 503.149485][ T4515] pgscan 1519 [ 503.149485][ T4515] pgsteal 0 [ 503.149485][ T4515] pgactivate 1485 [ 503.149485][ T4515] pgdeactivate 1782 [ 503.245284][ T4515] Out of memory and no killable processes... [ 503.251309][ T4517] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 503.261662][ T4517] CPU: 0 PID: 4517 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 503.271845][ T4517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 503.281892][ T4517] Call Trace: [ 503.285178][ T4517] dump_stack+0x1d8/0x241 [ 503.289503][ T4517] ? panic+0x73e/0x73e [ 503.293562][ T4517] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 503.299356][ T4517] dump_header+0xdb/0x700 [ 503.304129][ T4517] out_of_memory+0x6d0/0x940 [ 503.308713][ T4517] ? unregister_oom_notifier+0x20/0x20 [ 503.314198][ T4517] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 503.320001][ T4517] memory_max_write+0x528/0x600 [ 503.324859][ T4517] ? memory_max_show+0xa0/0xa0 [ 503.329621][ T4517] ? memory_max_show+0xa0/0xa0 [ 503.334391][ T4517] cgroup_file_write+0x273/0x5c0 [ 503.339332][ T4517] ? cgroup_seqfile_stop+0xc0/0xc0 [ 503.344437][ T4517] ? kernfs_get+0x90/0x90 [ 503.348766][ T4517] ? cgroup_seqfile_stop+0xc0/0xc0 [ 503.353873][ T4517] kernfs_fop_write+0x2ec/0x3e0 [ 503.358720][ T4517] ? kernfs_fop_read+0x450/0x450 [ 503.363647][ T4517] __vfs_write+0x103/0x780 [ 503.368059][ T4517] ? __kernel_write+0x340/0x340 [ 503.372904][ T4517] ? check_preemption_disabled+0x9e/0x330 [ 503.378609][ T4517] ? __fget+0x40c/0x4a0 [ 503.382749][ T4517] ? debug_smp_processor_id+0x20/0x20 [ 503.388112][ T4517] ? selinux_file_permission+0x2c2/0x530 [ 503.393834][ T4517] vfs_write+0x210/0x4f0 [ 503.398074][ T4517] ksys_write+0x198/0x2c0 [ 503.402746][ T4517] ? __ia32_sys_read+0x80/0x80 [ 503.407501][ T4517] do_syscall_64+0xcb/0x1c0 [ 503.411997][ T4517] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 503.417954][ T4517] memory: usage 48kB, limit 0kB, failcnt 7057 [ 503.424009][ T4517] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 503.430865][ T4517] Memory cgroup stats for /syz0: [ 503.430938][ T4517] anon 0 [ 503.430938][ T4517] file 0 [ 503.430938][ T4517] kernel_stack 0 [ 503.430938][ T4517] slab 0 [ 503.430938][ T4517] sock 0 [ 503.430938][ T4517] shmem 0 [ 503.430938][ T4517] file_mapped 0 [ 503.430938][ T4517] file_dirty 0 [ 503.430938][ T4517] file_writeback 0 [ 503.430938][ T4517] anon_thp 0 [ 503.430938][ T4517] inactive_anon 0 [ 503.430938][ T4517] active_anon 135168 [ 503.430938][ T4517] inactive_file 0 [ 503.430938][ T4517] active_file 0 [ 503.430938][ T4517] unevictable 0 [ 503.430938][ T4517] slab_reclaimable 0 09:26:09 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:26:09 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:26:09 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) getpgrp(r0) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 503.430938][ T4517] slab_unreclaimable 0 [ 503.430938][ T4517] pgfault 106821 [ 503.430938][ T4517] pgmajfault 0 [ 503.430938][ T4517] workingset_refault 0 [ 503.430938][ T4517] workingset_activate 0 [ 503.430938][ T4517] workingset_nodereclaim 0 [ 503.430938][ T4517] pgrefill 1782 [ 503.430938][ T4517] pgscan 1519 [ 503.430938][ T4517] pgsteal 0 [ 503.430938][ T4517] pgactivate 1485 [ 503.430938][ T4517] pgdeactivate 1782 [ 503.526239][ T4517] Out of memory and no killable processes... [ 503.674050][ T4531] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 503.684378][ T4531] CPU: 0 PID: 4531 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 503.694508][ T4531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 503.704639][ T4531] Call Trace: [ 503.707922][ T4531] dump_stack+0x1d8/0x241 [ 503.712239][ T4531] ? panic+0x73e/0x73e [ 503.716294][ T4531] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 503.722085][ T4531] ? out_of_memory+0x1f0/0x940 [ 503.726831][ T4531] dump_header+0xdb/0x700 [ 503.731146][ T4531] out_of_memory+0x6d0/0x940 [ 503.735720][ T4531] ? unregister_oom_notifier+0x20/0x20 [ 503.741198][ T4531] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 503.746988][ T4531] memory_max_write+0x528/0x600 [ 503.751821][ T4531] ? memory_max_show+0xa0/0xa0 [ 503.756570][ T4531] ? memory_max_show+0xa0/0xa0 [ 503.761319][ T4531] cgroup_file_write+0x273/0x5c0 [ 503.766244][ T4531] ? check_memory_region+0x74/0x2d0 [ 503.771433][ T4531] ? cgroup_seqfile_stop+0xc0/0xc0 [ 503.776530][ T4531] ? kernfs_get+0x90/0x90 [ 503.780853][ T4531] ? cgroup_seqfile_stop+0xc0/0xc0 [ 503.785957][ T4531] kernfs_fop_write+0x2ec/0x3e0 [ 503.790796][ T4531] ? kernfs_fop_read+0x450/0x450 [ 503.795721][ T4531] __vfs_write+0x103/0x780 [ 503.800215][ T4531] ? __kernel_write+0x340/0x340 [ 503.805053][ T4531] ? preempt_schedule+0xd9/0xe0 [ 503.809893][ T4531] ? schedule_preempt_disabled+0x20/0x20 [ 503.815516][ T4531] ? check_preemption_disabled+0x9e/0x330 [ 503.821348][ T4531] ? __fget+0x40c/0x4a0 [ 503.825498][ T4531] ? reschedule_interrupt+0xa/0x20 [ 503.830601][ T4531] ? ___preempt_schedule+0x16/0x20 [ 503.835704][ T4531] ? __sb_start_write+0xb6/0x170 [ 503.840637][ T4531] ? __sb_start_write+0x113/0x170 [ 503.845653][ T4531] vfs_write+0x210/0x4f0 [ 503.849895][ T4531] ksys_write+0x198/0x2c0 [ 503.854221][ T4531] ? __ia32_sys_read+0x80/0x80 [ 503.858979][ T4531] do_syscall_64+0xcb/0x1c0 [ 503.863480][ T4531] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 503.869531][ T4531] memory: usage 48kB, limit 0kB, failcnt 7057 [ 503.875655][ T4531] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 503.882478][ T4531] Memory cgroup stats for /syz0: [ 503.882553][ T4531] anon 0 [ 503.882553][ T4531] file 0 [ 503.882553][ T4531] kernel_stack 0 [ 503.882553][ T4531] slab 0 [ 503.882553][ T4531] sock 0 [ 503.882553][ T4531] shmem 0 [ 503.882553][ T4531] file_mapped 0 [ 503.882553][ T4531] file_dirty 0 [ 503.882553][ T4531] file_writeback 0 [ 503.882553][ T4531] anon_thp 0 [ 503.882553][ T4531] inactive_anon 0 [ 503.882553][ T4531] active_anon 135168 [ 503.882553][ T4531] inactive_file 0 [ 503.882553][ T4531] active_file 0 [ 503.882553][ T4531] unevictable 0 [ 503.882553][ T4531] slab_reclaimable 0 [ 503.882553][ T4531] slab_unreclaimable 0 [ 503.882553][ T4531] pgfault 106821 [ 503.882553][ T4531] pgmajfault 0 [ 503.882553][ T4531] workingset_refault 0 [ 503.882553][ T4531] workingset_activate 0 [ 503.882553][ T4531] workingset_nodereclaim 0 [ 503.882553][ T4531] pgrefill 1815 [ 503.882553][ T4531] pgscan 1552 [ 503.882553][ T4531] pgsteal 0 [ 503.882553][ T4531] pgactivate 1551 [ 503.882553][ T4531] pgdeactivate 1815 [ 503.978479][ T4531] Out of memory and no killable processes... [ 503.984524][ T4530] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 503.994877][ T4530] CPU: 0 PID: 4530 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 504.005580][ T4530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 504.015629][ T4530] Call Trace: [ 504.018916][ T4530] dump_stack+0x1d8/0x241 09:26:09 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r4 = openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r6, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r5, 0x0, 0x0) 09:26:09 executing program 1: sched_rr_get_interval(0xffffffffffffffff, &(0x7f0000000040)) openat(0xffffffffffffffff, &(0x7f0000000480)='/proc/self/exe\x00', 0x0, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000480)='/proc/self/exe\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000140)={{}, {0x1, 0x2}, [], {}, [{}, {}, {}]}, 0x3c, 0x0) [ 504.023244][ T4530] ? panic+0x73e/0x73e [ 504.027306][ T4530] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 504.033111][ T4530] dump_header+0xdb/0x700 [ 504.037435][ T4530] out_of_memory+0x6d0/0x940 [ 504.042015][ T4530] ? unregister_oom_notifier+0x20/0x20 [ 504.047463][ T4530] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 504.053267][ T4530] memory_max_write+0x528/0x600 [ 504.058114][ T4530] ? memory_max_show+0xa0/0xa0 [ 504.062867][ T4530] ? memory_max_show+0xa0/0xa0 [ 504.067629][ T4530] cgroup_file_write+0x273/0x5c0 [ 504.072558][ T4530] ? cgroup_seqfile_stop+0xc0/0xc0 [ 504.077673][ T4530] ? kernfs_get+0x90/0x90 [ 504.082147][ T4530] ? cgroup_seqfile_stop+0xc0/0xc0 [ 504.087335][ T4530] kernfs_fop_write+0x2ec/0x3e0 [ 504.092193][ T4530] ? kernfs_fop_read+0x450/0x450 [ 504.097212][ T4530] __vfs_write+0x103/0x780 [ 504.102097][ T4530] ? __kernel_write+0x340/0x340 [ 504.106935][ T4530] ? check_preemption_disabled+0x9e/0x330 [ 504.112760][ T4530] ? __fget+0x40c/0x4a0 [ 504.116905][ T4530] ? debug_smp_processor_id+0x20/0x20 [ 504.122311][ T4530] ? selinux_file_permission+0x2c2/0x530 [ 504.127936][ T4530] vfs_write+0x210/0x4f0 [ 504.132166][ T4530] ksys_write+0x198/0x2c0 [ 504.136480][ T4530] ? __ia32_sys_read+0x80/0x80 [ 504.141230][ T4530] do_syscall_64+0xcb/0x1c0 [ 504.145722][ T4530] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 504.151656][ T4530] memory: usage 48kB, limit 0kB, failcnt 7057 [ 504.157731][ T4530] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 504.164555][ T4530] Memory cgroup stats for /syz0: [ 504.164636][ T4530] anon 0 [ 504.164636][ T4530] file 0 [ 504.164636][ T4530] kernel_stack 0 [ 504.164636][ T4530] slab 0 [ 504.164636][ T4530] sock 0 [ 504.164636][ T4530] shmem 0 [ 504.164636][ T4530] file_mapped 0 [ 504.164636][ T4530] file_dirty 0 [ 504.164636][ T4530] file_writeback 0 [ 504.164636][ T4530] anon_thp 0 [ 504.164636][ T4530] inactive_anon 0 [ 504.164636][ T4530] active_anon 135168 [ 504.164636][ T4530] inactive_file 0 [ 504.164636][ T4530] active_file 0 [ 504.164636][ T4530] unevictable 0 [ 504.164636][ T4530] slab_reclaimable 0 [ 504.164636][ T4530] slab_unreclaimable 0 [ 504.164636][ T4530] pgfault 106821 [ 504.164636][ T4530] pgmajfault 0 [ 504.164636][ T4530] workingset_refault 0 [ 504.164636][ T4530] workingset_activate 0 [ 504.164636][ T4530] workingset_nodereclaim 0 [ 504.164636][ T4530] pgrefill 1815 [ 504.164636][ T4530] pgscan 1552 [ 504.164636][ T4530] pgsteal 0 [ 504.164636][ T4530] pgactivate 1551 [ 504.164636][ T4530] pgdeactivate 1815 [ 504.260354][ T4530] Out of memory and no killable processes... [ 504.267519][ T4534] syz-executor.4 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 504.294114][ T4534] CPU: 0 PID: 4534 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 504.304293][ T4534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 504.314329][ T4534] Call Trace: [ 504.317601][ T4534] dump_stack+0x1d8/0x241 [ 504.321904][ T4534] ? panic+0x73e/0x73e [ 504.325943][ T4534] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 504.331734][ T4534] ? preempt_schedule_common+0xb7/0xe0 [ 504.337166][ T4534] dump_header+0xdb/0x700 [ 504.341471][ T4534] out_of_memory+0x6d0/0x940 [ 504.346037][ T4534] ? unregister_oom_notifier+0x20/0x20 [ 504.351468][ T4534] memory_max_write+0x528/0x600 [ 504.356311][ T4534] ? memory_max_show+0xa0/0xa0 [ 504.361068][ T4534] ? memory_max_show+0xa0/0xa0 [ 504.365820][ T4534] cgroup_file_write+0x273/0x5c0 [ 504.370730][ T4534] ? cgroup_seqfile_stop+0xc0/0xc0 [ 504.375815][ T4534] ? kernfs_get+0x90/0x90 [ 504.380118][ T4534] ? cgroup_seqfile_stop+0xc0/0xc0 [ 504.385203][ T4534] kernfs_fop_write+0x2ec/0x3e0 [ 504.390039][ T4534] ? kernfs_fop_read+0x450/0x450 [ 504.394947][ T4534] __vfs_write+0x103/0x780 [ 504.399337][ T4534] ? __kernel_write+0x340/0x340 [ 504.404170][ T4534] ? check_preemption_disabled+0x9e/0x330 [ 504.409862][ T4534] ? __fget+0x40c/0x4a0 [ 504.413989][ T4534] ? debug_smp_processor_id+0x20/0x20 [ 504.419332][ T4534] ? selinux_file_permission+0x2c2/0x530 09:26:10 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) getpgrp(r0) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) 09:26:10 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) r3 = getpgrp(r0) prlimit64(r3, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r6 = openat$cgroup(r4, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r7 = openat$cgroup_int(r6, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r8, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r7, 0x0, 0x0) 09:26:10 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000480)='/proc/self/exe\x00', 0x0, 0x0) flistxattr(r0, &(0x7f0000000040)=""/136, 0x2b) 09:26:10 executing program 1: madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) madvise(&(0x7f00006f4000/0x3000)=nil, 0x3000, 0x0) r0 = gettid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)={0x77359400}, 0x10) madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15) listen(0xffffffffffffffff, 0x0) [ 504.424936][ T4534] vfs_write+0x210/0x4f0 [ 504.429153][ T4534] ksys_write+0x198/0x2c0 [ 504.433454][ T4534] ? __ia32_sys_read+0x80/0x80 [ 504.438189][ T4534] do_syscall_64+0xcb/0x1c0 [ 504.442679][ T4534] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 504.455420][ T4534] memory: usage 48kB, limit 0kB, failcnt 7057 [ 504.519625][ T4534] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 504.534254][ T4534] Memory cgroup stats for /syz0: [ 504.534327][ T4534] anon 0 [ 504.534327][ T4534] file 0 [ 504.534327][ T4534] kernel_stack 0 [ 504.534327][ T4534] slab 0 [ 504.534327][ T4534] sock 0 [ 504.534327][ T4534] shmem 0 [ 504.534327][ T4534] file_mapped 0 [ 504.534327][ T4534] file_dirty 0 [ 504.534327][ T4534] file_writeback 0 [ 504.534327][ T4534] anon_thp 0 [ 504.534327][ T4534] inactive_anon 0 [ 504.534327][ T4534] active_anon 135168 [ 504.534327][ T4534] inactive_file 0 [ 504.534327][ T4534] active_file 0 [ 504.534327][ T4534] unevictable 0 [ 504.534327][ T4534] slab_reclaimable 0 [ 504.534327][ T4534] slab_unreclaimable 0 [ 504.534327][ T4534] pgfault 106821 [ 504.534327][ T4534] pgmajfault 0 [ 504.534327][ T4534] workingset_refault 0 [ 504.534327][ T4534] workingset_activate 0 [ 504.534327][ T4534] workingset_nodereclaim 0 [ 504.534327][ T4534] pgrefill 1815 [ 504.534327][ T4534] pgscan 1552 [ 504.534327][ T4534] pgsteal 0 [ 504.534327][ T4534] pgactivate 1551 [ 504.534327][ T4534] pgdeactivate 1848 [ 504.879841][ T4534] Out of memory and no killable processes... [ 504.885914][ T4541] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 504.896228][ T4541] CPU: 1 PID: 4541 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 504.906359][ T4541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 504.916396][ T4541] Call Trace: [ 504.919672][ T4541] dump_stack+0x1d8/0x241 [ 504.924149][ T4541] ? panic+0x73e/0x73e [ 504.928191][ T4541] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 504.934660][ T4541] ? preempt_schedule_common+0xb7/0xe0 [ 504.940134][ T4541] dump_header+0xdb/0x700 [ 504.944471][ T4541] out_of_memory+0x6d0/0x940 [ 504.949032][ T4541] ? unregister_oom_notifier+0x20/0x20 [ 504.954467][ T4541] memory_max_write+0x528/0x600 [ 504.959299][ T4541] ? memory_max_show+0xa0/0xa0 [ 504.964215][ T4541] ? memory_max_show+0xa0/0xa0 [ 504.968954][ T4541] cgroup_file_write+0x273/0x5c0 [ 504.973867][ T4541] ? cgroup_seqfile_stop+0xc0/0xc0 [ 504.978963][ T4541] ? kernfs_get+0x90/0x90 [ 504.983265][ T4541] ? cgroup_seqfile_stop+0xc0/0xc0 [ 504.988345][ T4541] kernfs_fop_write+0x2ec/0x3e0 [ 504.993166][ T4541] ? kernfs_fop_read+0x450/0x450 [ 504.998091][ T4541] __vfs_write+0x103/0x780 [ 505.002489][ T4541] ? __kernel_write+0x340/0x340 [ 505.007325][ T4541] ? check_preemption_disabled+0x9e/0x330 [ 505.013031][ T4541] ? __fget+0x40c/0x4a0 [ 505.017168][ T4541] ? debug_smp_processor_id+0x20/0x20 [ 505.022515][ T4541] ? selinux_file_permission+0x2c2/0x530 [ 505.028130][ T4541] vfs_write+0x210/0x4f0 [ 505.032346][ T4541] ksys_write+0x198/0x2c0 [ 505.036656][ T4541] ? __ia32_sys_read+0x80/0x80 [ 505.041492][ T4541] do_syscall_64+0xcb/0x1c0 [ 505.045968][ T4541] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 505.052037][ T4541] memory: usage 48kB, limit 0kB, failcnt 7057 [ 505.058217][ T4541] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 505.072325][ T4541] Memory cgroup stats for /syz0: [ 505.072424][ T4541] anon 0 [ 505.072424][ T4541] file 0 [ 505.072424][ T4541] kernel_stack 0 [ 505.072424][ T4541] slab 0 [ 505.072424][ T4541] sock 0 [ 505.072424][ T4541] shmem 0 [ 505.072424][ T4541] file_mapped 0 [ 505.072424][ T4541] file_dirty 0 [ 505.072424][ T4541] file_writeback 0 [ 505.072424][ T4541] anon_thp 0 [ 505.072424][ T4541] inactive_anon 0 [ 505.072424][ T4541] active_anon 135168 [ 505.072424][ T4541] inactive_file 0 [ 505.072424][ T4541] active_file 0 [ 505.072424][ T4541] unevictable 0 [ 505.072424][ T4541] slab_reclaimable 0 [ 505.072424][ T4541] slab_unreclaimable 0 [ 505.072424][ T4541] pgfault 106821 [ 505.072424][ T4541] pgmajfault 0 [ 505.072424][ T4541] workingset_refault 0 [ 505.072424][ T4541] workingset_activate 0 [ 505.072424][ T4541] workingset_nodereclaim 0 [ 505.072424][ T4541] pgrefill 1848 [ 505.072424][ T4541] pgscan 1552 [ 505.072424][ T4541] pgsteal 0 [ 505.072424][ T4541] pgactivate 1551 [ 505.072424][ T4541] pgdeactivate 1848 [ 505.175180][ T4541] Out of memory and no killable processes... [ 505.181362][ T4550] syz-executor.5 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 505.191549][ T4550] CPU: 1 PID: 4550 Comm: syz-executor.5 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 505.201677][ T4550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 505.211715][ T4550] Call Trace: [ 505.214997][ T4550] dump_stack+0x1d8/0x241 [ 505.219318][ T4550] ? panic+0x73e/0x73e [ 505.223373][ T4550] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 505.229166][ T4550] dump_header+0xdb/0x700 [ 505.233509][ T4550] out_of_memory+0x6d0/0x940 [ 505.238087][ T4550] ? unregister_oom_notifier+0x20/0x20 [ 505.243534][ T4550] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 505.249327][ T4550] memory_max_write+0x528/0x600 [ 505.254163][ T4550] ? memory_max_show+0xa0/0xa0 [ 505.258958][ T4550] ? memory_max_show+0xa0/0xa0 [ 505.263721][ T4550] cgroup_file_write+0x273/0x5c0 [ 505.268652][ T4550] ? cgroup_seqfile_stop+0xc0/0xc0 [ 505.273750][ T4550] ? kernfs_get+0x90/0x90 [ 505.278066][ T4550] ? cgroup_seqfile_stop+0xc0/0xc0 [ 505.283158][ T4550] kernfs_fop_write+0x2ec/0x3e0 [ 505.287992][ T4550] ? kernfs_fop_read+0x450/0x450 [ 505.292920][ T4550] __vfs_write+0x103/0x780 [ 505.297326][ T4550] ? __kernel_write+0x340/0x340 [ 505.302162][ T4550] ? check_preemption_disabled+0x9e/0x330 [ 505.307866][ T4550] ? __fget+0x40c/0x4a0 [ 505.312013][ T4550] ? debug_smp_processor_id+0x20/0x20 [ 505.317379][ T4550] ? selinux_file_permission+0x2c2/0x530 [ 505.323009][ T4550] vfs_write+0x210/0x4f0 [ 505.327242][ T4550] ksys_write+0x198/0x2c0 [ 505.331558][ T4550] ? __ia32_sys_read+0x80/0x80 [ 505.336308][ T4550] do_syscall_64+0xcb/0x1c0 [ 505.340799][ T4550] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 505.346909][ T4550] memory: usage 48kB, limit 0kB, failcnt 7057 [ 505.352962][ T4550] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 505.359967][ T4550] Memory cgroup stats for /syz0: [ 505.360037][ T4550] anon 0 [ 505.360037][ T4550] file 0 [ 505.360037][ T4550] kernel_stack 0 [ 505.360037][ T4550] slab 0 [ 505.360037][ T4550] sock 0 [ 505.360037][ T4550] shmem 0 [ 505.360037][ T4550] file_mapped 0 [ 505.360037][ T4550] file_dirty 0 [ 505.360037][ T4550] file_writeback 0 [ 505.360037][ T4550] anon_thp 0 [ 505.360037][ T4550] inactive_anon 0 [ 505.360037][ T4550] active_anon 135168 [ 505.360037][ T4550] inactive_file 0 [ 505.360037][ T4550] active_file 0 [ 505.360037][ T4550] unevictable 0 [ 505.360037][ T4550] slab_reclaimable 0 [ 505.360037][ T4550] slab_unreclaimable 0 [ 505.360037][ T4550] pgfault 106821 [ 505.360037][ T4550] pgmajfault 0 [ 505.360037][ T4550] workingset_refault 0 09:26:10 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000840)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x10000010}) getpgrp(r0) prlimit64(0x0, 0x0, &(0x7f00000003c0)={0x6, 0x4}, 0x0) io_uring_enter(0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='cgroup2\x00', 0x0, 0x0) lsetxattr$security_selinux(0x0, &(0x7f00000008c0), &(0x7f0000000900)='system_u:object_r:systemd_logind_sessions_t:s0\x00', 0x2f, 0x3) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={0x0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@file={0x1, './bus\x00'}, 0x6e, 0x0}}], 0x2, 0x0) r5 = openat$cgroup(r3, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0) r6 = openat$cgroup_int(r5, &(0x7f0000000180)='memory.max\x00', 0x2, 0x0) socket$packet(0x11, 0x1, 0x300) socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000200)={0x1d}, 0x10) recvmmsg(r7, 0x0, 0xfffffcff, 0x6d8de979fa834f02, 0x0) write$cgroup_int(r6, 0x0, 0x0) [ 505.360037][ T4550] workingset_activate 0 [ 505.360037][ T4550] workingset_nodereclaim 0 [ 505.360037][ T4550] pgrefill 1848 [ 505.360037][ T4550] pgscan 1552 [ 505.360037][ T4550] pgsteal 0 [ 505.360037][ T4550] pgactivate 1551 [ 505.360037][ T4550] pgdeactivate 1848 [ 505.455356][ T4550] Out of memory and no killable processes... [ 505.535116][ T801] device bridge_slave_1 left promiscuous mode [ 505.545049][ T801] bridge0: port 2(bridge_slave_1) entered disabled state [ 505.569416][ T801] device bridge_slave_0 left promiscuous mode [ 505.600256][ T801] bridge0: port 1(bridge_slave_0) entered disabled state [ 505.617448][ T4559] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 505.627667][ T4559] CPU: 0 PID: 4559 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller-00029-g6a5ec6cea0cd #0 [ 505.637793][ T4559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 505.647828][ T4559] Call Trace: [ 505.651292][ T4559] dump_stack+0x1d8/0x241 [ 505.655611][ T4559] ? panic+0x73e/0x73e [ 505.659650][ T4559] ? nf_ct_l4proto_log_invalid+0x26c/0x26c [ 505.665599][ T4559] ? preempt_schedule_common+0xb7/0xe0 [ 505.671051][ T4559] dump_header+0xdb/0x700 [ 505.675352][ T4559] out_of_memory+0x6d0/0x940 [ 505.679918][ T4559] ? unregister_oom_notifier+0x20/0x20 [ 505.685351][ T4559] memory_max_write+0x528/0x600 [ 505.690186][ T4559] ? memory_max_show+0xa0/0xa0 [ 505.694919][ T4559] ? memory_max_show+0xa0/0xa0 [ 505.699656][ T4559] cgroup_file_write+0x273/0x5c0 [ 505.704565][ T4559] ? cgroup_seqfile_stop+0xc0/0xc0 [ 505.709733][ T4559] ? kernfs_get+0x90/0x90 [ 505.714036][ T4559] ? cgroup_seqfile_stop+0xc0/0xc0 [ 505.719117][ T4559] kernfs_fop_write+0x2ec/0x3e0 [ 505.723974][ T4559] ? kernfs_fop_read+0x450/0x450 [ 505.728894][ T4559] __vfs_write+0x103/0x780 [ 505.734858][ T4559] ? __kernel_write+0x340/0x340 [ 505.739683][ T4559] ? switch_mm_irqs_off+0x338/0x960 [ 505.744853][ T4559] ? check_preemption_disabled+0x9e/0x330 [ 505.750543][ T4559] ? __fget+0x40c/0x4a0 [ 505.754668][ T4559] ? debug_smp_processor_id+0x20/0x20 [ 505.760010][ T4559] ? selinux_file_permission+0x2c2/0x530 [ 505.765611][ T4559] vfs_write+0x210/0x4f0 [ 505.769823][ T4559] ksys_write+0x198/0x2c0 [ 505.774125][ T4559] ? __ia32_sys_read+0x80/0x80 [ 505.778891][ T4559] do_syscall_64+0xcb/0x1c0 [ 505.783372][ T4559] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 505.789569][ T4559] memory: usage 48kB, limit 0kB, failcnt 7057 [ 505.795649][ T4559] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 505.802577][ T4559] Memory cgroup stats for /syz0: [ 505.802831][ T4559] anon 0 [ 505.802831][ T4559] file 0 [ 505.802831][ T4559] kernel_stack 0 [ 505.802831][ T4559] slab 0 [ 505.802831][ T4559] sock 0 [ 505.802831][ T4559] shmem 0 [ 505.802831][ T4559] file_mapped 0 [ 505.802831][ T4559] file_dirty 0 [ 505.802831][ T4559] file_writeback 0 [ 505.802831][ T4559] anon_thp 0 [ 505.802831][ T4559] inactive_anon 0 [ 505.802831][ T4559] active_anon 135168 [ 505.802831][ T4559] inactive_file 0 [ 505.802831][ T4559] active_file 0 [ 505.802831][ T4559] unevictable 0 [ 505.802831][ T4559] slab_reclaimable 0 [ 505.802831][ T4559] slab_unreclaimable 0 [ 505.802831][ T4559] pgfault 106821 [ 505.802831][ T4559] pgmajfault 0 [ 505.802831][ T4559] workingset_refault 0 [ 505.802831][ T4559] workingset_activate 0 [ 505.802831][ T4559] workingset_nodereclaim 0 [ 505.802831][ T4559] pgrefill 1848 [ 505.802831][ T4559] pgscan 1552 [ 505.802831][ T4559] pgsteal 0 [ 505.802831][ T4559] pgactivate 1551 [ 505.802831][ T4559] pgdeactivate 1848 [ 505.899328][ T4559] Out of memory and no killable processes... 2023/02/05 09:26:24 SYZFATAL: executor 0 failed 11 times: failed to start executor binary: fork/exec /root/syz-executor.0: permission denied [ 519.317987][ T313] syz-executor.5 (313) used greatest stack depth: 20696 bytes left